Cyber Crime News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Crime News

Securityaffairs

20h

308

Image Credit: Securityaffairs

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Crypto exchange Bybit was the victim of a sophisticated attack, and threat actors stole $1.5B worth of cryptocurrency from one of the company’s offline wallets.
Bybit’s ETH cold wallet was compromised in the attack that masked the signing interface, allowing threat actors to redirect funds to an unknown address.
The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M).
The cyber heist is attributed to the Lazarus APT group, known for their advanced methods and previous attacks on banks and cryptocurrency exchanges.

Read Full Article

18 Likes

TechCrunch

226

Image Credit: TechCrunch

A huge trove of leaked Black Basta chat logs expose the ransomware gang’s key members and victims

Chat logs allegedly belonging to Black Basta ransomware group have been leaked online, exposing key members of the gang.
The leaked chat logs show internal conflict within the group and reveal targets that were previously unreported.
The chat logs contain details about key members, including the main administrator and a 17-year-old member.
The logs also provide insights into the group's operations, including victims, exploits used, and cybersecurity vulnerabilities exploited.

Read Full Article

13 Likes

Securityaffairs

281

Image Credit: Securityaffairs

B1ack’s Stash released 1 Million credit cards

Carding website B1ack’s Stash released a collection of over 1 million unique credit and debit cards.
The release of free samples aims to attract new customers and gain notoriety in the cybercrime ecosystem.
The leaked data includes PAN, expiration date, CVV2, personal details, and email address.
Banking institutions should monitor the dark web to prevent fraudulent activities.

Read Full Article

16 Likes

Kaspersky

177

Image Credit: Kaspersky

What to do if your WhatsApp is hacked: a step-by-step guide | Kaspersky official blog

WhatsApp accounts are targeted by cybercriminals for various criminal activities like spam distribution and scams.
Eight signs that your WhatsApp account may be compromised include receiving replies to unsent messages and login verification codes you didn't request.
Hackers can hijack your account by adding devices through 'Linked devices' or re-registering your account on their device.
To respond to a hacked WhatsApp account, ensure your SIM card is in your smartphone and follow steps to log out additional devices and re-register your account.
After regaining control of your account, warn friends and family about potential scam messages sent from your compromised account.
In case of a restriction or ban due to spam, appeal through the 'Request a review' button and await the removal of restrictions.
To prevent future hacks, enable two-step verification, never share your PIN or codes, use passkeys for secure logins, and set up a backup email for account recovery.
It is essential to ensure your devices are malware-free by installing comprehensive security protection.
Be cautious about SIM swap scams and contact your mobile carrier for additional security measures to safeguard your SIM card.
Taking these security precautions will help protect your WhatsApp account from being hacked and secure your personal information.

Read Full Article

10 Likes

Discover more

TechCrunch

345

Image Credit: TechCrunch

Your Android phone could have stalkerware. Here’s how to remove it

Consumer-grade spyware apps pose a threat to Android users by monitoring private messages, calls, and location.
Common surveillance apps like TheTruthSpy, Cocospy, and Spyic can be identified and removed using this guide.
Stalkerware apps are often disguised as child monitoring software but are used for unauthorized tracking.
Abusing Android features, stalkerware apps avoid detection and can track partners without consent.
Symptoms of a compromised device include unusual behavior, increased temperature, and excessive data usage.
Check for spyware by ensuring Google Play Protect is enabled and monitoring accessibility services.
Review app access to notifications and device admin settings to detect stalkerware.
Uninstall unrecognized apps with broad access and strengthen device security with a robust password.
Always prioritize safety when dealing with stalkerware and seek support if needed.
For immediate assistance, contact the National Domestic Violence Hotline or the Coalition Against Stalkerware.

Read Full Article

20 Likes

Dataprivacyandsecurityinsider

Image Credit: Dataprivacyandsecurityinsider

NewsBank Hit with Class Action over Employee Data Breach

A class action has been filed against NewsBank, Inc. over a 2024 breach of employee personal information.
The breach impacted employees' personal information, including names, dates of birth, Social Security numbers, and financial account details.
The lead plaintiff claims a heightened risk of identity theft and the lawsuit alleges negligence, breach of contract, and breach of fiduciary duty.
The class seeks over $5 million in damages and injunctive relief, including enhanced security measures and lifetime identity theft protection services.

Read Full Article

TechCrunch

Image Credit: TechCrunch

California privacy regulator seeks to fine Florida data broker after huge breach of Social Security numbers

The California Privacy Protection Agency (CPPA) is seeking a fine of $46,000 against National Public Data for failing to register as a data broker.
National Public Data experienced a data breach in April 2024, resulting in the theft of three billion records, including Social Security numbers and personal information.
The data broker filed for bankruptcy protection, which was rejected, allowing legal action to be taken against the company.
CPPA's enforcement division filed a claim against National Public Data for failing to register, seeking the $46,000 fine.

