Cryptocurrency, Internet and Web Fraud - Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. A graphic from the FBI explaining how Funnull generated a slew of new domains on a regular basis and mapped them to Internet addresses on U.S. cloud providers.

Scams

Scams Internet Internet Cybercrime

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

In the United States, when federal, state or local law enforcement agencies wish to obtain information about an account at a technology provider — such as the account’s email address, or what Internet addresses a specific cell phone account has used in the past — they must submit an official court-ordered warrant or subpoena.

Hacking

Hacking Accountability Government Social Engineering

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. capital).

Malware

Malware Cryptocurrency Software Phishing

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

“The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022. Many of these platforms include extensive study materials and tutorials on cryptocurrency investing.

Scams

Scams Cryptocurrency Marketing Internet

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains.

Accountability

Accountability Cryptocurrency Passwords DNS

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile

Mobile Cryptocurrency Accountability Passwords

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web.

Cybercrime

Cybercrime Software VPN Backups

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

One might even say passwords are the fossil fuels powering most IT modernization: They’re ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs — such as polluting the Internet with weaponized data when they’re leaked or stolen en masse. TARGETED PHISHING.

Passwords

Passwords Password Management Phishing Scams

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

On July 20, the attackers turned their sights on internet infrastructure giant Cloudflare.com , and the intercepted credentials show at least five employees fell for the scam (although only two employees also provided the crucial one-time MFA code). .” ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. Glupteba also rents out infected systems as “proxies,” directing third-party traffic through the infected devices to disguise the origin of the traffic.

Cybercrime

Cybercrime Malware Internet Internet

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. “If you buy this item you’ll get my full support on discord/telegram if there is a problem!,”

Cybercrime

Cybercrime Media Banking Accountability

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Absent from GoDaddy’s SEC statement is another spate of attacks in November 2020, in which unknown intruders redirected email and web traffic for multiple cryptocurrency services that used GoDaddy in some capacity. Thus, the second factor cannot be phished, either over the phone or Internet.

Hacking

Hacking Social Engineering Phishing Scams

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

Also known as “ Assad Faiq” and “ The Godfather ,” Iza is the 30-something founder of a cryptocurrency investment platform called Zort that advertised the ability to make smart trades based on artificial intelligence technology. cryptocurrency holdings online. In December 2022, Troy Woody Jr. attorney general.

Cryptocurrency

Cryptocurrency Government Internet Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. “On Twitter, more spam and crypto scam.”

Scams

Scams DDOS Cryptocurrency Accountability

Double-Your-Crypto Scams Share Crypto Scam Host

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. The ark-x2[.]org ” Ark-x2[.]org

Scams

Scams Cryptocurrency Media Hacking

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

In November 2020, intruders thought to be associated with the Beige Group tricked a GoDaddy employee into installing malicious software, and with that access they were able to redirect the web and email traffic for multiple cryptocurrency trading platforms. Pompompurin had been a nemesis to the FBI for several years.

Cybercrime

Cybercrime Accountability Mobile Hacking

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web. When they raided Singh’s residence on Sept.

Hacking

Hacking Government Media Accountability

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

There are dozens of SIM swappers who are now teenage or 20-something millionaires, by virtue of having stolen vast sums of cryptocurrencies from SIM swapping victims. And now many of these same individuals are finding that communities like Telegram can be leveraged to hire physical harassment and intimidation of their rivals and competitors.

Government

Government Accountability Web Fraud Cryptocurrency

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

Kodex’s first big client was cryptocurrency giant Coinbase , which confirmed their partnership but otherwise declined to comment for this story. Twilio confirmed it uses Kodex’s technology for law enforcement requests destined for any of its business units, but likewise declined to comment further.

Mobile

Mobile Government Media Technology

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Krebs on Security

OCTOBER 3, 2024

.” Ian Ahl , senior vice president of threat research at Permiso, said attackers in possession of a working cloud account traditionally have used that access for run-of-the-mill financial cybercrime, such as cryptocurrency mining or spam. “And these are typically things the large language models won’t be able to talk about.”

Accountability

Accountability Artificial Intelligence Web Fraud Cryptocurrency

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. Unfortunately for Griffin, years ago he used Google Photos to store an image of the secret seed phrase that was protecting his cryptocurrency wallet. Image: Shutterstock, iHaMoo. io ) that mimicked the official Trezor website.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Trending Sources

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Calendar Meeting Links Used to Spread Mac Malware

Massive Losses Define Epidemic of ‘Pig Butchering’

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Busting SIM Swappers and SIM Swap Myths

911 Proxy Service Implodes After Disclosing Breach

The Life Cycle of a Breached Database

How 1-Time Passcodes Became a Corporate Liability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

When Low-Tech Hacks Cause High-Impact Breaches

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Interview With a Crypto Scam Investment Spammer

Double-Your-Crypto Scams Share Crypto Scam Host

The Dark Nexus Between Harm Groups and ‘The Com’

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Fighting Fake EDRs With ‘Credit Ratings’ for Police

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

How to Lose a Fortune with Just One Bad Click

Stay Connected