SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Note, this is no proof that the companies listed were compromised.

Cryptocurrency 126

Cryptocurrency Malware Accountability Banking 126

Security Boulevard

AUGUST 2, 2022

Widespread implementation of decentralized finance (DeFi) systems since 2020 has created new fertile ground for a variety of threat actors to shift the development of cyberattack tactics, techniques, and procedures (TTPs). It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. It just so happened that the year 2020 gave hackers a large number of powerful news topics, with the COVID-19 pandemic as the biggest of these.

Mobile 132

Mobile Malware Adware Banking 132

SecureWorld News

MARCH 22, 2021

Here is the report's opening paragraph: "In 2020, while the American public was focused on protecting our families from a global pandemic and helping others in need, cyber criminals took advantage of an opportunity to profit from our dependence on technology to go on an Internet crime spree. Business Email Compromise 2020.

Cybercrime 55

Cybercrime Scams Banking Accountability 55

The Last Watchdog

APRIL 14, 2022

The CFO commonly carries out such tasks and arranges a wire transfer using the account information provided on the invoice. In actuality, the request is coming from a BEC fraud ring, and the payment details direct the funds to an account controlled by the attackers. billion in annual losses during 2020, resulting from 19,369 incidents.

Phishing 247

Phishing Accountability Scams Social Engineering 247

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. This rapid growth owes a lot to the surge in mobile gaming and focus on social interaction during the pandemic. Analysts predict that mobile gaming will account for $90.7

Adware 112

Adware Mobile Phishing Malware 112

Hot for Security

MARCH 17, 2021

Hacker exploited access to Twitter’s internal tools to post scam from high profile accounts Elon Musk, Joe Biden, Barack Obama, Apple, and Uber amongst accounts exploited. ” “The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack.

Scams 145

Scams Cryptocurrency Social Engineering Accountability 145

Malwarebytes

FEBRUARY 15, 2021

The UK’s National Crime Agency (NCA)—working alongside the US Secret Service, Homeland Security, the FBI, Europol, and the District Attorney’s Office of Santa Clara California—spearheaded the arrest of eight British citizens in the UK and Scotland, aged between 18 to 26, for a string of SIM swapping attacks that occurred in 2020.

Social Engineering 116

Social Engineering Cryptocurrency Accountability Authentication 116

Security Boulevard

FEBRUARY 12, 2021

They say these attacks targeted "numerous victims throughout 2020, including well-known influencers, sports stars, musicians, and their families." A SIM, or Subscriber Identity Module, is the little chip that goes inside a phone and ties that phone to a particular account at a particular mobile provider. Sorry, couldn't resist!)

Cryptocurrency 119

Cryptocurrency Accountability Scams Social Engineering 119

Security Affairs

SEPTEMBER 17, 2023

The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. The group is also suspected to have recently stolen $31 million from the professional global cryptocurrency exchange CoinEx. The Stake.com and CoinEx exploits account for 78% of September’s total.”

Social Engineering 116

Social Engineering Cryptocurrency Hacking Engineering 116

Krebs on Security

APRIL 20, 2023

In many cases, the phony profiles spoofed chief information security officers at major corporations , and some attracted quite a few connections before their accounts were terminated. which owns LinkedIn, said in September 2022 that it had detected a wide range of social engineering campaigns using a proliferation of phony LinkedIn accounts.

Malware 281

Malware Software Technology Accountability 281

Krebs on Security

AUGUST 30, 2022

In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. 4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Mobile 291

Mobile Phishing Authentication Accountability 291

Security Affairs

JULY 24, 2020

Twitter confirmed that hackers accessed the direct message (DM) inboxes of some of the accounts that were recently compromised. Last week, the social media giant Twitter revealed that hackers compromised 130 accounts in the attack that took place on July 15 and downloaded data from eight of them. ” wrote Krebs.

