Krebs on Security

JULY 26, 2024

Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature.

Accountability 318

Accountability Authentication Cryptocurrency Web Fraud 318

SecureList

FEBRUARY 24, 2025

stealer that collects information such as saved credentials, cryptocurrency wallet data and browsing history, packs it into a.7z Clearly, in designing these fake projects, the actors went to great lengths to make the repositories appear legitimate to potential targets. com/Dipo17/battle ) and execute them.

Cryptocurrency 127

Cryptocurrency Software Encryption Internet 127

Malwarebytes

NOVEMBER 22, 2024

Meta provided insight this week into the company’s efforts in taking down more than 2 million accounts that were connected to pig butchering scams on their owned platforms, Facebook and Instagram. Once the victim places enough trust in the scammer, they bring the victim into a cryptocurrency investment scheme.

Accountability 130

Accountability Scams Cryptocurrency Identity Theft 130

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking 278

Hacking Accountability Government Social Engineering 278

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. LinkedIn declined to answer questions about the account purges, saying only that the company is constantly working to keep the platform free of fake accounts. The next day, half of those profiles no longer existed.

Accountability 320

Accountability Cryptocurrency Scams CISO 320

Krebs on Security

JUNE 6, 2023

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. The service in question — kopeechka[.]store ” “Are you working on large volumes and are costs constantly growing? The service in question — kopeechka[.]store

Accountability 254

Accountability Scams Cryptocurrency Advertising 254

Security Affairs

MARCH 10, 2025

Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. A Telegram channel and a popular YouTube account with 340,000 subscribers also spread the malware. This is a covert miner able to mine multiple cryptocurrencies (ETH, ETC, XMR, RTM and others) using various algorithms.

Cryptocurrency 82

Cryptocurrency Malware Social Engineering Antivirus 82

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Cryptocurrency 133

Cryptocurrency Scams Accountability Hacking 133

Krebs on Security

DECEMBER 4, 2024

Daryna Antoniuk at TheRecord reports that a security researcher said on Sunday they had contacted Wazawaka, who confirmed being charged and said he’d paid two fines, had his cryptocurrency confiscated, and is currently out on bail pending trial. Love your country, and you will always get away with everything.”

Cybercrime 232

Cybercrime Ransomware Cryptocurrency Government 232

Security Affairs

DECEMBER 25, 2024

authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. authorities linked the $308 million cyber heist targeting cryptocurrency company DMM Bitcoin to North Korea-linked threat actors. On June 1st, the Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9

Cryptocurrency 122

Cryptocurrency Social Engineering Hacking Cybercrime 122

SecureList

NOVEMBER 6, 2024

Posts with links to activators were either made by compromised accounts or by inexperienced users who were not aware of the threats they were spreading. TOP 10 countries targeted by SteelFox, August–September, 2024 ( download ) Attribution For this particular campaign, no attribution can be given.

Software 123

Software Cryptocurrency Malware DNS 123

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools. million in revenue.

Cybercrime 130

Cybercrime Cryptocurrency Banking Accountability 130

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

SecureWorld News

NOVEMBER 22, 2024

The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. Scattered Spider has gained infamy for its high-profile cyberattacks, including the ransomware assault on MGM Casino in 2023 , which caused widespread disruption.

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Security Affairs

NOVEMBER 15, 2024

. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 103

Cryptocurrency Hacking Government Accountability 103

Malwarebytes

JANUARY 3, 2025

The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. One of the main interests for the stealers seem to be Discord credentials which can be used to expand the network of compromised accounts.

Scams 142

Scams Identity Theft Media Accountability 142

The Hacker News

APRIL 7, 2025

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims' digital wallets.

Cryptocurrency 105

Cryptocurrency Accountability 105

Schneier on Security

NOVEMBER 16, 2021

After the mark is convinced, the scammer will have them get cash (sometimes out of investment or retirement accounts), and head to an ATM that sells cryptocurrencies and supports reading QR codes. With wire transfers, you have to fill out a form, and you may give that form to an actual person (who could potentially vibe check you).

Scams 338

Scams Cryptocurrency Banking Internet 338

Schneier on Security

MAY 3, 2021

Identifying the person behind Bitcoin Fog serves as an illustrative example of how hard it is to be anonymous online in the face of a competent police investigation: Most remarkable, however, is the IRS’s account of tracking down Sterlingov using the very same sort of blockchain analysis that his own service was meant to defeat.

Cryptocurrency 348

Cryptocurrency Accountability 348

Krebs on Security

DECEMBER 16, 2021

A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Following the theft, Terpin filed a civil lawsuit against Truglia with the Los Angeles Superior court.

Cryptocurrency 363

Cryptocurrency Mobile Accountability Scams 363

Security Affairs

NOVEMBER 21, 2024

Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 108

Cybercrime Identity Theft Cryptocurrency Phishing 108

Krebs on Security

JULY 15, 2024

Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

Accountability 327

Accountability Cryptocurrency Passwords DNS 327

Krebs on Security

MARCH 11, 2025

Authorities in India today arrested the alleged co-founder of Garantex , a cryptocurrency exchange sanctioned by the U.S. authorities separately obtained earlier copies of Garantexs servers, including customer and accounting databases. A “most wanted” notice published by the U.S. Secret Service states that U.S.

Ransomware 261

Ransomware Cryptocurrency Marketing Government 261

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Cryptocurrency 349

Cryptocurrency Computers and Electronics Antivirus Identity Theft 349

Malwarebytes

AUGUST 2, 2024

The Federal Bureau of Investigation (FBI) issued a public service announcement warning the public about scammers impersonating cryptocurrency exchange employees to steal funds. Armed with the information the target provided, the scammer drains the account. With cryptocurrency exchanges, this is often not true.

Cryptocurrency 128

Cryptocurrency Scams Accountability Identity Theft 128

Krebs on Security

AUGUST 25, 2021

In a lawsuit filed in Colorado, Schober said the sudden disappearance of his funds in January 2018 prompted him to spend more than $10,000 hiring experts in the field of tracing cryptocurrency transactions. universities). When Schober went to move approximately 16.4 When Schober went to move approximately 16.4

Cryptocurrency 361

Cryptocurrency Malware Mobile Accountability 361

Krebs on Security

DECEMBER 29, 2024

The first profiled Cryptomus , a dodgy cryptocurrency exchange allegedly based in Canada that has become a major payment processor and sanctions evasion platform for dozens of Russian exchanges and cybercrime services online.

Scams 222

Scams Cybercrime Cryptocurrency Social Engineering 222

Lohrman on Security

AUGUST 29, 2021

From cryptocurrency thefts to hacking bank accounts, SIM swapping is a growing threat online. Here are relevant definitions, real-world examples and tips to help stop cyber criminals.

Cyber threats 261

Cyber threats Cryptocurrency Banking Accountability 261

Krebs on Security

NOVEMBER 20, 2020

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. Conor Freeman of Dublin took part in the theft of more than two million dollars worth of cryptocurrency from different victims throughout 2018.

Cryptocurrency 294

Cryptocurrency Mobile Authentication Accountability 294

Krebs on Security

NOVEMBER 14, 2024

Hydra trafficked in illegal drugs and financial services, including cryptocurrency tumbling for money laundering, exchange services between cryptocurrency and Russian rubles, and the sale of falsified documents and hacking services. “Hi, how are you?” ” he inquired. “Maybe we can open business?

Retail 255

Retail Advertising Cryptocurrency Marketing 255

Krebs on Security

JANUARY 10, 2024

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies.

Cryptocurrency 334

Cryptocurrency Government Cybercrime Accountability 334

Krebs on Security

MAY 14, 2021

The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. Additionally, the operators will have to find a new way to ‘wash’ the cryptocurrency they earn from ransoms. ”

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Security Affairs

APRIL 14, 2025

Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2 , and were used to steal PayPal credentials and hijack cryptocurrency transfers.

Cryptocurrency 92

Cryptocurrency Hacking Accountability Cybercrime 92

Security Affairs

SEPTEMBER 20, 2024

The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services. The duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services.

Cryptocurrency 130

Cryptocurrency Hacking Accountability Cybercrime 130

Schneier on Security

NOVEMBER 16, 2023

. […] The credentials exposed provided access to a range of resources, including Microsoft Active Directory servers that provision and manage accounts in enterprise networks, OAuth servers allowing single sign-on, SSH servers, and third-party services for customer communications and cryptocurrencies.

Authentication 338

Authentication Cryptocurrency Accountability Software 338

Penetration Testing

AUGUST 22, 2024

In a surprising turn of events, McDonald’s, the global fast-food giant, fell victim to a cyberattack that leveraged the brand’s Instagram account to promote a meme coin called “Grimace.”

Cryptocurrency 130

Cryptocurrency Accountability Cybersecurity 130

Security Affairs

MARCH 24, 2025

They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device. Reporting the incident to IC3.gov

Malware 115

Malware Scams Identity Theft Antivirus 115