SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 80

Phishing Banking Mobile Scams 80

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries.

Phishing 357

Phishing VPN Social Engineering Media 357

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing 84

Phishing Energy and Utilities Insurance Manufacturing 84

CyberSecurity Insiders

AUGUST 17, 2022

The aim behind the said social engineering attack is simple, one to trap employees with fake job offers and second to lure customers in signing up the page and then steal their currency. All these days, they were busy launching phishing emails on corporate networks.

Social Engineering 117

Social Engineering Cryptocurrency Education Cybercrime 117

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

SecureWorld News

AUGUST 29, 2023

An advisory from the company states that a "highly sophisticated" SIM swapping attack targeted one of Kroll's employees, resulting in unauthorized access to personal information related to bankruptcy claimants associated with cryptocurrency firms FTX, BlockFi, and Genesis.

Cryptocurrency 84

Cryptocurrency Phishing Social Engineering Accountability 84

SecureWorld News

JULY 3, 2023

This means that most cyberattacks could be prevented by following simple cybersecurity best practices, such as using strong passwords, updating software, and avoiding phishing emails. Phishing emails are more common than you know. According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it.

Cybercrime 89

Cybercrime Social Engineering Data breaches Education 89

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 91

Cryptocurrency Social Engineering Malware Cybercrime 91

SecureWorld News

MARCH 22, 2021

These criminals used phishing, spoofing, extortion, and various types of Internet-enabled fraud to target the most vulnerable in our society—medical workers searching for personal protective equipment, families looking for information about stimulus checks to help pay bills, and many others.". IC3's Recovery Asset Team (RAT).

Cybercrime 55

Cybercrime Scams Banking Accountability 55

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. Phishing complaints were reported over 300,000 times in 2021 to IC3, the only Internet crime to crack 100,000+ complaints. Phishing complaints were reported over 300,000 times in 2021 to IC3, the only Internet crime to crack 100,000+ complaints. billion in reported losses.

Social Engineering 118

Social Engineering Energy and Utilities Phishing Scams 118

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 76

Malware Cybercrime Cryptocurrency Social Engineering 76

Malwarebytes

SEPTEMBER 11, 2023

Until now, DarkGate was typically distributed via phishing emails. A cybercriminal who goes by the handle RastaFarEye has been advertising DarkGate Loader on cybercrime forums since June 16, 2023. A cybercriminal who goes by the handle RastaFarEye has been advertising DarkGate Loader on cybercrime forums since June 16, 2023.

Malware 117

Malware Social Engineering Cryptocurrency Cybercrime 117

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Cracking down hard on the cybercrime world.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 85

Spyware Hacking Malware Social Engineering 85

SC Magazine

APRIL 8, 2021

And yet, it’s become such a hot trend that scammers have taken notice and are attempting to lure current and prospective traders onto NFT-themed phishing and fraud websites. For example, “Scammers could build fake NFT user interfaces that steal cryptocurrency without providing the value they claim,” said Spiro. billion in 2020.

Scams 137

Scams Cryptocurrency Phishing Marketing 137

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 81

Data breaches Cybercrime Firewall Artificial Intelligence 81

Security Affairs

JANUARY 3, 2024

According to the Hunter Unit from Resecurity, previously, the “GXC Team” gained notoriety for creating a wide array of online fraud tools, ranging from compromised payment data checkers to sophisticated phishing and smishing kits. The use of Artificial Intelligence in cybercrime is not a completely novel concept.

Artificial Intelligence 117

Artificial Intelligence Banking Scams Cybercrime 117

SecureList

NOVEMBER 9, 2022

Phishing attacks are going to become even more sophisticated, since a lot of basic tactics have already been tried this year, and businesses learned to repel those. We can therefore expect that cybercrime groups from either block will feel safe to attack companies from the opposing side.

Cybersecurity 121

Cybersecurity Cyber Insurance Cybercrime IoT 121

Security Affairs

FEBRUARY 6, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 352 appeared first on Security Affairs.

Social Engineering 78

Social Engineering Cryptocurrency Small Business Ransomware 78

SecureList

NOVEMBER 22, 2022

Cryptocurrency targeted attacks. The cryptocurrency business continues to grow, and people continue to invest their money in this market because it’s a digital asset and all transactions occur online. These are attractive aspects that cybercrime groups will be unable to resist. It also offers anonymity to users.

Cryptocurrency 87

Cryptocurrency Mobile Ransomware Banking 87

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users.

