Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud

Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We've seen some examples where

Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years

A malware botnet called Ebury is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still compromised as of late 2023. The findings come from Slovak cybersecurity firm ESET, which characterized it as one of the most advanced server-side malware campaigns for financial gain. "Ebury actors have been pursuing monetization activities [...],

Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials

Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users' credentials from compromised devices. "This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices," the SonicWall Capture Labs threat research team said in a recent report. The

Google Sues App Developers Over Fake Crypto Investment App Scam

Google has filed a lawsuit in the U.S. against two app developers for allegedly engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam

Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia

The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," the Ministry of External Affairs (MEA) said in a statement, adding it had rescued 75 people in the past three

Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts

The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up to 15 years in prison. The accounts, authorities said, were

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials

A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized

PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today. “Thanks to this new technique, during PixPirate reconnaissance

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said. The attack chain involves the use of

How Cybercriminals are Exploiting India's UPI for Money Laundering Operations

Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a "key tool for onboarding and managing these money mules," CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam 

U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture

The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including the U.S. Departments of the Treasury and State, defense contractors that support U.S. Department of

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit