Bleeping Computer

SEPTEMBER 22, 2023

Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at its authentication provider. [.]

Passwords 87

Passwords Data breaches Authentication Cryptocurrency 87

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency 101

Cryptocurrency Phishing Accountability Passwords 101

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management 123

Password Management Cryptocurrency Passwords Authentication 123

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” T-Mobile has not yet responded to requests for comment. Why do I suggest this?

Mobile 192

Mobile Cyber Risk Cryptocurrency Data breaches 192

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. 9, 2024, U.S. According to an Aug.

Social Engineering 309

Social Engineering Mobile Cybercrime Passwords 309

The State of Security

MAY 27, 2021

Even if you have chosen a strong, unique password for your online presence and enabled two-factor authentication it's possible that you've overlooked another way in which online criminals could commandeer your social media accounts and spam out a message to your followers.

Cryptocurrency 131

Cryptocurrency Scams Media Authentication 131

Malwarebytes

MARCH 19, 2024

For that reason, SIM swapping can be used to get around two-factor authentication (2FA) codes sent by SMS message. Armed with an email and password—which are easily bought online— and the 2FA code, an attacker could take over the victim’s online accounts. Katz pleaded guilty before Chief U.S.

Social Engineering 138

Social Engineering Computers and Electronics Mobile Identity Theft 138

Krebs on Security

JUNE 27, 2023

But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “ SIM swapping ,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.

Cryptocurrency 215

Cryptocurrency Accountability Mobile Hacking 215

Malwarebytes

MARCH 1, 2024

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. Scammers, impersonating cryptocurrency investors, are active on Telegram channels to get interested people to attend a meeting about a future partnership. Topics are cryptocurrency investment opportunities.

Cryptocurrency 106

Cryptocurrency Malware Authentication Banking 106

Krebs on Security

NOVEMBER 20, 2020

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. Conor Freeman of Dublin took part in the theft of more than two million dollars worth of cryptocurrency from different victims throughout 2018.

Cryptocurrency 240

Cryptocurrency Mobile Authentication Accountability 240

eSecurity Planet

SEPTEMBER 30, 2021

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. By using the services, cybercriminals can gain access to victims’ accounts to steal money.

Authentication 113

Authentication Social Engineering Phishing Banking 113

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency 228

Cryptocurrency Ransomware Retail Government 228

Malwarebytes

JANUARY 10, 2024

We have seen several high-profile accounts that were taken over on X (formerly Twitter) only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds (ETFs). A spot Bitcoin ETF will buy the cryptocurrency directly, “on the spot”, at its current price, throughout the day.

Accountability 97

Accountability Scams Hacking Cryptocurrency 97

SecureList

JUNE 5, 2023

The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim’s account by performing web injections into targeted cryptocurrency websites. Threat actor’s BTC wallet address To get hold of the victim’s cryptocurrency, the threat actors use web injects on the targeted websites.

Cryptocurrency 78

Cryptocurrency DNS Malware Encryption 78

Krebs on Security

AUGUST 30, 2022

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile 281

Mobile Phishing Authentication Accountability 281

Bleeping Computer

FEBRUARY 12, 2023

Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers. [.]

Cryptocurrency 74

Cryptocurrency Malware Authentication Passwords 74

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.”

Hacking 258

Hacking Social Engineering Phishing Scams 258

Malwarebytes

FEBRUARY 7, 2024

Switching back to the Netherlands I got to “enjoy” sites with explicit content, scam sites where celebrities encourage investing in cryptocurrencies, and websites offering browser push notifications. Simply changing the password is not always enough. Enable two-factor authentication (2FA) Go to your Security and Login Settings.

Scams 137

Scams Passwords Identity Theft Accountability 137

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. In order to discover potential targets and locate the information it needs to authenticate against, the script passively collects data from /.ssh/config,bash_history,

Cryptocurrency 99

Cryptocurrency Malware Advertising VPN 99

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email!

Passwords 58

Passwords Cryptocurrency Data breaches Advertising 58

Security Affairs

OCTOBER 2, 2021

Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw to bypass 2FA authentication. Threat actors have exploited a vulnerability in the SMS-based two-factor authentication (2FA) system implemented by the crypto exchange Coinbase to steal funds from more than 6,000 users.

