Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 48

Cryptocurrency Passwords Authentication Accountability 48

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.”

Hacking 278

Hacking Social Engineering Phishing Scams 278

CyberSecurity Insiders

MARCH 29, 2022

Those behind the spread of passwords stealing gang dubbed Racoon Stealer have announced that they are temporarily shutting their operations as they lost a crucial gang member in the invasion of Ukraine. It was being used to steal vital info such as cryptocurrency, wallet details, browser credentials, credit card details and email data.

Malware 127

Malware Passwords Cryptocurrency Software 127

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 60

Insurance Cryptocurrency Cyber threats Marketing 60

Krebs on Security

AUGUST 16, 2018

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. On June 11, 2017, Terpin’s phone went dead. A copy of his complaint is here (PDF).

Mobile 236

Mobile Cryptocurrency Accountability Authentication 236

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The malware uses exploits for known vulnerabilities and password brute-forcing attacks for self-propagation.

Malware 95

Malware Internet Internet DDOS 95

Krebs on Security

FEBRUARY 5, 2019

Investigators allege that between October 2016 and May 2018, Hared and Ditman grew proficient at SIM swapping, a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. The Justice Department says Hared was better known to his co-conspirators as “ winblo.”

Cryptocurrency 205

Cryptocurrency Identity Theft Mobile Accountability 205

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST.

DNS 125

DNS Cryptocurrency Internet Internet 125

Krebs on Security

MAY 4, 2023

In 2017, U.S. law enforcement seized the cryptocurrency exchange BTC-e , and the Secret Service said those records show that a Denis Kulkov from Samara supplied the username “ Nordexin ,” email address nordexin@ya.ru, and an address in Samara. This and other “nordia@” emails shared a password: “ anna59.”

Marketing 244

Marketing Cybercrime Accountability Cryptocurrency 244

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. Subsequent analysis revealed earlier instances of suspicious code dating back to 2017. 8, 15.0.0.0/8, 8, 16.0.0.0/8,

Malware 114

Malware DNS Encryption Cryptocurrency 114

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions.

Cryptocurrency 90

Cryptocurrency Banking Passwords Malware 90

SecureList

MARCH 28, 2023

We have come across a series of clipboard injection attacks on cryptocurrency users, which emerged starting from September 2022. As long as such attacks continue to thrive in the modern ecosystem of the cryptocurrency world, it’s worth explaining how they work and where the danger lies.

Cryptocurrency 107

Cryptocurrency Malware Banking Passwords 107

Security Affairs

JUNE 4, 2021

Talos experts noticed that a version released on May 18 included Python versions of EternalBlue ( CVE-2017-0144 ) and EternalRomance ( CVE-2017-0147 ) exploits with a Windows download command line as the payload. ” reads the analysis published by Talos. ” continues the post.

Malware 111

Malware Passwords DDOS IoT 111

CyberSecurity Insiders

APRIL 1, 2021

Many people primarily know the blockchain as the decentralized digital ledger system used to record cryptocurrency transactions. Reducing the Need for Passwords. Almost everyone has gone through the frustrating process of trying to recall — then having to reset — forgotten passwords. That’s one definition of it.

Cybersecurity 144

Cybersecurity Passwords Cryptocurrency Technology 144

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. The Monero cryptocurrency miner uses a worm module (Systemctl.exe) dubbed PsMiner written in the Go language which includes exploit modules used to hack into vulnerable servers.

Malware 76

Malware Cryptocurrency Advertising Passwords 76

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking 79

Hacking DNS Cryptocurrency Accountability 79

Adam Levin

JANUARY 2, 2019

It’s still a relatively uncommon exploit, but if you are visibly in possession of something hackers want–whether it’s a cool “OG” handle on social media, cryptocurrency or the codes to launch nuclear war–the assaults on attractive targets will increase in 2019.

Cybersecurity 157

Cybersecurity Identity Theft Passwords Password Management 157

Security Affairs

MARCH 21, 2022

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The executioner loads two modules, a Monero miner and a module for worming replication.

Malware 73

Malware Passwords DDOS Internet 73

Security Affairs

APRIL 26, 2019

Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. ” reads the analysis published Symantec. “ Beapy ( W32.Beapy ” continues the analysis.

Cryptocurrency 56

Cryptocurrency Malware Advertising Phishing 56

Krebs on Security

MAY 13, 2024

used the password 225948. Constella finds the same password tied to webmaster@stairwell.ru (225948) was used by the email address 3k@xakep.ru , which Intel 471 says was registered to more than a dozen NeroWolfe accounts across just as many Russian cybercrime forums between 2011 and 2015. and admin@stairwell.ru

Ransomware 244

Ransomware Cybercrime Accountability Malware 244

Security Affairs

AUGUST 6, 2023

The APT group has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. ” Since at least December 17, 2022, the group has used a new naming pattern for its domains containing keywords related to information technology and cryptocurrency.

Phishing 77

Phishing Social Engineering Authentication Cryptocurrency 77

Security Affairs

SEPTEMBER 19, 2018

In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. In 2017 there were ten times more than in 2016. Top 10 countries from which Kaspersky traps were hit by Telnet password attacks is led by Brazil, China, and Japan.

