phishing
Nifty News: Fake Pokémon NFT game spreads malware, ‘Jai Ho’ singer to launch metaverse and more
Hackers hide malware in fake NFT game A phishing website purporting to offer a Pokémon-branded nonfungible token (NFT) card game has been spreading malware to unsuspecting gamers, a cybersecurity firm has warned. The website, which at the time of writing was still online, also claims to offer an NFT marketplace, with a link to buy tokens, and even an area to stake NFTs — all based on the popular Japanese media franchise. However, an arm of the South Korean cybersecurity firm AhnLab warned the public about the website on Jan. 6, noting that instead of downloading agame, users were actually downloading a remote access tool that allows hackers to take control of their device. A screenshot of the phishing website. The “Play on PC” link at the bottom of the image downloads the malware. The...
BitKeep exploiter used phishing sites to lure in users: Report
The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink. The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker. 【12-26 #BitKeep Hack Event Summary】1/n According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M. — OKLink (@OKLink) December 26, 2022 The report did not say how the malicious file stole the users’ keys in an unencrypted form. Howev...
Robocallers have upped their scam game and they’re after your crypto
Professional scam organizations are targeting cryptocurrency users following the collapse of FTX, initiating millions of automated calls and text messages in an attempt to swindle information and funds. Clayton LiaBraaten, senior executive adviser at Truecaller — an app that helps identify scam callers and messages — spoke to Cointelegraph, scammers often closely follow crypto news to better prey on their victims: “Fraudsters love volatility and current events. Anytime they can try to surf the contours of something very disruptive in the marketplace they have a great deal of success.” LiaBraaten said that Truecaller also saw an increase in scam communications relating to Bitcoin (BTC) and other cryptocurrencies when the market started to become volatile earlier in 2022. He added “age...
Nifty News: Building bridges in the Metaverse, elaborate Apes scam and more
South Korea’s Gyeongbuk Province has announced plans to use Web3 technology to expand its economic relations with Vietnam. In a Dec. 19 announcement, the province’s governor Lee Cheol-woo said the metaverse project would focus on “growing economic, cultural, commercial, and people-centered contacts with Vietnam.” Back in June, the province announced it would invest $13.8 million to establish itself as a hub for metaverse innovation in the hope of growing the local economy. South Korea has been very active in metaverse development since the beginning of 2022 and it aims to become the fifth most metaverse-ready country in the world. It has allocated $186.7 million to create an all-encompassing metaverse platform known as the Expanded Virtual World. 14 Bored Apes stolen in phishing scam ...
3Commas denies staff members stole API keys
Crypto trading firm 3Commas has denied its employees’ stole user’s API keys, claiming that screenshots circulating on social media are fake and urging affected users to file police reports to stop the perpetrators from stealing their funds. In a blog post published on Dec. 11, 3Commas co-founder and CEO Yuriy Sorokin said that fake screenshots of Cloudflare logs are circulating on Twitter and YouTube “in an attempt to convince people that there was a vulnerability within 3Commas and that we were irresponsible enough to allow open access to user data and log files.” The alleged screenshots intend to show how customer’s API keys were exposed in 3Commas dashboard on Cloudflare. In an another blog post, on Dec. 10, Sorokin encouraged affected users to file a...
Metallica issues crypto scam alert before the 72 Seasons album launch
It’s quite evident that bad actors have left no stone unturned as legendary metal band Metallica warned fans against crypto giveaway scams right before their highly anticipated launch of its new album, 72 Seasons. Cashing in on the buzz around Metallica’s new album launch and upcoming tour, scammers have started targeting metalheads through social media impersonation. Metallica, however, was quick to point out “the ugly side of social media,” asking fans to steer away from Metallica Crypto giveaways, stating: “Let’s be as clear as possible. [Metallica crypto giveaways] are scams.” Sad but true, Cointelegraph recently highlighted a rise in front-running scams on YouTube, which according to blockchain security firm CertiK, has risen by 500% in one year. The ongoing Metallica scams contribute...
