A week in security (April 6 – April 12)

Last week on Malwarebytes Labs: Fake Claude site installs malware that gives attackers access to your computer ClickFix finds a new way to infect Macs Scammers pose as Amazon support to steal your account NSFW app leak exposes 70,000 prompts linked to individual users 30,000 private Facebook imag...

Timeshare owners warned to watch out for cartel-linked scams

If you own a timeshare and have been searching for a way out, you need to know who may be targeting you. In February, the US Treasury Department announced sanctions against a timeshare fraud network linked to a major Mexican drug cartel, the Jalisco New Generation Cartel CJNG. These aren’t your...

How Mexico's ‘CJNG’ Drug Cartel Embraced AI, Drones, and Social Media

Drug kingpin Nemesio “El Mencho” Oseguera Cervantes may be dead, but the Jalisco cartel he ran for years will likely outlive him—thanks, in part, to the criminal group’s embrace of technology...

The El Paso No-Fly Debacle Is Just the Beginning of a Drone Defense Mess

Fears over a drug cartel drone over Texas sparked a recent airspace shutdown in El Paso and New Mexico, highlighting just how tricky it can be to deploy anti-drone weapons near cities...

Adios 2025, you won’t be missed

Welcome to this week's edition of the Threat Source newsletter. For us in America, we're in the holiday doldrums and things slow and/or shut down until the new year. At Cisco, we shut down the last week of the year to reset and recharge, and I've grown to be quite fond of it. I've worked plenty o...

EUVD-2018-3366

Malware in sbrugna...

Drug cartel hacked cameras and phones to spy on FBI and identify witnesses

The "El Chapo" Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau's defenses against this kind of surveillance are still inadequat...

Surveillance Used by a Drug Cartel

Once you build a surveillance system, you can't control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice...

Timeshare Owner? The Mexican Drug Cartels Want You

The FBI is warning timeshare owners to be wary of a prevalent telemarketing scam involving a violent Mexican drug cartel that tries to trick people into believing someone wants to buy their property. This is the story of a couple who recently lost more than $50,000 to an ongoing timeshare scam th...

Ransomware review: January 2024

This article is based on research by Marcelo Rivero, Malwarebytes ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

Potential uint underflow

Lines of code Vulnerability details Impact Potential underflow if shares is greater than totalSupply Proof of Concept Tools Used Manual review Recommended Mitigation Steps Before the following line, check if totalSupply is greater or equal to shares --- The text was updated successfully, but thes...

BazarCall Call Back Phishing Attacks Constantly Evolving Its Social Engineering Tactics

The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. The scheme eventually acts as an entry point to conduct financial fraud or facilitate the delivery of next-stage payloads such as...

Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research. Conti, attributed to a Russia-based threat actor known as Gold Ulrick, is the second most prevalent malware stra...

TrickBot Gang Likely Shifting Operations to Switch to New Malware

TrickBot, the infamous Windows crimeware-as-a-service CaaS solution that's used by a variety of threat actors to deliver next-stage payloads like ransomware, appears to be undergoing a transition of sorts, with no new activity recorded since the start of the year. The lull in the malware campaign...

Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares

The shackles have been broken for victims of Maze/Egregor/Sekhmet ransomware: On Wednesday, decryption keys were released for all three ransomware strains in a forum post. The liberator, using the handle “Topleak,” described themselves as the developer of the three ransomwares. It’s been lovely,...

How ransomware gangs are connected, sharing resources and tactics

Many of us who read the news daily encounter a regular drum beat of ransomware stories that are both worrying and heartbreaking. And what many of us don’t realize is that they are often interconnected. Some of the gangs behind the ransomware campaigns that we read about have established a...

This Week in Security News - April 2, 2021

Alleged Members of Egregor Ransomware Cartel Arrested and Cybercriminals Home in on Manufacturers...

Ether Cartel Security Vulnerability

Ether Cartel is a blockchain-based pharmaceutical simulation game. A security vulnerability exists in the 'DrugDealer' function of the smart contract implementation in Ether Cartel. An attacker could use the vulnerability to take control of the contract's ownership and potentially manipulate...

New ceoAnyone Bug Identified in Multiple Crypto Game Smart Contracts (CVE-2018-11329)

Our vulnerability-scanning system at PeckShield has so far discovered several dangerous smart contract vulnerabilities batchOverflow1, proxyOverflow2, transferFlaw3, ownerAnyone4, multiOverflow5, burnOverflow6. These vulnerabilities typically affect various tokens that may be publicly traded in...

Ether Cartel Unauthorized Operation Vulnerability

Ether Cartel is a blockchain-based pharmaceutical simulation game. A security vulnerability exists in the 'DrugDealer' function of the smart contract implementation in Ether Cartel. An attacker could use the vulnerability to take control of the contract's ownership and potentially manipulate...