menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Pymnts

4w

read

370

img
dot

Image Credit: Pymnts

Bybit Begins Awarding Bounties for Tracing and Freezing Stolen Crypto

  • Cryptocurrency exchange Bybit has awarded $4.2 million to bounty hunters for tracing and freezing stolen funds from a hack on the exchange.
  • Bybit is offering a total bounty of $140 million, equivalent to 10% of the $1.4 billion stolen in the hack.
  • Bounties of 5% of the recovered funds are awarded to entities that froze the funds and contributors who helped trace the funds.
  • Bybit's website, Lazarusbounty, provides information on the hack and the bounty, ranking involved parties as 'good actors' or 'bad actors' based on their response time and cooperation.

Read Full Article

like

22 Likes

share

5 Shares

source image

Coinjournal

1M

read

402

img
dot

Image Credit: Coinjournal

Gotbit founder extradited to the US to face market manipulation charges

  • Gotbit founder and CEO Aleksei Andriunin has been extradited to the US to face market manipulation charges.
  • Andriunin, a 26-year old Russian national, manipulated crypto markets on behalf of client cryptocurrency companies.
  • He was arrested in October 2024 in Portugal and now faces charges of wire fraud and market manipulation in the US.
  • If found guilty, he could face up to 20 years in prison for wire fraud and up to 5 years for conspiracy to commit market manipulation and wire fraud.

Read Full Article

like

24 Likes

share

5 Shares

source image

Silicon

1M

read

393

img
dot

Image Credit: Silicon

IT Public Sector Bosses Warn Of Critical Cyber Defence Gaps

  • New research shows that UK public sector cyber defences have critical gaps, with 64% of IT leaders lacking a concrete view of best practice due to multiple governing bodies and procedures.
  • A Trend Micro survey found that 31% of respondents have weakened cyber defences due to unclear internal policies, and 24% are concerned that this lack of best practice could lead to a cyber incident or data breach.
  • IT leaders expressed dissatisfaction with current UK government policies, with 68% stating they don't go far enough in setting minimum security standards, and 50% saying that the G-Cloud Framework is not fit for purpose.
  • However, the research showed that public sector IT leaders are optimistic about the new Cyber Assessment Framework and its potential to drive best practices and address current weaknesses.

Read Full Article

like

23 Likes

share

5 Shares

source image

Cybersecurity-Insiders

1M

read

4

img
dot

Image Credit: Cybersecurity-Insiders

Personal data of over 3 million US populace leaks in a data breach

  • DISA Global Solutions, a company providing background checks and drug diagnostic services, experienced a data breach in April 2024.
  • Over 3.3 million individuals' personal data, including background checks, drug testing results, and other sensitive information, was exposed.
  • The breach occurred on February 9, 2024, but was not detected until two months later, revealing highly sensitive data such as social security numbers, financial information, and credit card numbers.
  • Such a data breach can lead to social engineering attacks and have long-term consequences, prompting calls for stronger data protection measures.

Read Full Article

like

Like

share

Share

source image

Silicon

1M

read

161

img
dot

Image Credit: Silicon

Bybit Reserves ‘Fully Replenished ‘ After Record $1.5bn Crypto Hack

  • Cryptocurrency exchange Bybit has recovered its reserves, following a $1.5 billion crypto hack by North Korean hackers, labeled as the largest-ever crypto theft.
  • Bybit assured its clients that it was solvent and client funds were secure despite the hack.
  • Within 72 hours, Bybit managed to replenish its reserves by securing nearly 447,000 ether tokens through emergency funding and large deposits.
  • A proof of reserves audit confirmed that Bybit restored reserves, exceeding a 100 percent collateralization ratio for major assets like bitcoin, ether, solana, tether, and USDC.
  • Bybit's restoration of reserves did not recover the stolen funds, but the company is committed to strengthening the ecosystem and recovering from the incident.
  • The hack occurred during an internal transfer when funds were moved from a secure cold wallet to an active warm wallet, allowing hackers to intercept the transaction.
  • The Lazarus Group, a North Korean state-backed hacking gang, was identified by Arkham Intelligence and Elliptic as being behind the theft.
  • Bybit has frozen over $42.89 million and offered a 10 percent bounty for the return of stolen funds, though the odds of recovery from the Lazarus Group are slim.
  • Historically, North Korea has been linked to high-value crypto thefts, using stolen assets to fund its nuclear program and other illicit activities.
  • Various notable crypto thefts over the years include incidents like the 2021 Poly Network hack and the 2016 Bitfinex hack, highlighting ongoing challenges in the industry.

