Cryptocurrency, Software and Web Fraud - Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware

Malware Cryptocurrency Software Phishing

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Krebs on Security

AUGUST 25, 2021

In a lawsuit filed in Colorado, Schober said the sudden disappearance of his funds in January 2018 prompted him to spend more than $10,000 hiring experts in the field of tracing cryptocurrency transactions. universities). When Schober went to move approximately 16.4 A copy of the May 2021 complaint is here (PDF). .

Cryptocurrency

Cryptocurrency Malware Mobile Accountability

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. co showing the site did indeed swap out any cryptocurrency addresses. However, testing shows tornote[.]io

Phishing

Phishing Cryptocurrency DDOS Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Scams

Scams DDOS Cryptocurrency Accountability

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

One of the more popular SIM-swapping channels on Telegram maintains a frequently updated leaderboard of the most accomplished SIM-swappers, indexed by their supposed conquests in stealing cryptocurrency. The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software.

Hacking

Hacking Cybercrime Phishing Passwords

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile

Mobile Cryptocurrency Accountability Passwords

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. ru , which periodically published hacking tools and exploits for software vulnerabilities. The links have been redacted.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

Kopeechka also has multiple affiliate programs, including one that pays app developers for embedding Kopeechka’s API in their software. “There was nothing in the Mastodon software to detect that activity, and the protocol is not designed to handle this.” com site,” the Trend researchers wrote.

Accountability

Accountability Scams Cryptocurrency Advertising

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911’s proxy software with other titles, including “free” utilities and pirated software. A cached copy of flashupdate[.]net

Cybercrime

Cybercrime Software VPN Backups

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

The Justice Department said that in Dragonfly’s first stage between 2012 and 2014, the defendants hacked into computer networks of industrial control systems (ICS) companies and software providers, and then hid malware inside legitimate software updates for such systems. and international companies and entities, including U.S.

Marketing

Marketing Energy and Utilities Malware Ransomware

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

That changed recently when Punchmade’s various video and social media accounts began promoting a new web shop that is selling stolen payment cards and identity data, as well as hacked financial accounts and software for producing counterfeit checks. Punchmade Dev’s shop. ” the site promises.

Cybercrime

Cybercrime Media Banking Accountability

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Absent from GoDaddy’s SEC statement is another spate of attacks in November 2020, in which unknown intruders redirected email and web traffic for multiple cryptocurrency services that used GoDaddy in some capacity. The key works without the need for any special software drivers.

Hacking

Hacking Social Engineering Phishing Scams

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

In November 2020, intruders thought to be associated with the Beige Group tricked a GoDaddy employee into installing malicious software, and with that access they were able to redirect the web and email traffic for multiple cryptocurrency trading platforms.

Cybercrime

Cybercrime Accountability Mobile Hacking

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

Glupteba is a rootkit that steals passwords and other access credentials, disables security software, and tries to compromise other devices on the victim network — such as Internet routers and media storage servers — for use in relaying spam or other malicious traffic. A slide from a talk given in Sept.

Cybercrime

Cybercrime Malware Internet Internet

Interview With a Crypto Scam Investment Spammer

Security Boulevard

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Scams

Scams Cryptocurrency Accountability Software

Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Calendar Meeting Links Used to Spread Mac Malware

Trending Sources

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Interview With a Crypto Scam Investment Spammer

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Busting SIM Swappers and SIM Swap Myths

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Service Rents Email Addresses for Account Signups

911 Proxy Service Implodes After Disclosing Breach

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Actions Target Russian Govt. Botnet, Hydra Dark Market

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

When Low-Tech Hacks Cause High-Impact Breaches

The Dark Nexus Between Harm Groups and ‘The Com’

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Interview With a Crypto Scam Investment Spammer

Stay Connected