SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. The group is currently active (recent activity was spotted in November 2021).

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Malwarebytes

AUGUST 13, 2021

A fair few cryptocurrency scams have been doing the rounds across 2021. Fake Elon Musk cryptocurrency scams. Another social media shenanigan involving cryptocurrency? The FTC estimates at least $2 million has been stolen from cryptocurrency investors. Recovery code theft. It’s not pocket change, either.

Scams 116

Scams Cryptocurrency Social Engineering Media 116

SecureList

AUGUST 23, 2021

The video game industry is soaring, not in the least thanks to the lockdowns, which forced people to look for new ways to entertain themselves and socialize. billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. billion in the first half of 2021.

Mobile 139

Mobile Adware Malware Phishing 139

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency 296

Cryptocurrency Cybercrime Computers and Electronics Scams 296

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Krebs on Security

AUGUST 30, 2022

4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. 2021 post about the change. On that last date, Twilio disclosed that on Aug. ” On July 28 and again on Aug. In an Aug.

Mobile 344

Mobile Phishing Authentication Accountability 344

Security Through Education

MARCH 22, 2023

They all use psychology and social engineering skills to convince their victims to take an action that is detrimental to them. This is one of the easiest forms of impersonation for scammers, which explains the drastic increase in the number of fake social media accounts. billion fake accounts in 2021.

Scams 122

Scams Social Engineering Engineering Media 122

SecureList

AUGUST 10, 2022

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. Malicious DOCX social engineering message. The initial infection and toolset deployment, as we observed them starting in at least late 2021, are schematized below (see Figure 2).

Cryptocurrency 116

Cryptocurrency Encryption Social Engineering Passwords 116

Malwarebytes

MARCH 19, 2024

SIM swapping can be done in a number of ways, but perhaps the most common involves a social engineering attack on the victim’s carrier. However, if you have a telecoms manager on your payroll then there’s no need for social engineering—they can just do the SIM swap for you. Katz pleaded guilty before Chief U.S.

Social Engineering 143

Social Engineering Computers and Electronics Mobile Identity Theft 143

Security Boulevard

JANUARY 28, 2022

Cryptocurrency scammers love social media—especially Meta’s platforms. consumers in 2021. Hundreds of millions of dollars were scammed from U.S. The post Fake Cash Scams Thrive on Facebook and Insta—FTC appeared first on Security Boulevard.

Scams 128

Scams Cryptocurrency Media Social Engineering 128

SecureWorld News

JULY 11, 2022

Axie Infinity, a video game that utilizes NFTs and Ethereum-based cryptocurrencies, lost $540 million in March of this year after a senior engineer was tricked into opening a PDF of a fake job application, according to a story from The Block. This was discontinued in December 2021, but the allowlist access was not revoked.

Social Engineering 98

Social Engineering Hacking Cryptocurrency Engineering 98

Security Boulevard

FEBRUARY 12, 2021

Europol correctly describes the primary method of SIM-swapping when they say in the press release above, "This is typically achieved by the criminals exploiting phone service providers to do the swap on their behalf, either via a corrupt insider or using social engineering techniques.". How do Phone Company Insiders enable these scams?

Cryptocurrency 119

Cryptocurrency Accountability Scams Social Engineering 119

SecureWorld News

FEBRUARY 7, 2022

Cyberattacks targeting cryptocurrency exchanges were on a roll in 2021 and have continued into 2022. billion was outright stolen from decentralized finance (DeFi) platforms in 2021. Chainalysis reported that approximately $2.2 So what are the most common tactics threat actors from North Korea use?

Cryptocurrency 98

Cryptocurrency Cybercrime Social Engineering Engineering 98

CyberSecurity Insiders

APRIL 5, 2023

According to a study conducted by se-curity firm Mandiant, the group has been in operation since 2018 and has now been tasked with carrying out both espionage and financially motivated attacks such as credential harvesting and social engineering.

