Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. In January 2024, U.S.

Hacking 344

Hacking Cybercrime Phishing Passwords 344

SecureList

OCTOBER 21, 2024

According to Kaspersky Digital Footprint Intelligence, almost 10 million devices, both personal and corporate, were attacked by information stealers in 2023. Kral In mid-2023, we discovered the Kral downloader which, back then, downloaded the notorious Aurora stealer. You will find a few excerpts from these below.

Passwords 127

Passwords Malware Encryption Cryptocurrency 127

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency 315

Cryptocurrency Ransomware Retail Government 315

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains. What’s more, Monahan said, Squarespace did not require email verification for new accounts created with a password.

Accountability 339

Accountability Cryptocurrency Passwords DNS 339

Malwarebytes

FEBRUARY 19, 2025

The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 137

Malware Software Passwords Cryptocurrency 137

Malwarebytes

MAY 1, 2025

These messages frequently warn recipients about a problem with their accounts, like a password that needs to be updated, a policy change that requires a login, or a delayed package that has to be approved. In reality, those usernames and passwords are delivered directly to cybercriminals on the other side of the website.

Small Business 99

Small Business Cybersecurity Scams Passwords 99

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. capital).

Malware 334

Malware Cryptocurrency Software Phishing 334

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 134

Phishing Banking Mobile Scams 134

Krebs on Security

JANUARY 10, 2024

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies.

Cryptocurrency 347

Cryptocurrency Government Cybercrime Accountability 347

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing 293

Phishing Cryptocurrency DDOS Internet 293

Krebs on Security

JUNE 27, 2023

But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “ SIM swapping ,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.

Cryptocurrency 279

Cryptocurrency Accountability Hacking Mobile 279

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” T-Mobile has not yet responded to requests for comment. . Why do I suggest this?

Mobile 244

Mobile Cyber Risk Data breaches Cryptocurrency 244

Krebs on Security

DECEMBER 29, 2022

I will also continue to post on LinkedIn about new stories in 2023. You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million in 2023.

Phishing 77

Phishing Banking Scams Mobile 77

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Authentication 100

Authentication Password Management Small Business Passwords 100

SecureList

DECEMBER 16, 2024

Verdict: Partially fulfilled Evolution and market dynamics of Bitcoin mixers and cleaning services In 2024, there was no significant increase in the number of services advertising cryptocurrency “cleaning” solutions. times compared to 2023. Another threat that is likely to remain highly active in the region is ransomware.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Malwarebytes

DECEMBER 20, 2022

If you’re a user of the Gemini cryptocurrency exchange, it’s time to be on your guard against phishing attacks. Breaches in cryptocurrency land are always a major issue. Some folks have their life savings and investments in these realms, and cryptocurrency/Web3 phishing generally has been running riot for some time now.

Cryptocurrency 97

Cryptocurrency Phishing Scams Accountability 97

Krebs on Security

AUGUST 29, 2023

Working with law enforcement partners in France, Germany, Latvia, the Netherlands, Romania and the United Kingdom, the DOJ said it was able to seize more than 50 Internet servers tied to the malware network, and nearly $9 million in ill-gotten cryptocurrency from QakBot’s cybercriminal overlords. Source: Reliaquest.com.

Hacking 315

Hacking Malware Ransomware Government 315

Anton on Security

FEBRUARY 7, 2024

My favorite quotes from the report follow below: “ Credential abuse resulting in cryptomining remains a persistent issue , with threat actors continuing to exploit weak or nonexistent passwords to gain unauthorized access to cloud instances, while some threat actors are shifting to broader threat objectives.” [ A.C. — the

Cybersecurity 246

Cybersecurity Ransomware Passwords Cryptocurrency 246

SecureList

DECEMBER 1, 2023

Analysis of samples exploiting CVE-2023-23397 vulnerability On March 14, Microsoft reported a critical Elevation of Privilege (EoP) vulnerability (CVE-2023-23397) in the Outlook client. This feature bypass vulnerability (CVE-2023-29324) was itself patched in May.

Malware 139

Malware Ransomware Encryption Energy and Utilities 139

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. According to CryptoIns analysts, the crypto assets insurance market is expected to reach $7 billion by 2023. Why do crypto exchanges’ users need insurance?

