SecureWorld News

APRIL 21, 2022

Treasury Department warning of a North Korean state-sponsored advanced persistent threat (APT) known as the Lazarus Group targeting cryptocurrency and blockchain companies. The threat actors use social engineering to encourage individuals to download trojanized cryptocurrency applications on Windows or macOS operating systems.

Cryptocurrency 82

Cryptocurrency Computers and Electronics Social Engineering System Administration 82

SecureWorld News

OCTOBER 12, 2021

SecureWorld News just analyzed dozens of pages of court documents to understand this story of the Naval Engineer—an insider—who is accused of going rogue in a high-tech and high-stakes operation. Tools involved digital media, encrypted communication, cryptocurrency, and secret data handoffs. But this took time. We are both protected.

Social Engineering 89

Social Engineering Engineering Encryption Cryptocurrency 89

Security Through Education

NOVEMBER 19, 2024

Social engineering scams frequently exploit our desire to help by using themes of sympathy and assistance to manipulate us. The victim is asked to wire money, transfer cryptocurrency, or share sensitive information like credit card details, to “help” them in their current situation.

Social Engineering 52

Social Engineering Engineering Scams Cryptocurrency 52

Security Through Education

NOVEMBER 19, 2024

Social engineering scams frequently exploit our desire to help by using themes of sympathy and assistance to manipulate us. The victim is asked to wire money, transfer cryptocurrency, or share sensitive information like credit card details, to “help” them in their current situation.

Social Engineering 52

Social Engineering Engineering Scams Cryptocurrency 52

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. To extract cookies from Chromium-based browsers, it downloads a module from the C&C to bypass App-Bound encryption.

Encryption 125

Encryption Password Management Social Engineering Cryptocurrency 125

SecureList

AUGUST 10, 2022

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. Malicious DOCX social engineering message. Example of a downloaded image upon macro execution. VileLoader: an evasive multi-stage implant downloader. xml version="1.0"

Cryptocurrency 126

Cryptocurrency Encryption Social Engineering Passwords 126

Hacker Combat

AUGUST 8, 2022

North Korean hackers use phoney Coinbase job offers to target cryptocurrency professionals. The renowned North Korean hacking outfit Lazarus has uncovered a new social engineering scheme in which the hackers pose as Coinbase to lure workers into the fintech sector. Lazarus hackers go after cryptocurrency.

Social Engineering 105

Social Engineering Cryptocurrency Engineering Malware 105

Malwarebytes

SEPTEMBER 11, 2023

The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. Once active, the malware can be used for several malicious activities like remote access, cryptocurrency mining, keylogging, clipboard stealing, and information stealing. exe and a bundled script.

Malware 141

Malware Social Engineering Cryptocurrency Cybercrime 141

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. The company was the victim of a social engineering attack aimed at its employees. Trezor WARNING: Elaborate Phishing attack. Pierluigi Paganini.

Phishing 142

Phishing Data breaches Cryptocurrency Social Engineering 142

Krebs on Security

AUGUST 30, 2022

4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. On that last date, Twilio disclosed that on Aug. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile 329

Mobile Phishing Authentication Accountability 329

Identity IQ

JUNE 1, 2023

The Rise of AI Social Engineering Scams IdentityIQ In today’s digital age, social engineering scams have become an increasingly prevalent threat. Social engineering scams leverage psychological manipulation to deceive individuals and exploit the victims’ trust.

Social Engineering 52

Social Engineering Scams Engineering Identity Theft 52

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Cryptocurrency 141

Cryptocurrency Social Engineering Media Phishing 141

Malwarebytes

MARCH 1, 2024

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. Scammers, impersonating cryptocurrency investors, are active on Telegram channels to get interested people to attend a meeting about a future partnership. Topics are cryptocurrency investment opportunities.

Cryptocurrency 136

Cryptocurrency Malware Authentication Banking 136

Malwarebytes

MARCH 5, 2024

Separately, in September 2023, Malwarebytes discovered a cybercriminal campaign that tricked Mac users into accidentally installing a type of malware that can steal passwords, browser data, cookies, files, and cryptocurrency. But users who clicked the Mac download button instead received AMOS.

