Cryptocurrency, Media and Web Fraud - Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

Two Charged in SIM Swapping, Vishing Scams

Krebs on Security

NOVEMBER 3, 2020

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Prosecutors say Jordan K.

Scams

Scams Wireless Identity Theft Mobile

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

“Singh also uses the threat of revealing personal information to extort victims into giving him access to their social media accounts, which Singh then resells.” That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web.

Hacking

Hacking Government Media Accountability

Discord Admins Hacked by Malicious Bookmarks

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. On May 9, MetrixCoin reported that its Discord server was hacked, with fake airdrop details pushed to all users.

Hacking

Hacking Scams Accountability Cryptocurrency

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

Coinbase is the world’s second-largest cryptocurrency exchange, with roughly 68 million users from over 100 countries. ” Last month, Coinbase disclosed that malicious hackers stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company’s SMS multi-factor authentication security feature.

Passwords

Passwords Phishing Accountability Mobile

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

Miller said that after months of complaining and sharing fake profile information with LinkedIn, the social media network appeared to do something which caused the volume of group membership requests from phony accounts to drop precipitously. Miller said these profiles are all listed in the order they appeared.

Accountability

Accountability Scams Artificial Intelligence Cryptocurrency

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. It is possible this incident was not mentioned because it was the work of yet another group of intruders.

Hacking

Hacking Social Engineering Phishing Scams

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. “None of those are good replacements for LuxSocks or 911.

Cybercrime

Cybercrime Software VPN Backups

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

Glupteba is a rootkit that steals passwords and other access credentials, disables security software, and tries to compromise other devices on the victim network — such as Internet routers and media storage servers — for use in relaying spam or other malicious traffic.

Cybercrime

Cybercrime Malware Internet Internet

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. Punchmade Dev’s most controversial mix — a rap called “Wire Fraud Tutorial” — was taken down by Youtube last summer for violating the site’s rules.

Cybercrime

Cybercrime Media Banking Accountability

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

In May, KrebsOnSecurity interviewed a Russian spammer named “ Quotpw “ who was mass-registering accounts on the social media network Mastodon in order to conduct a series of huge spam campaigns advertising scam cryptocurrency investment platforms. com site,” the Trend researchers wrote. Image: Trend Micro.

Accountability

Accountability Scams Cryptocurrency Advertising

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

The term “pig butchering” refers to a time-tested, heavily scripted, and human-intensive process of using fake profiles on dating apps and social media to lure people into investing in elaborate scams. . Many of these platforms include extensive study materials and tutorials on cryptocurrency investing. Nolan lives in St.

Scams

Scams Cryptocurrency Marketing Internet

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile

Mobile Cryptocurrency Accountability Passwords

Double-Your-Crypto Scams Share Crypto Scam Host

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. The ark-x2[.]org

Scams

Scams Cryptocurrency Media Hacking

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

There are dozens of SIM swappers who are now teenage or 20-something millionaires, by virtue of having stolen vast sums of cryptocurrencies from SIM swapping victims. And now many of these same individuals are finding that communities like Telegram can be leveraged to hire physical harassment and intimidation of their rivals and competitors.

Government

Government Accountability Cryptocurrency Web Fraud

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. ” NEEDLES IN THE HAYSTACK.

Mobile

Mobile Government Media Technology

Cyber Security Informer

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Webinars

Trending Sources

Two Charged in SIM Swapping, Vishing Scams

Webinars

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Discord Admins Hacked by Malicious Bookmarks

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

How Coinbase Phishers Steal One-Time Passwords

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

When Low-Tech Hacks Cause High-Impact Breaches

911 Proxy Service Implodes After Disclosing Breach

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Service Rents Email Addresses for Account Signups

Massive Losses Define Epidemic of ‘Pig Butchering’

Busting SIM Swappers and SIM Swap Myths

Double-Your-Crypto Scams Share Crypto Scam Host

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Stay Connected