Accountability 95

Accountability Advertising Cryptocurrency Social Engineering 95

SC Magazine

APRIL 8, 2021

For the uninitiated, NFTs are unique tokens that accompany original and collectible digital artwork or videos that can be sold or traded as a form of cryptocurrency, with transactions registered on the blockchain. billion in 2020. “We For instance, a collage created by digital artist Mike Winkelmann, aka Beeple, recently earned $69.4

Scams 137

Scams Cryptocurrency Phishing Marketing 137

SecureList

NOVEMBER 23, 2021

First of all, we are going to analyze the forecasts we made at the end of 2020 and see how accurate they were. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In addition, bitcoin ended 2020 at around $28,000 and quickly rose to a peak of $40,000 in January 2021.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. .

Mobile 92

Mobile Telecommunications Data breaches Identity Theft 92

eSecurity Planet

SEPTEMBER 14, 2022

billion in reported losses, up from 2020’s 791,790 complaints and $4.2 To this end, some impressive technology has been created to combat the technological side of the issue, to keep hackers and similar bad actors from accessing data and account privileges they shouldn’t. billion in reported losses. costing an estimated $18.88

Social Engineering 118

Social Engineering Energy and Utilities Phishing Scams 118

Krebs on Security

JULY 22, 2020

As first reported here on July 16, prior to bitcoin scam messages being blasted out from such high-profile Twitter accounts @barackobama, @joebiden, @elonmusk and @billgates, several highly desirable short-character Twitter account names changed hands, including @L, @6 and @W. They would take a cut from each transaction.”

Hacking 292

Hacking Accountability Scams Media 292

Malwarebytes

APRIL 7, 2021

Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have been duped by a fake app with the same name. He wanted to check his cryptocurrency balance on his phone and decided to search for and download an app instead of plugging the device into his computer via a USB connection. He lost 17.1 He lost 17.1

Cryptocurrency 102

Cryptocurrency Scams Engineering Accountability 102

Security Boulevard

MARCH 31, 2022

RedLine is a malware service available for purchase on underground forums that specifically targets the theft of sensitive information: passwords, credit cards, execution environment data, computer name, installed software, and more recently, cryptocurrency wallets and related files. The Compromises. Regular employee training.

Cybersecurity 98

Cybersecurity Social Engineering Passwords Malware 98

SecureWorld News

AUGUST 2, 2022

New research from security firm CloudSEK shows that more than 3,200 mobile applications were leaking Twitter API (Application Program Interface) keys, which can be used to gain access and take over user accounts. Of those, 230 were leaking all four authorization credentials and could be used to fully take over Twitter accounts.

Mobile 83

Mobile Accountability Identity Theft Cryptocurrency 83

SecureList

NOVEMBER 22, 2022

Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks. Cryptocurrency targeted attacks. More cryptocurrency-related threats: fake hardware wallets, smart contract attacks, DeFi hacks, and more.

Cryptocurrency 87

Cryptocurrency Mobile Ransomware Banking 87

SecureWorld News

OCTOBER 12, 2021

SecureWorld News just analyzed dozens of pages of court documents to understand this story of the Naval Engineer—an insider—who is accused of going rogue in a high-tech and high-stakes operation. Tools involved digital media, encrypted communication, cryptocurrency, and secret data handoffs. Here is how the scheme started. Government.

Social Engineering 86

Social Engineering Engineering Encryption Cryptocurrency 86

Malwarebytes

FEBRUARY 8, 2023

The Ryuk ransoms, paid in cryptocurrency such as Bitcoin, were split into smaller portions and then forwarded on to multiple cryptocurrency wallets and then placed into exchange accounts for other forms of currency. Eventually, the money would find its way into the hands of other people involved in the various schemes.

Ransomware 79

Ransomware Backups Cryptocurrency Social Engineering 79

SecureWorld News

NOVEMBER 11, 2021

BEC or Email Account Compromise (EAC) was known as the $26 billion scam in 2019. billion in adjusted losses in 2020 and noted an increase in complaints, most likely tied to the work-from-home environment as a result of the pandemic. But do you have a Business Email Compromise (BEC) Incident Response Plan? Secret Service.

Scams 76

Scams Social Engineering Accountability Ransomware 76

Security Affairs

JUNE 4, 2021

2020 is a case in point. A person’s credit card details and account balance are sold for 150 USD if the account balance is under 1000 USD, but 240 if it is under 5000 USD. Stolen Paypal account details, Neteller, PerfectMoney, TransferGo, and other payment services are also on the list. What about services?

