Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

SecureWorld News

NOVEMBER 22, 2024

The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. Scattered Spider has gained infamy for its high-profile cyberattacks, including the ransomware assault on MGM Casino in 2023 , which caused widespread disruption.

Phishing 107

Phishing Identity Theft Cryptocurrency Cybercrime 107

SecureList

NOVEMBER 6, 2024

During our investigation, we found out that the campaign started in February 2023. Posts with links to activators were either made by compromised accounts or by inexperienced users who were not aware of the threats they were spreading. No functional changes are being added, but the author updates all the required dependencies.

Software 123

Software Cryptocurrency Malware DNS 123

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Krebs on Security

JULY 15, 2024

Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

Accountability 329

Accountability Cryptocurrency Passwords DNS 329

SecureList

MAY 6, 2024

With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets, inventing new techniques and reusing good old ones. Online shopping brands were the most popular lure, accounting for 41.65% of financial phishing attempts.

Phishing 134

Phishing Banking Mobile Scams 134

Krebs on Security

JUNE 15, 2024

. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. ” The cybercrime-focused Twitter/X account vx-underground said the U.K. In January 2024, U.S.

Hacking 336

Hacking Phishing Cybercrime Passwords 336

Krebs on Security

JANUARY 10, 2024

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies.

Cryptocurrency 335

Cryptocurrency Government Cybercrime Accountability 335

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 328

Malware Cryptocurrency Software Phishing 328

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). “The rest is just ransom.” banks, ISPs, and mobile phone providers.

Cybercrime 277

Cybercrime Mobile Media Hacking 277

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million in 2023.

Phishing 74

Phishing Banking Scams Mobile 74

Security Affairs

OCTOBER 30, 2023

A man from Orlando was sentenced to prison for SIM Swapping conspiracy that led to the theft of approximately $1M in cryptocurrency. The man was sentenced for his role in a hacking scheme that led to the theft of approximately $1M worth of cryptocurrency from dozens of victims. ” reads the press release published by DoJ.

Cryptocurrency 136

Cryptocurrency Accountability Hacking Cybercrime 136

Krebs on Security

OCTOBER 9, 2024

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. ’s son was loaded with cryptocurrency? ” What made the Miami men so convinced R.C.

Cryptocurrency 289

Cryptocurrency Social Engineering Accountability Mobile 289

Krebs on Security

JUNE 27, 2023

But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “ SIM swapping ,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.

Cryptocurrency 273

Cryptocurrency Accountability Mobile Hacking 273

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. ” the company said on X.

Accountability 137

Accountability Hacking Cryptocurrency Cybersecurity 137

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. A DIRECT QUOT The domain quot[.]pw

Scams 303

Scams DDOS Cryptocurrency Accountability 303

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing 275

Phishing Cryptocurrency DDOS Internet 275

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” T-Mobile has not yet responded to requests for comment. Why do I suggest this?

Mobile 235

Mobile Cyber Risk Data breaches Cryptocurrency 235

Security Affairs

FEBRUARY 20, 2023

The Coinbase cryptocurrency exchange was the victim of a sophisticated cyberattack, experts believe is was targeted by Twilio hackers. A sophisticated threat actor launched a smishing campaign against the employees of the cryptocurrency exchange Coinbase. ” reads the statement published by the cryptocurrency exchange.

Cryptocurrency 98

Cryptocurrency Accountability Authentication Hacking 98

Malwarebytes

FEBRUARY 19, 2025

With stolen passwords, the impact is even broader; hackers could wire funds from a breached online banking account into their own, or masquerade as someone on social media to ask friends and family for money. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 123

Malware Software Passwords Cryptocurrency 123

Krebs on Security

SEPTEMBER 13, 2024

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. Image: Shutterstock.

Cybercrime 322

Cybercrime Accountability Mobile Hacking 322

Krebs on Security

DECEMBER 29, 2022

I will also continue to post on LinkedIn about new stories in 2023. You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. agencies].

Cryptocurrency 292

Cryptocurrency Cybercrime Computers and Electronics Scams 292

SecureList

MARCH 3, 2025

Adware, the most common mobile threat, accounted for 35% of total detections. Our data suggests that the Trojan was aimed at stealing recovery phrases for cryptocurrency wallets of Android users primarily in the UAE, Europe and Asia. This was below the 2023 figure, but the difference was smaller than the year before.

