October 2, 2024 at 01:27PM Group-IB reported on a large-scale fraud campaign involving fake trading apps on Apple App Store and Google Play Store, using phishing sites to deceive victims. Operating globally, the campaign leverages social engineering, targeting victims for investment fraud. The cybercriminals utilized a fake app to deceive victims into making investments, subsequently … Read more
July 12, 2024 at 02:34PM Coordinated DNS hijacking attacks impact decentralized finance (DeFi) crypto platforms using Squarespace registrar. Attackers redirect visitors to phishing sites, aiming to drain wallets. Platforms such as Compound Finance, Celer Network, and Pendle warn users and assure fund safety. Attackers exploit a vulnerability stemming from domain migration. Security experts recommend enabling … Read more
April 30, 2024 at 01:32PM Since early 2021, three large-scale campaigns targeted Docker Hub users by planting millions of repositories containing malware and phishing sites. JFrog researchers discovered that 20% of Docker Hub’s 15 million repositories had malicious content. They identified nearly 4.6 million repositories with no Docker images, linked to three major malicious campaigns. … Read more
January 8, 2024 at 04:07PM Netgear and Hyundai MEA Twitter accounts, with over 160,000 followers, were hijacked to promote cryptocurrency scams, involving malware aimed at draining victims’ cryptocurrency wallets. Hyundai recovered its account, while Netgear is still compromised. Verified government and business accounts are increasingly targeted for similar scams, with cryptocurrency ads and phishing sites … Read more