Accountability 113

Accountability Marketing Hacking Cryptocurrency 113

Spinone

MAY 8, 2020

On the world scene, 2020 has already been a challenging year for businesses across the board with COVID-19. Coupled with the current pandemic and the cybersecurity threats that have been very prevalent and growing in recent years such as ransomware, there are many different cyber risk types n 2020 that your business needs to prepare for.

Cyber Attacks 78

Cyber Attacks Phishing Backups Ransomware 78

BH Consulting

NOVEMBER 9, 2022

In all, the agency grouped the main risks into eight categories: ransomware, malware, social engineering, threats against data, threats against availability, disinformation/misinformation, and supply chain targeting. The latter category made up 17 per cent of all reported intrusions in 2021, up from just 1 per cent in 2020.

Social Engineering 52

Social Engineering Ransomware Password Management Engineering 52

CyberSecurity Insiders

NOVEMBER 26, 2021

Coronavirus-related phishing, which spiked by over 600% in 2020 , continued to be an issue in 2021 throughout the inboxes of workers. Ransomware, a piece of code that locks the user out of their machine until a ‘ransom’ (usually a sum of money in cryptocurrency) is paid, looks set to continue to rise in 2022 also.

Digital transformation 119

Digital transformation Phishing Social Engineering Passwords 119

Adam Levin

DECEMBER 7, 2020

The cybersecurity industry faced a challenging combination of new and familiar challenges in 2020. In 2020, hackers actively exploited the Covid-19 pandemic as well as the resulting unemployment. 2020 saw a record number of ransomware attacks, and we can expect more of the same in 2021. At the beginning of 2020, U.S.

IoT 130

IoT Artificial Intelligence Technology Scams 130

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users. Let’s look at a few primary examples.

Scams 108

Scams Phishing Firewall Social Engineering 108

SecureList

NOVEMBER 18, 2022

In late August 2020, we published an overview of DeathStalker and its activities, including the Janicab, Evilnum and PowerSing campaigns. Meanwhile, in August 2020, we also released a private report on VileRAT for our threat intelligence customers. The group delivers its malware using social engineering.

Malware 100

Malware Computers and Electronics Adware Cryptocurrency 100

SecureList

JULY 29, 2021

There are indications of previous activity from this threat actor dating back to at least October 2020, based on other Cobalt Strike payloads and loaders bearing similar toolmarks. Previous activity also connected with this group relied heavily on spear-phishing and Cobalt Strike throughout 2020. Chinese-speaking activity.

Malware 140

Malware Phishing Password Management Social Engineering 140

SecureList

JULY 11, 2022

E-mail scammers typically combine social engineering with technical skills to bypass spam filters and persuade the recipient to reply. But mass mailings are still more convenient to send out by e-mail, since accounts in social networks, messengers, etc., are quickly blocked due to spam. Statistics. Lottery fraud.

Scams 98

Scams Accountability Banking Phishing 98

SecureList

FEBRUARY 16, 2023

These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself. For example, one website offered users to obtain a COVID vaccination certificate by entering their British National Health Service (NHS) account credentials.

Phishing 90

Phishing Scams Accountability Energy and Utilities 90

eSecurity Planet

FEBRUARY 16, 2021

With over 600,000 devices, this botnet exposed just how vulnerable IoT devices could be and led to the IoT Cybersecurity Improvement Act of 2020. By obtaining sensitive authentication access, attackers can break into the vendor network or user account. A strain of keylogger malware dubbed LokiBot notably increased in 2020.

Malware 105

Malware Adware Spyware Antivirus 105

SecureList

JULY 28, 2022

Our investigation of this activity led us to discover other related campaigns targeting a wide range of entities located in Central Asia, Europe and the Americas since at least May 2020. We discovered a highly active campaign, starting in March 2022, targeting stock and cryptocurrency investors in South Korea. Final thoughts.

Malware 130

Malware Firmware Phishing Cryptocurrency 130