Cryptocurrency 114

Cryptocurrency Data breaches Authentication Accountability 114

Security Affairs

NOVEMBER 15, 2019

On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency. In May, the U.S. Pierluigi Paganini.

Cryptocurrency 80

Cryptocurrency Identity Theft Accountability Media 80

CyberSecurity Insiders

FEBRUARY 2, 2022

Third is the news related to 2FA Authenticator that is seen distributing malware. But in the background, 2FA Authenticator found in Google Play does nothing to improve security and instead seeks permissions from the user to install updates directly from the internet, instead of the Google Play.

Malware 131

Malware Cryptocurrency Authentication Healthcare 131

Krebs on Security

AUGUST 16, 2018

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. On June 11, 2017, Terpin’s phone went dead. A copy of his complaint is here (PDF).

Mobile 222

Mobile Cryptocurrency Accountability Authentication 222

Security Affairs

FEBRUARY 10, 2022

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. Do not provide your mobile number account information over the phone to representatives that request your account password or pin. Use a variation of unique passwords to access online accounts.

Mobile 89

Mobile Cryptocurrency Authentication Accountability 89

Malwarebytes

JULY 4, 2022

Passwordless authentication. Passwordless authentication could usher in a world where we no longer rely on passwords, and that could be an enormous, unabashed win for security and peace of mind. Passwords are a great idea in theory that fail horribly in practice. It’s ascendancy seems assured.

Internet 116

Internet Internet Technology DNS 116

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M worth of cryptocurrency. Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M worth of cryptocurrency. Attackers also stole funds in other cryptocurrencies.

Cryptocurrency 77

Cryptocurrency VPN Manufacturing Firewall 77

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 48

Cryptocurrency Passwords Authentication Accountability 48

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Password and info stealers.

Cryptocurrency 90

Cryptocurrency Social Engineering Malware Cybercrime 90

Security Boulevard

FEBRUARY 12, 2021

This allowed them to access many apps and ask for password resets, which often confirm the request is intended for the correct user by sending a "Two Factor Authentication" request in the form of an SMS message. It is unknown at this time if the current cases are further work of "The Community" or its former members.

Cryptocurrency 119

Cryptocurrency Accountability Scams Social Engineering 119

Malwarebytes

FEBRUARY 21, 2024

Lumma steals information from cryptocurrency wallets and browser extensions, as well as two-factor authentication details. 5m.exe To hinder reverse engineering, extraction of the executable is password protected. But with the password hardcoded in the file, that was not a problem.

Software 144

Software Passwords Malware Cryptocurrency 144

Krebs on Security

AUGUST 7, 2018

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims.

Mobile 198

Mobile Cryptocurrency Scams Computers and Electronics 198

Malwarebytes

MARCH 23, 2023

The ATMs, located in various convenience stores, function along the lines of regular banking ATMs except your dealings are all in the cryptocurrency realm. Download user names and their password hashes, and turn off 2FA. You’re able to send funds, for example, and engage with cryptocurrency exchanges.

Cryptocurrency 95

Cryptocurrency Authentication Scams Banking 95

Security Affairs

MARCH 6, 2022

Soldiers that want to exchange such vehicles for cryptocurrency need to wave a white flag and use the password “million” to accept the offer. The news is very strange, and at this moment is difficult to track its source and determine its authenticity.

Cryptocurrency 91

Cryptocurrency Media Authentication Passwords 91

Security Affairs

DECEMBER 13, 2020

Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner.

Hacking 130

Hacking Cryptocurrency Authentication Passwords 130

Hot for Security

MARCH 9, 2021

Cybercriminals are targeting Coinbase platform users with phishing campaings in an attempt to steal their account credentials and drain their cryptocurrency wallets, Bitdefender Antispam Lab has learned. The crooks are attempting to dupe recipients into accessing a fake login URL to enter their username and password.

Phishing 119

Phishing Cryptocurrency Accountability Passwords 119

SecureWorld News

AUGUST 29, 2023

An advisory from the company states that a "highly sophisticated" SIM swapping attack targeted one of Kroll's employees, resulting in unauthorized access to personal information related to bankruptcy claimants associated with cryptocurrency firms FTX, BlockFi, and Genesis.

Cryptocurrency 76

Cryptocurrency Phishing Social Engineering Accountability 76