Cybercrime & Digital Threats

We found new iterations of Trickbot with updates on its password-grabbing module, all targeting new apps and services.

Ryuk’s decryptor tool — provided by the threat actors behind the ransomware to victims who have paid ransom demands — could actually cause data loss instead of reinstating file access to users.

Maksim Yakubets, who allegedly runs Russia-based Evil Corp, the cybercriminal organization that developed and distributed banking malware Dridex, has been indicted in the United States by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC).

Magecart has set its sights on a new set of targets: high-profile stores, including firearms vendor Smith & Wesson.

Researchers discovered a vulnerability in Android devices that allows malware to hijack legitimate apps. Using this vulnerability, cybercriminals could trick users into granting permissions to their malicious apps and provide openings for phishing pages.

Instead of greetings and holiday cheer, malicious Thanksgiving Day eCards have been found spreading the evolving modular malware Emotet as well as other malware families.

For over a year, Microsoft has been monitoring a malware strain they named “Dexphot” that has been infecting Windows devices since October 2018. The malware used computer resources to mine cryptocurrency and profit from the attack.

Counterfeit apps were found carrying a new version of the Android banking trojan called Ginp to steal user login credentials and credit card details.

Amid the excitement for Black Friday, cybercriminals are rolling out schemes to trick consumers into sharing their card credentials and profiting from the shopping season.