Authentication and Cryptocurrency - Cyber Security Informer

Leaving Authentication Credentials in Public Code

Schneier on Security

NOVEMBER 16, 2023

Examples included: Azure Active Directory API Keys GitHub OAuth App Keys Database credentials for providers such as MongoDB, MySQL, and PostgreSQL Dropbox Key Auth0 Keys SSH Credentials Coinbase Credentials Twilio Master Credentials.

Authentication

Authentication Cryptocurrency Accountability Software

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees. Tylerb was reputed to have fled the United Kingdom after that assault.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. Image: Shutterstock, iHaMoo.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. 13, with an attack on cryptocurrency trading platform liquid.com. authenticate the phone call before sensitive information can be discussed. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

The Hacker News

JULY 9, 2024

Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining.

Cryptocurrency

Cryptocurrency Authentication Cybersecurity

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Krebs on Security

JULY 26, 2024

Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature.

Accountability

Accountability Authentication Cryptocurrency Web Fraud

Convicted SIM Swapper Gets 3 Years in Jail

Krebs on Security

NOVEMBER 20, 2020

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. Conor Freeman of Dublin took part in the theft of more than two million dollars worth of cryptocurrency from different victims throughout 2018.

Cryptocurrency

Cryptocurrency Mobile Authentication Accountability

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

SecureWorld News

NOVEMBER 22, 2024

The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. Scattered Spider has gained infamy for its high-profile cyberattacks, including the ransomware assault on MGM Casino in 2023 , which caused widespread disruption.

Phishing

Phishing Identity Theft Cryptocurrency Cybercrime

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

Scammers are impersonating cryptocurrency exchanges, FBI warns

Malwarebytes

AUGUST 2, 2024

The Federal Bureau of Investigation (FBI) issued a public service announcement warning the public about scammers impersonating cryptocurrency exchange employees to steal funds. With cryptocurrency exchanges, this is often not true. Some crypto-related scams often deploy imposter websites which are hard to discern from the real ones.

Cryptocurrency

Cryptocurrency Scams Accountability Identity Theft

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. That leaderboard currently lists Sosa as #24 (out of 100), and Tylerb at #65.

Hacking

Hacking Cybercrime Phishing Passwords

NY Man Pleads Guilty in $20 Million SIM Swap Theft

Krebs on Security

DECEMBER 16, 2021

A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Following the theft, Terpin filed a civil lawsuit against Truglia with the Los Angeles Superior court.

Cryptocurrency

Cryptocurrency Mobile Accountability Scams

DiceKeys

Schneier on Security

AUGUST 24, 2020

You can then use that key to derive master passwords for password managers, as the seed to create a U2F key for two-factor authentication, or even as the secret key for cryptocurrency wallets.

Passwords

Passwords Cryptocurrency Password Management Authentication

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft.

Cryptocurrency

Cryptocurrency Phishing Accountability VPN

Hanging Up on Mobile in the Name of Security

Krebs on Security

AUGUST 16, 2018

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. A copy of his complaint is here (PDF). ” AN ‘IDENTITY CRISIS’?

Mobile

Mobile Cryptocurrency Accountability Authentication

Xenomorph hunts cryptocurrency logins on Android

Malwarebytes

SEPTEMBER 27, 2023

Cryptocurrency owners should take heed of warnings related to Xenomorph malware—Bleeping Computer reports that the most recent version of Xenomorph now targets various cryptocurrency wallets using fake browser update messaging as bait. At this point, Xenomorph deploys its most favoured tactic: That of the bogus overlay.

Cryptocurrency

Cryptocurrency Malware Scams Banking

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

AUGUST 7, 2018

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims.

Mobile

Mobile Cryptocurrency Computers and Electronics Scams

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency

Cryptocurrency Ransomware Retail Government

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner

The Hacker News

JANUARY 4, 2023

A new Linux malware developed using the shell script compiler (shc) has been observed deploying a cryptocurrency miner on compromised systems. "It

Cryptocurrency

Cryptocurrency Malware Authentication

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

Donahue said 60 technology companies are now routing all law enforcement data requests through Kodex, including an increasing number of financial institutions and cryptocurrency platforms. “That can include control over data, like an account freeze or preservation request.”

Hacking

Hacking Accountability Government Social Engineering

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. ’s son was loaded with cryptocurrency? ” What made the Miami men so convinced R.C.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. ” warns Censys. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Internet Internet Hacking

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Our research reveals 69% of breaches are rooted in inadequate authentication and 78% of organizations have been targeted by identity-based attacks. Dooley Doug Dooley , COO, Data Theorem In 2025, cybersecurity threats will escalate across APIs, cloud setups, supply chains, and cryptocurrency.

Risk

Risk Threat Detection Technology Phishing

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

SecureWorld News

FEBRUARY 26, 2025

On February 21, 2025, the cryptocurrency world was rocked by the largest crypto heist in history. billion theft from Bybit is set to drastically reshape the cryptocurrency sector, most likely leading to a new era of regulatory scrutiny and security practices. billion in crypto assets.

Hacking

Hacking Cryptocurrency Cyber threats Malware

More Alleged SIM Swappers Face Justice

Krebs on Security

FEBRUARY 5, 2019

Investigators allege that between October 2016 and May 2018, Hared and Ditman grew proficient at SIM swapping, a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. The Justice Department says Hared was better known to his co-conspirators as “ winblo.”

Cryptocurrency

Cryptocurrency Identity Theft Mobile Accountability

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile

Mobile Cryptocurrency Accountability Passwords

A sophisticated threat actor hit cryptocurrency exchange Coinbase

Security Affairs

FEBRUARY 20, 2023

The Coinbase cryptocurrency exchange was the victim of a sophisticated cyberattack, experts believe is was targeted by Twilio hackers. A sophisticated threat actor launched a smishing campaign against the employees of the cryptocurrency exchange Coinbase. ” reads the statement published by the cryptocurrency exchange.