Malware 144

Malware Adware Ransomware Social Engineering 144

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 243

Mobile Cryptocurrency Accountability Passwords 243

Security Affairs

OCTOBER 20, 2021

Once hijacked the channel, attackers either sell it to the highest bidder or employ it in cryptocurrency scam scheme. The malware landing page is disguised as a software download URL that was sent via email or a PDF on Google Drive, or via Google documents containing the phishing links. .

Accountability 145

Accountability Malware Phishing Social Engineering 145

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 137

Scams Phishing Cryptocurrency Social Engineering 137

Responsible Cyber

JULY 13, 2024

Introduction Cryptocurrency represents a groundbreaking innovation in the financial sector, offering decentralized, peer-to-peer digital transactions through blockchain technology. However, the allure of these digital assets also attracts malicious actors, making cryptocurrency security paramount.

Cryptocurrency 52

Cryptocurrency Cyber Attacks Social Engineering Scams 52

Malwarebytes

AUGUST 13, 2021

A fair few cryptocurrency scams have been doing the rounds across 2021. Fake Elon Musk cryptocurrency scams. Another social media shenanigan involving cryptocurrency? The FTC estimates at least $2 million has been stolen from cryptocurrency investors. 30 malicious images downloaded roughly 20 million times(!)

Scams 127

Scams Cryptocurrency Social Engineering Media 127

Security Affairs

AUGUST 31, 2024

Microsoft researchers linked with medium confidence the attacks to Citrine Sleet , a North Korean threat actor targeting the cryptocurrency sector for financial gain. While we cannot confirm at this time how the targets were directed, social engineering is a common tactic used by Citrine Sleet. ” Microsoft said.

Social Engineering 137

Social Engineering Cryptocurrency Malware Engineering 137

Malwarebytes

DECEMBER 6, 2022

Nicholas Truglia (25) from Florida was sentenced to 18 months on Thursday for his involvement in a digital heist that cost Michael Terpin ( @michaelterpin ), a renowned personality in the cryptocurrency space, $23.8M. According to El Reg , Terpin's cryptocurrency of choice was TRIG, which was worth $7 then.

Cryptocurrency 98

Cryptocurrency Social Engineering Accountability Media 98

Malwarebytes

JANUARY 20, 2023

The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack." Keep threats off your devices by downloading Malwarebytes today.

Social Engineering 98

Social Engineering Accountability Cryptocurrency Engineering 98

eSecurity Planet

OCTOBER 22, 2024

Cybercriminals employ social engineering techniques to trick you into believing you must resolve fictitious technical issues. The hallmark of ClickFix campaigns is their clever use of social engineering. Types of Malware Delivered The ClickFix campaigns are not just a nuisance; they can lead to severe security breaches.

Scams 122

Scams Malware Social Engineering Phishing 122

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 138

Phishing Banking Mobile Scams 138

Security Affairs

JANUARY 23, 2022

Never download an app from a QR code, avoid making any payment requested through unsolicited email that uses social engineering techniques to trick recipients into scanning the embedded QR code. If scanning a physical QR code, ensure the code has not been tampered with, such as with a sticker placed on top of the original code.

Cryptocurrency 118

Cryptocurrency Social Engineering Malware Scams 118

SecureList

NOVEMBER 23, 2021

We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In fact, from January through the end of October, Kaspersky detected more than 2,300 fraudulent global resources aimed at 85,000 potential crypto investors or users who are interested in cryptocurrency mining. Extortion on the rise.

Cryptocurrency 142

Cryptocurrency Banking Cybercrime Ransomware 142

Malwarebytes

JANUARY 3, 2024

The social engineering techniques used by fraudsters are growing in complexity. Popular investment opportunities offered by the criminals include stocks, cryptocurrencies, and pension funds. The most reported investment fraud products in the EU are cryptocurrencies. But you will need to act fast.

