Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials.

Social Engineering 356

Social Engineering Mobile Passwords Cybercrime 356

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency 290

Cryptocurrency Cybercrime Computers and Electronics Scams 290

Malwarebytes

FEBRUARY 19, 2025

With stolen passwords, the impact is even broader; hackers could wire funds from a breached online banking account into their own, or masquerade as someone on social media to ask friends and family for money. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 133

Malware Software Passwords Cryptocurrency 133

Troy Hunt

JUNE 11, 2018

They suspected that a significant volume of the credentials obtained in these incidents have been used to access mailboxes, cryptocurrency exchanges, cloud service accounts and other similar online assets. In total, there were 655k records affected that are now searchable. In total, there were 655k records affected that are now searchable.

Cryptocurrency 161

Cryptocurrency Cybercrime Data breaches Passwords 161

SecureList

APRIL 21, 2025

Primary infection vectors include phishing emails with malicious attachments or links, as well as trojanized legitimate applications. Fake Telegram channels for pirated content and cryptocurrencies. These deceptive tactics trick users into executing the malware, which runs silently in the background harvesting valuable data.

Malware 87

Malware Cryptocurrency Software Phishing 87

Malwarebytes

MARCH 17, 2022

The linked article focuses on misconfiguration, phishing issues, limiting data share, and the ever-present Internet of Things. Cryptocurrency wallet attacks. Digital wallet phish attempts are rampant on social media, and we expect this to rise. Below, we dig into a few of those. Ransomware supply chain triple-threat.

Cryptocurrency 131

Cryptocurrency Backups Phishing Password Management 131

SecureList

FEBRUARY 21, 2025

Technical details Initial attack vector The initial attack vector used by Angry Likho consists of standardized spear-phishing emails with various attachments. Contents of spear-phishing email inviting the victim to join a videoconference The archive includes two malicious LNK files and a legitimate bait file.

Phishing 90

Phishing Encryption Banking Malware 90

Malwarebytes

MAY 6, 2022

Well, there’s a “potential vulnerability” which allowed spambots to post phishing links to other users. There’s no further information on how this occurred, but situations like this can happen if a channel’s administrator gets phished. Sadly, spamming phish links is not supposed to be one of them.

Phishing 98

Phishing Password Management Cryptocurrency Scams 98

Responsible Cyber

JULY 13, 2024

Introduction Cryptocurrency represents a groundbreaking innovation in the financial sector, offering decentralized, peer-to-peer digital transactions through blockchain technology. However, the allure of these digital assets also attracts malicious actors, making cryptocurrency security paramount.

Cryptocurrency 52

Cryptocurrency Cyber Attacks Social Engineering Scams 52

Malwarebytes

MARCH 3, 2022

The main attack vector is phishing which the group uses to gain a foothold before moving on to breach the network from there. Nvidia LHR graphics cards detect when they’re being used for Ethereum (ETH) cryptocurrency mining and automatically halve the hash rate. They can auto-generate highly secure passwords for you.

Ransomware 100

Ransomware Password Management Passwords Hacking 100

Malwarebytes

JUNE 3, 2022

By focusing on this context, we hope that you’ll come away with a stronger understanding about, for instance, why you should use a password manager rather than that you should use a password manager. By selling fake raffle tickets for the promotion, the scammers raked in $438,000 worth of cryptocurrency.

Internet 131

Internet Internet Scams Passwords 131

Security Affairs

FEBRUARY 25, 2021

The attack chain starts with COVID19-themed spear-phishing messages that contain either a malicious Word attachment or a link to one hosted on company servers. . The experts discovered the custom backdoor while investigating an incident, it was used by attackers for lateral movements and data exfiltration.

Malware 129

Malware Cryptocurrency Password Management Encryption 129

eSecurity Planet

APRIL 21, 2021

From news of a collage selling for almost $70 million at Christie’s auction house to a portrayal of Janet Yellen and Morpheus rapping about cryptocurrency on SNL , the current craze is all about non-fungible tokens (NFTs). Also Read: Best Password Management Software & Tools for 2021. How do NFTs work?

Cryptocurrency 115

Cryptocurrency Marketing Accountability Scams 115

Security Affairs

MAY 21, 2021

CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. CyberNews researchers found that cybercriminals are able to abuse cryptocurrency exchange API keys and steal cryptocurrencies from their victims’ accounts without being granted withdrawal rights.

Cryptocurrency 106

Cryptocurrency Accountability Marketing Passwords 106

Malwarebytes

APRIL 3, 2023

A new macOS malware—called MacStealer—that is capable of stealing various files, cryptocurrency wallets, and details stored in specific browsers like Firefox, Chrome, and Brave, was discovered by security researchers from Uptycs, a cybersecurity company specializing in cloud security. Users of macOS Catalina (10.5)

Malware 98

Malware Passwords Cryptocurrency Password Management 98

eSecurity Planet

FEBRUARY 17, 2025

It warns you about phishing attempts. year ( Anti Phishing protection for up to 6 people, up to 5 devices) Supported Computer Operating Systems Windows, iOS, Android, Mac, Web portal Customer Support Self-service, Direct support via phone, online tickets, dedicated TAMs. SmartScreen filter: Designed to keep you safe online.

