2017, Accountability, Cryptocurrency and Cybercrime

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges. Separately, the U.S.

Cryptocurrency

Cryptocurrency Phishing Accountability Cybercrime

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency

Cryptocurrency Phishing Accountability Passwords

The Link Between Ransomware and Cryptocurrency

eSecurity Planet

DECEMBER 21, 2021

The dangers from ransomware have risen sharply since WannaCry and NotPetya hit the scene in 2017, and this year has been no different. Cryptocurrency Fuels Ransomware. One constant in all this will be cryptocurrency, the coin of the realm when it comes to ransomware. Cryptocurrency really is fueling this in a sense.

Cryptocurrency

Cryptocurrency Ransomware Cybercrime Social Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Security Affairs

NOVEMBER 22, 2022

Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were arrested in Tallinn, Estonia, after being indicted in the US for running a fraudulent cryptocurrency Ponzi scheme that caused more than $575 million in losses. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Banking Marketing Hacking

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. was used to register an account with the username “Nordex” at bankir[.]com

Marketing

Marketing Cybercrime Accountability Cryptocurrency

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. Prior to the demise of Google+ , the email address dugidox@gmail.com mapped to an account with the nickname “ Netwire wwl.”

DNS

DNS Cybercrime Passwords Accountability

Kroll Employee SIM-Swapped for Crypto Investor Data

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” A phishing message targeting FTX users that went out en masse today.

Mobile

Mobile Cyber Risk Cryptocurrency Data breaches

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange. reported the Associated Press. In February, the U.S.

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

Cryptocurrency Mixer Pleads Guilty to Laundering Over 350,000 Bitcoin

SecureWorld News

AUGUST 19, 2021

Department of Justice (DOJ) announced that an Ohio resident, Larry Dean Harmon, pleaded guilty to money laundering through the use of Helix, a Dark Web cryptocurrency laundering service. Cybercriminal mixes millions of dollars in cryptocurrency. Harmon says he operated Helix between 2014 and 2017.

Cryptocurrency

Cryptocurrency Marketing Advertising Engineering

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums. The message sent to the victims from a compromised Skype account contains a VBS script with a filename following the following format: <filename.pdf> www.skype[.]vbs.

Malware

Malware Cryptocurrency Accountability Cybercrime

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox in 2011 and the operation of the illicit cryptocurrency exchange BTC-e. ” reads the DoJ.

Hacking

Hacking Cryptocurrency Advertising Banking

Threat Actors Merging Malicious Activity With Cryptocurrency Show How the Attack Landscape is Developing in Decentralized Finance

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency

Cryptocurrency Ransomware Government Risk

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. These services, too, have been outsourced.

Cybercrime

Cybercrime Banking Malware Ransomware

Police Shut Down Crypto Mixer That Laundered Over $3 Billion

SecureWorld News

MARCH 16, 2023

Cryptocurrency has become a popular way to conduct transactions online, but it has also become a popular tool for cybercriminals. One of the ways they have been able to use crypto to their advantage is through the use of cryptocurrency mixers. One of the largest cryptocurrency mixers in the world is, or rather was , ChipMixer.

Cryptocurrency

Cryptocurrency Identity Theft Marketing Cybercrime

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

There is a now-dormant Myspace account for a Matthew Philbert from Orleans, a suburb of Ottawa, Ontario. The information tied to the Myspace account matches the age and town of the defendant. The Myspace account was registered under the nickname “ Darkcloudowner ,” and to the email address dark_cl0ud6@hotmail.com.

Cybercrime

Cybercrime Ransomware Accountability Advertising

Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange

Security Affairs

SEPTEMBER 20, 2018

billion yen ($60 million) worth of cryptocurrencies from the Japanese digital currency exchange Zaif exchange. a Japanese cryptocurrency firm, hackers have compromised its Zaif exchange and have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies, including Bitcoin, Monacoin, and Bitcoin Cash. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Financial Services Advertising

Tools to Identify Exfiltration of Large Cryptocurrency Holdings Will Reduce Risk of Large Cyberattacks and Fraud on DeFi Platforms

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency

Cryptocurrency Risk Marketing Architecture

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. Thus, 60% of the total amount was stolen from Coincheck , a Japanese cryptocurrency exchange.

Cybercrime

Cybercrime Hacking Banking Phishing

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance

Insurance Cryptocurrency Cyber threats Marketing

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps

Security Affairs

MARCH 28, 2019

Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported.

