Cybercrime & Digital Threats

As ransomware becomes a bigger problem for local governments and other organizations, US mayors take a firm stand against paying ransom to hackers.

The government of the City of Griffin, Georgia, lost over US$800,000 to a business email compromise (BEC) scam last month.

A newly uncovered ransomware family was found targeting QNAP network-attached storage (NAS) devices. Named eCh0raix, the malware was reportedly designed for targeted ransomware attacks.

Microsoft found a malware campaign pushing the Astaroth info stealer into the memory of infected computers. This particular campaign was notable in its fileless distribution method and complex attack chain.

A newly discovered backdoor malware dubbed Godlua was discovered conducting DDoS attacks. Unique to this Lua-based malware is its abuse of the DNS over HTTPS (DoH) protocol to secure its communication channels.

A malicious spam campaign conducted in April used ISO image files to deliver the notorious LokiBot and NanoCore trojans.

With social media becoming more relevant to businesses today, organizations can take a proactive stance to secure it and even make it safer for everyone else connected to it.

Criminal sellers are peddling ready-to-use ATM malware in underground markets for hacking into banks. In this report, we discuss how criminals advertise and even provide instructions on how to pull off a digital heist.

The Silex malware quickly spread and wiped IoT devices’ firmware. The malware, which only operated for a day or so, has already managed to brick thousands of IoT devices.