Antivirus 67

Antivirus Identity Theft VPN Spyware 67

SecureList

FEBRUARY 25, 2021

The group made use of COVID-19 themes in its spear-phishing emails, embellishing them with personal information gathered using publicly available sources. In this attack, spear phishing was used as the initial infection vector. The phishing emails claimed to have urgent updates on today’s hottest topic – COVID-19 infections.

Malware 145

Malware Phishing Passwords Encryption 145

Security Affairs

SEPTEMBER 22, 2019

A flaw in LastPass password manager leaks credentials from previous site. France and Germany will block Facebooks Libra cryptocurrency. taxpayers hit by a phishing campaign delivering the Amadey bot. Drone attacks hit two Saudi Arabia Aramco oil plants. Astaroth Trojan leverages Facebook and YouTube to avoid detection.

Adware 80

Adware Advertising Password Management Hacking 80

Malwarebytes

MAY 10, 2022

Although the mail is being described as phishing, there is no direct request for passwords or logins linked to in the mail itself. The list of potential target areas includes: Internet browsers MAIL/FTP/VPN clients Cryptocurrency wallets Password managers Messengers Game programs. ” Source: CERT-UA.

Malware 100

Malware Phishing Passwords Password Management 100

Malwarebytes

JUNE 17, 2021

Malwarebytes Browser Guard not only blocks some advertisements and trackers, it also stops in-browser cryptojackers (unwanted cryptocurrency miners), and it also uses an extended version of the Malwarebytes Premium blocklist that will stop malicious sites from loading—including sites that are involved in tech support scams. Click&Clean.

Advertising 125

Advertising Antivirus Passwords Malware 125

Pen Test Partners

JANUARY 23, 2025

Anything from phishing emails to ransomware attacks, these threats can disrupt operations and compromise critical systems. Attackers use phishing, malware, ransomware, and scams like BEC to gain access to systems and cause disruption. Most attacks start with weak passwords or phishing emails, making employees the first line of defence.

Passwords 64

Passwords Phishing Cyber Attacks Media 64

Security Boulevard

MARCH 31, 2022

Passwords: An Easy Target. Let’s not mince words: passwords are difficult for most organizations to manage. Despite the ready availability of password management software, deployment and strategic management of passwords is difficult as your employment numbers skyrocket. Regular employee training.

Cybersecurity 98

Cybersecurity Social Engineering Passwords Malware 98

Security Affairs

JANUARY 27, 2022

Other affected businesses include Chip, a UK-based savings app boasting 400,000 users; Hoolah, a shopping app with over 100,000 installs ; Mode, a cryptocurrency app with over 50,000 installs ; and Greenwheels, a car-sharing service with over 50,000 installs. Threat actors can abuse PII to conduct phishing and social engineering attacks.

Identity Theft 98

Identity Theft Accountability Data breaches Social Engineering 98

Security Boulevard

JUNE 15, 2023

Oftentimes this is credential data, but it can be any data that may have financial value to an adversary; this includes paid online service accounts, cryptocurrency wallets, instant messenger, or email contacts lists, etc. Key Mystic Stealer functions include its ability to extract data from web browsers and cryptocurrency wallets.

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

eSecurity Planet

DECEMBER 7, 2023

Users can establish a symmetric key to share private messages through a secure channel, like a password manager. Phishing and social engineering are common ways threat actors can obtain a symmetric key, but cryptanalysis and brute force attempts can also break symmetric key ciphers.

Encryption 109

Encryption Passwords Authentication Password Management 109

Identity IQ

JUNE 1, 2023

Phishing attacks. Phishing attacks refer to fraudulent attempts, usually through email or messaging platforms, to deceive individuals into revealing sensitive information like passwords, credit card details, or Social Security numbers. Spear phishing attacks. This makes it more likely for victims to fall for the scam.

Social Engineering 52

Social Engineering Scams Engineering Identity Theft 52

eSecurity Planet

JULY 25, 2023

Phishing attacks: Deceptive techniques, such as fraudulent emails or websites, trick individuals into revealing sensitive information like credit card and payment information, passwords, or login credentials. Cryptojacking : Unauthorized use of a computer’s processing power to mine cryptocurrencies.

Software 98

Software Data breaches Ransomware DDOS 98

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year.

Malware 116

Malware Ransomware Passwords Healthcare 116

SecureList

JULY 29, 2021

We have designated it as a new threat actor and named it “HotCousin” The attacks began with a spear-phishing email which led to an ISO file container being stored on disk and mounted. Previous activity also connected with this group relied heavily on spear-phishing and Cobalt Strike throughout 2020.

Malware 145

Malware Phishing Password Management Social Engineering 145