Hacking 105

Hacking Social Engineering Cryptocurrency Manufacturing 105

Malwarebytes

DECEMBER 6, 2022

Nicholas Truglia (25) from Florida was sentenced to 18 months on Thursday for his involvement in a digital heist that cost Michael Terpin ( @michaelterpin ), a renowned personality in the cryptocurrency space, $23.8M. According to El Reg , Terpin's cryptocurrency of choice was TRIG, which was worth $7 then.

Cryptocurrency 97

Cryptocurrency Social Engineering Accountability Media 97

SC Magazine

APRIL 8, 2021

For the uninitiated, NFTs are unique tokens that accompany original and collectible digital artwork or videos that can be sold or traded as a form of cryptocurrency, with transactions registered on the blockchain. Many of the earlier NFTs involved illustrations of kittens, but they can take the form of just about anything. billion in 2020.

Scams 137

Scams Cryptocurrency Phishing Marketing 137

Security Affairs

NOVEMBER 15, 2021

The malware has been active at least since late October 2021, it targeting the mobile users of banks in Italy, the UK, and the US. The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. The name comes after one of the domains used for its command and control servers.

Banking 144

Banking Mobile Social Engineering Malware 144

eSecurity Planet

SEPTEMBER 14, 2022

According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. In 2021 alone, IC3 received 847,376 complaints which amounted to $6.9 Cybercrime is a growth industry like no other. billion in reported losses. since Q3 of 2007. Business targets.

Social Engineering 121

Social Engineering Energy and Utilities Phishing Internet 121

Security Affairs

FEBRUARY 6, 2022

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued a flash alert on Lockbit ransomware operation CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Over 500,000 people were impacted by a ransomware attack that hit Morley Ransomware attack hit Swissport International causing delays (..)

Social Engineering 98

Social Engineering Cryptocurrency Small Business Ransomware 98

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

Webroot

FEBRUARY 13, 2024

Rise in Cryptocurrency Payments : Fraudsters are increasingly asking for payments in cryptocurrency, exploiting its semi-anonymous nature. In 2021, losses to romance scams involving cryptocurrency were reported at $139 million ​​. This includes ensuring that personal devices used for work purposes are also secure.

Scams 114

Scams Cryptocurrency Media Education 114

Security Boulevard

DECEMBER 3, 2021

Schadenfreude: This week saw a pair of high-profile cryptocurrency thefts, totalling over $150 million. The post $150M Stolen in ‘Imaginary Money’ Crypto/DeFi Hacks appeared first on Security Boulevard.

Hacking 126

Hacking Cryptocurrency Social Engineering Engineering 126

Webroot

JANUARY 7, 2022

2020 may have been the year of establishing remote connectivity and addressing the cybersecurity skills gap, but 2021 presented security experts, government officials and businesses with a series of unpresented challenges. Threats abound in 2021. Malware made leaps and bounds in 2021. Cryptocurrency. Ransomware.

Cybercrime 116

Cybercrime Ransomware Phishing Cryptocurrency 116

Approachable Cyber Threats

JULY 7, 2022

Raccoon Stealer has been around since April 2019, and was one of the most prolific information stealers in 2021. It also serves as an easy access point for more advanced hackers and scammers to target specific organizations, or even harvest cryptocurrency. DropBox and social engineering. Category Awareness, News.

Social Engineering 99

Social Engineering Cryptocurrency Malware Antivirus 99

eSecurity Planet

MARCH 24, 2022

In a blog post detailing its efforts to track and contain the breach, Microsoft described LAPSUS$ as a “large scale social engineering and extortion campaign.” LAPSUS$ doesn’t appear to be using overtly sophisticated intrusion methods but instead relying on social engineering and purchased accounts.

Social Engineering 110

Social Engineering Engineering Data breaches Hacking 110

Malwarebytes

APRIL 28, 2021

Trust Wallet is an app used to send, receive, and store Bitcoin along with other cryptocurrencies, including NFTs. With cryptocurrency being so very mainstream at the moment, it’s only natural lots of people are jumping on the bandwagon. This time around, it’s being used to bag bitcoin. Shall we take a look? Emptying your wallet.

