GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

In an operation crowned “unprecedented,” Europol and the DOJ joined forces and successfully dismantled what was left of the GozNym cybercrime gang that attempted to steal well over $100 million.

The post GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation appeared first on Security Intelligence.

Continue reading GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.

The post The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018 appeared first on Security Intelligence.

Continue reading The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

Tricks and COMfoolery: How Ursnif Evades Detection

Ursnif is one of the main threats that is effectively evading detection right now (at publication) The dropper uses a COM technique to hide its process parentage WMI is used to bypass a Windows Defender attack surface reduction rule Fast evolution of d… Continue reading Tricks and COMfoolery: How Ursnif Evades Detection

Fake Court summonses, Judgements, Subpoenas delivering malware

Starting Yesterday evening and continuing steadily all day so far today,  we saw what was supposed to be a malspam campaign with a lure of court summonses. None of the links I followed actually delivered any malware but did instead lead to a zip file t… Continue reading Fake Court summonses, Judgements, Subpoenas delivering malware

Urgent to all residents of the building email delivers Ursnif

We are seeing a fairly large Ursnif /Gozi /ISFB campaign hitting the UK since Yesterday. Earlier we saw a Brexit theme and now we are seeing emergency exit notices. The subject this time is consistent in all versions  “Urgent to all residents of … Continue reading Urgent to all residents of the building email delivers Ursnif

Ursnif campaign hitting UK imitating well known companies

We are seeing an Ursnif /Gozi /ISFB campaign hitting the UK since yesterday. I was first alerted by this Twitter post. I started to investigate quickly last night and several much better researchers and analysts have taken over and found much more deta… Continue reading Ursnif campaign hitting UK imitating well known companies

Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID

Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.

The post Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID appeared first on Security Intelligence.

Continue reading Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID