Accountability, Cryptocurrency, Hacking and Internet

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. ” warns Censys. bash_history).

Cryptocurrency

Cryptocurrency Internet Internet Hacking

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Working with law enforcement partners in France, Germany, Latvia, the Netherlands, Romania and the United Kingdom, the DOJ said it was able to seize more than 50 Internet servers tied to the malware network, and nearly $9 million in ill-gotten cryptocurrency from QakBot’s cybercriminal overlords.

Hacking

Hacking Malware Ransomware Government

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. federal government portal without authorization.

Hacking

Hacking Government Media Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware

Malware Cryptocurrency Software Scams

Reading the FBI IC3’s ‘2020 Internet Crime Report’

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. In 2020, the IC3 received 19,369 Business Email Compromise (BEC)/Email Account Compromise (EAC) complaints, these crimes caused $1.8 billion in losses.

Internet

Internet Internet Scams Identity Theft

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. “This guy had access to the notes, and knew the number to call,” to make changes to the account, the CEO of Escrow.com told KrebsOnSecurity.

Hacking

Hacking Social Engineering Phishing Scams

German police seized the dark web marketplace Kingdom Market

Security Affairs

DECEMBER 20, 2023

The Federal Criminal Police Office in Germany (BKA) and the internet-crime combating unit of Frankfurt (ZIT), along with law enforcement agencies from multiple countries (United States, Switzerland, Moldova, and Ukraine), conducted an operation that resulted in the seizure of the dark web marketplace Kingdom Market.

Marketing

Marketing Cryptocurrency Accountability Banking

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? The report is based on 800,944 complaints of suspected internet crime reported to the FBI last year, with losses exceeding $10.3

Cybercrime

Cybercrime Scams Cryptocurrency Identity Theft

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. A DIRECT QUOT The domain quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments

Security Affairs

NOVEMBER 8, 2021

The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI Internet Crime Complaint Center (IC3) published an alert to warn the public of fraudulent schemes leveraging cryptocurrency ATMs and Quick Response (QR) codes to complete payment transactions.

Cryptocurrency

Cryptocurrency Scams Accountability Government

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

” That handle used the same ICQ instant messenger account number ( 555724 ) as a Mazafaka denizen named “ Nordex.” ” In February 2005, Nordex posted to Mazafaka that he was in the market for hacked bank accounts, and offered 50 percent of the take. In 2017, U.S.

Marketing

Marketing Cybercrime Accountability Cryptocurrency

Cold wallet, hot wallet, or empty wallet? What is the safest way to store cryptocurrency?

Malwarebytes

AUGUST 26, 2021

In August of 2021, a thief stole about $600 million in cryptocurrencies from The Poly Network. Slightly more than one week later, Japanese cryptocurrency exchange Liquid was hacked and lost $97 million worth of digital coins. A cold wallet is a hardware wallet that is not connected to the internet. I wish I knew.

Cryptocurrency

Cryptocurrency Banking Hacking Engineering

German police seized the darknet marketplace Nemesis Market

Security Affairs

MARCH 23, 2024

“On Wednesday , the Frankfurt am Main Public Prosecutor’s Office – Central Office for Combating Internet Crime ( ZIT ) – and the Federal Criminal Police Office ( BKA ) secured the server infrastructure of the global illegal darknet marketplace “Nemesis Market” located in Germany and Lithuania and thus closed it.”

Marketing

Marketing Cybercrime DDOS Internet

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

BEC Tops FBI Internet Crime Report 2021

SecureWorld News

MARCH 28, 2022

The FBI's Internet Crime Complaint Center (IC3) has released its annual report, providing the public with specific details on how cybercrime has evolved in the last five years, what threats were the most persistent, and what groups were the most targeted, along with a flurry of other information and statistics.

Internet

Internet Internet Cybercrime Ransomware

A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The Raccoon stealer is written in C++ by Russian-speaking developers who initially promoted it exclusively on Russian-speaking hacking forums. in the stolen data.

Identity Theft

Identity Theft Cryptocurrency Cybercrime Hacking

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Security Affairs

FEBRUARY 28, 2019

The popular in-browser cryptocurrency mining service Coinhive has announced that it will shut down on March 8, 2019. Security firms spotted several hacking campaigns aimed at compromising websites to install JavaScript-based Monero (XMR) cryptocurrency mining scripts and monetize their efforts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Advertising Hacking Marketing

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. ” reported ZDNet.

Hacking

Hacking DNS Cryptocurrency Accountability

US DoJ wants the funds stored by North Korea in 280 BTC and ETH

Security Affairs

AUGUST 30, 2020

US DoJ filed a civil forfeiture complaint to seize 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korea-linked hackers. The complaint did not name the hacked exchanges, it only reports two attacks that took place in July 1, 2019, and September 25, 2019. of the FBI’s Chicago Field Office. .”

Cryptocurrency

Cryptocurrency Hacking Advertising Accountability

PlugwalkJoe Does the Perp Walk

Krebs on Security

JULY 26, 2021

02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. One day after last summer’s mass-hack of Twitter , KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. law enforcement officer ,” the footnote reads.

Media

Media Hacking Accountability Scams

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

JULY 8, 2020

A whopping 97 percent failed to use DNSSEC , a domain security protocol designed to address core vulnerabilities in the foundations of the internet itself. ” Hacking campaigns exploiting poor domain name security can be more subtle. That spells trouble if you’re the one that gets hacked. A Prime Target for Hackers.

Hacking

Hacking Retail Cyber Insurance Authentication

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence

Artificial Intelligence Data breaches Scams Insurance

Email crypto phishing scams: stealing from hot and cold crypto wallets

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets. ripple.com.

Scams

Scams Phishing Cryptocurrency Social Engineering

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Your IP or Internet Protocol address is your digital identity on the internet. It allows your device to connect with the rest of the online world.

Hacking

Hacking VPN Internet Internet

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

million in cryptocurrency sent to another REvil affiliate, and that the U.S. ” These last two nicknames correspond to accounts on several top cybercrime forums way back in 2013, where a user named “Yaroslav2468” registered using the email address yarik45@gmail.com. The DOJ also said it had seized $6.1

Ransomware

Ransomware Cybercrime System Administration Passwords

Investment fraud overtakes business email compromise as most reported fraud

Malwarebytes

MARCH 13, 2023

The Federal Bureau of Investigation (FBI) has published its 2022 Internet Crime Report. The numbers are based on the complaints reported to the Internet Crime Complaint Center (IC3). Within those complaints, cryptocurrency investment fraud rose from $907 million in 2021 to $2.57 Hacked social media accounts.

Cryptocurrency

Cryptocurrency Scams Media Social Engineering

A week in security (May 2 – 8)

Malwarebytes

MAY 9, 2022

Over 50 countries sign the “Declaration for the Future of the Internet” Watch out for these 3 small business cybersecurity mistakes. Over 50 countries sign the “Declaration for the Future of the Internet” Watch out for these 3 small business cybersecurity mistakes.

Small Business

Small Business Healthcare IoT Cryptocurrency

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN

VPN Cybercrime Ransomware Hacking

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance

Insurance Cryptocurrency Cyber threats Marketing

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. “None of those are good replacements for LuxSocks or 911.

Cybercrime

Cybercrime Software VPN Backups

Hanging Up on Mobile in the Name of Security

Krebs on Security

AUGUST 16, 2018

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. On June 11, 2017, Terpin’s phone went dead. A copy of his complaint is here (PDF).

Mobile

Mobile Cryptocurrency Accountability Authentication

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

In 2018, the FBI Internet Crime Complaint Center (IC3) received complaints for 1,611 SIM swapping attacks, while the number of complaints in the period between 2018 e 2002 was 320 causing a total of losses of $12 million. Use a variation of unique passwords to access online accounts. Be aware of any changes in SMS-based connectivity.

Mobile

Mobile Cryptocurrency Authentication Accountability

TPG Telecom Australia becomes the latest victim to Cyber Attack

CyberSecurity Insiders

DECEMBER 14, 2022

And as soon as the Internet Service provider (ISP) went public about the hack, its shares fell drastically, closing at 2.8%. million accounts as customers. And the primary motive of the cyber criminals could be to search for businesses connected to cryptocurrency and finance.

Cyber Attacks

Cyber Attacks Backups Cryptocurrency Software

Security Affairs newsletter Round 385

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S.

Cryptocurrency

Cryptocurrency Data breaches DNS DDOS

Dovecat crypto-miner is targeting QNAP NAS devices

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. The malware was designed to abuse NAS resources and mine cryptocurrency. “According to analysis, QNAP NAS can become infected when they are connected to the Internet with weak user passwords.”

