Krebs on Security

APRIL 20, 2023

3CX hired incident response firm Mandiant , which released a report on Wednesday that said the compromise began in 2022 when a 3CX employee installed a malware-laced software package distributed via an earlier software supply chain compromise that began with a tampered installer for X_TRADER , a software package provided by Trading Technologies.

Malware 334

Malware Software Technology Accountability 334

Security Boulevard

APRIL 30, 2021

Are you investing in cryptocurrency or thinking about it? Be sure to listen or watch our April monthly show for our top 3 ways to keep your cryptocurrency safe! ** Links mentioned on the show ** 10 Ways to Keep Your Cryptocurrency Safe [link] Beware of These Top Bitcoin Scams [link] 9 Best Crypto Wallets […].

Cryptocurrency 116

Cryptocurrency Scams Social Engineering Engineering 116

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Note, this is no proof that the companies listed were compromised.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. technology companies during the summer of 2022. 9, 2024, U.S. A graphic depicting how 0ktapus leveraged one victim to attack another. Twilio disclosed in Aug.

Social Engineering 358

Social Engineering Mobile Passwords Cybercrime 358

Krebs on Security

AUGUST 19, 2020

The phishers will explain that they’re calling from the employer’s IT department to help troubleshoot issues with the company’s virtual private networking (VPN) technology. Allen said it matters little to the attackers if the first few social engineering attempts fail. The employee phishing page bofaticket[.]com.

Phishing 363

Phishing VPN Social Engineering Media 363

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Cryptocurrency 133

Cryptocurrency Social Engineering Computers and Electronics Engineering 133

Security Boulevard

APRIL 13, 2021

NFTs exist in a world that few truly understand (and I don’t claim to be one of them)–a mix of trendy technology buzzwords including blockchain and [.]. The post Shashi Prakash Chats about Cryptocurrency and NFT Fraud appeared first on TechSpective.

Cryptocurrency 97

Cryptocurrency Technology Social Engineering Engineering 97

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. Chipmaker NVIDIA says a cyberattack led to theft of information on more than 71,000 employees.

Cryptocurrency 296

Cryptocurrency Cybercrime Computers and Electronics Scams 296

Security Affairs

JUNE 4, 2024

These include: Social engineering tactics SIM swapping schemes Banking and credit card fraud” The attackers use various social engineering and spoofing tactics to trick victims into revealing their sensitive information, which supports real-time interaction to abuse and bypass MFA (Multi-Factor Authentication).

Banking 128

Banking Phishing Social Engineering Engineering 128

SecureList

MARCH 25, 2025

Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7 The attackers employed social engineering techniques to trick victims into sharing their financial data or making a payment on a fake page. As cryptocurrencies continue to grow, this number is only ever going to get larger. million in 2023.

Phishing 74

Phishing Banking Scams Mobile 74

Security Through Education

NOVEMBER 19, 2024

Social engineering scams frequently exploit our desire to help by using themes of sympathy and assistance to manipulate us. Bad actors typically execute these scams over the phone, through email, or on social media platforms. Educate Yourself and Others: Awareness is the first line of defense against social engineering attacks.

Social Engineering 52

Social Engineering Engineering Scams Cryptocurrency 52

Security Through Education

NOVEMBER 19, 2024

Social engineering scams frequently exploit our desire to help by using themes of sympathy and assistance to manipulate us. Bad actors typically execute these scams over the phone, through email, or on social media platforms. Educate Yourself and Others: Awareness is the first line of defense against social engineering attacks.

Social Engineering 52

Social Engineering Engineering Scams Cryptocurrency 52

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 95

Insurance Cryptocurrency Cyber threats Marketing 95

Security Through Education

MARCH 22, 2023

They all use psychology and social engineering skills to convince their victims to take an action that is detrimental to them. Thanks to technology and social media, impersonation scams have grown exponentially. Prey on Emotions Scammers have become experts in using social engineering techniques to their advantage.

Scams 122

Scams Social Engineering Engineering Media 122

Identity IQ

JUNE 1, 2023

The Rise of AI Social Engineering Scams IdentityIQ In today’s digital age, social engineering scams have become an increasingly prevalent threat. Social engineering scams leverage psychological manipulation to deceive individuals and exploit the victims’ trust.

Social Engineering 52

Social Engineering Scams Engineering Identity Theft 52

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 268

Mobile Cryptocurrency Accountability Passwords 268

Krebs on Security

AUGUST 30, 2022

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. On that last date, Twilio disclosed that on Aug. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile 344

Mobile Phishing Authentication Accountability 344

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Malwarebytes

OCTOBER 27, 2023

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier.

Social Engineering 114

Social Engineering Engineering Ransomware Backups 114

Responsible Cyber

JULY 13, 2024

Introduction Cryptocurrency represents a groundbreaking innovation in the financial sector, offering decentralized, peer-to-peer digital transactions through blockchain technology. However, the allure of these digital assets also attracts malicious actors, making cryptocurrency security paramount.

