darkweb

Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty 

cybercrime, darkweb /

Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty  2024-05-24 at 14:31 By neetha871ad236bd Unraveling the seedy underbelly of the darknet marketplaces  Executive Summary  The arrest of Riu-Siang Lin, the former administrator of the closed Incognito marketplace, by the US authorities on 18th May is causing a domino effect in the underground […]

React to this headline:

Loading spinner

Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty  Read More »

New Enchant Android Malware Targeting Chinese Cryptocurrency Users

Bitcoin, Bitpie Wallet, China, Crypto wallet, Cryptocurrency, darkweb, Enchant, imToken, Malware, OKX, Threat Actor, Threat Intelligence, TokenPocket wallet /

New Enchant Android Malware Targeting Chinese Cryptocurrency Users 23/10/2023 at 14:01 By cybleinc Cyble Research and Intelligence Labs analyzes a New Android malware “Enchant” targeting cryptocurrency users in China. The post New Enchant Android Malware Targeting Chinese Cryptocurrency Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to

React to this headline:

Loading spinner

New Enchant Android Malware Targeting Chinese Cryptocurrency Users Read More »

Mallox Ransomware Implements New Infection Strategy

Automotive, Base64, Batch Script, BATloader, Construction, Consumer Goods, cybercrime, darkweb, data breach, Data leak, education, Energy & Utilities, Entertainment, Food and Beverages, healthcare, Infection chain, IT & ITES, Loader, Mallox, Mallox Ransomware, Malware, Manufacturing, Media, MSBuild.exe, Organization, Payload, PowerShell, Professional Services, Quasar RAT, Ransomware, Real Estate, Retail, Technology, Threat Activity, United States /

Mallox Ransomware Implements New Infection Strategy 22/06/2023 at 14:12 By cybleinc Cyble analyzes Mallox Ransomware’s new infection chain, leveraging BatLoader to execute ransomware payloads. The post Mallox Ransomware Implements New Infection Strategy appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Mallox Ransomware Implements New Infection Strategy Read More »

Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations

Aria Operations, Cl0P Ransomware, CLOP, Command Injection, CVE-2023-20877, CVE-2023-34362, CVE-2023-35063, CVE-2023-35708, cybercrime, darkweb, data breach, Data leak, Fortinet, Malware, MOVEit, Moveit Transfer, Oil & Gas, OSINT, Shell, SSL-VPN, Threat Intelligence, United States, vulnerability /

Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations 20/06/2023 at 16:11 By cybleinc Cyble investigates the Current vulnerability Threat landscape and observes distribution of Proof Of Concepts over Darkweb. The post Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations appeared first on Cyble. This article is an

React to this headline:

Loading spinner

Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations Read More »

Malicious Tools in the Underground: Investigating their Propagation

AES, apple, Atomic, Binance, C, Chrome, Chromium, Coinbase, Coinomi, Cryptocurrency, darkweb, DDoS, Delphi, DMG, Exodus, Keplr, Keylogging, Linux, LummaC2 Stealer, MaaS, macOS, Malware, Martian, Meduza, MetaMask, Mozilla, Phantom, PKG, RaaS, RSA, Russian, SaaS, ShadowVault, Telegram, Threat Intelligence, Trigona, Tron Link, Trust, Windows /

Malicious Tools in the Underground: Investigating their Propagation 16/06/2023 at 19:04 By cybleinc Cyble Research & Intelligence Labs investigates the recent promulgation of Malicious Tools in underground forums. The post Malicious Tools in the Underground: Investigating their Propagation appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this

React to this headline:

Loading spinner

Malicious Tools in the Underground: Investigating their Propagation Read More »

Cloud Mining Scam Distributes Roamer Banking Trojan

AB Ditizen, ACB One, and NFTS, Android, App store, Banking applications, Banking Trojan, Binance, Cloud Mining, CloudMining.apk, crypto mining, Cryptocurrency, cybercrime, darkweb, data breach, Data leak, ETH, Ethereum, fake app, Google Play, HDFC Bank Mobile Banking App, infostealer, Malware, MB Bank, Monero, MSB mBank, phishing, PV Mobile Banking, Roamer, SCB Mobile Banking, Telegram, Threat Intelligence, VCB Digibank, VietinBank iPay, XMR /

