The Last Watchdog

DECEMBER 18, 2024

Organizations face rising risks of AI-driven social engineering and personal device breaches. Marketing efforts will increasingly highlight these autonomous AI models as the next frontier, touting their ability to detect, respond to, and even mitigate threats in real-time – all without human input.

Risk 173

Risk Threat Detection Technology Phishing 173

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Note, this is no proof that the companies listed were compromised.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. A phishing page (helpdesk-att[.]com) com) targeting AT&T employees.

Phishing 363

Phishing VPN Social Engineering Media 363

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. According to CryptoIns analysts, the crypto assets insurance market is expected to reach $7 billion by 2023. Why do crypto exchanges’ users need insurance?

Insurance 96

Insurance Cryptocurrency Cyber threats Marketing 96

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. It emerges that email marketing giant Mailchimp got hacked.

Cryptocurrency 296

Cryptocurrency Cybercrime Computers and Electronics Scams 296

SecureWorld News

FEBRUARY 14, 2025

And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect. Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day.

Scams 74

Scams Cybercrime Social Engineering Phishing 74

Krebs on Security

AUGUST 30, 2022

4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. On that last date, Twilio disclosed that on Aug. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile 344

Mobile Phishing Authentication Accountability 344

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 138

Phishing Data breaches Cryptocurrency Social Engineering 138

Hacker Combat

AUGUST 8, 2022

North Korean hackers use phoney Coinbase job offers to target cryptocurrency professionals. The renowned North Korean hacking outfit Lazarus has uncovered a new social engineering scheme in which the hackers pose as Coinbase to lure workers into the fintech sector. Lazarus hackers go after cryptocurrency.

Social Engineering 105

Social Engineering Cryptocurrency Engineering Malware 105

SC Magazine

APRIL 8, 2021

For the uninitiated, NFTs are unique tokens that accompany original and collectible digital artwork or videos that can be sold or traded as a form of cryptocurrency, with transactions registered on the blockchain. We saw this with the early success of the darknet market Silk Road, which accounted for a huge part of the early crypto economy.”.

Scams 137

Scams Cryptocurrency Phishing Marketing 137

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Malwarebytes

JANUARY 20, 2023

A threat actor successfully used compromised employee credentials to gain access to 133 accounts on Mailchimp, the mainstream Intuit-owned email marketing platform, in a security incident that recently came to light. "On The blog further asserts the company's compromise had not affected other Intuit systems or other Mailchimp customer data.

Social Engineering 96

Social Engineering Accountability Cryptocurrency Engineering 96

Security Affairs

OCTOBER 18, 2018

Group-IB, an international company that specializes in preventing cyber attacks, has estimated that cryptocurrency exchanges suffered a total loss of $882 million due to targeted attacks in 2017 and in the first three quarters of 2018. At the beginning of 2018 hackers’ interest in cryptocurrency exchanges ramped up.

Cyber Attacks 110

Cyber Attacks Cryptocurrency Phishing Social Engineering 110

Krebs on Security

JULY 22, 2020

A review of the private messages for “lol” on OGUsers provides a glimpse into the vibrant market for the resale of prized OG accounts. ” In a statement on its ongoing investigation into the July 15 incident, Twitter said it resulted from a small number of employees being manipulated through a social engineering scheme.

Hacking 332

Hacking Accountability Scams Media 332

Approachable Cyber Threats

JULY 7, 2022

The booming market on the Dark Web for passwords and other personal information make it a lucrative business for any cybercriminal - and Raccoon Stealer’s Malware-as-a-Service model makes it even easier for anyone to steal your information to make a profit. DropBox and social engineering.

Social Engineering 99

Social Engineering Cryptocurrency Malware Antivirus 99

SecureList

NOVEMBER 22, 2022

The cybercriminal market has been developing extensively, with the overwhelming majority of cybercriminals pursuing one goal — financial profit, no matter the source. Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Malwarebytes

MARCH 5, 2024

Separately, in September 2023, Malwarebytes discovered a cybercriminal campaign that tricked Mac users into accidentally installing a type of malware that can steal passwords, browser data, cookies, files, and cryptocurrency. Replace “magic” with Malwarebytes Cyberthreats on Mac aren’t non-existent, they’re just different.

Malware 143

Malware Adware Ransomware Social Engineering 143

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 132

Phishing Banking Mobile Scams 132

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 98

Malware Cybercrime Cryptocurrency Social Engineering 98

CyberSecurity Insiders

JANUARY 19, 2023

MailChimp, the automation based marketing company, is the third to hit the news headlines on Google as its servers have become a victim of a social engineering attack that led to a data leak.

Cyber Attacks 106

Cyber Attacks Social Engineering Financial Services Encryption 106

CyberSecurity Insiders

MAY 3, 2023

By: Daron Hartvigsen , Managing Director, StoneTurn and Luke Tenery , Partner, StoneTurn When insider threat or insider risk is discussed in a corporate context, often the relevant topics include misconduct , fraud, misuse, or even the idea that insiders can be unwitting accomplices to social engineering exploitation.

Risk 120

Risk Cyber threats Marketing Engineering 120

Malwarebytes

MARCH 1, 2023

Despite a very slim browser market share, Internet Explorer (IE) is still being exploited by exploit kits like the RIG exploit kit (EK). RIG EK has also introduced some newer vulnerabilities while Internet Explorer's market share has continued to drop.

Internet 98

Internet Internet Social Engineering Malware 98

SecureList

JUNE 10, 2024

This article examines methods that rely on social engineering, where attackers manipulate the victim into giving away the OTP, and tools that they use to automate the manipulations: so-called OTP bots and administration panels to control phishing kits. The bot accepts payments in cryptocurrency only.

Phishing 144

Phishing Banking Social Engineering Accountability 144

SecureList

NOVEMBER 9, 2022

In 2023, we might see a slight decline in ransomware attacks, reflecting the slowdown of the cryptocurrency markets. Given the continued surge of ransomware attacks, which soared 288% in the first half of 2022 alone, the need for cyber insurance will be a bigger priority, especially in the SMB market. IoT Vulnerabilities.

Cybersecurity 144

Cybersecurity Cyber Insurance Cybercrime IoT 144

Malwarebytes

NOVEMBER 23, 2021

In one case, researchers found a file titled “Amazon Gift Tool.exe” that was being marketed on a publicly available file repository site as a free Amazon gift card generator. In reality, the malware watched a user’s clipboard to find text that matches the normal length of a certain type of cryptocurrency wallet address.

Scams 127

Scams Social Engineering Malware Cryptocurrency 127

eSecurity Planet

JANUARY 6, 2022

AI is already used by security tools to detect unusual behavior , and Fortinet expects cybercriminals to use deep fakes and AI to mimic human activities to enhance social engineering attacks and bypass secure forms of authentication such as voiceprints or facial recognition. Cryptocurrency is the Wild West of the digital world today.

Ransomware 136

Ransomware Cybersecurity Artificial Intelligence CISO 136

Digital Shadows

JANUARY 27, 2025

How Specialized Affiliates and Smarter Tactics Are Accelerating Ransomware The RaaS market is growing, both in the number of publicly named victims and in diversity. Affiliates using IABs for access need to have non-traceable cryptocurrency and often a guarantor to facilitate purchase.

Scams 76

Scams Ransomware Accountability Social Engineering 76

SecureList

DECEMBER 6, 2022

Phishers primarily seek to extract confidential information from victims, such as credentials or bank card details, while scammers deploy social engineering to persuade targets to transfer money on their own accord. Recently, many channels have appeared on Telegram promising prizes or get-rich cryptocurrency investment schemes.

Scams 131

Scams Phishing Social Engineering Banking 131

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. The phishing kit market.

Phishing 131

Phishing Spyware Firmware Malware 131

SecureList

JUNE 7, 2023

Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff , a financially motivated threat actor known for stealing cryptocurrency. The threat actor uses social engineering to infect a PoS terminal.

DNS 104

DNS Malware Cryptocurrency Retail 104

Digital Shadows

NOVEMBER 13, 2024

In late 2024, Russian ransomware groups began collaborating with native English speakers, boosting their social engineering capabilities. The group social-engineered the organization’s help desk, employing fluent English to achieve a reset of a compromised account’s password.

Social Engineering 59

Social Engineering Cybersecurity DDOS Ransomware 59

SC Magazine

MAY 17, 2021

AI could impact more than just social engineering. A switch to digital currency without anonymity would leverage some of the strengths of cryptocurrency, but likely change the fabric of privacy and crime. “The insider threat of 2030 could just as easily be an object or an algorithm.”

Manufacturing 95

Manufacturing IoT Technology Artificial Intelligence 95

Security Affairs

MARCH 27, 2023

In thirty days, the operation we monitored was capable to establish initial access to over 8 thousand endpoints and steal sensitive data that are now reaching the underground black markets. Most of the victims mount Windows 10 Professional and Enterprise operating systems, including several Datacenter versions of Windows Server.

Malware 98

Malware Social Engineering Encryption Marketing 98

Security Boulevard

AUGUST 3, 2022

Spamming with the aim of, for example, disseminating information related to cryptocurrency or the stock market. Phishing to obtain sensitive user information, which is then used to launch other social engineering attacks or identity theft. State of API security: malicious attack traffic grew 117%.

Mobile 98

Mobile Accountability Authentication Identity Theft 98

Digital Shadows

FEBRUARY 2, 2023

Whether you’re a crypto-skeptic or a crypto-maximalist, it cannot be denied that the mostly unregulated cryptocurrency ecosystem is no stranger to fraud. To conduct attacks specifically linked to cryptocurrency, threat actors must usually cooperate within a web of associates—just like any other area of cyber crime.

Scams 40

Scams Cryptocurrency Marketing Advertising 40

SecureList

APRIL 10, 2023

It’s a whole underground world with its own rules, market prices, and reputational institutions, an overview of which we present in this report. The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners and even dating apps.

Malware 133

Malware Encryption Mobile Accountability 133

Digital Shadows

NOVEMBER 14, 2024

In late 2024, Russian ransomware groups began collaborating with native English speakers, boosting their social engineering capabilities. The group social-engineered the organization’s help desk, employing fluent English to achieve a reset of a compromised account’s password.

Social Engineering 52

Social Engineering Cybersecurity DDOS Ransomware 52