Malwarebytes

JULY 19, 2022

Together with the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), the FBI has released a warning about cybercriminals creating fraudulent cryptocurrency investment apps in order to defraud cryptocurrency investors. Stay safe, everyone!

Cryptocurrency 80

Cryptocurrency Mobile Banking Internet 80

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Note, this is no proof that the companies listed were compromised.

Cryptocurrency 131

Cryptocurrency Malware Accountability Banking 131

The Hacker News

MARCH 30, 2022

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets.

Malware 98

Malware Social Engineering Cryptocurrency Engineering 98

Security Through Education

MARCH 22, 2023

They all use psychology and social engineering skills to convince their victims to take an action that is detrimental to them. Thanks to technology and social media, impersonation scams have grown exponentially. This scenario illustrates how scammers use urgency to trick people into giving them money or personal information.

Scams 122

Scams Social Engineering Engineering Media 122

Malwarebytes

MARCH 19, 2024

SIM swapping can be done in a number of ways, but perhaps the most common involves a social engineering attack on the victim’s carrier. However, if you have a telecoms manager on your payroll then there’s no need for social engineering—they can just do the SIM swap for you. Katz pleaded guilty before Chief U.S.

Social Engineering 135

Social Engineering Computers and Electronics Mobile Identity Theft 135

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 0ktapus often leveraged information or access gained in one breach to perpetrate another. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 320

Social Engineering Mobile Cybercrime Passwords 320

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Social Engineering 114

Social Engineering Cryptocurrency Computers and Electronics Engineering 114

Krebs on Security

FEBRUARY 26, 2023

GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 270

Hacking Social Engineering Phishing Scams 270

Adam Levin

MAY 15, 2019

The hacking group, called “The Community” primarily used social engineering (trickery) and SIM card hijacking to steal funds and cryptocurrency from their victims.

Identity Theft 176

Identity Theft Social Engineering Mobile Authentication 176

Security Affairs

NOVEMBER 13, 2023

The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. Microsoft researchers warn of a new social engineering campaign aimed at IT job seekers that relied on a new cluster of bogus skills assessment portals. ” warns Microsoft through a series of posts on X.

Social Engineering 116

Social Engineering Cryptocurrency Engineering Malware 116

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

CyberSecurity Insiders

APRIL 4, 2023

AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Cyber attacks are common occurrences that often make headlines, but the leakage of personal information, particularly credit card data, can have severe consequences for individuals.

Phishing 67

Phishing Social Engineering Authentication eCommerce 67

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 91

Cryptocurrency Social Engineering Malware Cybercrime 91

Hacker Combat

AUGUST 8, 2022

North Korean hackers use phoney Coinbase job offers to target cryptocurrency professionals. The renowned North Korean hacking outfit Lazarus has uncovered a new social engineering scheme in which the hackers pose as Coinbase to lure workers into the fintech sector. Lazarus hackers go after cryptocurrency.

Social Engineering 93

Social Engineering Cryptocurrency Engineering Malware 93

SecureWorld News

JUNE 15, 2023

It offers valuable information to organizations and security professionals to help them understand the evolving threat landscape and make informed decisions about their security strategies. No surprise, social engineering is mentioned right off the bat. These criminals' methods can be predictable.

Data breaches 85

Data breaches Social Engineering Engineering Cryptocurrency 85

Malwarebytes

JANUARY 20, 2023

The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack." The blog further asserts the company's compromise had not affected other Intuit systems or other Mailchimp customer data.

Social Engineering 83

Social Engineering Accountability Cryptocurrency Engineering 83

Webroot

FEBRUARY 13, 2024

Rise in Cryptocurrency Payments : Fraudsters are increasingly asking for payments in cryptocurrency, exploiting its semi-anonymous nature. In 2021, losses to romance scams involving cryptocurrency were reported at $139 million ​​. Expect this to avenue of fraud to consistently escalate as crypto prices and adoption increase.

Scams 80

Scams Cryptocurrency Media Education 80

Approachable Cyber Threats

JULY 7, 2022

Raccoon Stealer has been around since April 2019, and was one of the most prolific information stealers in 2021. It also serves as an easy access point for more advanced hackers and scammers to target specific organizations, or even harvest cryptocurrency. Wait, what is Malware-as-a-Service?” For the most part, Raccoon Stealer 2.0

Social Engineering 105

Social Engineering Cryptocurrency Malware Antivirus 105

Malwarebytes

DECEMBER 6, 2022

Nicholas Truglia (25) from Florida was sentenced to 18 months on Thursday for his involvement in a digital heist that cost Michael Terpin ( @michaelterpin ), a renowned personality in the cryptocurrency space, $23.8M. According to El Reg , Terpin's cryptocurrency of choice was TRIG, which was worth $7 then.

