darkweb

Kimsuky APT Group Distributes Fake Security App Disguised as KISA Security Program

Kimsuky APT Group Distributes Fake Security App Disguised as KISA Security Program  The North Korean advanced persistent threat (APT) group Kimsuky has been found to be distributing a fake Korean Internet and Security Agency (KISA) app via malicious emails. In a recent tweet, a mobile malware researcher has shared information about a fake KISA vaccine or security android app disguised as the KISA security program.  When the target downloads the APK implanted file from the email and installs the application on his device, the malicious code does its job. It executes …

Kimsuky APT Group Distributes Fake Security App Disguised as KISA Security Program Read More »

Deep Dive into BlackCocaine Ransomware

On May 30, 2021, Nucleus Software, an India-based IT company in the Banking and Financial Services sector, noted a breach on its servers. The company has reported this incident to the Bombay Stock Exchange (BSE) and the National Stock Exchange of India (NSEI).  In the intimation letter, the company has said that it does not store the financial data of its customers, and the probability of financial data having been leaked is unlikely.   The Research …

Deep Dive into BlackCocaine Ransomware Read More »

Threat Actors Spreading Malware and Phishing Attacks Using COVID-19 as Threat Vector

In December 2019, COVID-19 was first identified in Wuhan, Hubei Province, China. To date it has had worldwide repercussions, affecting millions of people globally. The pandemic has transformed the lives of people and changed the way we work. On account of the ‘new normal’, organizations worldwide have been compelled to shift to digital means for carrying out their business and sharing critical information. With the adoption of working remotely, businesses are met …

Threat Actors Spreading Malware and Phishing Attacks Using COVID-19 as Threat Vector Read More »

Beware: Scam in the Name of Covid-19 Vaccines

In one of our previous blogs about COVID-19 we covered how cybercriminals have devised multiple ways to abuse an individual’s sensitive medical data and offer services such as fake COVID-19 Vaccination Certificates / Passports on cybercrime forums and dark web markets.   With COVID-19 as the threat vector, cybercriminals are devising newer ways to defraud people. The recent spike in COVID-19 cases globally, and especially in South Asia, has generated a situation marked by the lack of medical resources, and the shortage of the life-saving Remdesivir injection has left families of …

Beware: Scam in the Name of Covid-19 Vaccines Read More »