Security Boulevard

DECEMBER 3, 2021

Schadenfreude: This week saw a pair of high-profile cryptocurrency thefts, totalling over $150 million. The post $150M Stolen in ‘Imaginary Money’ Crypto/DeFi Hacks appeared first on Security Boulevard.

Hacking 126

Hacking Cryptocurrency Social Engineering Engineering 126

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering 320

Social Engineering Mobile Cybercrime Passwords 320

Security Affairs

NOVEMBER 13, 2023

The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. Microsoft researchers warn of a new social engineering campaign aimed at IT job seekers that relied on a new cluster of bogus skills assessment portals. ” warns Microsoft through a series of posts on X.

Social Engineering 116

Social Engineering Cryptocurrency Engineering Malware 116

Security Affairs

JUNE 30, 2022

North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. SecurityAffairs – hacking, Harmony). ” reads the report published by Elliptic. ” concludes the post.

Hacking 86

Hacking Social Engineering Cryptocurrency Engineering 86

Bleeping Computer

NOVEMBER 10, 2023

Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. [.]

Social Engineering 95

Social Engineering Engineering Hacking Cryptocurrency 95

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Adam Levin

MAY 15, 2019

The hacking group, called “The Community” primarily used social engineering (trickery) and SIM card hijacking to steal funds and cryptocurrency from their victims. Department of Justice announced that it has arrested and charged members of a major cybercriminal ring in connection with $2.4

Identity Theft 176

Identity Theft Social Engineering Mobile Authentication 176

Threatpost

NOVEMBER 23, 2020

‘Vishing’ attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid.

Cryptocurrency 121

Cryptocurrency Social Engineering VPN Engineering 121

Security Affairs

NOVEMBER 8, 2023

The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. blog, which was chosen by the attackers in an attempt to appear as the legitimate cryptocurrency exchange swissborg.com. The binary is ad-hoc signed that was observed communicating with the domain swissborg[.]blog,

Malware 105

Malware Cryptocurrency Social Engineering Engineering 105

Hacker Combat

AUGUST 8, 2022

North Korean hackers use phoney Coinbase job offers to target cryptocurrency professionals. The renowned North Korean hacking outfit Lazarus has uncovered a new social engineering scheme in which the hackers pose as Coinbase to lure workers into the fintech sector. Lazarus hackers go after cryptocurrency.

Social Engineering 93

Social Engineering Cryptocurrency Engineering Malware 93

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 89

Social Engineering Data breaches Ransomware Cybercrime 89

Security Affairs

SEPTEMBER 17, 2023

The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. The group is also suspected to have recently stolen $31 million from the professional global cryptocurrency exchange CoinEx. ” reads the report. million has vanished due to private key breaches.

Social Engineering 114

Social Engineering Cryptocurrency Hacking Engineering 114

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 91

Cryptocurrency Social Engineering Malware Cybercrime 91

CyberSecurity Insiders

FEBRUARY 8, 2021

And an official confirmation says that the attack was launched by notorious North Korean Lazarus hacking group that is known for its social engineering attacks such as the Wannacry 2017. And all the expenses are borne by the Kim Jung UN led nation who steals cryptocurrency to fund its nuclear programs.

Ransomware 134

Ransomware Social Engineering Cryptocurrency Cybercrime 134

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 101

Scams Phishing Cryptocurrency Social Engineering 101

Security Boulevard

FEBRUARY 12, 2021

Europol correctly describes the primary method of SIM-swapping when they say in the press release above, "This is typically achieved by the criminals exploiting phone service providers to do the swap on their behalf, either via a corrupt insider or using social engineering techniques.". How do Phone Company Insiders enable these scams?

Cryptocurrency 119

Cryptocurrency Accountability Scams Social Engineering 119

Security Affairs

FEBRUARY 26, 2023

Clasiopa group targets materials research in Asia CERT of Ukraine says Russia-linked APT backdoored multiple govt sites UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2) CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine Highly evasive cryptocurrency miner targets macOS Hackers are actively exploiting (..)

Social Engineering 80

Social Engineering Cryptocurrency Insurance Malware 80

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. The company was the victim of a social engineering attack aimed at its employees. SecurityAffairs – hacking, MailChimp). Pierluigi Paganini.

Phishing 114

Phishing Data breaches Cryptocurrency Social Engineering 114

eSecurity Planet

NOVEMBER 18, 2022

This involved using an “unsecured group email account as the root user to access confidential private keys and critically sensitive data for the FTX Group companies around the world…” About $740 million in cryptocurrency has been placed into new cold wallets. One way is through hijacking computer resources to mine cryptocurrencies.

