Alleged SmokeLoader malware operator facing federal charges in Vermont | The Record from Recorded Future News

Last week, officials from Europol announced follow-up actions to a massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Bumblebee and SmokeLoader. From at least January 2022 to May 2023, Moses allegedly maintained a command and control server located in the Netherlands to deploy the SmokeLoader malware and receive stolen data from victim computers. An alleged operator of the SmokeLoader malware is now facing federal hacking charges in Vermont after accusations that he stole personal information on more than 65,000 people. “Moses deployed the malware as a means to harvest personal information and passwords from victims without the knowledge of the owners of the victim computers," prosecutors said. Nicholas Moses initially had charges filed in North Carolina this week, but the case was transferred to federal prosecutors in Vermont on Wednesday. Moses also shared a screenshot of the SmokeLoader interface which showed a database of 619,763 files containing stolen victim data. Moses claimed he had acquired "over half a million stealer logs" and that he sold stolen victim credentials and passwords for about $1 to $5 each, prosecutors said. However, because of its modular design, SmokeLoader can perform a wide range of functions, including stealing credentials, executing distributed denial-of-service (DDoS) attacks and intercepting keystrokes. Multiple law enforcement agencies in Canada, Denmark, the Czech Republic, France, Germany, the Netherlands and the U.S. followed the leads uncovered in Operation Endgame to link online personas and their usernames to real-life individuals. SmokeLoader is a complex malware strain primarily functioning as a loader, which downloads stealthier or more effective malicious software into the system.

This Cyber News was published on therecord.media. Publication date: Fri, 18 Apr 2025 16:35:16 +0000


Cyber News related to Alleged SmokeLoader malware operator facing federal charges in Vermont | The Record from Recorded Future News

Alleged SmokeLoader malware operator facing federal charges in Vermont | The Record from Recorded Future News - Last week, officials from Europol announced follow-up actions to a massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Bumblebee and SmokeLoader. From at ...
1 month ago Therecord.media
Ukraine cyber officials warn of a 'surge' in Smokeloader attacks on financial, government entities - Suspected Russian cybercriminals have increased their attacks against Ukrainian financial and government organizations using Smokeloader malware, according to Ukrainian cybersecurity officials. Since May of this year, the malware operators have ...
1 year ago Therecord.media
Authorities Seized Smokeloader Malware Operators & Seized Servers - According to Europol, the suspects were identified through a critical database seized during the initial phase of Operation Endgame in May 2024, which contained user records linking online identities to real-world individuals. Law enforcement ...
1 month ago Cybersecuritynews.com
Police detains Smokeloader malware customers, seizes servers - A database seized during Operation Endgame included customers registered for Smokeloader botnet services, allowing officers to track down cybercriminals by linking their online aliases to real-life individuals. In follow-up activity for Operation ...
1 month ago Bleepingcomputer.com
Agenda Ransomware Group Upgraded Their Arsenal With SmokeLoader and NETXLOADER - The attack chain begins with NETXLOADER, progresses through SmokeLoader, and culminates with the deployment of Agenda ransomware, creating a multi-stage infection process that maximizes stealth while ensuring effective payload delivery and execution. ...
3 weeks ago Cybersecuritynews.com
SmokeLoader Malware Using Weaponized 7z Archive to Distribute Infostealers - The presence of this campaign highlights the continued evolution of financially motivated threat actors who leverage increasingly sophisticated techniques to deliver their malicious payloads while evading security controls. Once executed, SmokeLoader ...
1 month ago Cybersecuritynews.com
Vermont passes data privacy law allowing consumers to sue companies - Vermont's legislature on Friday passed one of the country's strongest comprehensive data privacy laws, with language allowing individuals to sue companies for violating their privacy rights - an unprecedented provision among similar existing state ...
1 year ago Therecord.media
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
11 months ago Pandasecurity.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
1 year ago Pandasecurity.com
Data broker's "staggering" sale of sensitive info exposed in unsealed FTC filing - One of the world's largest mobile data brokers, Kochava, has lost its battle to stop the Federal Trade Commission from revealing what the FTC has alleged is a disturbing, widespread pattern of unfair use and sale of sensitive data without consent ...
1 year ago Arstechnica.com
Top 10 Best Dynamic Malware Analysis Tools in 2025 - FireEye Malware AnalysisEnterprise-grade solution, zero-day detection, integration with threat intelligence, memory forensics.Enterprise-grade malware detection and forensicsPricing details not publicly available; contact for quote.Yes6. Detux ...
3 months ago Cybersecuritynews.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com