Internet threat news

Ransomware Attack Results In Blood Shortages

England's NHS Blood and Transplant (NHSBT) has issued an urgent call to O Positive and O Negative blood donors to book appointments and donate.

This comes as major hospitals in the London area had to cancel operations and blood transfusions after a cyberattack on June 4, 2024. Hospitals were directly impacted when their pathology and diagnostic services provider, Synnovis, was hit by a ransomware attack.

   
RansomHub Linked To Now Defunct Knight Ransomware

The relatively new ransomware gang RansomHub has been quick to cause waves amongst ransomware researchers. With increased attention comes increased analysis by researchers, who have now discovered possible links to the somewhat out-of-action Knight ransomware.

   
Europol's Operation Endgame

In a recent press release by Europol, the details of the law enforcement agency's largest-ever operation against botnet infrastructure were released to the public.

The main goal of the operation was to target the infrastructure behind some of the Internet's most prolific dropper malware strains: IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and TrickBot. This publication has covered all of these strains and provided removal guides for those infected by these malware strains.

   
BiBi Wiper Now Destroys Disk Partition Table

Security researchers at security firm Check Point Research have discovered a new version of the BiBi wiper malware that now includes destroying disk partition drives, making any recovery process far more complex.

Wiper malware is designed to cause permanent damage to both data and hardware, making continued use of a machine challenging to near impossible, depending on the extent of the damage.

These tools have been a favorite of Iranian state-sponsored groups looking to further the country's geopolitical aims. In recent years, their use has also increased in active war zones like Ukraine.

   
Black Basta Ransomware Breached Over 500 Organizations

In a joint report published by the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), it was stated affiliates associated with the Black Basta have breached the networks of over 500 organizations worldwide.

   
LockBit Ransomware Admin Unmasked

The United Kingdom's National Crime Agency (NCA) announced it had unmasked one of the kingpins behind the LockBit ransomware operation. US, UK, and Australian authorities have sanctioned this.

   
Cuttlefish Malware Steals Credentials Via Routers

Security researchers based at security firm Black Lotus Labs recently discovered a new type of malware infecting enterprise-grade and small office routers to monitor data that passes through them and steal authentication information.

To help facilitate this, the malware can perform DNS and HTTP hijacking within private IP spaces, interfering with internal communications, and possibly introducing more payloads.

   
GuptiMiner Infects Machines Via Hijacked Antivirus Update

According to a recent report by Avast, a new malware campaign was discovered by the security firm’s researchers hijacking an eScan antivirus update mechanism to distribute backdoors and cryptocurrency mining malware.

The malware is currently being tracked as GuptiMiner and has been seen dropping popular crypto-miner XMRig.

   
SoumniBot Levels Up Obfuscation Game

Banking trojan malware, namely malware designed to intercept a victim’s banking-related information, including login passwords, so that funds can be fraudulently stolen, is an ever-present danger for those using banking applications on mobile phones.

Reminding us of this danger is the recent discovery by security researchers at Kaspersky Labs, which discovered a new banking trojan called SoumniBot.

   
Thousands Of WordPress Sites Compromised With Crypto Drainer Malware

According to a recently published article on Bleeping Computer, threat actors have compromised at least 2000 WordPress sites to push crypto malware onto unsuspecting visitors to the compromised sites.

The crypto-related malware, often called a crypto drainer, is a type of malware that tricks the user into approving a cryptocurrency transaction, automatically draining their associated cryptocurrency wallets.

   
India Rescues 250 Citizens Enslaved By Cybercrime Gang

The Indian government announced that it had rescued 250 Indian citizens enslaved by a Cambodian cybercrime gang. The kidnapped Indians were forced to serve and commit cybercrimes.

   
Darcula Phishing Service Targets iPhones

In a recently published article by Netcraft, a new Phishing-as-a-Service (PhaaS) platform targeting iPhones via the iMessage application has been discovered.

Named Darcula, the platform uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.

   
Windows SmartScreen Vulnerability Used To Drop DarkGate

Security researchers at Trend Micro have discovered a DarkGate malware campaign using a vulnerability already patched in Windows Defender’s Smart Screen utility.

   
The Great BlackCat Ransomware Heist

Several news outlets, including Reuters, have been covering a fair amount of exciting news regarding the BlackCat ransomware gang, also tracked as ALPHV by this publication.

When this publication last covered BlackCat operations, they were seen exploiting both the Impacket and RemCom frameworks to facilitate infections better.

Now, the ransomware developers are looking to bow out of the operation, not by retiring gracefully but via an exit scam that may be intended to prevent affiliates from being paid out.

   

Page 2 of 54

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal