2022, Cryptocurrency and Web Fraud - Cyber Security Informer

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. A machine-translated version of Flymoney, one of dozens of cryptocurrency exchanges apparently nested at Cryptomus.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. Image: Shutterstock, iHaMoo.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. On May 12, 2022, KrebsOnSecurity broke the news that hackers had gained access to a DEA portal that taps into 16 different federal law enforcement databases. .” federal government portal without authorization. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking

Hacking Cybercrime Phishing Passwords

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

Also known as “ Assad Faiq” and “ The Godfather ,” Iza is the 30-something founder of a cryptocurrency investment platform called Zort that advertised the ability to make smart trades based on artificial intelligence technology. The government says that in March 2022, three men showed up at E.Z.’s

Cryptocurrency

Cryptocurrency Government Internet Internet

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. ’s son was loaded with cryptocurrency? ” What made the Miami men so convinced R.C.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. KrebsOnSecurity last month interviewed a victim who recently saw more than three million dollars worth of cryptocurrency siphoned from his account.

Passwords

Passwords Encryption Password Management Cryptocurrency

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. Up until Sept.

Accountability

Accountability Cryptocurrency Scams CISO

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. Holden has long maintained visibility into cryptocurrency transactions made by BriansClub. The links have been redacted.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The messages began at 2022-07-20 22:50 UTC. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

“The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022. Many of these platforms include extensive study materials and tutorials on cryptocurrency investing.

Scams

Scams Cryptocurrency Marketing Internet

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking

Hacking Social Engineering Phishing Scams

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

In May, KrebsOnSecurity interviewed a Russian spammer named “ Quotpw “ who was mass-registering accounts on the social media network Mastodon in order to conduct a series of huge spam campaigns advertising scam cryptocurrency investment platforms. com site,” the Trend researchers wrote. Image: Trend Micro.

Accountability

Accountability Scams Cryptocurrency Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. “On Twitter, more spam and crypto scam.”

Scams

Scams DDOS Cryptocurrency Accountability

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

2022 by Google researcher Luca Nagy. Collectively, the tens of thousands of systems infected with Glupteba on any given day feed into a number of major cybercriminal businesses: The botnet’s proprietors sell the credential data they steal, use the botnet to place disruptive ads on the infected computers, and mine cryptocurrencies.

Cybercrime

Cybercrime Malware Internet Internet

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

The 911 service as it existed until July 28, 2022. re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. .

Cybercrime

Cybercrime Software VPN Backups

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

On August 3, 2022, someone using the alias “ Holistic-K1ller ” posted on Breached a thread selling data allegedly stolen from Grupo Financiero Banorte , Mexico’s second-biggest financial institution by total loans.

Data breaches

Data breaches Banking Cybercrime Marketing

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

on Jan 2, 2022, McGovern-Allen and an unidentified co-conspirator fired multiple handgun rounds into a residence in West Chester, Pa. Justin Active’s version of events seems to be supported by a reference in the criminal complaint to an April 2, 2022 chat in which Tongue explained the reason for the shooting.

Government

Government Accountability Cryptocurrency Web Fraud

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

Throughout 2022, LAPSUS$ would hack and social engineer their way into some of the world’s biggest technology companies , including EA Games, Microsoft , NVIDIA , Okta , Samsung , and T-Mobile. .’s West Midlands Police as part of a joint investigation with the FBI into the MGM hack.

Cybercrime

Cybercrime Accountability Mobile Hacking

Cyber Security Informer

How Cryptocurrency Turns to Cash in Russian Banks

A Day in the Life of a Prolific Voice Phishing Crew

Trending Sources

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Lamborghini Carjackers Lured by $243M Cyberheist

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

How 1-Time Passcodes Became a Corporate Liability

Massive Losses Define Epidemic of ‘Pig Butchering’

When Low-Tech Hacks Cause High-Impact Breaches

Service Rents Email Addresses for Account Signups

Interview With a Crypto Scam Investment Spammer

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

911 Proxy Service Implodes After Disclosing Breach

When Efforts to Contain a Data Breach Backfire

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

The Dark Nexus Between Harm Groups and ‘The Com’

Stay Connected