Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com. PST on Nov.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Graham Cluley

JANUARY 5, 2024

Web3 security outfit CertiK has fallen foul of scammers, who managed to hijack its Twitter account to share a malicious link to a fake version of the Revoke.cash project.

Accountability 90

Accountability Cryptocurrency Phishing Malware 90

The Hacker News

NOVEMBER 29, 2021

Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation.

Cryptocurrency 99

Cryptocurrency Accountability Phishing Ransomware 99

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 94

Scams Phishing Cryptocurrency Social Engineering 94

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto Network Unit 42 discovered a previously unreported phishing campaign that distributed a Python variant of the NodeStealer. ” concludes the report.

Accountability 95

Accountability Cryptocurrency Malware Phishing 95

Graham Cluley

JANUARY 4, 2024

Google-owned cybersecurity company Mandiant has found itself in the awkward position of having to wrestle back control of its Twitter account, after it was hijacked by scammers yesterday.

Accountability 82

Accountability Cryptocurrency Cybersecurity Scams 82

Malwarebytes

DECEMBER 20, 2022

If you’re a user of the Gemini cryptocurrency exchange, it’s time to be on your guard against phishing attacks. Gemini is now offering security advice and tips to guard against phishing attacks for anyone contained in the data. Locking down your Gemini account. It may well be a phishing attempt.

Cryptocurrency 72

Cryptocurrency Phishing Scams Accountability 72

Security Boulevard

JANUARY 16, 2022

Norton 360, a popular antivirus product, has installed a cryptocurrency mining program on its customers’ computers, some cities in Texas have been hit with a phishing scam designed to get users to pay through fraudulent QR code stickers on public parking meters, and how Facebook is still collecting data about you even if you deactivate […].

Accountability 117

Accountability Antivirus Cryptocurrency Scams 117

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 253

Malware Cryptocurrency Software Scams 253

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 121

Phishing Data breaches Cryptocurrency Social Engineering 121

Bleeping Computer

FEBRUARY 12, 2023

Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that attempted to steal recipients' personal information and cryptocurrency wallets. [.]

Phishing 86

Phishing Cryptocurrency Hacking Accountability 86

Heimadal Security

OCTOBER 17, 2022

Cybersecurity researchers spotted a new ‘Ducktail’ phishing campaign that spreads Windows information-stealing malware written in PHP and uses it to steal Facebook accounts, browser data, and cryptocurrency wallets. Using social […].

Accountability 85

Accountability Malware Cryptocurrency Phishing 85

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency 106

Cryptocurrency Phishing Accountability Passwords 106

Security Affairs

MAY 28, 2023

Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is written in the Go language and targets multiple browsers and cryptocurrency wallets.

Cryptocurrency 98

Cryptocurrency Malware Advertising Phishing 98

Krebs on Security

OCTOBER 13, 2021

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. A Google-translated version of the now-defunct Coinbase phishing site, coinbase.com.password-reset[.]com. The Coinbase phishing panel. million Italians.

Passwords 334

Passwords Phishing Accountability Mobile 334

Krebs on Security

MARCH 26, 2024

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. Parth Patel is an entrepreneur who is trying to build a startup in the cryptocurrency space. Some of the many notifications Patel says he received from Apple all at once.

Passwords 338

Passwords Accountability Engineering Phishing 338

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Accountability 133

Accountability Malware Phishing Social Engineering 133

Adam Levin

OCTOBER 10, 2018

High-profile Instagram accounts are being targeted by ransomware attacks and phishing schemes, with evidence suggesting that many account holders are paying the attackers. W]e will have to delete your account within 3 hours,” the hackers’ message adds, threatening to wipe out the account if the ransom isn’t paid.

Accountability 195

Accountability Ransomware Phishing Media 195

Graham Cluley

APRIL 20, 2022

Cryptocurrency wallet maker MetaMask has warned its 21 million monthly users to be wary of Apple iCloud backing up their app's data by default, after attackers successfully stole $650,000 of funds and NFTs. Read more in my article on the Hot for Security blog.

Cryptocurrency 98

Cryptocurrency Accountability Phishing 98

Hot for Security

MARCH 9, 2021

Cybercriminals are targeting Coinbase platform users with phishing campaings in an attempt to steal their account credentials and drain their cryptocurrency wallets, Bitdefender Antispam Lab has learned. According to our latest telemetry, the phishing campaign was noticed since mid-February, targeting over 25,000 users.