Cloud Mining Scam Distributes Roamer Banking Trojan 14/06/2023 at 16:35 By cybleinc Cyble analyzes a cloud mining scam leveraging phishing to distribute the Roamer banking trojan, targeting Android Crypto wallets and banking applications, aiming to steal sensitive information. The post Cloud Mining Scam Distributes Roamer Banking Trojan appeared first on Cyble. This article is an

React to this headline:

Loading spinner

Cloud Mining Scam Distributes Roamer Banking Trojan Read More »

Over 45 thousand Users Fell Victim to Malicious PyPI Packages

All, Creal Stealer, Credit card, darkweb, Discord Webhook, Evilpip, GitHub, Google Chrome, Hazard Token Grabber, HTTP GET, infostealer, KEKW, Malware, phishing, PyPI, Python Package Index, Python Packages, Reaquests, Requests, Third party software, Threat Actors, Threat Intelligence, Tikcock Grabber, W4SP Stealer /

Over 45 thousand Users Fell Victim to Malicious PyPI Packages 09/06/2023 at 12:31 By cybleinc Through the analysis of more than 160 malicious Python packages, CRIL reveals insights into the threat landscape associated with Python packages. The post Over 45 thousand Users Fell Victim to Malicious PyPI Packages appeared first on Cyble. This article is

React to this headline:

Loading spinner

Over 45 thousand Users Fell Victim to Malicious PyPI Packages Read More »

Unmasking the Darkrace Ransomware Gang

cybercrime, cybersecurity, Darkrace, Darkrace Ransomware, darkweb, Data leak, Double extortion, Lockbit 3.0, LockBit Ransomware, Malware, Mutex, Ransomware, Threat Actors, Threat Intelligence, Windows /

Unmasking the Darkrace Ransomware Gang 08/06/2023 at 15:02 By cybleinc New Ransomware Holds Similarities with LockBit Ransomware Ransomware continues to pose the most critical cybersecurity threat to organizations’ infrastructure. This malicious software encrypts victims’ files and extorts payment in return for the decryption key. The consequences of ransomware attacks can be severe, including financial losses,

React to this headline:

Loading spinner

Unmasking the Darkrace Ransomware Gang Read More »

 LockBit 2.0 Ransomware Resurfaces

CVE-2017-0199, cybercrime, darkweb, Korea, Lockbit 3.0, LockBit Ransomware 2.0, Malware, phishing, Ransomware, Threat Actor, Threat Intelligence /

 LockBit 2.0 Ransomware Resurfaces 07/06/2023 at 15:15 By cybleinc Cyble analyzes LockBit Ransomware, which is distributed via malicious documents, specifically targeting users in Korea. The post  LockBit 2.0 Ransomware Resurfaces appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

 LockBit 2.0 Ransomware Resurfaces Read More »

 LockBit Ransomware 2.0 Resurfaces

CVE-2017-0199, cybercrime, darkweb, Korea, Lockbit 3.0, LockBit Ransomware 2.0, Malware, phishing, Ransomware, Threat Actor, Threat Intelligence /

 LockBit Ransomware 2.0 Resurfaces 06/06/2023 at 15:02 By cybleinc Cyble Research and Intelligence Labs analyzes LockBit ransomware which uses malicious documents to specifically target users in Korea. The post  LockBit Ransomware 2.0 Resurfaces appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

 LockBit Ransomware 2.0 Resurfaces Read More »

MOVEit Transfer Vulnerability Actively Exploited

All, Azure SQL, CGSI, Clop ransomware, cybercriminals, darkweb, Germany, Managed File Transfer, MFT, Microsoft SQL, Moveit Transfer, MySQL, Threat Actors, Threat Intelligence, United Kingdom, United States, vulnerability /

