December 5, 2022

Fraudulent Apps, Stealth Mining Botnet and Other Cybersecurity Events

Fraudulent Apps, Stealth Mining Botnet and Other Cybersecurity Events

We have collected the most important news from the world of cybersecurity for the week.

  • FBI told about aimed at crypto-investors criminals who stole more than $42 million through fraudulent applications.
  • Yuga Labs has warned of possible upcoming cyber attacks on the NFT community.
  • The alleged creator of the Gozi malware has been extradited to the United States.

FBI Reports Fraudulent Apps Targeting Crypto Investors

The US Federal Bureau of Investigation (FBI) has warned about the activity of cybercriminals creating fraudulent applications for investing in cryptocurrencies.

According to the department, the perpetrators urgedvictims install applications controlled by them that were used to steal funds. The FBI identified more than 240 victims and estimated the loss at $42.7 million.

Often scammers pretended to be representatives of well-known companies.

Between October 4, 2021 and May 13, 2022For years, cybercriminals acted on behalf of YiBit, convincing victims to download a fake app and deposit cryptocurrencies. Later, the latter received letters demanding that they “pay taxes” on their investments in order to withdraw funds. Thus, they received about $5.5 million from the victims.

The FBI recommended to investors:

  • do not install unverified investment applications - make sure that they really belong to the company on behalf of which they are distributed;
  • do not trust applications with limited functionality;
  • verify information about persons providing investment advice before disclosing their personal information to them.

Experts spoke about the spread of a botnet aimed at hidden mining

SentinelOne has identified a botnet distributed by the 8220 group and used for hidden mining.

Hackers compromised about 30,000 hosts worldwide through vulnerabilities in Linux and cloud applications.

Alleged creator of Gozi malware extradited to US

Mihai Ionut Paunescu, suspected of spreading the Gozi Trojan, has been extradited to the United States, reports The Register.

US authorities believe he isone of the creators of the malware that infected more than a million computers around the world, as a result of which the victims suffered losses "for tens of millions of dollars."

According to US law enforcement, Paunescu also provided the infrastructure for various hacker operations.

Yuga Labs warned of an impending attack on the NFT community

The company behind the Bored Ape Yacht Club NFT collection, Yuga Labs, has discovered a "group of threats" targeting the NFT community.

The project team believes that a coordinated attack may soon occur, targeting several communities through compromised social media accounts.

Mandiant named two groups of hackers attacking Ukraine

Mandiant experts spoke about two hacker groups attacking Ukrainian organizations.

UNC2589 hackers are running phishing campaigns by sending malware emails. Subjects of letters can be varied, sometimes attackers send them from pre-compromised emails.

The UNC1151 group is also actively attacking Ukrainian organizations. Mandiant specialists connect hackers with Belarus.

Also on ForkLog:

  • Roskomnadzor unblocked the Tor website.
  • US authorities have seized $500,000 from North Korean-linked ransomware operators.
  • Cybersecurity startup Halborn raises $90 million

What to read on the weekend?

Could the digital currencies of central banks become a tool for mass surveillance, we tell in an exclusive:

"Cryptofascism" in action: how the introduction of central bank digital currencies will affect economic freedoms


Read ForkLog bitcoin news in our Telegram - cryptocurrency news, courses and analytics.