"Elite Russian Hackers Claim To Have Breached Three Major U.S. Antivirus Makers"
There's a never-ending game of cat and mouse between cybercriminals and the companies that develop anti-malware software. For three U.S.-based providers, it could get a lot more challenging. A group of elite Russian hackers claims to have infiltrated their networks and stolen the source code for their software.
Researchers with Advanced Intelligence (AdvIntel) have been tracking the activity of the group on underground forums for some time. The hackers, who operate under the handle Fxmsp, have an established reputation for infiltrating well-protected networks. Their targets typically include highly-sensitive corporate and government information...
"The Internet's Most Notorious Botnet Has an Alarming New Trick"
Security firms AdvIntel and Eclypsium today revealed that they've spotted a new component of the trojan that TrickBot hackers use to infect machines. The previously undiscovered module checks victim computers for vulnerabilities that would allow the hackers to plant a backdoor in deep-seated code known as the Unified Extensible Firmware Interface, which is responsible for loading a device's operating system when it boots up. Because the UEFI sits on a chip on the computer’s motherboard outside of its hard drive, planting malicious code there would allow TrickBot to evade most antivirus detection, software updates, or even a total wipe and reinstallation of the computer's operating system. It could alternatively be used to "brick" target computers, corrupting their firmware to the degree that the motherboard would need to be replaced...
"Carders Prefer Audio Skimmers over Less Efficient Flash Skimmers"
Although web skimming attacks are rampant these days, the underground market for physical card skimming devices is thriving and changing at the rate of technological advancements.
Card skimming is when cybercriminals add their own spying equipment to an automated teller machine (ATM) or point-of-sale system (PoS) to copy the information they process from credit or debit cards.
Offline carders organize in closed networks.
Known as "real/offline carding," this technique is ancient and has been giving headaches to both banks and the customers that got their cards copied...
"Advanced Intelligence LLC Releases Revolutionary Threat Prevention & Loss Avoidance Platform"
New York-based cybersecurity firm Advanced Intelligence, LLC introduced the revolutionary Andariel® threat prevention and loss avoidance platform.
To address the challenges of the 21st-century digital interconnectivity, meet Andariel – a unique threat prevention and loss avoidance platform that sheds light on the DarkWeb cyber underground in order to spot threats and compromises preemptively and proactively. Prolific botnets, ransomware syndicates, cyber extortionists, carders, advanced persistent threat groups, crimeware operators, fraud exploiting the COVID pandemic – Andariel ensures ultimate visibility into these threats before they actualize and harm individuals and businesses...
"Underground Intrusion Specialists Team Up With Ransomware Groups"
A new report highlights how “access-as-a-service” providers and ransomware groups have come together to compromise and victimize more targets. Alliances between these types of cybercriminal teams can allow malware to spread further and faster into lucrative targets, most often company networks. A ransomware’s lifespan is fueled by finding new victims, a need that can be fulfilled by the intrusion experts that rent or sell access to different company networks.
A report from the Advanced Intelligence (AdvIntel) security organization shows how the complex underground syndicates and different malware groups can operate together...
"Hackers breached 3 US antivirus companies, researchers reveal"
In a report published Thursday, researchers at the threat-research company Advanced Intelligence (AdvIntel) revealed that a collective of Russian and English-speaking hackers are actively s the spoils of data breaches at three US-based antivirus software vendors. The collective, calling itself “Fxmsp,” is selling both source code and network access to the companies for $300,000 and is providing samples that show strong evidence of the validity of its claims.
Yelisey Boguslavskiy, director of research at AdvIntel, told Ars that his company notified “the potential victim entities” of the breach through partner organizations; it also provided the details to US law enforcement...