Banking

Banking Cryptocurrency Mobile Advertising

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. SecurityAffairs – hacking, cybercrime). The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5

Advertising

Advertising Cybercrime Hacking Cryptocurrency

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

“Kaye allegedly operated The Real Deal, a Dark Web market for illicit items, including stolen account login credentials for U.S. Kaye laundered cryptocurrency obtained from the illegal The Real Deal operation through the mixing service Bitmixer.io. Kaye also trafficked login credentials for Twitter and LinkedIn accounts.

Marketing

Marketing Government Hacking Accountability

Fileless PowerGhost cryptocurrency miner leverages EternalBlue exploit to spread

Security Affairs

JULY 30, 2018

Security experts from Kaspersky Lab have spotted a new cryptocurrency miner dubbed PowerGhost that can spread leveraging a fileless infection technique. Then the malware uses the Mimikatz tool to get the user account credentials from the machine and use it to attempt lateral movements inside the target network. “ Propagation.

Cryptocurrency

Cryptocurrency DDOS Advertising Malware

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

Digital artists meet scam artists, as criminals pounce on NFT craze

SC Magazine

APRIL 8, 2021

For the uninitiated, NFTs are unique tokens that accompany original and collectible digital artwork or videos that can be sold or traded as a form of cryptocurrency, with transactions registered on the blockchain. We saw this with the early success of the darknet market Silk Road, which accounted for a huge part of the early crypto economy.”.

Scams

Scams Cryptocurrency Phishing Marketing

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Security Affairs

AUGUST 24, 2019

Grant West, aka ‘Courvoisier,’ is a hacker that was arrested by the police on September 2017 as result of a two-year-long investigation code-named ‘Operation Draba.’ “He would then convert the profit made from selling financial details online into cryptocurrency , and store these in multiple accounts.”

Cryptocurrency

Cryptocurrency Scams Cybercrime Phishing

Mastermind: Social Engineering, BEC Attacks, Millions in Cash and Crypto

SecureWorld News

SEPTEMBER 9, 2021

That's because Ghaleb Alaumary motivated teams of criminals to commit cybercrime, financial crime, and to collectively steal tens of millions of dollars. Cybercrime ringleader confesses to conspiracies. Then there was the money laundering, the cryptocurrency, the digital wallets. Instead, he'll spend more than a decade in jail.

Social Engineering

Social Engineering Engineering Banking Cybercrime

Malicious Use of Internet Information Services (IIS) Extensions Likely to Grow

Security Boulevard

AUGUST 4, 2022

Network defenders can guard against IIS-based attacks by employing security best practices, such as staying up to date on security procedures, closely managing highly privileged accounts and using anti-virus software. Policy and Governance: North Korean Threat Actor Groups in the Spotlight Due to Ransom Seizure and Reward Offer. .

Internet

Internet Internet Cryptocurrency Cybercrime

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware

Ransomware Cybercrime Accountability Malware

AlphaBay dark web marketplace moderator was sentenced to 11 years of prison time

Security Affairs

SEPTEMBER 3, 2020

Transactions were paid in Bitcoin and other cryptocurrencies.” The AlphaBay Market went down on July 4th, 2017 without any explanation, many users that purchased products on the marketplace fearer the Exit-Scam. . “A conservative estimation of USD 1 billion was transacted in the market since its creation in 2014.

Marketing

Marketing Cryptocurrency Scams Advertising

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

According to interviews with several sources, this hybrid phishing gang has a remarkably high success rate, and operates primarily through paid requests or “bounties,” where customers seeking access to specific companies or accounts can hire them to target employees working remotely at home.

Phishing

Phishing VPN Social Engineering Media

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. How did the contagion stop?

Malware

Malware Computers and Electronics Encryption Ransomware

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. One particularly potent emergent technology for scammers is blockchain and the related cryptocurrency and NFTs.

Social Engineering

Social Engineering Energy and Utilities Phishing Scams

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 In December 2017, Group-IB published the first report on this group: “MoneyTaker: 1.5

Cyber Attacks

Cyber Attacks Banking Cyber threats Phishing

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

FlawedGrace is a full-featured RAT that we first observed in November 2017.” ” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. SecurityAffairs – TA505, cybercrime). The support for “.bit” bit, arepos[.]bit).null.

Malware

Malware DNS Financial Services Retail

Law enforcement’s battle against Cryptocurrency crime

CyberSecurity Insiders

JUNE 19, 2023

While cryptocurrencies have been celebrated for their potential to revolutionize finance, their anonymous nature has also been exploited for illicit activities. From drug dealing and arms trafficking to funding terrorism, black market activities have thrived under the cloak of cryptocurrency’s pseudonymity.