Phishing 119

Phishing Cryptocurrency Accountability Passwords 119

Malwarebytes

JUNE 23, 2022

This operation also led the Belgian Police (Police Fédérale/Federale Politie) and the Dutch Police (Politie) to nine arrests, 24 house searches, and the seizure of firearms, ammunition, jewelry, electronic devices, cash, and cryptocurrency. The group was involved in fraud, money laundering, phishing, and scams.

Phishing 100

Phishing Banking Cryptocurrency Scams 100

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself.

Phishing 91

Phishing Scams Accountability Energy and Utilities 91

Bleeping Computer

JUNE 10, 2023

A hacking group tracked as 'Pink Drainer' is impersonating journalists in phishing attacks to compromise Discord and Twitter accounts for cryptocurrency-stealing attacks. [.]

Cryptocurrency 124

Cryptocurrency Phishing Accountability Hacking 124

The Hacker News

OCTOBER 21, 2021

Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder.

Accountability 100

Accountability Cryptocurrency Scams Phishing 100

Security Affairs

NOVEMBER 6, 2021

Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations. “A bZx developer had his personal wallet’s private keys taken in a phishing attack.”

Cryptocurrency 122

Cryptocurrency Phishing Hacking Accountability 122

Malwarebytes

APRIL 28, 2021

This is aided by imitation accounts modelled to look like the genuine organisation’s account. The victim is typically sent to a phishing page where accounts, payment details, identities, or other things can be stolen. The scam isn’t being spread by just one account, nor is there just one bogus support form.

Phishing 121

Phishing Cryptocurrency Accountability Scams 121

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” A phishing message targeting FTX users that went out en masse today.

Mobile 191

Mobile Cyber Risk Cryptocurrency Data breaches 191

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Here are four new phishing trends keeping businesses on their toes. Spear phishing. Phishing via texting.

Phishing 124

Phishing Scams Cybercrime Passwords 124

Malwarebytes

JULY 19, 2022

A new phishing campaign targeting PayPal users aims to get extensive data from potential victims. In a nutshell, it’s an extensive form of information theft, the likes of which could result in someone’s identity being fully stolen and their financial and other online accounts being taken over. Source: Akamai).

Phishing 106

Phishing Social Engineering Accountability Engineering 106

Bleeping Computer

NOVEMBER 15, 2023

Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [.]

Cryptocurrency 86

Cryptocurrency Scams Phishing Accountability 86

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing 94

Phishing Energy and Utilities Insurance Manufacturing 94

Graham Cluley

NOVEMBER 10, 2023

CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos. Read more in my article on the Tripwire State of Security blog.

Cryptocurrency 52

Cryptocurrency Malware Accountability Phishing 52

Bleeping Computer

NOVEMBER 15, 2023

Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [.]

Cryptocurrency 80

Cryptocurrency Scams Phishing Accountability 80

CSO Magazine

MARCH 15, 2023

Cybercriminals have started taking advantage of Silicon Valley Bank’s (SVB) downfall to carrying out scams that can steal money, and bank account information, or infect customers’ systems with malware. This means these customers will receive notifications including the new bank account numbers from their new bank.

Scams 97

Scams Cryptocurrency Banking Accountability 97

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. Image: Cloudflare.com. 2, and Aug.

Mobile 276

Mobile Phishing Authentication Accountability 276

Appknox

APRIL 13, 2021

Along with wireless payments like Google or Apple pay (that still require assigning a banking account or card i.e. physical currency), the cryptocurrencies like Bitcoin are getting widely used. No surprise here, that cash payments are becoming a relic of the past.

Cryptocurrency 105

Cryptocurrency Wireless Hacking Banking 105

CyberSecurity Insiders

APRIL 4, 2022

Fresh reports are in that a hacking group possibly funded by North Korea Intelligence has been strategically targeting South Korean citizens through phishing emails urging recipients to book appointments for a newly developed corona vaccine that is countering a novel strain of Coronavirus that has sent almost half of Beijing into a lock-down again.

Phishing 108

Phishing Cryptocurrency Banking Malware 108