Scams 108

Scams Phishing Firewall Social Engineering 108

Security Affairs

SEPTEMBER 2, 2018

The Loki Bot attacks started in July and aimed at stealing passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets. Loki Bot operators employ various social engineering technique to trick victims into opening weaponized attachments that would deploy the Loki Bot stealer.

Social Engineering 53

Social Engineering Cryptocurrency Advertising Malware 53

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. Phishers primarily seek to extract confidential information from victims, such as credentials or bank card details, while scammers deploy social engineering to persuade targets to transfer money on their own accord.

Scams 93

Scams Phishing Social Engineering Banking 93

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware.

Malware 97

Malware Computers and Electronics Encryption Ransomware 97

SecureList

SEPTEMBER 6, 2022

Additionally, we looked at the phishing activity around gaming, specifically that related to cybersports tournaments, bookmakers, gaming marketplaces, and gaming platforms, and found numerous examples of scams that target gamers and esports fans. Launching the malware resulted in decryption and activation of a Trojan-stealer dubbed Taurus.

Mobile 96

Mobile Passwords Software Accountability 96

Security Affairs

OCTOBER 10, 2018

Attacks on bank customers: The decline of Android Trojans and the triumph of phishing. There has been a significant rise in the number of crimes committed using web phishing and fake websites of banks, payment systems, telecoms operators, online stores and famous brands. Using web phishing, criminals have managed to steal $3.7

Cyber Attacks 82

Cyber Attacks Banking Cyber threats Phishing 82

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Super Bowl Sunday watchers are treated to no fewer than a half-dozen commercials for cryptocurrency investing. I will also continue to post on LinkedIn about new stories in 2023. agencies]. .”

Cryptocurrency 233

Cryptocurrency Cybercrime Computers and Electronics Scams 233

SecureList

AUGUST 23, 2021

In this report, we cover PC and mobile threats as well as various phishing schemes that capitalize on popular games. Additionally, we checked our database for gaming-related spam campaigns and phishing schemes that are used in the wild. However, there is another common threat: phishing. Methodology. Cyberthreats for PC gamers.

Adware 112

Adware Mobile Phishing Malware 112

Webroot

JANUARY 7, 2022

The cybercrime marketplace also continued to get more robust while the barrier to entry for malicious actors continued to drop. This has created a perfect breeding ground for aspiring cybercriminals and organized cybercrime groups that support newcomers with venture capitalist-style funding. “In Cryptocurrency. Ransomware.

Cybercrime 105

Cybercrime Phishing Ransomware Cryptocurrency 105

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency.

Phishing 103

Phishing Spyware Firmware Malware 103

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. Samy Tarazi is a sergeant with the Santa Clara County Sheriff’s office and a REACT supervisor.

Mobile 236

Mobile Cryptocurrency Accountability Passwords 236

SecureList

APRIL 10, 2023

The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners and even dating apps. Malware and unwanted software is frequently injected into cryptocurrency trackers, financial apps, QR-code scanners and even dating apps.

Malware 99

Malware Encryption Mobile Accountability 99

SecureList

APRIL 27, 2022

We found overlaps in the infrastructure used by a tunneling tool used by the actor and several possible phishing websites set up within the above time frame. This application contains a legitimate program called DeFi Wallet, that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed.

Malware 130

Malware Firmware Government Phishing 130

eSecurity Planet

OCTOBER 21, 2022

The method of infection can vary from attack to attack and can include social engineering strategies, such as phishing and email spoofing , or a fraudulent website masquerading as legitimate, among others. This note will provide instructions on how to pay the ransom, usually through difficult-to-trace means like cryptocurrency.

Malware 69

Malware Adware Spyware Antivirus 69

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency 273

Cryptocurrency Financial Services Banking Government 273

SecureWorld News

FEBRUARY 7, 2022

Cyberattacks targeting cryptocurrency exchanges were on a roll in 2021 and have continued into 2022. The panel also said one cybersecurity firm anonymously reported that North Korean "cyber-actors stole a total of $400 million worth of cryptocurrency through seven intrusions into cryptocurrency exchanges and investment firms.".

Cryptocurrency 78

Cryptocurrency Cybercrime Social Engineering Engineering 78

SecureList

JULY 28, 2022

In March, Proofpoint published a blog post about a new spear-phishing campaign related to the war in Ukraine, tentatively attributed to the Russian-speaking actor UNC1151 (aka TA445 and Ghostwriter). Based on our telemetry, the actor initiated the attack by sending a spear-phishing email containing a macro-embedded Word document.

Malware 130

Malware Firmware Phishing Cryptocurrency 130