51 matches found
MAL-2026-5555 Malicious code in express-timer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b4fd1651a86f29904cbafe5a1d50f51a3108413ce0fef61fd92cfc61dedc683 express-timer is a destructive supply-chain attack masquerading as an Express security-headers helper. Three independent harm mechanisms fire on...
U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware
The U.S. Department of Justice DoJ this week announced the indictment of 54 individuals in connection with a multi-million dollar ATM jackpotting scheme. The large-scale conspiracy involved deploying malware named Ploutus to hack into automated teller machines ATMs across the U.S. and force them ...
GoldPickaxe Trojan steals your face!
Well, the GoldPickaxe Trojan does not literally steal your face, but it does steal an image of your face in order to be able to identify as you. Researchers have found a family of Trojans, attributed to a financially motivated Chinese group, which come in versions for iOS and Android...
New MMRat Android Trojan Uses Fake App Stores for Bank Fraud
By Deeba Ahmed So far, the potent Android trojan MMRat has remained undetected on VirusTotal. This is a post from HackRead.com Read the original post: New MMRat Android Trojan Uses Fake App Stores for Bank Fraud...
Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores
The Trend Micro Mobile Application Reputation Service MARS team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023...
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called Trinitarians. Among those apprehended include two hackers who carried out bank scams through phishing and smishing techniques and 15 other members of the crime syndicate, w...
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called Trinitarians. Among those apprehended include two hackers who carried out bank scams through phishing and smishing techniques and 15 other members of the crime syndicate, w...
U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation. The individuals designated under sanctions are Vitaly Kovalev aka Alex Konor, Bentley,...
A week in security (August 1 - August 7)
Last week on Malwarebytes Labs: Have we lost the fight for data privacy? Lock and Code S03E16 Wrestling star Mick Foleys Twitter compromised, selling PS5 consoles Millions of Arris routers are vulnerable to path traversal attacks When a sextortion victim fights back How to protect yourself and yo...
Bank fraud scammers trick victims with claims of bogus Zelle transfers
It pays to be careful where cold calls from someone claiming to work for your bank are concerned. Scam callers are impersonating bank staff, with suggestions of dubious payments made to your account. One unfortunate individual has already lost around $1,000 to this slice of telephone-banking base...
Bank fraud scammers trick victims with claims of bogus Zelle transfers
It pays to be careful where cold calls from someone claiming to work for your bank are concerned. Scam callers are impersonating bank staff, with suggestions of dubious payments made to your account. One unfortunate individual has already lost around $1,000 to this slice of telephone-banking base...
SMS About Bank Fraud as a Pretext for Voice Phishing
Most of us have probably heard the term "smishing" -- which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turnin...
The Demise of White House Market Will Shake Up the Dark Web
The popular marketplace’s closing leaves a big hole in the billion-dollar industry of illegal drugs, credit card and bank fraud, forged documents, and more...
TrickBot Coder Faces Decades in Prison
The U.S. Department of Justice announced on Friday the arraignment of a Latvian for her alleged role in creating and operating the infamous TrickBot malware. Alla Witte, who is known in cybercrime circles by the handle “Max,” was arrested in February in Miami. According to the indictment, she’s o...
Banking Attacks Surge Along with Post-COVID Economy
For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity. As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank frau...
The human impact of a Royal Mail phishing scam
Last week, we looked at a Royal Mail themed scam which has very quickly become the weapon of choice for phishers. It’s pretty much everywhere at this point. Even one of my relatives with a semi-mystical ability to never experience a scam ever, received a fake SMS at the weekend. The problem with...
Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack
A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American...
US jails Russian hacker for 8 years over botnet, bank fraud
By Deeba Ahmed The hacker participated in a sophisticated scheme to steal, exchange sensitive financial, personal data, causing a loss of $100 million to the victims. This is a post from HackRead.com Read the original post: US jails Russian hacker for 8 years over botnet, bank fraud...
Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M
September featured two stories on a phony tech investor named John Bernard, a pseudonym used by a convicted thief named John Clifton Davies whos fleeced dozens of technology companies out of an estimated $30 million with the promise of lucrative investments. Those stories prompted a flood of tips...
Would You Have Fallen for This Phone Scam?
You may have heard that today's phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. But you probably didn't know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on you...