Cryptocurrency 82

Cryptocurrency Social Engineering Accountability Media 82

Security Affairs

NOVEMBER 8, 2023

The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. blog, which was chosen by the attackers in an attempt to appear as the legitimate cryptocurrency exchange swissborg.com. The binary is ad-hoc signed that was observed communicating with the domain swissborg[.]blog,

Malware 105

Malware Cryptocurrency Social Engineering Engineering 105

SecureWorld News

AUGUST 29, 2023

An advisory from the company states that a "highly sophisticated" SIM swapping attack targeted one of Kroll's employees, resulting in unauthorized access to personal information related to bankruptcy claimants associated with cryptocurrency firms FTX, BlockFi, and Genesis.

Cryptocurrency 83

Cryptocurrency Phishing Social Engineering Accountability 83

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 89

Social Engineering Data breaches Ransomware Cybercrime 89

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 61

Insurance Cryptocurrency Cyber threats Marketing 61

Security Affairs

JANUARY 23, 2022

Unaware people that scan the QR codes are redirected to malicious websites that are crafted to steal login and financial information. A victim scans what they think to be a legitimate code but the tampered code directs victims to a malicious site, which prompts them to enter login and financial information.”

Cryptocurrency 97

Cryptocurrency Social Engineering Malware Scams 97

Malwarebytes

JULY 19, 2022

In a nutshell, it’s an extensive form of information theft, the likes of which could result in someone’s identity being fully stolen and their financial and other online accounts being taken over. This is just the start of a sophisticated work-up to get users to provide such sensitive information without them realizing it.

Phishing 105

Phishing Social Engineering Accountability Engineering 105

SecureList

NOVEMBER 23, 2021

We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In fact, from January through the end of October, Kaspersky detected more than 2,300 fraudulent global resources aimed at 85,000 potential crypto investors or users who are interested in cryptocurrency mining.

Cryptocurrency 112

Cryptocurrency Banking Cybercrime Ransomware 112

Appknox

JUNE 23, 2022

Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Cryptocurrency and NFT attacks are rising as decentralized finance, and digital art assets become sophisticated socially engineered threats. Common Trends Among the Australian Mobile Threats.

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

Security Affairs

SEPTEMBER 17, 2023

The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. The group is also suspected to have recently stolen $31 million from the professional global cryptocurrency exchange CoinEx. “Fast forward to today, and approximately $291.3

Social Engineering 114

Social Engineering Cryptocurrency Hacking Engineering 114

eSecurity Planet

NOVEMBER 18, 2022

In it, he notes : “Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information as occurred here. One way is through hijacking computer resources to mine cryptocurrencies. Also read : The Link Between Ransomware and Cryptocurrency. Securing Crypto.

Risk 143

Risk Cybersecurity Cryptocurrency Social Engineering 143

Krebs on Security

AUGUST 30, 2022

The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. 2, and Aug. On that last date, Twilio disclosed that on Aug. According to an Aug.

Mobile 292

Mobile Phishing Authentication Accountability 292

Malwarebytes

OCTOBER 20, 2022

A phishing campaign known to specifically target employees with access to their company's Facebook Business and Ads accounts has significantly widened its net and begun using a first-of-its-kind information-stealing malware to go after crypto wallets. Social engineering attacks and malware form the core of Ducktail's modus operandi.

Social Engineering 71

Social Engineering Malware Accountability Engineering 71

The Last Watchdog

APRIL 14, 2022

The CFO commonly carries out such tasks and arranges a wire transfer using the account information provided on the invoice. The email specifies that the HR manager should include the codes associated with each card, which the scammer behind the scenes then sells online for cash or cryptocurrency. Scenario 2. Scenario 3.

Phishing 247

Phishing Accountability Scams Social Engineering 247

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. The company was the victim of a social engineering attack aimed at its employees. Trezor WARNING: Elaborate Phishing attack. Pierluigi Paganini.

Phishing 114

Phishing Data breaches Cryptocurrency Social Engineering 114

Security Affairs

FEBRUARY 26, 2023

Clasiopa group targets materials research in Asia CERT of Ukraine says Russia-linked APT backdoored multiple govt sites UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2) CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine Highly evasive cryptocurrency miner targets macOS Hackers are actively exploiting (..)

Social Engineering 80

Social Engineering Cryptocurrency Insurance Malware 80

Malwarebytes

MARCH 13, 2023

The general definition of investment fraud used by the FBI is: “Deceptive practice that induces investors to make purchases based on false information. Within those complaints, cryptocurrency investment fraud rose from $907 million in 2021 to $2.57 These scams usually offer the victims large returns with minimal risk.

Cryptocurrency 59

Cryptocurrency Scams Media Social Engineering 59

eSecurity Planet

SEPTEMBER 14, 2022

Often, a scammer will simply target the people in a company and fool them into giving up their personal details, account passwords, and other sensitive information and gain access that way. Then, we’ll go over the basic, foundational techniques most scammers find themselves using, such as social engineering and phishing.

Social Engineering 119

Social Engineering Energy and Utilities Phishing Scams 119

Security Affairs

NOVEMBER 15, 2021

The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. Once the banking Trojan is installed on the victim’s device, threat actors can steal sensitive banking information through the abuse of Accessibility Services (i.e. ” concludes the report.

Banking 124

Banking Mobile Social Engineering Malware 124