InfoSec News

Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in the arrests of 975 individuals and the closure of more than 1,600 cases. This comprised two fugitives via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

U.S. govt seizes domains used in 'pig butchering' scams For the first time, the U.S. Department of Justice seized seven domains that hosted websites linked to "pig butchering" scams, where fraudsters trick victims of romance scams into investing in cryptocurrency via fake investment platforms. [...] via BleepingComputer (author: Sergiu Gatlan)

New RansomExx Ransomware Variant Rewritten in the Rust Programming Language The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna. The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily designed to run on the Linux operating system, although it's expected that a Windows version will via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Police are sending messages to 70,000 people who may have fallen victim to phone scammers A major anti-fraud operation is underway, following an international crackdown on spoofing. via Latest stories for ZDNET in Security

Bahamut Cyber Espionage Hackers Targeting Android Users with Fake VPN Apps The cyber espionage group known as Bahamut has been attributed as behind a highly targeted campaign that infects users of Android devices with malicious apps designed to extract sensitive information. The activity, which has been active since January 2022, entails distributing rogue VPN apps through a fake SecureVPN website set up for this purpose, Slovak cybersecurity firm ESET said in a new via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

'iSpoof' service dismantled, main operator and 145 users arrested The 'iSpoof' online spoofing service has been dismantled following an international law enforcement investigation that also led to the arrest of 146 people, including the suspected mastermind of the operation. [...] via BleepingComputer (author: Bill Toulas)

Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware Companies based in the U.S. have been at the receiving end of an "aggressive" Qakbot malware campaign that leads to Black Basta ransomware infections on compromised networks. "In this latest campaign, the Black Basta ransomware gang is using QakBot malware to create an initial point of entry and move laterally within an organization's network," Cybereason researchers Joakim Kandefelt and via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

34 Russian Hacker Groups Stole Over 50 Million Passwords with Stealer Malware As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. "The underground market value of stolen logs and compromised card details is estimated around $5.8 million," Singapore-headquartered Group-IB said in a report shared with The Hacker News. Aside from looting via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Microsoft warns: This forgotten open-source web server could let hackers 'silently' gain access to your system Users of affected network gateway appliances likely don't even know their router is running a web server that was discontinued 17 years ago. via Latest stories for ZDNET in Security

Backdoored Chrome extension installed by 200,000 Roblox players Chrome browser extension 'SearchBlox' installed by more than 200,000 users has been discovered to contain a backdoor that can steal your Roblox credentials as well as your assets on Rolimons, a Roblox trading platform. [...] via BleepingComputer (author: Ax Sharma)