Cryptocurrency 52

Cryptocurrency Cyber Attacks Social Engineering Scams 52

CyberSecurity Insiders

AUGUST 17, 2022

The aim behind the said social engineering attack is simple, one to trap employees with fake job offers and second to lure customers in signing up the page and then steal their currency. But now have spread malware in disguise of a PDF file to employees in reputable positions at Coinbase.

Social Engineering 117

Social Engineering Cryptocurrency Education Cybercrime 117

SecureList

AUGUST 10, 2022

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. Malicious DOCX social engineering message. We could not profile all the identified organizations, but half of them were foreign currency (FOREX) and cryptocurrency exchange brokers.

Cryptocurrency 116

Cryptocurrency Encryption Social Engineering Passwords 116

SC Magazine

APRIL 8, 2021

For the uninitiated, NFTs are unique tokens that accompany original and collectible digital artwork or videos that can be sold or traded as a form of cryptocurrency, with transactions registered on the blockchain. Many of the earlier NFTs involved illustrations of kittens, but they can take the form of just about anything. billion in 2020.

Scams 137

Scams Cryptocurrency Phishing Marketing 137

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 129

Scams Phishing Cryptocurrency Social Engineering 129

SecureWorld News

FEBRUARY 7, 2022

Cyberattacks targeting cryptocurrency exchanges were on a roll in 2021 and have continued into 2022. The panel also said one cybersecurity firm anonymously reported that North Korean "cyber-actors stole a total of $400 million worth of cryptocurrency through seven intrusions into cryptocurrency exchanges and investment firms.".

Cryptocurrency 97

Cryptocurrency Cybercrime Social Engineering Engineering 97

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. The unique technology that easily detects suspicious devices is exactly what we were looking for. The figure suggests that bitcoin platforms remain of great interest to threat actors.

Cryptocurrency 87

Cryptocurrency Social Engineering eCommerce Engineering 87

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Cryptocurrency 136

Cryptocurrency Media Social Engineering Phishing 136

eSecurity Planet

SEPTEMBER 14, 2022

To this end, some impressive technology has been created to combat the technological side of the issue, to keep hackers and similar bad actors from accessing data and account privileges they shouldn’t. However, the technological side of cybersecurity is no longer the weakest link in a company’s proverbial chain. Social Tactics.

Social Engineering 121

Social Engineering Energy and Utilities Phishing Internet 121

Security Affairs

JANUARY 23, 2022

“cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.” ” reads the FBI’s PSA.

Cryptocurrency 111

Cryptocurrency Social Engineering Malware Scams 111

eSecurity Planet

MARCH 24, 2022

In a blog post detailing its efforts to track and contain the breach, Microsoft described LAPSUS$ as a “large scale social engineering and extortion campaign.” LAPSUS$ doesn’t appear to be using overtly sophisticated intrusion methods but instead relying on social engineering and purchased accounts.

Social Engineering 110

Social Engineering Engineering Data breaches Hacking 110

Webroot

FEBRUARY 13, 2024

Rise in Cryptocurrency Payments : Fraudsters are increasingly asking for payments in cryptocurrency, exploiting its semi-anonymous nature. In 2021, losses to romance scams involving cryptocurrency were reported at $139 million ​​. Expect this to avenue of fraud to consistently escalate as crypto prices and adoption increase.

Scams 114

Scams Cryptocurrency Media Education 114

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 132

Phishing Banking Mobile Scams 132

Malwarebytes

MARCH 1, 2024

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. Scammers, impersonating cryptocurrency investors, are active on Telegram channels to get interested people to attend a meeting about a future partnership. Topics are cryptocurrency investment opportunities.

Cryptocurrency 118

Cryptocurrency Malware Authentication Banking 118

Digital Shadows

JANUARY 27, 2025

Affiliates using IABs for access need to have non-traceable cryptocurrency and often a guarantor to facilitate purchase. This sharp decrease strongly indicates that a major technological advancementlikely GenAIis enabling threat actors to exploit vulnerabilities at unprecedented speeds.

Scams 76

Scams Ransomware Accountability Social Engineering 76

Cisco Security

OCTOBER 6, 2021

Mining cryptocurrencies requires large amounts of computing power to solve the cryptographic challenges necessary to acquire new cryptocurrency tokens. Users are prone to disclosing their usernames and passwords in response to the socially engineered cues of phishing attacks. Constantly evolving.

Cybersecurity 145

Cybersecurity Authentication Passwords Cryptocurrency 145

SecureWorld News

JULY 3, 2023

As we rely increasingly on digital technologies for our work, communication, entertainment, and education, we also expose ourselves to more and more cyber risks. According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Cryptocurrency and the Metaverse pose new cybersecurity threats.

Cybercrime 98

Cybercrime Social Engineering Data breaches Education 98