Phishing 135

Phishing Cryptocurrency Accountability Scams 135

eSecurity Planet

SEPTEMBER 30, 2021

To do this, an attacker needs to spoof the victim’s phone number and impersonate a bank or company representative and then the bot would try to call the victim, using social engineering techniques to get ahold of a verification code. Phishing, Social Engineering are Still Problems. Best Antivirus Software for 2021.

Authentication 115

Authentication Social Engineering Phishing Banking 115

eSecurity Planet

SEPTEMBER 15, 2022

The malware seems to leverage the infamous Pwnkit vulnerability (CVE-2021-4034), one of the easiest exploits imaginable, and OverlayFS ( CVE-2021-3493 ), a kernel exploit that pentesters , capture-the-flag (CTF) players, and hackers know all too well. Cybercriminals Use C2 Servers to Deploy Cryptominer.

Malware 118

Malware Social Engineering System Administration Antivirus 118

Malwarebytes

MARCH 13, 2023

billion in 2021 to $3.31 Within those complaints, cryptocurrency investment fraud rose from $907 million in 2021 to $2.57 There are a number of different methods that cryptocurrency investment fraudsters deploy: Liquidity mining. Hacked social media accounts. billion in 2021 to more than $10.2

Cryptocurrency 71

Cryptocurrency Scams Media Social Engineering 71

Cisco Security

OCTOBER 6, 2021

Prior to 2021, supply chain attacks were assumed to exclusively be a tool for sophisticated state-sponsored threat actors only. In July 2021, this assumption was smashed. Mining cryptocurrencies requires large amounts of computing power to solve the cryptographic challenges necessary to acquire new cryptocurrency tokens.

Cybersecurity 145

Cybersecurity Authentication Passwords Cryptocurrency 145

SecureList

NOVEMBER 22, 2022

Our telemetry shows an exponential growth in infostealers in 2021. Cryptocurrency targeted attacks. The cryptocurrency business continues to grow, and people continue to invest their money in this market because it’s a digital asset and all transactions occur online. Analysis of forecasts for 2022.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

SecureList

SEPTEMBER 6, 2022

For these purposes, we analyzed threat statistics from Kaspersky Security Network (KSN), a system for processing anonymized cyberthreat-related data shared voluntarily by Kaspersky users, for the period between January 2021 and June 2022. Top game titles by number of related threats.

Mobile 131

Mobile Passwords Software Accountability 131

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 132

Phishing Banking Mobile Scams 132

CyberSecurity Insiders

AUGUST 24, 2022

And security researchers from ESET have discovered that the malware was uploaded to the VirusTotal operated system in Brazil and was targeted by a social engineering attack. North Korea’s Lazarus Group has reportedly designed new ransomware that is being targeted at M1 processors popularly running on Macs and Intel systems.

Ransomware 107

Ransomware Digital transformation Encryption Social Engineering 107

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency.

Phishing 131

Phishing Spyware Firmware Malware 131

Malwarebytes

FEBRUARY 8, 2023

After an arrest back in 2021 and an extradition to the US last year, he’s had some appearances in court (not to mention an assortment of other individuals tangled up in the case) accused of money laundering in relation to Ryuk attacks across the globe. All of these cash daisy chains were to help evade detection by law enforcement.

Ransomware 94

Ransomware Backups Cryptocurrency Social Engineering 94

SecureList

NOVEMBER 29, 2024

One of these was an implant called GrewApacha, used by APT31 since at least 2021. Mallox is a relatively new ransomware variant that first came to light in 2021 and kicked off an affiliate program in 2022. The malware, which received commands via the Dropbox cloud service, was used to download additional payloads.

Energy and Utilities 100

Energy and Utilities Ransomware Malware Government 100