Cybercrime & Digital Threats

We look at the most pervasive information stealers, ransomware, and cryptocurrency-mining malware in the Americas in 2018 and how they highlight the significance of proactive threat detection and incident response capabilities.

Our continued forays into the cybercriminal underground allowed us to see how the tactics and techniques used to attack financial organizations changed over the years.

We found a malicious app posing as Adobe Zii (a tool used to crack Adobe products) targeting macOS systems to mine cryptocurrency and steal credit card information.

In light of the massive data dump called Collection #1 and with more available for download and exchange in the underground, here are a few reminders for users and enterprises on how to mitigate threats on their personal information and enterprise assets.

We detail how a trojan spyware gathers and steals data disguised as TeamViewer, the popular file-sharing and communication program that also lets IT teams remotely access device of enterprise employees.

A new variant of the ransomware JobCrypter was observed in the wild, sending desktop screenshots of the infected machine to an email address and encrypting files twice.

While underground forums have long been the purview of digital or internet-enabled crimes, recent developments have shown signs of increasing synergy and interaction between traditional criminals and cybercrime actors.

We observed a sudden spike in JavaScript malware in more than 72,000 email samples that sourced and spread at least eight other kinds of malware – such as GandCrab ransomware and coinminers.

We found a wave of MongoLock ransomware attacks that immediately deletes important files upon infection and scans the backup drives for data deletion.