Read Full Article

like

9 Likes

share

2 Shares

source image

Socprime

1M

read

273

img
dot

Image Credit: Socprime

UAC-0173 Activity Detection: Hackers Launch Phishing Attacks Against Ukrainian Notaries Using the DARKCRYSTALRAT Malware

  • CERT-UA has identified a hacking group, UAC-0173, conducting phishing attacks against Ukrainian notaries impersonating the Ministry of Justice.
  • SOC Prime Platform offers Sigma rules to help organizations prevent UAC-0173 attacks detailed in CERT-UA#13738 alert.
  • Organizations can utilize the 'UAC-0173' tag on SOC Prime Platform to access more detection content related to this threat.
  • The group uses DARKCRYSTALRAT (DCRAT) malware to gain remote access, make unauthorized changes to state registries, and evade detection.
  • Attackers deploy tools like RDPWRAPPER to establish RDP connections and utilize evasion utilities like NMAP, FIDDLER, and XWORM for credential theft.
  • CERT-UA implemented cybersecurity measures to identify infected computers and thwart unauthorized notarial actions by UAC-0173.
  • MITRE ATT&CK context analysis provides insights into UAC-0173's operation, targeting Ukrainian notaries with DARKCRYSTAL malware.
  • Sigma rules address multiple ATT&CK tactics leveraged by UAC-0173, including PowerShell execution, defense evasion, and system binary proxy execution.
  • By leveraging SOC Prime's Platform, organizations can enhance their cyber defense capabilities against sophisticated hacking groups like UAC-0173.
  • The ongoing threat highlights the importance of proactive cybersecurity measures to mitigate risks and protect critical infrastructure from cyber attacks.

Read Full Article

like

16 Likes

share

3 Shares

source image

TechCrunch

1M

read

4

img
dot

Image Credit: TechCrunch

Hackers publish sensitive patient data allegedly stolen from Australian IVF provider Genea

  • Hackers claim to have published a trove of sensitive data belonging to IVF patients after a cyberattack on Genea, one of Australia’s largest fertility providers.
  • Samples of the allegedly stolen data, seen by TechCrunch, appear to show government-issued identification documents and sensitive medical records.
  • Genea noted that hackers compromised its patient management system, containing patients' contact details, medical histories, test results, and medications.
  • Genea confirmed no evidence of compromise to patients' financial information, and is working to restore its systems following the cyberattack.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

1M

read

196

img
dot

Image Credit: Securityaffairs

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

  • Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram.
  • ThreatFabric researchers discovered a macOS version of LightSpy spyware in May 2024 and observed threat actors using publicly available exploits to deliver macOS implants.
  • The LightSpy spyware can steal files, record audio, harvest various data, and grant attackers control over the infected device.
  • The new version of LightSpy supports data extraction features targeting Facebook and Instagram application database files.

Read Full Article

like

11 Likes

share

2 Shares

source image

Securityaffairs

1M

read

250

img
dot

Image Credit: Securityaffairs

GitVenom campaign targets gamers and crypto investors by posing as fake GitHub projects

  • GitVenom is a malware campaign targeting GitHub users, posing as open-source projects.
  • Threat actors created fake GitHub repositories with malicious code, disguised as automation tools and crypto bots.
  • Malicious payloads were stored in the fake projects to download further components and execute them.
  • The campaign targeted gamers and crypto investors with a variety of malicious activities including stealing credentials and cryptocurrency hijacking.