Read Full Article

1 Like

Guardian

169

Image Credit: Guardian

Crypto exchange seeks help in finding $1.5bn stolen from digital wallet

Bybit, a Dubai-based crypto exchange, has been hit by hackers resulting in the theft of $1.5bn in Ethereum.
Bybit assures its users that their cryptocurrency holdings are safe and has promised to refund all affected customers.
The company has called on cybersecurity experts to help recover the stolen funds and is offering a reward of 10% of the recovered amount.
The hack is considered to be the largest single digital theft in history and may have been carried out by North Korean state hackers.

Read Full Article

10 Likes

Securityaffairs

342

Image Credit: Securityaffairs

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever
Apple removes iCloud encryption in UK following backdoor demand
US CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog
Atlassian fixed critical flaws in Confluence and CrowdSalt

Read Full Article

20 Likes

TechJuice

351

Image Credit: TechJuice

Bybit Suffers Historic $1.5 Billion Crypto Heist in Largest Exchange Hack

Bybit, one of the leading cryptocurrency exchanges, experienced a $1.5 billion hack, resulting in the largest crypto heist in history.
The breach targeted Bybit's cold wallet, leading to the theft of predominantly ether funds, which were then dispersed through various platforms.
The heist has been associated with North Korea's Lazarus Group, known for sophisticated laundering techniques and previous attacks on the crypto industry.
Bybit reassured customers by obtaining a bridge loan to cover losses and emphasized the need for stronger cybersecurity and regulations in the digital asset space.

Read Full Article

21 Likes

Secureerpinc

140

Image Credit: Secureerpinc

Spot and Avoid Malvertising Attacks

Malvertising attacks have become more insidious and can distribute harmful malware without the need for users to click on the infected advertisement.
These attacks can include drive-by downloads, where the malware payload is immediately downloaded upon visiting the infected page, exploiting vulnerabilities in users' systems, and using social engineering techniques like phishing to disguise malvertising.
To recognize malvertising, it is important to educate employees on identifying fake ads, such as scam ads with urgent messages or fake installers that steal sensitive information.
Preventing malvertising attacks requires ongoing diligence, employee training, updated antivirus software, and maintaining strict policies for browser updates and downloads.

Read Full Article

8 Likes

Bitcoinist

217

Image Credit: Bitcoinist

$5.7M Bybit Crypto Scam Lands Ex-Employee Nearly 10 Years in Prison—Details

Ho Kai Xin, a former payroll processing staff member at Bybit, has been sentenced to nine years and 11 months in prison for defrauding the cryptocurrency exchange of over $5.7 million.
Ho manipulated payroll data to funnel cryptocurrency payments intended for employees into her personal wallets, receiving over 4.2 million USDT in eight transactions over a span of four months.
She used the stolen funds to finance a luxurious lifestyle, including purchasing a multimillion-dollar penthouse, luxury goods, and a Mercedes-Benz.
Authorities have recovered more than $330,000 worth of assets, but a significant portion of the stolen amount remains unrecovered, and Ho has yet to offer repayment.

Read Full Article

13 Likes

Coinjournal

Image Credit: Coinjournal

Safemoon CTO pleads guilty in $200m crypto fraud case

Safemoon CTO Thomas Smith has pleaded guilty to charges in a $200 million crypto fraud case.
Thomas Smith pleaded guilty to two charges of securities fraud conspiracy and wire fraud conspiracy.
He admitted to misleading investors about SafeMoon's liquidity pool and making false claims about locked assets.
If convicted, Smith could face up to 20 years in prison for wire fraud conspiracy and up to 25 years for securities fraud.

Read Full Article

2 Likes

Coinjournal

306

Image Credit: Coinjournal

SEC launches new unit to combat crypto fraud and cybercrime

The US Securities and Exchange Commission (SEC) has launched a new Division of Enforcement unit called the Cyber and Emerging Technologies Unit (CETU) to combat crypto fraud and cybercrime.
Replacing the Crypto Assets and Cyber Unit (CACU), the CETU will focus on handling compliance to protect retail investors and target fraud committed through emerging technologies like crypto, blockchain, AI, and social media.
The CETU will work alongside the SEC's recently launched Crypto Task Force and will be led by Laura D'Allaird, with a team of about 30 fraud specialists and attorneys.
The unit will prioritize combatting fraud, hacking incidents, and non-compliance with cybersecurity regulations to facilitate capital formation and market efficiency while protecting investors.

Read Full Article

18 Likes

Pymnts

Image Credit: Pymnts

SEC Replaces Crypto Unit With Team to Probe ‘Cyber-Related Misconduct’

The Securities and Exchange Commission (SEC) has announced the creation of the Cyber and Emerging Technologies Unit (CETU).
The CETU replaces the Crypto Assets and Cyber Unit and will focus on protecting investors against cyber-related misconduct.
The unit will address fraud involving emerging technologies, hacking, cryptocurrency assets, and cybersecurity compliance.
The creation of CETU reflects the SEC's commitment to safeguarding investors and fostering innovation.

Read Full Article

1 Like

For uninterrupted reading, download the app