August 26, 2024 at 12:54AM Researchers have discovered new Android malware, NGate, aimed at stealing contactless payment data from physical credit and debit cards to conduct fraudulent operations. Targeting banks in Czechia, the attack involves social engineering and SMS phishing to trick users. NGate prompts victims to enter sensitive financial details and instigates an NFC … Read more
August 25, 2024 at 02:36AM Cybersecurity researchers have discovered a stealthy Linux malware called sedexp, utilized by financially motivated threat actors since 2022. Noteworthy for using udev rules to maintain persistence, the malware runs upon system reboot, enabling remote access and memory modification to conceal its presence. It has been observed hiding credit card scraping … Read more
August 16, 2024 at 11:03AM A 27-year-old Russian national, Georgy Kavzharadze, has been sentenced to over three years in prison for selling financial information and login credentials on the now-defunct dark web marketplace Slilpp. He is ordered to pay $1,233,521.47 in restitution and is estimated to have made over $200,000 in profits from the illegal … Read more
August 13, 2024 at 07:35AM Luxembourg’s Orion SA may face a $60 million loss due to a criminal wire fraud scheme involving fraudulent outbound wire transfers. The company suspects a business email compromise (BEC) scam. Despite the potential loss, Orion remains confident after recently boosting its 2024 sales and profit estimates. The company is working … Read more
August 7, 2024 at 02:02AM A threat intelligence firm discovered a malicious Android program, BlankBot, targeting Turkish-language speakers. It can capture screen grabs, keystrokes, and create custom overlays to gather sensitive information. The program is under active development and mostly undetected by anti-malware scanners. Its motive for targeting Turkey is unclear, but it appears to … Read more
August 2, 2024 at 02:47AM The UK’s National Crime Agency (NCA) shut down Russian Coms, a call-spoofing service with hundreds of thousands of victims. Four Brits have been arrested in connection with the operation. The service helped criminals disguise their identities and swindle victims of millions. Global law enforcement efforts are targeting additional users, with … Read more
June 25, 2024 at 12:03AM Four Vietnamese nationals linked to the FIN9 cybercrime group have been indicted in the U.S. for orchestrating computer intrusions causing over $71 million in losses to companies. They are accused of conducting phishing campaigns and using stolen information for criminal activities. This comes amid global efforts to combat cybercrime. From … Read more
June 13, 2024 at 02:41PM Conversational AI has been used to engage with scammers, providing insight into cybercriminal operations and extracting information about their fraud methods and infrastructure. Netcraft’s ChatGPT-based chatbot was successful in collecting bank account details from fraudsters, demonstrating the potential of AI in countering cybercrime and creating a more proactive cyber defense. … Read more
June 12, 2024 at 02:05PM Criminals are using phone calls to deceive victims into transferring money by impersonating government employees, including those at the Cybersecurity and Infrastructure Security Agency (CISA). The agency issued a warning and emphasized that its staff would never request money or secrecy. Tips were shared to avoid falling victim, including validating … Read more
June 6, 2024 at 10:39AM The US government filed a civil forfeiture action to recover over $5.3 million lost by a Massachusetts workers union in a business email compromise scam. Cybercriminals tricked the union into transferring the funds using a spoofed email. The fraudsters transferred the money through intermediary bank accounts. Authorities have seized the … Read more