RiskIQ offers an updated warning about a recently discovered cybercriminal outfit they've called "Full(z) House." The gang operates in two ways: credential and private information phishing, and then skimming or phishing paycards during e-commerce checkouts. Their goal is fullz: paycard information plus extensive associated PII.
Phishing is a common nation-state tactic as well. Google, which tracks more than two-hundred-seventy government-run groups operating on behalf of about fifty countries, reports that between July and September it issued more than twelve-thousand warnings to victims in one-hundred-forty-nine countries, as close to everywhere as makes little difference. Google notes that this is about the same warning rate, give or take ten percent, they observed during the same period in 2017 and 2018.
ESET has found a cryptojacking campaign that operates through YouTube videos' descriptive texts. The operators behind the Stantinko botnet have added some Monero-mining functionality to their malware.
BleepingComputer offers an account of a new strain of ransomware, "DeathRansom," that's upped its game. The earlier infestations researchers observed didn't actually encrypt the victims' data at all, but merely appended a dot-wctc extension to affected files. DeathRansom last week began encrypting the files. Researchers see a possible connection, at least in terms of infection vectors, to STOP ransomware.
Microsoft reflects on lessons learned from a year tracking the polymorphic Dexphot threat. In sum, ordinary threats are showing increased sophistication.