Cryptocurrency

Cryptocurrency Accountability Authentication Hacking

U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

Krebs on Security

JUNE 27, 2023

But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “ SIM swapping ,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.

Cryptocurrency

Cryptocurrency Accountability Mobile Hacking

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains. ’ This is absolutely insane if you’re used to and expecting the controls Google provides.”

Accountability

Accountability Cryptocurrency Passwords DNS

Pan-African Financial Apps Leak Encryption, Authentication Keys

Dark Reading

OCTOBER 12, 2023

Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows.

Authentication

Authentication Encryption Cryptocurrency Engineering

Hackers rob thousands of Coinbase customers using MFA flaw

Bleeping Computer

OCTOBER 1, 2021

Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS multi-factor authentication security feature. [.].

Cryptocurrency

Cryptocurrency Authentication

Cryptocurrency scam attack on Twitter reminds users to check their app connections

The State of Security

MAY 27, 2021

Even if you have chosen a strong, unique password for your online presence and enabled two-factor authentication it's possible that you've overlooked another way in which online criminals could commandeer your social media accounts and spam out a message to your followers. Read more in my article on the Tripwire State of Security blog.

Cryptocurrency

Cryptocurrency Scams Media Accountability

Satacom delivers browser extension that steals cryptocurrency

SecureList

JUNE 5, 2023

The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim’s account by performing web injections into targeted cryptocurrency websites. Threat actor’s BTC wallet address To get hold of the victim’s cryptocurrency, the threat actors use web injects on the targeted websites.

Cryptocurrency

Cryptocurrency DNS Malware Encryption

Feds Break Up Major SIM-Hijacking Ring

Adam Levin

MAY 15, 2019

The hacking group, called “The Community” primarily used social engineering (trickery) and SIM card hijacking to steal funds and cryptocurrency from their victims. Once authenticated, the mobile phone number of the target victim is moved to the criminal’s phone.

Identity Theft

Identity Theft Social Engineering Mobile Authentication

Attackers Use Bots to Circumvent Some Two-Factor Authentication Systems

eSecurity Planet

SEPTEMBER 30, 2021

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. By using the services, cybercriminals can gain access to victims’ accounts to steal money.

Authentication

Authentication Social Engineering Phishing Banking

Trezor’s Twitter account hijacked by cryptocurrency scammers via bogus Calendly invite

Graham Cluley

MARCH 27, 2024

Hardware wallet manufacturer Trezor has explained how its Twitter account was compromised - despite it having sensible security precautions in place, such as strong passwords and multi-factor authentication. Read more in my article on the Hot for Security blog.

Accountability

Accountability Cryptocurrency Manufacturing Passwords

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

Coinbase is the world’s second-largest cryptocurrency exchange, with roughly 68 million users from over 100 countries. ” Last month, Coinbase disclosed that malicious hackers stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company’s SMS multi-factor authentication security feature.

Passwords

Passwords Phishing Accountability Mobile

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

Matanbuchus and XMRig: Used for cryptocurrency mining, these malware strains can slow down systems while surreptitiously utilizing computing resources. These groups are considered sub-teams of larger cryptocurrency scam networks, highlighting the organized and systematic nature of these phishing attacks.

Scams

Scams Malware Phishing Social Engineering

Kroll Employee SIM-Swapped for Crypto Investor Data

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” T-Mobile has not yet responded to requests for comment.

Mobile

Mobile Cyber Risk Data breaches Cryptocurrency

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Absent from GoDaddy’s SEC statement is another spate of attacks in November 2020, in which unknown intruders redirected email and web traffic for multiple cryptocurrency services that used GoDaddy in some capacity. It is possible this incident was not mentioned because it was the work of yet another group of intruders.

Hacking

Hacking Social Engineering Phishing Scams

Leaving Authentication Credentials in Public Code

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Trending Sources

A Day in the Life of a Prolific Voice Phishing Crew

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Cryptocurrencies and cybercrime: A critical intermingling

Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Convicted SIM Swapper Gets 3 Years in Jail

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Scammers are impersonating cryptocurrency exchanges, FBI warns

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

NY Man Pleads Guilty in $20 Million SIM Swap Theft

DiceKeys

How 1-Time Passcodes Became a Corporate Liability

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Hanging Up on Mobile in the Name of Security

Xenomorph hunts cryptocurrency logins on Android

Florida Man Arrested in SIM Swap Conspiracy

Arrests in $400M SIM-Swap Tied to Heist at FTX?

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Lamborghini Carjackers Lured by $243M Cyberheist

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

More Alleged SIM Swappers Face Justice

Busting SIM Swappers and SIM Swap Myths

A sophisticated threat actor hit cryptocurrency exchange Coinbase

U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Pan-African Financial Apps Leak Encryption, Authentication Keys

Hackers rob thousands of Coinbase customers using MFA flaw

Cryptocurrency scam attack on Twitter reminds users to check their app connections

Satacom delivers browser extension that steals cryptocurrency

Feds Break Up Major SIM-Hijacking Ring

Attackers Use Bots to Circumvent Some Two-Factor Authentication Systems

Trezor’s Twitter account hijacked by cryptocurrency scammers via bogus Calendly invite

How Coinbase Phishers Steal One-Time Passwords

Deceptive Google Meet Invites Lures Users Into Malware Scams

Kroll Employee SIM-Swapped for Crypto Investor Data

When Low-Tech Hacks Cause High-Impact Breaches

Stay Connected