Cybercrooks to ditch BTC as regulation and tracking improves: Kaspersky
Bitcoin (BTC) is forecasted to be a less enticing payment choice by cybercriminals as regulations and tracking technologies improve, thwarting their ability to safely move funds. Cybersecurity firm Kaspersky in a Nov. 22 report noted that ransomware negotiations and payments would rely less on Bitcoin as a transfer of value as an increase in digital asset regulations and tracking technologies will force cybercriminals to rotate away from Bitcoin and into other methods. As reported by Cointelegraph, ransomware payments using crypto topped $600 million in 2021 and some of the biggest heists such as the Colonial Pipeline attack demanded BTC as a ransom. Kaspersky also noted that crypto scams have increased along with the greater adoption of digital assets. However, it said that people have be...
Web3 sees 15 new scam smart contracts an hour: Solidus Labs
The Web3 and cryptocurrency space is seeing a significant amount of smart contract scams proliferating, with blockchain risk monitoring firm Solidus Labs saying it has detected on average 15 newly deployed scams every hour. Solidus Labs said on Oct. 27 that it had been monitoring 12 blockchains including Ethereum, Polygon and BNB Chain since Oct. 10, and in that time, had detected 188,525 smart contract scams. Former United States Consumer Financial Protection Bureau (CFPB) director, Kathy Kraninger, who is now Solidus’ vice president of regulatory affairs, said in the statement that “while some of the big rug pulls and scams make the news […] the full picture stemming from our data shows the vast majority of these scams go unnoticed.” The firm also shed some light on the number...
North Korea’s Lazarus behind years of crypto hacks in Japan: Police
Japan’s national police have pinned North Korean hacking group, Lazarus, as the organization behind several years of crypto-related cyber attacks. In the public advisory statement sent out on Oct. 14, Japan’s National Police Agency (NPA) and Financial Services Agency (FSA) sent a warning to the country’s crypto-asset businesses, asking them to stay vigilant of “phishing” attacks by the hacking groupaimed at stealing crypto assets. The advisory statement is known as “public attribution,” and according to local reports, is the fifth time in history that the government has issued such a warning. The statement warns that the hacking group uses social engineering to orchestrate phishing attacks — impersonating executives of a target company to try and bait employees into click...
Phising Scams Surge 234% in Africa, Especially in Tech Powerhouses
Image sourced from NorthJersey.com New data from Russia-based cybersecurity firm Kaspersky reveals that the prevalence of phishing and social engineering scams has increased significantly in Africa in Q2 2022 in comparison with the previous quarter. The company’s security solutions detected 10,722,886 phishing attacks in Africa in Q2, showing a 234% increase from the previous quarter. Tech powerhouses across Africa have seen the highest amount of growth in scams. Kenyan users have been influenced the most by this type of threat: there were 5,098,534 phishing attacks detected in 3 months – a growth of 438% when compared to the previous quarter. It was followed by South Africa (4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of 174%). In particular, ...
Phishing risks escalate as Celsius confirms client emails leaked
Celsius depositors should be on the lookout for phishing scams after the company revealed some of its customer data has been leaked in a third-party data breach. On July 26, Celsius sent an email to its customers informing them that a list of their emails had been leaked by an employee of one of its business data management and messaging vendors. According to Celsius, the breach came from an engineer at the Customer.io messaging platform who leaked the data to a third-party bad actor. “We were recently informed by our vendor Customer.io that one of their employees accessed a list of Celsius client email addresses,” said Celsius in its email to customers. The data breach is part of the same incursion that leaked OpenSea customer email addresses in June. Announcement from Celsius: “We ...
Is Nigeria Facing a Phishing Epidemic?
Sourced from Pure Cloud Solutions According to a new Digital Payment survey from Russia-based cybersecurity group Kaspersky, a staggering 61% of respondents from Nigeria said they faced phishing scams when using online banking or mobile wallet services. 67% have personally encountered fake websites, and a massive 82% experienced scams (via texts or calls) using social engineering. When asked about awareness of threats against digital payment methods, the majority of respondents from Nigeria report that they are aware of both the financial phishing attacks (95%) and online scams (97%). 78% also stated that they are informed about banking malware on PCs and on mobile. This type of malicious software steals money from users’ bank accounts. However, 98% think that banks and payment companies s...