Insurance 96

Insurance Cryptocurrency Cyber threats Marketing 96

Security Affairs

JANUARY 2, 2024

Palo Alto Networks’s Unit 42 first observed the malware in November 2023 reporting that it has been advertised on the hacking forum Hackforums since April 30, 2023. The content of the messages attempted to trick the recipients into opening a password-protected RAR archive. net on 2023-04-30. net on 2023-04-30.

Malware 141

Malware Passwords Cryptocurrency Hacking 141

Security Affairs

APRIL 7, 2025

“In the Florida case, Urban was accused of stealing at least $800,000 in cryptocurrency from five different victims between August 2022 and March 2023.” He was accused of stealing at least $800,000 from five victims between August 2022 and March 2023. ” reported News4Jax.

Cybercrime 67

Cybercrime Identity Theft Social Engineering Hacking 67

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. Sorry, change password please.”

Accountability 138

Accountability Hacking Cryptocurrency Cybersecurity 138

Security Affairs

MARCH 15, 2024

Source Hackread.com Diaconu was arrested in May 2021 while attempting to leave the United Kingdom 2021 and was extradited to the United States on October 13, 2023. Diaconu pleaded guilty on December 1, 2023. ” The marketplace allowed buyers to pay using cryptocurrency exchange and online payment system Perfect Money.

Cybercrime 134

Cybercrime Cryptocurrency Advertising Passwords 134

SecureList

MAY 28, 2025

2022: From zero to threat Zanubis was first observed in the wild around August 2022, initially targeting financial institutions and cryptocurrency exchange users in Peru. 2023: Multi-feature upgrade In April 2023, we identified a new campaign featuring a revamped version of Zanubis.

Banking 107

Banking Malware Energy and Utilities Encryption 107

SecureList

JUNE 7, 2023

Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff , a financially motivated threat actor known for stealing cryptocurrency. However, in the recent campaign, the attackers used a Trojanized version of the Tor Browser to steal cryptocurrency.

DNS 105

DNS Malware Cryptocurrency Retail 105

Security Affairs

DECEMBER 15, 2023

GokuMarket, a cryptocurrency exchange, was recently acquired by Canada-based crypto exchange ByteX. GokuMarket’s exposed database was discovered in October 2023 and secured the next day after researchers sent a responsible disclosure note. Meanwhile, the open instance held a trove of sensitive data on over a million users.

Passwords 134

Passwords Cryptocurrency Scams Mobile 134

Graham Cluley

JUNE 12, 2025

Skip to content Graham Cluley Cybersecurity and AI keynote speaker BOOK ME Speaking · Writing · Podcasts · Video · Contact · About · Games 🔍 ⁠This weeks sponsor: Proton Pass - Easily create unique, secure passwords. Sync across unlimited devices. Integrated 2FA. Sign up to our free newsletter.

Malware 62

Malware Cryptocurrency Accountability Advertising 62

Malwarebytes

DECEMBER 4, 2024

With the value of cryptocurrencies going to the roof, you can expect several attempts to get defrauded if you even show the slightest interest in the topic or not. And avoiding them is in everyone’s best interest—the Federal Bureau of Investigation (FBI) reported estimated losses to cryptocurrency related fraud exceeding $5.6

Scams 127

Scams Cryptocurrency Accountability Password Management 127

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M worth of cryptocurrency. Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M worth of cryptocurrency. Attackers also stole funds in other cryptocurrencies.

Cryptocurrency 98

Cryptocurrency VPN Manufacturing Firewall 98

SecureList

AUGUST 30, 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus.

Malware 98

Malware Spyware Government Cryptocurrency 98

CyberSecurity Insiders

APRIL 3, 2023

Revealing the incident details on April 3rd, 2023, the network attached storage appliance producer stayed that it will cooperate with the law enforcement agencies in investigating the incident. NOTE 2- According to Cryptocurrency exchange platform Binance, notorious CLOP ransomware laundered no less than $500 million in the year 2022.

Cyber Attacks 122

Cyber Attacks Cyber Risk Passwords Cryptocurrency 122

Krebs on Security

APRIL 20, 2023

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. The double supply chain compromise that led to malware being pushed out to some 3CX customers. Image: Mandiant.

Malware 331

Malware Software Technology Accountability 331

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 131

Scams Phishing Cryptocurrency Accountability 131