Cryptocurrency

Cryptocurrency Firmware Malware Passwords

Google disrupts the Glupteba botnet

Security Affairs

DECEMBER 7, 2021

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers. SecurityAffairs – hacking, Glupteba botnet). users were warned via Safe Browsing. Pierluigi Paganini.

Backups

Backups Advertising Accountability Malware

US charges Ukrainian man with Raccoon Infostealer operation

Security Affairs

OCTOBER 26, 2022

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The Raccoon stealer is written in C++ by Russian-speaking developers that initially promoted it exclusively on Russian-speaking hacking forums. in the stolen data.

Identity Theft

Identity Theft Cryptocurrency Cyber threats Cybercrime

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

was shut down by the FBI today, and its suspected administrator – alleged Russian hacker Kirill Victorovich Firsov – was arrested and charged with crimes related to the hacking of U.S. which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data.

Cybercrime

Cybercrime Advertising Hacking Accountability

Iran-linked threat actors compromise US Federal Network

Security Affairs

NOVEMBER 16, 2022

In this specific case, the Iranian hackers hacked an unpatched VMware Horizon server to gain remote code execution. These files have been identified as variants of the XMRIG cryptocurrency mining software. Minimize the internet-facing attack surface. Secure credentials by restricting where accounts and credentials can be used.

Government

Government Hacking Malware Software

Bitcoin Miner [oom_reaper] targets QNAP NAS devices

Security Affairs

DECEMBER 7, 2021

Taiwanese vendor QNAP warns customers of ongoing attacks targeting their NAS devices with cryptocurrency miners. Taiwanese vendor QNAP warns customers of threat actors targeting their NAS devices with cryptocurrency miners. Use stronger passwords for your administrator and other user accounts. SecurityAffairs – hacking, IoT).

Cryptocurrency

Cryptocurrency Ransomware Malware Passwords

Google obtained a temporary court order against CryptBot distributors

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. CryptBot malware is active since at least 2019, it allows operators to steal sensitive data from the Google Chrome of the infected systems.

Malware

Malware Cybercrime Cryptocurrency Media

TeamTNT group targets poorly configured Docker servers exposing REST APIs

Security Affairs

NOVEMBER 9, 2021

Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, perform container-to-host escape using well-known techniques, and scan the Internet for exposed ports from other compromised containers. Then a malicious image is downloaded from Docker Hub accounts under the control of the threat actors.

Cryptocurrency

Cryptocurrency Malware Cybercrime Architecture

Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks

Security Affairs

FEBRUARY 10, 2021

Europol investigators revealed that the cybercrime organization stole more than $100 million worth of cryptocurrency using SIM Swapping attacks. “This enabled them to steal money, bitcoin and personal information, including contacts synced with online accounts. . SecurityAffairs – hacking, cybercrime).

Cybercrime

Cybercrime Cryptocurrency Accountability Authentication

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Webinars

Trending Sources

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Webinars

Calendar Meeting Links Used to Spread Mac Malware

Reading the FBI IC3’s ‘2020 Internet Crime Report’

When Low-Tech Hacks Cause High-Impact Breaches

German police seized the dark web marketplace Kingdom Market

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

Interview With a Crypto Scam Investment Spammer

FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments

$10M Is Yours If You Can Get This Guy to Leave Russia

Cold wallet, hot wallet, or empty wallet? What is the safest way to store cryptocurrency?

German police seized the darknet marketplace Nemesis Market

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

BEC Tops FBI Internet Crime Report 2021

A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

US DoJ wants the funds stored by North Korea in 280 BTC and ETH

PlugwalkJoe Does the Perp Walk

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Email crypto phishing scams: stealing from hot and cold crypto wallets

5 Ways to Protect Yourself from IP Address Hacking

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Investment fraud overtakes business email compromise as most reported fraud

A week in security (May 2 – 8)

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

911 Proxy Service Implodes After Disclosing Breach

Hanging Up on Mobile in the Name of Security

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

TPG Telecom Australia becomes the latest victim to Cyber Attack

Security Affairs newsletter Round 385

Dovecat crypto-miner is targeting QNAP NAS devices

Google disrupts the Glupteba botnet

US charges Ukrainian man with Raccoon Infostealer operation

FBI shuts down the Russian-based hacker platform DEER.IO

Iran-linked threat actors compromise US Federal Network

Bitcoin Miner [oom_reaper] targets QNAP NAS devices

Google obtained a temporary court order against CryptBot distributors

TeamTNT group targets poorly configured Docker servers exposing REST APIs

Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks

Stay Connected