CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Security researchers have discovered a new Mac malware threat that appears to be a sophisticated attempt to raid cryptocurrency wallets.
Read more in my article on the Tripwire State of Security blog.
Continue reading CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Mac users can’t ignore the need to protect their computers from malware with up-to-date anti-virus software and other security tools.
The post CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency appeared first … Continue reading CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Panda Threat Group Mines for Monero With Updated Payload, Targets

Though harboring unsophisticated payloads, the Panda threat group has updated its tactics – from targets to infrastructure – and successfully mined hundreds of thousands of dollars using cryptomining malware. Continue reading Panda Threat Group Mines for Monero With Updated Payload, Targets

Ex-Amazon worker – suspected of hacking Capital One – faces charges of breaching 30 other companies to mine cryptocurrency

Capital One isn’t the only organisation allegedly to have had its data breached by Paige Thompson, the former Amazon systems engineer.
Read more in my article on the Hot for Security blog.
Continue reading Ex-Amazon worker – suspected of hacking Capital One – faces charges of breaching 30 other companies to mine cryptocurrency

Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking

A federal grand jury indicted Paige Thompson, the accused Capital One hacker, in connection with allegations that she accessed data on more than 30 companies and used that illicit access to generate cryptocurrency, the Department of Justice said Wednesday. Thompson was arrested on July 29 on suspicion of hacking into the bank’s systems and accessing data on roughly 106 million people. The indictment this week reiterates many of the allegations laid out in last month’s FBI complaint against Thompson, adding accusations that she obtained sensitive data from companies outside Capital One, including an unnamed university and a telecommunications firm. Federal attorneys from the Western District of Washington also say Thompson, upon breaching victim organizations, leveraged their computing power to mine for cryptocurrency, an activity known as cryptojacking. Thompson, 33, is a Seattle-based software engineer who formerly worked for Amazon Web Services, the cloud computing giant on which Capital One relies to […]

The post Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking appeared first on CyberScoop.

Continue reading Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking

Smashing Security #143: Hacking from outer space, Ukrainian cryptomining, and deepfaked Canadians

Was a cybercrime committed on the International Space Station? What on earth were Ukrainian scientists thinking when they plugged a nuclear power station into the internet? And someone has cloned Canadian clinical psychologist Jordan Peterson’s v… Continue reading Smashing Security #143: Hacking from outer space, Ukrainian cryptomining, and deepfaked Canadians

Joint Effort Neutralized Over 850K Infections of Retadup Worm

A joint investigatory effort neutralized more than 850,000 unique infections of Retadup, a worm known for targeting Windows machines in Latin America. In March 2019, Avast came across an interesting cryptomining payload that arrived with a advanced ste… Continue reading Joint Effort Neutralized Over 850K Infections of Retadup Worm

Browser Push Notifications: Useful Feature Exploited by Deceptive Marketers

Pop-ups and browser lockers have given way to irritating and potentially destructive push notifications For many of us, when we hear the word “malware,” the first thing that comes to mind would be visions of emptied bank accounts, encrypte… Continue reading Browser Push Notifications: Useful Feature Exploited by Deceptive Marketers