MOVEit Transfer Vulnerability Actively Exploited 02/06/2023 at 17:04 By cybleinc Cyble analyzes MOVEit Transfer vulnerability and observes active exploitation in the Cyble Global Intelligence Sensors (CGSI). The post MOVEit Transfer Vulnerability Actively Exploited appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

MOVEit Transfer Vulnerability Actively Exploited Read More »

‘NoEscape’ Ransomware-as-a-Service (RaaS)

C, ChaCha20, CIS, Commonwealth of Independent States, cybercrime, darkweb, data breach, Data leak, Malware, NoEscape, RaaS, Ransomware, Ransomware Affiliate, Russia, Safe Mode, Server Message Block, Threat Intelligence, Triple-Extortion, Windows, Windows NT 10.0 /

‘NoEscape’ Ransomware-as-a-Service (RaaS) 01/06/2023 at 18:32 By cybleinc CRIL analyzes the newly advertised ‘NoEscape’ Ransomware-as-a-Service (RaaS) program that claims to facilitate sophisticated extortion operations using an advanced, indigenously developed ransomware strain. The post ‘NoEscape’ Ransomware-as-a-Service (RaaS) appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

‘NoEscape’ Ransomware-as-a-Service (RaaS) Read More »

Evolving Threat Landscape of Hacktivism in Colombia

#OpColombia, Berghof, Berghof Web Panel, critical infrastructure, cybercrime, darkweb, data breach, Data leak, DDoS Attack, Fueling Systems, GhostSec, GNSS, Government, Hacktivism, HMI, Human Machine Interface, Industrial Control Systems, Israel, Malware, National Critical Infrastructure, OpIsrael, OSINT, Power Supply Controllers, Radio Broadcast, Satellite Receivers, SiegedSec, Threat Intelligence, Zero-Day /

Evolving Threat Landscape of Hacktivism in Colombia 31/05/2023 at 11:22 By cybleinc CRIL investigates the evolving threat landscape of hacktivism leading to cyberattacks on Colombian Critical Infrastructure and Zero-day Sales by Hacktivists. The post Evolving Threat Landscape of Hacktivism in Colombia appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Evolving Threat Landscape of Hacktivism in Colombia Read More »

Bl00dy Ransomware Targets Indian University: Actively Exploiting PaperCut Vulnerability

APT, Bl00dy, Bl00dy ransomware, CISA, Conti, CSA, CVE-2023-27350, cybercrime, darkweb, data breach, Data leak, ERP, Helpdesk, Lockbit 3.0, Malware, Moodle, PaperCut, PaperCut MF, PaperCut NG, Port 9191, Port 9192, Ransomware, RDP, Remote Desktop Protocol, Shodan, Telegram, Threat Intelligence, Twitter /

Bl00dy Ransomware Targets Indian University: Actively Exploiting PaperCut Vulnerability 30/05/2023 at 14:46 By cybleinc CRIL analyzes Bl00dy Ransomware’s recent targeting of an Indian University via exploitation of the PaperCut vulnerability. The post Bl00dy Ransomware Targets Indian University: Actively Exploiting PaperCut Vulnerability appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Bl00dy Ransomware Targets Indian University: Actively Exploiting PaperCut Vulnerability Read More »

PixBankBot: New ATS-Based Malware Poses Threat to the Brazilian Banking Sector

Android, Android Banking trojan, ATS, ATS Framework, Banco Central do Brasil, Banco Itaú, Bank fraud, Banking Sector, Banking Trojan, BFSI, Brazil, C6 Bank, cybercrime, darkweb, Data leak, fake app, fraud, GoatRAT, Malware, Mercado Pago, NUBank, Nubank: conta, PagBank Banco, PasteBin, PicPay, PIX, PixBankBot, PixPirate, R$, Threat Actors, Threat Intelligence /

PixBankBot: New ATS-Based Malware Poses Threat to the Brazilian Banking Sector 30/05/2023 at 12:36 By cybleinc Cyble analyzes PixBankBot, a new ATS-based malware that targets Brazilian banks through the popular Pix instant payment platform. The post PixBankBot: New ATS-Based Malware Poses Threat to the Brazilian Banking Sector appeared first on Cyble. This article is an