Risk 143

Risk Cybersecurity Cryptocurrency Social Engineering 143

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 61

Insurance Cryptocurrency Cyber threats Marketing 61

Security Affairs

FEBRUARY 6, 2022

SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 352 appeared first on Security Affairs.

Social Engineering 78

Social Engineering Cryptocurrency Small Business Ransomware 78

Krebs on Security

AUGUST 19, 2020

Allen said a typical voice phishing or “vishing” attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company’s VPN platform in real-time.

Phishing 358

Phishing VPN Social Engineering Media 358

Malwarebytes

MARCH 13, 2023

Within those complaints, cryptocurrency investment fraud rose from $907 million in 2021 to $2.57 There are a number of different methods that cryptocurrency investment fraudsters deploy: Liquidity mining. Hacked social media accounts. billion in 2022, an increase of 183%. Celebrity impersonation. Pig butchering.

Cryptocurrency 59

Cryptocurrency Scams Media Social Engineering 59

Security Affairs

JUNE 4, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 86

Spyware Hacking Malware Social Engineering 86

Threatpost

MAY 25, 2018

As the popularity around cryptocurrency has continued to rise in 2018, it has also paved an easy path for cash-hungry scammers to launch “cryptocurrency giveaway scams.”.

Cryptocurrency 55

Cryptocurrency Scams Social Engineering Engineering 55

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 80

Data breaches Cybercrime Firewall Artificial Intelligence 80

SecureWorld News

JULY 22, 2020

Over the last week or so, SecureWorld has kept you in the loop about Twitter's recent account hack. Much of the world's focus has moved toward investigating the hack as a "whodunit." Was it social engineering? And the hackers only used 45 of the 130 Twitter accounts they attacked to send out the cryptocurrency scam.

Cryptocurrency 52

Cryptocurrency Scams Social Engineering Accountability 52

Security Affairs

JANUARY 23, 2022

Never download an app from a QR code, avoid making any payment requested through unsolicited email that uses social engineering techniques to trick recipients into scanning the embedded QR code. SecurityAffairs – hacking, QR codes). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cryptocurrency 97

Cryptocurrency Social Engineering Malware Scams 97

Appknox

JUNE 23, 2022

Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Cryptocurrency and NFT attacks are rising as decentralized finance, and digital art assets become sophisticated socially engineered threats. Common Trends Among the Australian Mobile Threats.

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

Security Affairs

OCTOBER 20, 2021

According to Google’s Threat Analysis Group (TAG) researchers, who spotted the campaign, the attacks were launched by multiple hack-for-hire actors recruited on Russian-speaking forums. Once hijacked the channel, attackers either sell it to the highest bidder or employ it in cryptocurrency scam scheme. Pierluigi Paganini.

Accountability 125

Accountability Malware Phishing Social Engineering 125

Security Affairs

MAY 21, 2023

The threat actors publish malicious packages to the PyPI repository and attempt to trick developers into using them using social engineering tricks, such as intentional typos in their names and high version numbers. The repository is a privileged target for threat actors that aim to carry out supply chain attacks aimed at developers.

Social Engineering 88

Social Engineering Malware Cryptocurrency Engineering 88

SecureWorld News

MAY 11, 2023

RELATED: Famous Twitter Accounts Hacked: Insider Threat or Social Engineering Attack? ] citizen, pleaded guilty to his role in the Twitter hack, as well as cyberstalking and other schemes. Now, the U.S. Department of Justice has announced that Joseph James O'Connor, a 23-year-old U.K.

Accountability 78

Accountability Social Engineering Media Hacking 78

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Cryptocurrency 108

Cryptocurrency Social Engineering Media Phishing 108

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. SecurityAffairs – hacking, Iran). The figure suggests that bitcoin platforms remain of great interest to threat actors. Pierluigi Paganini.

Cryptocurrency 58

Cryptocurrency Social Engineering eCommerce Engineering 58

Krebs on Security

APRIL 20, 2023

Mandiant concluded that the 3CX attack was orchestrated by the North Korean state-sponsored hacking group known as Lazarus , a determination that was independently reached earlier by researchers at Kaspersky Lab and Elastic Security. Microsoft Corp.

Malware 282

Malware Software Technology Accountability 282

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 76

Malware Cybercrime Cryptocurrency Social Engineering 76

Security Affairs

NOVEMBER 15, 2021

The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. SecurityAffairs – hacking, SharkBot). The malware has been active at least since late October 2021, it targeting the mobile users of banks in Italy, the UK, and the US. ” concludes the report. Pierluigi Paganini.

Banking 124

Banking Mobile Social Engineering Malware 124