Read more here

Europol Shuts Down ‘Imminent Monitor’ RAT Operations with 13 Arrests

Imminent Monitor, a remote administration framework used by cybercriminals, was shut down by a coordinated international law enforcement operation. According to Europol, both buyers and sellers of the Imminent Monitor Remote Access Trojan (IM-RAT) were targeted during the operation. Over 14,500 individuals have bought the IM-RAT, and it’s been used to attack victims throughout 124 countries.

High-ranking customers of the IM-RAT were also arrested throughout the operation. These arrests were conducted throughout Australia, Colombia, Czechia, the Netherlands, Poland, Spain, Sweden, and the United Kingdom. According to TheHackerNews, the IM-RAT allows full control over the victims’ devices, allowing the malicious actor to conduct these actions:

record keystrokes,

steal data and passwords from browsers,

spy on victims via their webcams,

download/execute files,

disable anti-virus and anti-malware software,

terminate running processes,

perform dozens of other actions.

The trojan itself costs as little as $25 with lifetime access, making a cheap and accessible weapon to those who want to carry out malicious attacks.

You can find Europol’s press release here.

Read more here

Upbit Cryptocurrency Exchange Hacked, $48.5 Million Worth of ETH Stolen

Upbit, a South Korean cryptocurrency exchange, has disclosed a security breach resulting in the theft of $48.5 million worth of cryptocurrency from its hot wallets. Malicious actors were able to siphon 342,000 ETH, further establishing the importance of minimizing the use of hot wallets to store large sums of cryptocurrency. The cryptocurrency has been transferred to a wallet – 0xa09871AEadF4994Ca12f5c0b6056BBd1d343c029.

Upbit states that the exchange will cover the stolen funds, and it will restore regular operations in a few weeks. As a security precaution, all funds that are currently in its hot wallets have been transferred to a cold wallet.

Some users are suspicious of the incident, stating that the theft of the funds is due to an exit scam or inside job.

Get more information here

Adobe Magento Marketplace Exposes User Info in Data Breach

Magento Marketplace, a repository that provides free and paid extensions/themes for the e-commerce platform, has been breached, resulting in the theft of account information. Last year, Adobe acquired Magento for $1.68 billion.

Data from the breach includes names, emails, MageIDs, billing and shipping addresses, and phone numbers. According to BleepingComputer, other compromised information includes the percentages of payments to developers.

Magento explains that a vulnerability within the platform allowed an unauthorized third party to gain access to their system; however, the vulnerability was identified and quickly fixed.

Read more here

Dexphot Malware Hijacks 80K+ Devices to Mine Cryptocurrency

Dexphot has utilized a complex attack chain combined with antivirus evasion techniques to infect more than 80,000 devices. Once a device is infected, the malware siphons its CPU power to mine cryptocurrency. To evade security solutions, Dexphot implements “layers of obfuscation, encryption and randomized file names to hide its installation process.”

The malware also contains a script that monitors services and checks the status of the malicious processes running on the victims’ computers. If one process is interrupted, others will continue to run, adding redundancy to the malware attack.

Microsoft’s Defender ATP Research Team has released a blog post describing the malware. You can find it here.

Read more here