Remove Authentication Remove Cryptocurrency Remove Social Engineering
article thumbnail

How to Lose a Fortune with Just One Bad Click

Krebs on Security

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. Unfortunately for Griffin, years ago he used Google Photos to store an image of the secret seed phrase that was protecting his cryptocurrency wallet. Image: Shutterstock, iHaMoo. io ) that mimicked the official Trezor website.

article thumbnail

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. Image: Shutterstock, iHaMoo.

Phishing 338
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees. Tylerb was reputed to have fled the United Kingdom after that assault.

article thumbnail

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. The research behind the discovery was released by Security Alliance , which tracked and analyzed the campaign.

article thumbnail

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. 13, with an attack on cryptocurrency trading platform liquid.com. “Our security team investigated and confirmed threat actor activity, including social engineering of a limited number of GoDaddy employees.

article thumbnail

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

“This is social engineering at the highest level and there will be failed attempts at times. Donahue said 60 technology companies are now routing all law enforcement data requests through Kodex, including an increasing number of financial institutions and cryptocurrency platforms. Don’t be discouraged.

Hacking 297
article thumbnail

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. Researchers from Gen Digital who discovered the threat, believe it is in its early development phase.