Malwarebytes Labs

Rogue cryptocurrency billboards go phishing for wallets

This is clearly a technique that is working for phishers no matter the location. NFT NYC describes itself as “the leading annual non-fungible token event”. Users reported scam billboards in NYC with QR codes leading to wallet drainer sites.

Conti ransomware group's pulse stops, but did it fake its own death?

While the cause of the data leak site’s disappearance isn’t known for sure, and criminal dark web sites are notoriously flaky, there is good reason to suspect that Conti has gone permanently.

Client-side Magecart attacks still around, but more covert

For now, researchers say that Magecart client-side attacks are still around and that we could easily be missing them if we rely on automated crawlers and sandboxes, at least if we don’t make them more robust.

It’s official, today you can say goodbye to Internet Explorer. Or can you?

The retirement consists of two phases. During the first phase—the redirection phase—devices will be progressively redirected from IE to Microsoft Edge over the following months.

Taking down the IP2Scam tech support campaign

This tech support scam campaign has been seen by many people (victims and scambaiters alike) and can be recognized by its URL scheme because it always consists of an IP address, instead of a registered domain name.

MakeMoney malvertising campaign adds fake update template

Malwarebytes researchers identified a malvertising campaign leading to a fake Firefox update. The template is strongly inspired from similar schemes and in particular the one distributed by the FakeUpdates (SocGholish) threat actors.

Prometheus ransomware's flaws inspired researchers to try to build a near-universal decryption tool

Prometheus included a major “vulnerability” that led security researchers at IBM to try and build a one-size-fits-all ransomware decryptor that could work against multiple ransomware variants.

RansomHouse makes extortion work without ransomware

RansomHouse has been firm about its non-use of ransomware in its exploits despite the group’s name. They also reportedly do not encrypt files they stole from organizations.

Runescape phish claims your email has been changed

This email is being fired out to random addresses; it’s not a targeted attack. The phisher is simply hoping that of all the recipients, a few have an account with the service they’re imitating.

Double-whammy attack follows fake Covid alert with a bogus bank call

The BBC has revealed details of how a food bank in the United Kingdom was conned out of about $63,000 (£50,000) by scammers who used two separate attacks to fleece their victims.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags