Krebs on Security

OCTOBER 9, 2024

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. ’s son was loaded with cryptocurrency? ” What made the Miami men so convinced R.C.

Cryptocurrency 274

Cryptocurrency Social Engineering Accountability Mobile 274

Krebs on Security

APRIL 6, 2022

The smash-and-grab attacks by LAPSUS$ obscure some of the group’s less public activities, which according to Microsoft include targeting individual user accounts at cryptocurrency exchanges to drain crypto holdings. The group of teenagers who hacked Twitter hailed from a community that traded in hacked social media accounts.

Social Engineering 281

Social Engineering Phishing Engineering Accountability 281

Krebs on Security

AUGUST 19, 2020

According to interviews with several sources, this hybrid phishing gang has a remarkably high success rate, and operates primarily through paid requests or “bounties,” where customers seeking access to specific companies or accounts can hire them to target employees working remotely at home. A phishing page (helpdesk-att[.]com)

Phishing 363

Phishing VPN Social Engineering Media 363

Krebs on Security

JUNE 15, 2024

. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. ” The cybercrime-focused Twitter/X account vx-underground said the U.K.

Hacking 323

Hacking Phishing Cybercrime Passwords 323

Adam Levin

MAY 15, 2019

The hacking group, called “The Community” primarily used social engineering (trickery) and SIM card hijacking to steal funds and cryptocurrency from their victims. Members of The Community face charges of wire fraud and aggravated identity theft.

Identity Theft 176

Identity Theft Social Engineering Mobile Authentication 176

Security Affairs

OCTOBER 20, 2021

Once hijacked the channel, attackers either sell it to the highest bidder or employ it in cryptocurrency scam scheme. The researchers identified around 15,000 actor accounts, most of which were created for this campaign. Hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers. Pierluigi Paganini.

Accountability 144

Accountability Malware Phishing Social Engineering 144

Security Affairs

MARCH 10, 2025

Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. Using this social engineering trick, threats like stealers, RATs, Trojans, and crypto miners can persist undetected. A Telegram channel and a popular YouTube account with 340,000 subscribers also spread the malware.

Cryptocurrency 92

Cryptocurrency Malware Social Engineering Antivirus 92

eSecurity Planet

DECEMBER 21, 2021

Cryptocurrency Fuels Ransomware. One constant in all this will be cryptocurrency, the coin of the realm when it comes to ransomware. Cryptocurrency really is fueling this in a sense. … If you were to take cryptocurrency away from that, they don’t have a convenient digital platform.

Cryptocurrency 140

Cryptocurrency Ransomware Cybercrime Social Engineering 140

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering 351

Social Engineering Mobile Passwords Cybercrime 351

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 260

Mobile Cryptocurrency Accountability Passwords 260

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Note, this is no proof that the companies listed were compromised.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Security Affairs

JULY 19, 2022

FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. Federal Bureau of Investigation (FBI) has warned of crooks creating malicious cryptocurrency-themed apps to steal crypto assets from investors. SecurityAffairs – hacking, cryptocurrency-themed apps). million. .”

Cryptocurrency 129

Cryptocurrency Mobile Hacking Accountability 129

SecureWorld News

OCTOBER 12, 2021

SecureWorld News just analyzed dozens of pages of court documents to understand this story of the Naval Engineer—an insider—who is accused of going rogue in a high-tech and high-stakes operation. Tools involved digital media, encrypted communication, cryptocurrency, and secret data handoffs. The email stated, “We received your letter.

Social Engineering 98

Social Engineering Engineering Encryption Cryptocurrency 98

Heimadal Security

FEBRUARY 23, 2023

A new S1deload Stealer malware campaign infects YouTube and Facebook users as hackers try to use their devices for cryptocurrency mining. The Malware Attack Explained Threat actors use social engineering […] The post Warning! New Malware Hijacks YouTube and Facebook Accounts appeared first on Heimdal Security Blog.

Accountability 94

Accountability Malware Social Engineering Cryptocurrency 94

Krebs on Security

AUGUST 30, 2022

In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. 4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Mobile 332

Mobile Phishing Authentication Accountability 332

Krebs on Security

JULY 22, 2020

As first reported here on July 16, prior to bitcoin scam messages being blasted out from such high-profile Twitter accounts @barackobama, @joebiden, @elonmusk and @billgates, several highly desirable short-character Twitter account names changed hands, including @L, @6 and @W. They would take a cut from each transaction.”

Hacking 321

Hacking Accountability Scams Media 321

The Last Watchdog

APRIL 14, 2022

The CFO commonly carries out such tasks and arranges a wire transfer using the account information provided on the invoice. In actuality, the request is coming from a BEC fraud ring, and the payment details direct the funds to an account controlled by the attackers. Scenario 2. Scenario 3. Planned attacks.

Phishing 247

Phishing Accountability Scams Social Engineering 247

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. A single bitcoin is trading at around $45,000.

Cryptocurrency 276

Cryptocurrency Cybercrime Computers and Electronics Scams 276

Malwarebytes

JULY 19, 2021

We’ve observed a 419-style scam (also known as an advance fee scam) which combines the promise of cryptocurrency riches with WhatsApp conversation. Folks already involved in cryptocurrency would likely have suspicions raised after reading the below. It’s all about that personal touch in the land of cryptocurrency scams.

Accountability 117

Accountability Scams Cryptocurrency Banking 117

Malwarebytes

MARCH 19, 2024

Armed with an email and password—which are easily bought online— and the 2FA code, an attacker could take over the victim’s online accounts. SIM swapping can be done in a number of ways, but perhaps the most common involves a social engineering attack on the victim’s carrier. Katz pleaded guilty before Chief U.S.

Social Engineering 142

Social Engineering Computers and Electronics Mobile Identity Theft 142

Security Boulevard

DECEMBER 9, 2021

A crypto support bot scam discovered in May has now increased and widened its breadth of targeted cryptocurrency users. If the user falls for it, the scammer then works on the user, using social engineering to obtain the recovery phrase for the user’s cryptocurrency account.

Cryptocurrency 78

Cryptocurrency Scams Social Engineering Engineering 78

Bleeping Computer

SEPTEMBER 15, 2023

Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack. [.]

Social Engineering 141

Social Engineering Authentication Engineering Accountability 141

Krebs on Security

APRIL 20, 2023

In many cases, the phony profiles spoofed chief information security officers at major corporations , and some attracted quite a few connections before their accounts were terminated. which owns LinkedIn, said in September 2022 that it had detected a wide range of social engineering campaigns using a proliferation of phony LinkedIn accounts.

Malware 321

Malware Software Technology Accountability 321

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 95

Insurance Cryptocurrency Cyber threats Marketing 95

Malwarebytes

JULY 19, 2022

Together with the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), the FBI has released a warning about cybercriminals creating fraudulent cryptocurrency investment apps in order to defraud cryptocurrency investors. Stay safe, everyone!

Cryptocurrency 97

Cryptocurrency Mobile Banking Internet 97

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. A threat actor gained access to a tool used by the company’s customer support and account administration teams. Trezor WARNING: Elaborate Phishing attack.

Phishing 138

Phishing Data breaches Cryptocurrency Social Engineering 138

Security Affairs

NOVEMBER 13, 2023

The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. Microsoft researchers warn of a new social engineering campaign aimed at IT job seekers that relied on a new cluster of bogus skills assessment portals. ” warns Microsoft through a series of posts on X.

Social Engineering 142

Social Engineering Cryptocurrency Engineering Malware 142

Malwarebytes

FEBRUARY 15, 2021

This can be done in a number of ways, but perhaps the most common involves a social engineering attack on the victim’s carrier. The consequences can be particularly bad if the victim has an online cryptocurrency account protected by SMS 2FA codes sent to their phone.

Social Engineering 140

Social Engineering Cryptocurrency Accountability Authentication 140

SecureWorld News

JUNE 17, 2024

The CISA warning explicitly states that its employees "will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret." RELATED: The Impact of AI on Social Engineering Cyber Attacks ] Follow SecureWorld News for more stories related to cybersecurity.

Social Engineering 113

Social Engineering Scams Artificial Intelligence Engineering 113

Security Through Education

MARCH 22, 2023

They all use psychology and social engineering skills to convince their victims to take an action that is detrimental to them. Impersonators create fake social media accounts that include the names, images, logos, or other identifying information, of a person, brand, or organization. billion fake accounts in 2021.

Scams 122

Scams Social Engineering Engineering Media 122

Malwarebytes

OCTOBER 27, 2023

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier.

Social Engineering 121

Social Engineering Engineering Ransomware Backups 121

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 132

Scams Phishing Cryptocurrency Social Engineering 132

Security Affairs

NOVEMBER 21, 2024

Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks. ” reads the press release published by DoJ.

Cybercrime 110

Cybercrime Identity Theft Cryptocurrency Phishing 110

Identity IQ

JUNE 1, 2023

The Rise of AI Social Engineering Scams IdentityIQ In today’s digital age, social engineering scams have become an increasingly prevalent threat. In fact, last year, scams accounted for 80% of reported identity compromises to the Identity Theft Resource Center (ITRC).

Social Engineering 52

Social Engineering Scams Engineering Identity Theft 52

Malwarebytes

JANUARY 20, 2023

A threat actor successfully used compromised employee credentials to gain access to 133 accounts on Mailchimp, the mainstream Intuit-owned email marketing platform, in a security incident that recently came to light. "On The blog further asserts the company's compromise had not affected other Intuit systems or other Mailchimp customer data.

Social Engineering 98

Social Engineering Accountability Cryptocurrency Engineering 98

Bleeping Computer

JULY 20, 2023

GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware. [.]

Social Engineering 79

Social Engineering Cryptocurrency Engineering Accountability 79

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98