IoT 80

IoT Passwords Malware Advertising 80

Security Affairs

APRIL 12, 2019

Hackers are using the EternalBlue exploit and leveraging advantage of Living off the Land ( LotL ) obfuscated PowerShell-based scripts to deliver malware and a Monero cryptocurrency. “The malware also uses the pass the hash method, wherein it authenticates itself to remote servers using the user’s hashed password.

Malware 76

Malware Cryptocurrency Passwords Advertising 76

Security Affairs

AUGUST 24, 2019

Grant West, aka ‘Courvoisier,’ is a hacker that was arrested by the police on September 2017 as result of a two-year-long investigation code-named ‘Operation Draba.’ “He would then convert the profit made from selling financial details online into cryptocurrency , and store these in multiple accounts.”

Cryptocurrency 79

Cryptocurrency Scams Cybercrime Phishing 79

Security Boulevard

JUNE 15, 2023

Oftentimes this is credential data, but it can be any data that may have financial value to an adversary; this includes paid online service accounts, cryptocurrency wallets, instant messenger, or email contacts lists, etc. Key Mystic Stealer functions include its ability to extract data from web browsers and cryptocurrency wallets.

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

Krebs on Security

JULY 8, 2019

The following month, GandCrab bragged that the program in July 2018 netted almost 425,000 victims and extorted more than one million dollars worth of cryptocurrencies, much of which went to affiliates who helped to spread the infections. Those records show this individual routinely re-used the same password across multiple accounts: 16061991.

Ransomware 260

Ransomware Accountability Cybercrime Passwords 260

Krebs on Security

AUGUST 22, 2018

have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies. This includes any one-time codes sent via text message or automated phone call that many companies use to supplement passwords for their online accounts.

Mobile 137

Mobile Accountability Cryptocurrency Wireless 137

ForAllSecure

FEBRUARY 2, 2022

For others, it means cryptocurrency. Guido Vranken returns to The Hacker Mind to discuss his CryptoFuzz tool on GitHub, as well as his experience fuzzing and finding vulnerabilities in cryptographic libraries and also within cryptocurrencies such as Ethereum. That means it falls to you to protect your cryptocurrency.

Cryptocurrency 52

Cryptocurrency InfoSec Software Encryption 52

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. Impacted T-Mobile customers are recommended to change their password, PIN, and security questions. Unfortunately, this isn’t the first data breach suffered by T-Mobile in the past years.

Mobile 89

Mobile Telecommunications Data breaches Identity Theft 89

Security Affairs

JANUARY 26, 2019

. “Serhiy Demedyuk told Reuters the attackers were using virus-infected greeting cards, shopping invitations, offers for software updates and other malicious “phishing” material intended to steal passwords and personal information.” ” reported Reuters. said Kremlin spokesman Dmitry Peskov.

Banking 83

Banking Advertising Phishing Cryptocurrency 83

SecureList

MARCH 7, 2024

Cryptocurrency scams Phishing aimed at stealing crypto wallet credentials remained a common money-making tool. Fake pages mimicking popular cryptocurrency sites invited users to sign in with their wallet credentials. Scam sites also used cryptocurrency as bait. The required amount is most likely unattainable.

Phishing 102

Phishing Scams Cryptocurrency Accountability 102

eSecurity Planet

DECEMBER 7, 2023

Cryptographic keys can be random numbers, products of large prime numbers, points on an ellipse, or a password generated by a user. ECC is used for email encryption, cryptocurrency digital signatures, and internet communication protocols. While the math remains the same, unique cryptographic keys generate unique ciphertext.

Encryption 111

Encryption Passwords IoT Firewall 111

Security Affairs

JUNE 13, 2021

million customers impacted. million customers impacted.

Data breaches 60

Data breaches Hacking Cryptocurrency Scams 60

Security Affairs

AUGUST 27, 2020

While security experts have been aware of printer vulnerabilities for quite a while, even previous large-scale attacks on printers like the Stackoverflowin hack in 2017 and the PewDiePie hack in 2018 did not seem to shock the public into securing their networked devices. Change the default password. Securing your printer.

Hacking 143

Hacking IoT Firmware Internet 143

Malwarebytes

JULY 30, 2021

Trojan.LemonDuck uses several methods for the initial infection and to propagate across networks: Malspam: the email typically contains two files: a Word document exploiting CVE-2017-8570 and a zip archive with a malicious JavaScript. The earliest documentation of LemonDuck was from its cryptocurrency campaigns in May 2019.

Malware 93

Malware Penetration Testing Passwords Antivirus 93

Thales Cloud Protection & Licensing

NOVEMBER 2, 2017

The conference features a variety of topics and sessions regarding all aspects of financial services, from cryptocurrency to banking. Three topics that piqued my interest at the 2017 show included authentication, blockchain and digital payments. Among the top use cases discussed were identity, cryptocurrency and digital assets.

Authentication 63

Authentication Cryptocurrency Mobile Technology 63

Adam Levin

DECEMBER 7, 2020

Ransomware was a relatively obscure form of malware until the early 2010s , but it has increased in scope and the amount of damage it has caused year after year, aided by a proliferation of botnets , cryptocurrencies , and sophisticated criminal enterprises. AI makes it possible to identify patterns and correctly guess passwords.

IoT 130

IoT Artificial Intelligence Technology Scams 130