Cryptocurrency, Technology and Web Fraud

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. A machine-translated version of Flymoney, one of dozens of cryptocurrency exchanges apparently nested at Cryptomus.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

based technology companies. Donahue said 60 technology companies are now routing all law enforcement data requests through Kodex, including an increasing number of financial institutions and cryptocurrency platforms. “That can include control over data, like an account freeze or preservation request.”

Hacking

Hacking Accountability Government Social Engineering

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware

Malware Cryptocurrency Software Phishing

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

Anti-Money Laundering Service AMLBot Cleans House

Krebs on Security

OCTOBER 15, 2022

AMLBot , a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.

Cryptocurrency

Cryptocurrency Marketing Cybercrime Technology

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain. Previously, the group had stored its malicious update files on Cloudflare, Guard.io

Scams

Scams Malware Cryptocurrency Hacking

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

Also known as “ Assad Faiq” and “ The Godfather ,” Iza is the 30-something founder of a cryptocurrency investment platform called Zort that advertised the ability to make smart trades based on artificial intelligence technology. cryptocurrency holdings online. In December 2022, Troy Woody Jr.

Cryptocurrency

Cryptocurrency Government Internet Internet

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile

Mobile Cryptocurrency Accountability Passwords

Discord Admins Hacked by Malicious Bookmarks

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. On May 9, MetrixCoin reported that its Discord server was hacked, with fake airdrop details pushed to all users.

Hacking

Hacking Accountability Scams Cryptocurrency

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. technology companies during the summer of 2022. 9, 2024, U.S. A graphic depicting how 0ktapus leveraged one victim to attack another. According to an Aug.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

” “Since playing Tradewars on my Tandy 1000 with a 300 baud modem in the early ’90s, I’ve had a lifelong passion for technology, which I’ve carried with me as Deputy CISO of the world’s largest health plan,” her profile reads. Maryann’s profile says she’s from Tupelo, Miss.,

CISO

CISO Cybercrime Accountability Information Security

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

” Jason Lathrop is vice president of technology and operations at ISOutsource , a Seattle-based consulting firm with roughly 100 employees. . “I wrote our LinkedIn rep and said we were considering closing the group down the bots were so bad,” Miller said.

Accountability

Accountability Scams Artificial Intelligence Cryptocurrency

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

“There has been no violation of our platforms and technological infrastructure,” Banorte said. But in a brief written statement picked up on Twitter , Banorte said there was no breach involving their infrastructure, and the data being sold is old. ” That statement may be 100 percent true.

Data breaches

Data breaches Banking Cybercrime Marketing

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

. “You hand that over to a person who used to mine Ethereum or Bitcoin, and if they have a large enough dictionary [of pre-computed hashes] then you can essentially break 60-70 percent of the hashed passwords in a day or two,” said Fabian Wosar , chief technology officer at security firm Emsisoft.

Passwords

Passwords Password Management Phishing Scams

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

Department of Justice (DOJ) says the GRU’s hackers built Cyclops Blink by exploiting previously undocumented security weaknesses in firewalls and routers made by both ASUS and WatchGuard Technologies.

Marketing

Marketing Energy and Utilities Malware Ransomware

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

Purchases can be made in cryptocurrencies, and checking out prompts one to continue payment at Coinbase.com. ” “Punchmade Dev is best known for his creative ways to use technology, video gaming, and social media to build a fan base,” the profile continues. ” the site promises.

Cybercrime

Cybercrime Media Banking Accountability

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. ” NEEDLES IN THE HAYSTACK.

Mobile

Mobile Government Media Technology

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

Throughout 2022, LAPSUS$ would hack and social engineer their way into some of the world’s biggest technology companies , including EA Games, Microsoft , NVIDIA , Okta , Samsung , and T-Mobile.

Cybercrime

Cybercrime Accountability Mobile Hacking

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security

MARCH 22, 2022

Pavel Vrublevsky , founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “ Spam Nation ,” was arrested in Moscow this month and charged with fraud. Inferno Pay, a cryptocurrency and payment API allegedly operated by the ChronoPay CEO.

Banking

Banking Marketing DDOS Risk

Anti-Money Laundering Service AMLBot Cleans House

Security Boulevard

OCTOBER 15, 2022

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.

Cryptocurrency

Cryptocurrency Cybercrime Technology Web Fraud

Cyber Security Informer

How Cryptocurrency Turns to Cash in Russian Banks

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Trending Sources

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Calendar Meeting Links Used to Spread Mac Malware

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Anti-Money Laundering Service AMLBot Cleans House

The Fake Browser Update Scam Gets a Makeover

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Busting SIM Swappers and SIM Swap Myths

Discord Admins Hacked by Malicious Bookmarks

How 1-Time Passcodes Became a Corporate Liability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Fake CISO Profiles on LinkedIn Target Fortune 500s

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

When Efforts to Contain a Data Breach Backfire

The Life Cycle of a Breached Database

Actions Target Russian Govt. Botnet, Hydra Dark Market

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Fighting Fake EDRs With ‘Credit Ratings’ for Police

The Dark Nexus Between Harm Groups and ‘The Com’

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Anti-Money Laundering Service AMLBot Cleans House

Stay Connected