Cryptocurrency

Cryptocurrency Technology Banking Cybercrime

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Security Affairs

AUGUST 28, 2018

“Unlike last year’s Apache Struts exploit ( CVE-2017-5638 ), which was at the center of the Equifax breach , this vulnerability appears easier to exploit because it does not require the Apache Struts installation to have any additional plugins running in order to successfully exploit it.”. ” states the report published by Volexity.

Architecture

Architecture Cryptocurrency Wireless Advertising

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

We expect that that other APTs like Silence , MoneyTaker , and Cobalt will stage multiple attacks on cryptocurrency exchanges in the near future,” – says Dmitry Volkov. Users’ accounts from government resources are either sold on underground forums or used in targeted attacks on government agencies for the purpose of espionage or sabotage.

Banking

Banking Government Passwords Marketing

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. In 2017, password-protected archives accounted for only 0.08% of all malicious objects. Links account for 29%, while attachments—for 71%. The revival of ransomware.

Ransomware

Ransomware Antivirus Malware Banking

Your Small Business Cybersecurity Guide to the Most Common Cyberthreats

SiteLock

AUGUST 27, 2021

This makes stealthy attacks incredibly popular in the cybercrime community. If your site experiences a URL redirect — which accounts for 17% of all malware infections — you might see a brief decrease in traffic as your visitors land on another site. Cybercriminals won’t become complacent, and that means you shouldn’t, either.

Small Business

Small Business Cybersecurity Phishing DDOS

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

“In one year, people who worked with us have earned over US $2 billion,” read the farewell post by the eponymous GandCrab identity on the cybercrime forum Exploit[.]in Russian security firm Kaspersky Lab estimated that by the time the program ceased operations, GandCrab accounted for up to half of the global ransomware market.

Ransomware

Ransomware Accountability Cybercrime Passwords

IT threat evolution in Q2 2023

SecureList

AUGUST 30, 2023

While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus. The threat actor specifically targeted cryptocurrency companies. We observed that they have a specific interest in cryptocurrency companies.

Malware

Malware Spyware Cryptocurrency Government

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

For access to the decryption key, the victim must make prompt payment, often in cryptocurrency shielding the attacker’s identity. Enterprise ransomware accounts for 81% of total infections, and by market segment, 62% are small to medium-sized businesses ( Symantec ). Attackers will inform the victim that their data is encrypted.

Ransomware

Ransomware Backups Software Encryption

Two Russians Charged in $17M Cryptocurrency Phishing Spree

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Webinars

Trending Sources

The Link Between Ransomware and Cryptocurrency

Webinars

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

$10M Is Yours If You Can Get This Guy to Leave Russia

Who’s Behind the NetWire Remote Access Trojan?

Kroll Employee SIM-Swapped for Crypto Investor Data

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Cryptocurrency Mixer Pleads Guilty to Laundering Over 350,000 Bitcoin

DarkGate malware campaign abuses Skype and Teams

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Threat Actors Merging Malicious Activity With Cryptocurrency Show How the Attack Landscape is Developing in Decentralized Finance

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Police Shut Down Crypto Mixer That Laundered Over $3 Billion

Canada Charges Its “Most Prolific Cybercriminal”

Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange

Tools to Identify Exfiltration of Large Cryptocurrency Holdings Will Reduce Risk of Large Cyberattacks and Fraud on DeFi Platforms

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

British hacker arraigned for running The Real Deal dark web marketplace

Fileless PowerGhost cryptocurrency miner leverages EternalBlue exploit to spread

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Digital artists meet scam artists, as criminals pounce on NFT craze

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Mastermind: Social Engineering, BEC Attacks, Millions in Cash and Crypto

Malicious Use of Internet Information Services (IIS) Extensions Likely to Grow

How Did Authorities Identify the Alleged Lockbit Boss?

AlphaBay dark web marketplace moderator was sentenced to 11 years of prison time

Voice Phishers Targeting Corporate VPNs

Wannacry, the hybrid malware that brought the world to its knees

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Law enforcement’s battle against Cryptocurrency crime

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Your Small Business Cybersecurity Guide to the Most Common Cyberthreats

Who’s Behind the GandCrab Ransomware?

IT threat evolution in Q2 2023

Ransomware Protection in 2021

Stay Connected