Krebs on Security

AUGUST 19, 2020

Allen said a typical voice phishing or “vishing” attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company’s VPN platform in real-time.

Phishing 363

Phishing VPN Social Engineering Media 363

Malwarebytes

JULY 19, 2022

Together with the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), the FBI has released a warning about cybercriminals creating fraudulent cryptocurrency investment apps in order to defraud cryptocurrency investors. Stay safe, everyone!

Cryptocurrency 97

Cryptocurrency Mobile Banking Internet 97

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 93

Insurance Cryptocurrency Cyber threats Marketing 93

Security Boulevard

FEBRUARY 12, 2021

Europol correctly describes the primary method of SIM-swapping when they say in the press release above, "This is typically achieved by the criminals exploiting phone service providers to do the swap on their behalf, either via a corrupt insider or using social engineering techniques.". How do Phone Company Insiders enable these scams?

Cryptocurrency 119

Cryptocurrency Accountability Scams Social Engineering 119

Krebs on Security

AUGUST 30, 2022

4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. That’s down from 53 percent that did so in 2018, Okta found. On that last date, Twilio disclosed that on Aug. In an Aug.

Mobile 340

Mobile Phishing Authentication Accountability 340

Krebs on Security

JULY 22, 2020

The hacked forum database shows a user “tankska” registered on OGUsers back in July 2018, but only made one post asking about the price of an older Twitter account for sale. youth whose mom turned him in to the local police in February 2018 when she overheard him talking on the phone and pretending to be an AT&T employee.

Hacking 348

Hacking Accountability Scams Media 348

Security Affairs

OCTOBER 18, 2018

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018. This data was included in the annual Hi-Tech Crime Trends 2018 report, presented by Group-IB CTO, Dmitry Volkov, at the sixth international Cyber?rimeCon rimeCon conference.

Cyber Attacks 110

Cyber Attacks Cryptocurrency Phishing Social Engineering 110

CyberSecurity Insiders

APRIL 5, 2023

According to a study conducted by se-curity firm Mandiant, the group has been in operation since 2018 and has now been tasked with carrying out both espionage and financially motivated attacks such as credential harvesting and social engineering.

Hacking 105

Hacking Social Engineering Cryptocurrency Manufacturing 105

Malwarebytes

DECEMBER 6, 2022

Nicholas Truglia (25) from Florida was sentenced to 18 months on Thursday for his involvement in a digital heist that cost Michael Terpin ( @michaelterpin ), a renowned personality in the cryptocurrency space, $23.8M. The theft happened on January 2018, where Truglia and his co-conspirators targeted Terpin with a SIM swap attack.

Cryptocurrency 98

Cryptocurrency Social Engineering Accountability Media 98

Responsible Cyber

JULY 13, 2024

Introduction Cryptocurrency represents a groundbreaking innovation in the financial sector, offering decentralized, peer-to-peer digital transactions through blockchain technology. However, the allure of these digital assets also attracts malicious actors, making cryptocurrency security paramount.

Cryptocurrency 52

Cryptocurrency Cyber Attacks Social Engineering Scams 52

Threatpost

MAY 25, 2018

As the popularity around cryptocurrency has continued to rise in 2018, it has also paved an easy path for cash-hungry scammers to launch “cryptocurrency giveaway scams.”.

Cryptocurrency 55

Cryptocurrency Scams Social Engineering Engineering 55

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. .

Mobile 131

Mobile Data breaches Telecommunications Accountability 131

Malwarebytes

OCTOBER 20, 2022

campaign was first made public three months ago in July, but it's thought to have been active since 2018. Social engineering attacks and malware form the core of Ducktail's modus operandi. Not only does Ducktail continue to steal Facebook credentials and browser data, but it also steals cryptocurrency wallets, too.

Social Engineering 93

Social Engineering Malware Accountability Engineering 93

Security Affairs

NOVEMBER 19, 2019

The second half of 2018 saw a drop in the number of malicious programs downloaded via browsers reaching its minimum at less than 5%, while in the first half of 2019 only every 19 th download was initiated via means other than email. In 2018, their number grew to 3.6%, while in H1 2019 saw an unusual rise of up to 27.8%.

