Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. 2, and Aug.

Mobile 338

Mobile Phishing Authentication Accountability 338

Krebs on Security

FEBRUARY 26, 2023

But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. In a filing with the U.S.

Hacking 324

Hacking Social Engineering Phishing Scams 324

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 363

Phishing VPN Social Engineering Media 363

Threatpost

MARCH 12, 2019

Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report.

Phishing 78

Phishing Media Cryptocurrency Scams 78

Krebs on Security

AUGUST 7, 2018

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. A WORRIED MOM. GRAND PLANS.

Mobile 246

Mobile Cryptocurrency Computers and Electronics Scams 246

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Malware infection. cmd.exe /c “mkdir %public%MM >%temp%TMPF522.tmp

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. In early July 2018, Ferri was traveling in Europe when he discovered his T-Mobile phone no longer had service.

Mobile 267

Mobile Cryptocurrency Accountability Passwords 267

Security Affairs

NOVEMBER 15, 2019

On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency. In May, the U.S.

Cryptocurrency 106

Cryptocurrency Identity Theft Accountability Media 106

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 63

Small Business Cybersecurity Passwords Scams 63

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. Phishing: In 2021, 8.2% of users were hit by phishing. of all phishing schemes in 2021, compared to the 11.1%

Banking 141

Banking Phishing Cryptocurrency Malware 141

Malwarebytes

FEBRUARY 19, 2025

Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts. By 2018, TrickBot was the largest threat to businesses. But there is another threat to info stealers that comes from their recent history. They are wildly adaptable.

Malware 131

Malware Software Passwords Cryptocurrency 131

Security Affairs

OCTOBER 18, 2018

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018. This data was included in the annual Hi-Tech Crime Trends 2018 report, presented by Group-IB CTO, Dmitry Volkov, at the sixth international Cyber?rimeCon rimeCon conference.

Cyber Attacks 110

Cyber Attacks Cryptocurrency Phishing Social Engineering 110

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. The new campaign. Be careful.

Cryptocurrency 95

Cryptocurrency Malware Scams Cybercrime 95

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Cryptocurrency 140

Cryptocurrency Social Engineering Computers and Electronics Engineering 140

Security Affairs

SEPTEMBER 9, 2018

Researchers from Kaspersky have published a new report on the attacks on ICS systems observed by its products in the first half of 2018. Kaspersky Lab experts have published a new report titled “Threat Landscape for Industrial Automation Systems” report for H1 2018, that includes interesting data related to attacks against the ICS systems.

Internet 77

Internet Internet Advertising Malware 77

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 74

Cryptocurrency Passwords Authentication Accountability 74

Security Affairs

JUNE 4, 2020

Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names.

Accountability 128

Accountability Phishing DNS Cryptocurrency 128

Security Affairs

FEBRUARY 17, 2021

The indictment unsealed today charges two North Korean officials, Jon Chang Hyok (31), and Kim Il (27), and expands the charges initially brought against Park Jin- hyok in 2018 by the DoJ. In 2018, the U.S. government as “ FASTCash ” – including the October 2018 theft of $6.1 ” reads the press release published by the DoJ.

Cryptocurrency 113

Cryptocurrency Banking Hacking Ransomware 113

SecureWorld News

FEBRUARY 18, 2021

And the targets in this case are widespread: banks, ATMs, cryptocurrency exchanges, online casinos, movie studios such as Sony Pictures, and theater chains such as AMC. government as "FASTCash"—including the October 2018 theft of $6.1 million from an Indonesian cryptocurrency company in September 2018; and $11.8

Hacking 109

Hacking Cryptocurrency Computers and Electronics Banking 109

Krebs on Security

APRIL 7, 2022

In May 2018, the FBI executed a similar strategy to dismantle VPNFilter, which had spread to more than a half-million consumer devices. ” In Dragonfly’s second iteration between 2014 and 2017, the hacking group spear-phished more than 3,300 people at more than 500 U.S. ” HYDRA.

Marketing 301

Marketing Energy and Utilities Malware Ransomware 301

SecureList

MARCH 31, 2021

Even though, in 2020, we have seen ever more sophisticated cyberattacks, the overall statistics look encouraging: the number of users hit by computer and mobile malware declines, so does financial phishing. Traditionally, the study covers the common phishing threats encountered by users, along with Windows and Android-based financial malware.

