November 20, 2024 at 08:37PM The US Department of Justice has indicted five individuals linked to the cyber gang Scattered Spider, accused of stealing millions in cryptocurrency through SMS phishing and social engineering. The group also targeted MGM Resorts and Caesars Entertainment. Arrests were made in the US and Spain, with serious charges facing the … Read more
November 20, 2024 at 02:29PM The U.S. Justice Department has charged five members of the Scattered Spider cybercrime gang with wire fraud and identity theft, accused of stealing over $11 million from cryptocurrency wallets through SMS phishing. This loosely organized group employs varied tactics and has connections to other hacking collectives and ransomware gangs. ### … Read more
November 15, 2024 at 09:14AM Ilya Lichtenstein has been sentenced to five years in prison for stealing nearly 120,000 Bitcoin from Bitfinex in 2016, worth about $69 million at the time. He and his wife, Heather Morgan, also pleaded guilty to laundering the stolen proceeds. Their assets will be forfeited to the US government. ### … Read more
November 1, 2024 at 05:11AM LottieFiles reported a supply chain attack on Lottie-Player, aimed at stealing cryptocurrency. This breach poses risks to cryptocurrency wallets, highlighting vulnerabilities in software supply chains. **Meeting Takeaways:** 1. **Incident Confirmation**: LottieFiles has confirmed a breach involving Lottie-Player. 2. **Nature of the Attack**: The breach is classified as a supply chain … Read more
October 23, 2024 at 02:08PM The North Korean Lazarus hacking group exploited a Google Chrome zero-day (CVE-2024-4947) through a fake DeFi game, targeting cryptocurrency users. Discovered by Kaspersky on May 13, 2024, the exploit gained access to sensitive data. Google issued a fix by May 25, 2024, addressing the vulnerability. ### Meeting Takeaways: **Incident Overview:** … Read more
October 6, 2024 at 11:50AM Evan Frederick Light from Indiana pleaded guilty to stealing $37.7 million worth of cryptocurrency from 571 victims in a 2022 cyberattack. He stole the funds by exploiting vulnerabilities in an investment company’s servers and used various means to conceal the trace of the assets. The FBI tracked and arrested Light, … Read more
September 28, 2024 at 06:24AM A malicious Android app discovered in the Google Play Store masqueraded as a legitimate WalletConnect protocol to deceive users and steal $70,000 in cryptocurrency. It achieved over 10,000 downloads through fake reviews and consistent branding, impacting over 150 users. The app prompted users to sign transactions, enabling attackers to drain … Read more
September 20, 2024 at 01:34PM Malone Lam, 20, and Jeandiel Serrano, 21, are facing serious charges for allegedly stealing over $230 million in cryptocurrency. The pair is accused of carrying out a scam, using the stolen funds to buy luxury items and travel services. The case, handled by the US Attorney’s Office, FBI, and IRS, … Read more
September 6, 2024 at 11:22AM A new Android malware called SpyAgent utilizes OCR to extract cryptocurrency wallet recovery phrases from images stored on mobile devices. Based on the meeting notes, it seems that a new Android malware called SpyAgent has been identified. This malware uses optical character recognition (OCR) technology to extract cryptocurrency wallet recovery … Read more
September 4, 2024 at 12:21PM North Korean threat actors have created a malicious campaign called Contagious Interview, using fake job interviews to distribute malware. They have now been using fake video conferencing applications to backdoor developer systems. This activity is attributed to the North Korean threat actor Famous Chollima. The campaign is targeting job seekers … Read more