Read Full Article

like

15 Likes

share

3 Shares

source image

TechCrunch

1M

read

910

img
dot

Image Credit: TechCrunch

US employee screening giant DISA says hackers accessed data of more than 3M people

  • DISA Global Solutions, a U.S.-based provider of employee screening services, has suffered a data breach impacting over 3.3 million people.
  • The breach, discovered on April 22, 2024, was a result of a hacker infiltrating the company's network on February 9, 2024.
  • The stolen information includes individuals' Social Security numbers, financial account information, and government-issued identification documents.
  • DISA collects personal and sensitive information such as work history, educational background, criminal records, and credit history.

Read Full Article

like

22 Likes

share

5 Shares

source image

Securityaffairs

1M

read

215

img
dot

Image Credit: Securityaffairs

LockBit taunts FBI Director Kash Patel with alleged “Classified” leak threat

  • LockBit, a ransomware gang, claims to possess 'classified information' that could 'destroy' the FBI if leaked.
  • The group published a message on their dark web leak site, addressing FBI Director Kash Patel, and offered to share the alleged confidential information.
  • LockBit accuses the FBI agents of being manipulators and suggests that the agency is a real threat to US national security.
  • The group invited Patel to contact them to receive a password-protected archive containing the classified information.

Read Full Article

like

12 Likes

share

3 Shares

source image

Securityaffairs

1M

read

389

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) vulnerabilities to its Known Exploited Vulnerabilities catalog.
  • The two vulnerabilities are CVE-2017-3066 Adobe ColdFusion Deserialization Vulnerability and CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability.
  • CVE-2017-3066 is a Java deserialization vulnerability in Adobe ColdFusion, allowing arbitrary code execution.
  • CVE-2024-20953 is a Deserialization Vulnerability in Oracle Agile PLM, enabling a low-privileged attacker to take over the system.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securityaffairs

1M

read

35

img
dot

Image Credit: Securityaffairs

A large botnet targets M365 accounts with password spraying attacks

  • A botnet of 130,000+ devices is targeting Microsoft 365 (M365) accounts through password-spraying attacks, bypassing multi-factor authentication.
  • The attackers exploit basic authentication, allowing them to steal credentials transmitted in plain form.
  • The password-spray attacks are recorded in Non-Interactive Sign-In logs, often overlooked by security teams, enabling attackers to conduct high-volume attempts undetected.
  • SecurityScorecard advises affected organizations to rotate credentials and reassess their authentication strategies to combat these ongoing botnet attacks.

Read Full Article

like

2 Likes

share

Share

source image

TechJuice

1M

read

22

img
dot

Image Credit: TechJuice

Cyber Scam Bust in Thailand-Cambodia: 50 Pakistanis Rescued

  • Thai and Cambodian authorities conducted a joint operation in Poipet, a Cambodian border town, to target a suspected cyber scam hub.
  • 215 foreign nationals were rescued, including 109 Thais, 50 Pakistanis, 48 Indians, five Taiwanese, and three Indonesians.
  • This operation marks the largest number of Thais freed from a building suspected of cyber fraud in the two countries.
  • The crackdown on these scam centers is part of a regional effort to combat cybercrime syndicates and human trafficking in Southeast Asia.

Read Full Article

like

1 Like

share

Share

source image

Securityaffairs

1M

read

85

img
dot

Image Credit: Securityaffairs

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

  • Researchers discovered the SpyLend Android malware on Google Play, which targeted Indian users with unauthorized loan apps, enabling predatory lending, blackmail, and extortion.
  • The Finance Simplified app, posing as a finance tool, was downloaded 100,000 times from Google Play and has received negative reviews reporting blackmail, harassment, and photo manipulation.
  • The malware gains excessive permissions to access sensitive data including contacts, call logs, SMS, photos, and location. It captures clipboard data and uses stolen information for blackmail and extortion.
  • SpyLend utilizes a custom C2 server and admin panel in English and Chinese, suggesting Chinese-speaking attackers. The app creates deepfake photos to coerce payments, highlighting severe impact on user privacy and security.

Read Full Article

like

5 Likes

share

1 Share

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app