+1.813.321.0987

Over the last two weeks, we saw the Clipminer malware gang stole $1.7M by hijacking crypto payments. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware. In addition, get the latest insights into ransomware attacks, ransom payments, and the fast-changing cyber insurance healthcare market over the last year.

For more articles, check out our #onpatrol4malware blog.

WinDealer dealing on the side

Source: SecureList by Kaspersky

LuoYu is a lesser-known threat actor that has been active since 2008. It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Read more.

Evasive phishing mixes reverse tunnels and URL shortening services

Source: Bleeping Computer

Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shorteners for large-scale phishing campaigns, making the malicious activity more difficult to stop. Read more.

Conti Targets Critical Firmware

Source: Eclypsium

In late February of this year, an unknown individual began leaking internal information and communications from the notorious Conti ransomware organization. Read more.

Clipminer malware gang stole $1.7M by hijacking crypto payments

Source: Bleeping Computer

Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. Read more.

Evil Corp affiliates are using off-the-shelf ransomware to evade sanctions

Source: CyberScoop

Hackers likely affiliated with the notorious Russian cybercrime group Evil Corp are using off-the-shelf ransomware to evade U.S. sanctions, researchers at security firm Mandiant have found. Read more.

The State of Ransomware in Healthcare 2022

Source: Sophos News

Get the latest insights into ransomware attacks, ransom payments, and the fast-changing cyber insurance healthcare market over the last year. Read more.

Hackers steal WhatsApp accounts using a call forwarding trick

Source: Bleeping Computer

There’s a trick that allows attackers to hijack a victim’s WhatsApp account and gain access to personal messages and contact lists. The method relies on the mobile carriers’ automated service to forwarding calls to a different phone number. WhatsApp’s option is to send a one-time password (OTP) verification code via voice call. Read more.