Ransomware 98

Ransomware Antivirus Malware Banking 98

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia’s financial sector. million (2.96 million (2.96

Cyber Attacks 108

Cyber Attacks Banking Cyber threats Phishing 108

Security Affairs

JULY 19, 2019

The Rubella Macro Builder crimeware kit appeared in the threat landscape on April 2018 and rapidly gained popularity in the cybercriminal underground. It allows crooks to generate a malicious payload for social-engineering spam campaigns, the author was offering it as a service for a three-month license of $120.

Malware 98

Malware Social Engineering Advertising Antivirus 98

SecureList

NOVEMBER 29, 2024

BlindEagle adds side-loading to its arsenal In August, we reported a new campaign by Blind Eagle, a threat actor that has been targeting government, finance, energy, oil and gas and other sectors in Latin America since at least 2018.

Energy and Utilities 105

Energy and Utilities Ransomware Malware Government 105

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. Roaming Mantis reaches Europe.

Phishing 131

Phishing Spyware Firmware Malware 131

SecureList

MARCH 1, 2021

In their campaigns to infect mobile devices, cybercriminals always resort to social engineering tools, the most common of these passing a malicious application off as another, popular and desirable one. Users attacked by adware in 2018 through 2020 ( download ). Trends of the year. Mobile ransomware Trojans.

Mobile 145

Mobile Malware Adware Banking 145

Spinone

DECEMBER 16, 2019

Ryuk is one of the most common ransomware of 2018-2019. Ransom is usually demanded in Bitcoin or other cryptocurrencies to hide the identity of the attacker. Ransomcloud is not only a decrypting malware but a complex of social engineering tactics behind it. billion in 2019 and $8 billion in 2018. Seems suspicious?

Ransomware 52

Ransomware Cybersecurity Backups Social Engineering 52

SecureList

JULY 29, 2021

We were able to trace the WebDav-O implant’s activity in our telemetry to at least 2018, indicating government affiliated targets based in Belarus. In recent operations, the group has focused on cryptocurrency businesses. APT groups mainly use social engineering to gain an initial foothold in a target network.

Malware 145

Malware Phishing Password Management Social Engineering 145

SecureList

APRIL 27, 2022

We had initially analyzed this Delphi malware in April 2018. This application contains a legitimate program called DeFi Wallet, that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. We recently discovered a Trojanized DeFi application, compiled in November 2021. Final thoughts.

Malware 145

Malware Firmware Government Phishing 145

Spinone

JANUARY 20, 2020

The most preferred method of ransom payment is cryptocurrency because it is hard to track. That is why hackers use social engineering tricks to pressure victims into paying a ransom. This type of ransomware reached its peak popularity in the years 2013-2018. Most antiviruses don’t protect against ransomware.

Ransomware 59

Ransomware Encryption Antivirus Backups 59

SecureList

FEBRUARY 16, 2023

These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself. By getting the user’s secret phrase, cybercriminals could get access to their cryptocurrency balance. Now, attackers have started collecting Bitcoin for charity.

Phishing 116

Phishing Scams Accountability Energy and Utilities 116

SecureList

NOVEMBER 23, 2021

We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In fact, from January through the end of October, Kaspersky detected more than 2,300 fraudulent global resources aimed at 85,000 potential crypto investors or users who are interested in cryptocurrency mining.

Cryptocurrency 139

Cryptocurrency Banking Ransomware Cybercrime 139

eSecurity Planet

NOVEMBER 2, 2022

Social engineering attacks soon found use in the digital space. The advent of untraceable digital payment methods like cryptocurrency was a boon to hackers looking to extort as much money as they could from their targets without being caught. GandCrab burst onto the scene in 2018.

Malware 140

Malware Ransomware Internet Internet 140

SecureList

MAY 9, 2024

Based on our telemetry, we pinpointed two victims within the South Korean cryptocurrency sector. Most of them are disguised as cryptocurrency-related programs and capable of downloading an additional payload from the actor-controlled server. The first compromise occurred in August 2023, followed by a second in November 2023.

Malware 138

Malware Government DDOS Cryptocurrency 138

Adam Levin

DECEMBER 7, 2020

Many of the contact tracing scams of 2020 similarly followed social engineering scripts that have been used in taxpayer identity theft schemes since the 1990s as well. 2020 saw a record number of ransomware attacks, and we can expect more of the same in 2021. An artificially generated “person.” Source: ThisPersonDoesNotExist.com?????.

IoT 130

IoT Artificial Intelligence Technology Scams 130