2020, Cryptocurrency and Web Fraud - Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

New Anti Anti-Money Laundering Services for Crooks

Krebs on Security

AUGUST 13, 2021

A new dark web service is marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. “The likes of ransomware and darknet markets rely on payments being made in Bitcoin and other cryptocurrencies.

Cryptocurrency

Cryptocurrency Marketing Ransomware Financial Services

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking

Hacking Social Engineering Phishing Scams

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

Anti-Money Laundering Service AMLBot Cleans House

Krebs on Security

OCTOBER 15, 2022

AMLBot , a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.

Cryptocurrency

Cryptocurrency Marketing Cybercrime Technology

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

One of the more popular SIM-swapping channels on Telegram maintains a frequently updated leaderboard of the most accomplished SIM-swappers, indexed by their supposed conquests in stealing cryptocurrency. The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software.

Hacking

Hacking Phishing Cybercrime Passwords

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

In May, KrebsOnSecurity interviewed a Russian spammer named “ Quotpw “ who was mass-registering accounts on the social media network Mastodon in order to conduct a series of huge spam campaigns advertising scam cryptocurrency investment platforms. com site,” the Trend researchers wrote. Image: Trend Micro.

Accountability

Accountability Scams Cryptocurrency Advertising

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

22, 2020, when cryptocurrency wallet company Ledger acknowledged that someone had released the names, mailing addresses and phone numbers for 272,000 customers. Allison Nixon , chief research officer with New York City-based cyber intelligence firm Unit221B , recalled what happened in the weeks leading up to Dec.

Passwords

Passwords Password Management Phishing Scams

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance. .” On July 28 and again on Aug. 7, several employees at email delivery firm Mailchimp provided their remote access credentials to this phishing group. According to an Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

” asked Ohad Zaidenberg , founder of CTI League , a volunteer emergency response community that emerged in 2020 to help fight COVID-19 related scams. . “Is there one person from our community that think sending cease and desist letter to a hackers forum operator is a good idea?,” “Who does it?

Data breaches

Data breaches Banking Cybercrime Marketing

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

billion euros in 2020 alone. Treasury sanctioned a number of cryptocurrency wallets associated with Hydra and with a virtual currency exchange called “ Garantex ,” which the agency says processed more than $100 million in transactions associated with illicit actors and darknet markets.

Marketing

Marketing Energy and Utilities Malware Ransomware

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Double-Your-Crypto Scams Share Crypto Scam Host

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. The ark-x2[.]org The ark-x2[.]org

Scams

Scams Cryptocurrency Media Hacking

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

” The 30-year-old Donahue said he left the FBI in April 2020 to start Kodex because it was clear that social media and technology companies needed help validating the increasingly large number of law enforcement requests domestically and internationally. Apple’s compliance with EDRs was 93 percent worldwide in 2020.

Mobile

Mobile Government Media Technology

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

” Beige members were implicated in two stories published here in 2020. In November 2020, intruders thought to be associated with the Beige Group tricked a GoDaddy employee into installing malicious software, and with that access they were able to redirect the web and email traffic for multiple cryptocurrency trading platforms.

Cybercrime

Cybercrime Accountability Mobile Hacking

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

2020 story from The Press of Atlantic City , a then 19-year-old Patrick McGovern Allen was injured after driving into a building and forcing residents from their home. There are dozens of SIM swappers who are now teenage or 20-something millionaires, by virtue of having stolen vast sums of cryptocurrencies from SIM swapping victims.

Government

Government Accountability Web Fraud Cryptocurrency

Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

New Anti Anti-Money Laundering Services for Crooks

Trending Sources

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

When Low-Tech Hacks Cause High-Impact Breaches

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Anti-Money Laundering Service AMLBot Cleans House

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Service Rents Email Addresses for Account Signups

The Life Cycle of a Breached Database

How 1-Time Passcodes Became a Corporate Liability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

When Efforts to Contain a Data Breach Backfire

Actions Target Russian Govt. Botnet, Hydra Dark Market

Interview With a Crypto Scam Investment Spammer

Double-Your-Crypto Scams Share Crypto Scam Host

Fighting Fake EDRs With ‘Credit Ratings’ for Police

The Dark Nexus Between Harm Groups and ‘The Com’

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Stay Connected