React to this headline:

Loading spinner

PixBankBot: New ATS-Based Malware Poses Threat to the Brazilian Banking Sector Read More »

Invicta Stealer Spreading Through Phony GoDaddy Refund Invoices

Blisk, BraveSoftware, ChromePlus, CocCoc Browser, Coowon, cybercrime, darkweb, Epic Privacy Browser, GoDaddy, Invicta, Iridium, Malware, QIP Surf, Sleipnir, Slimjet, Stealer, Steam, Threat Intelligence /

Invicta Stealer Spreading Through Phony GoDaddy Refund Invoices 25/05/2023 at 19:16 By cybleinc Cyble Research & Intelligence Labs analyzes Invicta, a new stealer that spreads via fake GoDaddy Refund invoices to infect users. The post Invicta Stealer Spreading Through Phony GoDaddy Refund Invoices appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

Invicta Stealer Spreading Through Phony GoDaddy Refund Invoices Read More »

Obsidian ORB Ransomware Demands Gift Cards as Payment

AES Cryptographic Provider, All, BlackSnake, Chaos Ransomware, cybercrime, darkweb, data breach, Data leak, Gift Card, Malware, Microsoft Enhanced RSA, Obsidian ORB, Obsidian ORB Ransomware, Onyx, Payday, Paysafe, Ransomware, Steam, Threat Intelligence /

Obsidian ORB Ransomware Demands Gift Cards as Payment 25/05/2023 at 09:16 By cybleinc Cyble Research & Intelligence Labs analyzes Obsidian ORB, a ransomware hybrid that demands ransom payments in the form of gift cards. The post Obsidian ORB Ransomware Demands Gift Cards as Payment appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Obsidian ORB Ransomware Demands Gift Cards as Payment Read More »

Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023

Artemis C2 DDoS Botnet, cybercrime, darkweb, DDoS, DDoS Attack, DDosia Project, Hacktivism, Killnet, Killnet DDoS, Malware, Neferian Empire DDoS Botnet, RedStress.io DDoS Panel, SkyElite-Net DDoS, Stressbot.io, Tesla Botnet, Threat Intelligence, Ziyaettin DDoS Botnet /

Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023 24/05/2023 at 18:26 By cybleinc Cyble Research & Intelligence Labs analyzes the growing use of DDoS attacks by Hacktivist groups across the world. The post Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023 appeared first on Cyble. This article is an

React to this headline:

Loading spinner

Notable DDoS Attack Tools and Services Supporting Hacktivist Operations in 2023 Read More »

New MDBotnet Unleashes DDoS Attacks

botnet DDoS, cybercrime, darkweb, DDoS, DDoS Attack, DDOS-as-a-Service, Hacktivism, Hacktivists, HTTPGetAttack, Malware, MDBotnet, MDBotnetUpdater, SlavaRussia, svhost.exe, SYN, SYNAttack, Threat Intelligence /

New MDBotnet Unleashes DDoS Attacks 23/05/2023 at 18:03 By cybleinc Cyble Research & Intelligence Labs analyzes MDBotnet, a malware variant of Russian origin, carrying out DDoS-as-a-Service attacks. The post New MDBotnet Unleashes DDoS Attacks appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

New MDBotnet Unleashes DDoS Attacks Read More »

New Ransomware Wave Engulfs over 200 Corporate Victims

8Base Ransomware, AES, cybercrime, darkweb, data breach, Data leak, Double encryption, Leak site, MalasLocker, Malware, MalwareHunterTeam, Ransomware, Rhysida, Threat Intelligence, Zscaler /

New Ransomware Wave Engulfs over 200 Corporate Victims 23/05/2023 at 17:34 By cybleinc CRIL analyzes multiple new Ransomware families that have affected over 200 firms, spearheaded by Rhysida, 8Base, and MalasLocker ransomware. The post New Ransomware Wave Engulfs over 200 Corporate Victims appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

New Ransomware Wave Engulfs over 200 Corporate Victims Read More »

Scroll to Top