Banking 145

Banking Phishing Malware Mobile 145

SecureList

MARCH 3, 2022

Percentage of ICS computers on which malicious objects were blocked, January – December 2018 – 2021 ( download ). It is also worth noting that in 2021 the vectors of monthly fluctuations (increases and decreases) are the same as those in 2019 and, particularly, in 2018 more often than in 2020. Selected industries. Malicious objects.

Spyware 130

Spyware Ransomware Cryptocurrency Phishing 130

SC Magazine

FEBRUARY 17, 2021

Charges against one of the three were first brought in 2018. billion in currency and cryptocurrency and further other strategic interests for the North Korean government. Park was already charged in 2018 for the WannaCry attacks, and the indictment expands charges against him for other hacking campaigns.

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Webroot

APRIL 7, 2021

The reason for this volatility is at least partly attributed to an event known as “ the halvening ,” where the reward generating supply of the cryptocurrency is cut in half, simultaneously increasing demand. Not necessarily, says threat researcher and cryptocurrency expert Tyler Moffitt. A more direct relationship.

Ransomware 122

Ransomware Cryptocurrency Marketing Cybercrime 122

Security Affairs

MAY 3, 2024

The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. The Moobot botnet has been active since at least 2016, it also includes other routers and virtual private servers (VPS). ” reported Trend Micro. ” concludes the report.

Phishing 125

Phishing Cryptocurrency Internet Internet 125

Krebs on Security

AUGUST 25, 2018

Rather, it’s likely that additional spammers and scammers piled on with their own versions of the phishing email after noticing that some recipients were actually paying up. In early June 2018, uscourtsgov-dot-com was associated with a Sigma ransomware scam delivered via spam. Source: Archive.org. web-shield-dot-biz.

Scams 152

Scams Internet Internet Passwords 152

Responsible Cyber

JULY 13, 2024

Introduction Cryptocurrency represents a groundbreaking innovation in the financial sector, offering decentralized, peer-to-peer digital transactions through blockchain technology. However, the allure of these digital assets also attracts malicious actors, making cryptocurrency security paramount.

Cryptocurrency 52

Cryptocurrency Cyber Attacks Social Engineering Scams 52

CyberSecurity Insiders

APRIL 5, 2023

According to a study conducted by se-curity firm Mandiant, the group has been in operation since 2018 and has now been tasked with carrying out both espionage and financially motivated attacks such as credential harvesting and social engineering.

Hacking 105

Hacking Social Engineering Cryptocurrency Manufacturing 105

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. Roaming Mantis reaches Europe.

Phishing 133

Phishing Spyware Firmware Malware 133

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto.

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool. Target reshuffle.

Phishing 87

Phishing Spyware Banking Malware 87

SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The attack starts with phishing emails purporting to be a court order or summons from an institution in Colombia’s judicial system.

Energy and Utilities 106

Energy and Utilities Ransomware Malware Government 106

Heimadal Security

MAY 25, 2021

CryptoCore is a hacking group that has pulled off cryptocurrency heists that may worth more than $200 million. Security researchers are putting together pieces of information from multiple attacks on cryptocurrency exchanges, as the attacks started in 2018 and used spear-phishing as their principal MO in order to gain an initial foothold.

Cryptocurrency 63

Cryptocurrency Phishing Hacking Cybersecurity 63

Malwarebytes

FEBRUARY 19, 2021

Park was already indicted back in Septmber 2018 for his involvement in multiple destructive cybercrime attacks, which includes the creation of WannaCry that made headlines in 2017, the Bangladesh Bank cyber heist in 2016, and the attack on Sony Pictures Entertainment (SPE) in 2015.

Cryptocurrency 112

Cryptocurrency Banking Cybercrime Hacking 112

Security Affairs

OCTOBER 23, 2018

A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies. A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies, and implements new features.

Marketing 105

Marketing Cybercrime Cryptocurrency Advertising 105

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Attacks on bank customers: The decline of Android Trojans and the triumph of phishing.

Cyber Attacks 108

Cyber Attacks Banking Cyber threats Phishing 108

Security Affairs

NOVEMBER 19, 2021

Since 2018, Proofpoint researchers tracked the activity associated with TA406 as three distinct threat actors, namely TA406, TA408 and TA427. TA406 has also targeted individuals and organizations related to cryptocurrency for the purpose of financial gain.” ” reads the report.

Cryptocurrency 102

Cryptocurrency Malware Government Education 102