Mobile 116

Mobile Malware Adware Banking 116

Krebs on Security

OCTOBER 18, 2023

New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain. Previously, the group had stored its malicious update files on Cloudflare, Guard.io

Scams 336

Scams Malware Cryptocurrency Hacking 336

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 357

Social Engineering Mobile Passwords Cybercrime 357

Malwarebytes

DECEMBER 20, 2022

If you’re a user of the Gemini cryptocurrency exchange, it’s time to be on your guard against phishing attacks. No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure. Locking down your Gemini account.

Cryptocurrency 90

Cryptocurrency Phishing Scams Accountability 90

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. The malicious code was designed to take over Facebook business accounts and steal funds from cryptocurrency wallets. ” reads the analysis published by Palo Alto Networks.

Accountability 98

Accountability Cryptocurrency Malware Phishing 98

Security Affairs

APRIL 4, 2023

Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product.

Cryptocurrency 98

Cryptocurrency Malware Software Manufacturing 98

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. According to CryptoIns analysts, the crypto assets insurance market is expected to reach $7 billion by 2023. The full list of platforms is available on CryptoIns website.

Insurance 96

Insurance Cryptocurrency Cyber threats Marketing 96

CyberSecurity Insiders

JUNE 19, 2023

While cryptocurrencies have been celebrated for their potential to revolutionize finance, their anonymous nature has also been exploited for illicit activities. From drug dealing and arms trafficking to funding terrorism, black market activities have thrived under the cloak of cryptocurrency’s pseudonymity.

Cryptocurrency 101

Cryptocurrency Technology Banking Cybercrime 101

CyberSecurity Insiders

JUNE 14, 2023

Since June 11th, 2023, Floating Point Group (FPG) has been hit by a devastating cyber attack, leading to the suspension of all trading, deposits, and withdrawals. Preliminary assessments suggest that FPG may have suffered losses between $15 million to $20 million in cryptocurrencies.

Cyber Attacks 101

Cyber Attacks Accountability Cryptocurrency Marketing 101

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Cryptocurrency targeted attacks. Analysis of forecasts for 2022. Rise and consolidation of information stealers.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Krebs on Security

AUGUST 29, 2023

Working with law enforcement partners in France, Germany, Latvia, the Netherlands, Romania and the United Kingdom, the DOJ said it was able to seize more than 50 Internet servers tied to the malware network, and nearly $9 million in ill-gotten cryptocurrency from QakBot’s cybercriminal overlords. Source: Reliaquest.com.

Hacking 310

Hacking Malware Ransomware Government 310

Anton on Security

FEBRUARY 7, 2024

] “Given that harvesting such credentials is low-effort for a threat actor, this trend will likely continue to affect organizations that fail to meet basic standards of security. ” “ Cryptomining remained one of the principal motivations behind threat actors who abused cloud access , accounting for nearly two-thirds of observed activity.

Cybersecurity 246

Cybersecurity Ransomware Passwords Cryptocurrency 246

Security Affairs

APRIL 7, 2025

“In the Florida case, Urban was accused of stealing at least $800,000 in cryptocurrency from five different victims between August 2022 and March 2023.” He was accused of stealing at least $800,000 from five victims between August 2022 and March 2023. ” reported News4Jax.

Cybercrime 67

Cybercrime Identity Theft Social Engineering Hacking 67

SecureList

JUNE 5, 2023

The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim’s account by performing web injections into targeted cryptocurrency websites. For example, it has the ability to retrieve the victims’ addresses, obtain account information, bypass 2FA, and much more.

Cryptocurrency 113

Cryptocurrency DNS Malware Encryption 113

Security Affairs

SEPTEMBER 5, 2023

Researchers reported abnormally large withdrawals made from the crypto gambling site Stake to an account with no previous activity, a circumstance that suggests that threat actors have hacked the platform and stolen crypto assets, including Tether and Ether. Once the attackers drained the funds, they distributed them to multiple accounts.

Cryptocurrency 134

Cryptocurrency Accountability Hacking Cybercrime 134