Scams 132

Scams Cryptocurrency Social Engineering Internet 132

SecureWorld News

JULY 11, 2022

Axie Infinity, a video game that utilizes NFTs and Ethereum-based cryptocurrencies, lost $540 million in March of this year after a senior engineer was tricked into opening a PDF of a fake job application, according to a story from The Block. The employee who fell for the social engineering scheme no longer works for Sky Mavis.

Social Engineering 79

Social Engineering Hacking Cryptocurrency Engineering 79

Approachable Cyber Threats

JULY 7, 2022

It also serves as an easy access point for more advanced hackers and scammers to target specific organizations, or even harvest cryptocurrency. Earlier Raccoon Stealer campaigns allowed criminals to steal $13,200 worth of cryptocurrency and mine another $2,900 worth over a six month period, all for the cost of around $1,250. “So

Social Engineering 84

Social Engineering Cryptocurrency Malware Antivirus 84

Malwarebytes

JULY 19, 2021

We’ve observed a 419-style scam (also known as an advance fee scam) which combines the promise of cryptocurrency riches with WhatsApp conversation. Folks already involved in cryptocurrency would likely have suspicions raised after reading the below. It’s all about that personal touch in the land of cryptocurrency scams.

Accountability 128

Accountability Scams Cryptocurrency Banking 128

eSecurity Planet

SEPTEMBER 15, 2022

The Shikitega attack consists of a “multistage infection chain where each module responds to a part of the payload and downloads and executes the next one,” the AT&T researchers wrote. Once the CRONs are set, there’s no need to keep downloaded files, so the malware deletes them to evade detection. Multistage Infection Chain.

Malware 118

Malware Social Engineering System Administration Antivirus 118

Security Affairs

MAY 19, 2023

TurkoRat is an information-stealing malware that can obtain a broad range of data from the infected machine, including account login credentials, cryptocurrency wallets, and website cookies. was not accidental, because agent-base is the name of a legitimate npm package with tens of million downloads.

Encryption 98

Encryption Social Engineering Malware Cryptocurrency 98

Malwarebytes

OCTOBER 20, 2022

Social engineering attacks and malware form the core of Ducktail's modus operandi. Not only does Ducktail continue to steal Facebook credentials and browser data, but it also steals cryptocurrency wallets, too. Be wary of downloading files from popular file-sharing sites. Ducktail 101. Prevention is key.

Social Engineering 97

Social Engineering Malware Accountability Engineering 97

Security Boulevard

MAY 19, 2022

In April 2022, ThreatLabz discovered several newly registered domains, which were created by a threat actor to spoof the official Microsoft Windows 11 OS download portal. These variants of Vidar malware fetch the C2 configuration from attacker-controlled social media channels hosted on Telegram and Mastodon network. Key points.

Media 64

Media Social Engineering Backups Passwords 64

Krebs on Security

JULY 22, 2020

Voku’s cooperation with authorities led them to bust up a conspiracy involving at least nine individuals who stole millions of dollars worth of cryptocurrency and other items of value from their targets. CONSPIRACY.

Hacking 299

Hacking Accountability Scams Media 299

SecureList

NOVEMBER 22, 2022

Cryptocurrency targeted attacks. The cryptocurrency business continues to grow, and people continue to invest their money in this market because it’s a digital asset and all transactions occur online. More cryptocurrency-related threats: fake hardware wallets, smart contract attacks, DeFi hacks, and more.

Cryptocurrency 112

Cryptocurrency Mobile Ransomware Banking 112

Webroot

FEBRUARY 13, 2024

Rise in Cryptocurrency Payments : Fraudsters are increasingly asking for payments in cryptocurrency, exploiting its semi-anonymous nature. In 2021, losses to romance scams involving cryptocurrency were reported at $139 million ​​. Expect this to avenue of fraud to consistently escalate as crypto prices and adoption increase.

Scams 89

Scams Cryptocurrency Media Education 89