April 1, 2024   09:04 PM   0 The Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived. The government explains that these people were tricked into believing that lucrative job opportunities were waiting for them in the Southeast Asian nation, yet they were forced into becoming cybercriminals once they arrived there. After several nationals informed...

April 2, 2024   11:37 AM   1 Russia's Prosecutor General's Office has announced the indictment of six suspected "hacking group" members for using malware to steal credit card and payment information from foreign online stores. These attacks are known as card skimming, which involves infecting e-commerce websites with malicious code that either steals customers' input on order checkout pages or through fake payment page overlays. The threat actors use...

March 28, 2024   03:04 PM   2 Image: Midjourney American retailer Hot Topic disclosed that two waves of credential stuffing attacks in November exposed affected customers' personal information and partial payment data. The Hot Topic fast-fashion chain has over 10,000 employees in more than 630 store locations across the U.S. and Canada, the company's headquarters, and two distribution centers. In credential stuffing attacks, cybercriminals use automated tools...

March 27, 2024   10:08 AM   2 The U.S. Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements, allowing threat actors to use the platform to launder money. Founded in 2017 by Chinese citizens Chun Gan and Ke Tang, KuCoin is one of the largest cryptocurrency exchange platforms to buy, sell, trade, and store a variety of digital currencies. The...

March 27, 2024   10:08 AM   0 The U.S. Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements, allowing threat actors to use the platform to launder money. Founded in 2017 by Chinese citizens Chun Gan and Ke Tang, KuCoin is one of the largest cryptocurrency exchange platforms to buy, sell, trade, and store a variety of digital currencies. The...

March 25, 2024   05:20 PM   0 The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned three cryptocurrency exchanges for working with OFAC-designated Russian dark web markets and banks. The first, Bitpapa IC FZC LLC, is a peer-to-peer virtual currency exchange that caters to Russian nationals and has facilitated millions of dollars in transactions with two OFAC-designated Russian entities, Hydra Market and Garantex. Obshchestvo S...

March 25, 2024   07:28 PM   0 A U.S. federal court has issued a $9,918,000 penalty and an injunction against an individual named Scott Rhodes for making thousands of "spoofed" robocalls to consumers across the country. Robocalls are automated phone calls that use automated dialing software to deliver a pre-recorded message to many recipients. Though they have legitimate uses, including sales, public service announcements, charity requests, and political...

March 22, 2024   12:12 PM   1 The German police have seized infrastructure for the darknet Nemesis Market cybercrime marketplace in Germany and Lithuania, disrupting the site's operation. The Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) conducted the action on Wednesday, March 20, 2024, with law enforcement taking down the website and confiscating approximately $100,000 in cash. The Nemesis Market was...

March 14, 2024   12:40 PM   1 Tech support companies Restoro and Reimage will pay $26 million to settle charges that they used scare tactics to trick their customers into paying for unnecessary computer repair services. The U.S. Federal Trade Commission imposed the fine in response to the two Cyprus-based firms' deceptive marketing, which violates the FTC Act and the Telemarketing Sales Rule. "These companies used scare tactics and lies about threats to...

March 14, 2024   02:08 PM   2 SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models. Embedded Subscriber Identity Modules (eSIMs) are digital cards stored on the chip of the mobile device and serve the same role and purpose as a physical SIM card but can be remotely reprogrammed and provisioned, deactivated, swapped, deleted....

March 15, 2024   11:26 AM   0 A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. SIM swapping is an unauthorized porting of a targeted person's phone number to another physical SIM card or eSIM chip controlled by the attacker. These types of attacks are usually conducted via social engineering...

March 15, 2024   12:07 PM   0 Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide. According to court documents, after the federal prison ends, Diaconu (aka 'utmsandu,' 'sandushell,' 'rootarhive,' and 'WinD3str0y') will also be under supervised release for another 3 years. The sentence comes after his December guilty...

March 13, 2024   08:54 AM   0 Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin Fog between 2011 and 2021. Bitcoin Fog was one of the longest-running cryptocurrency "tumblers" on the dark web, which cybercriminals from multiple darknet marketplaces used to launder their criminal proceeds. Mixing services allow users to obfuscate the origin of their digital possessions so that they can be safely...

March 11, 2024   10:54 AM   0 The developers of the Leather cryptocurrency wallet are warning of a fake app on the Apple App Store, with users reporting it is a wallet drainer that stole their digital assets. Wallet drainers are apps or malicious scripts that trick users into entering their secret passphrases or performing malicious transactions allowing attackers to steal all digital assets, including NFTs and cryptocurrency, from users' wallets. Wallet...

February 29, 2024   05:14 PM   0 The Golden Corral American restaurant chain disclosed a data breach after attackers behind an August cyberattack stole the personal information of over 180,000 people. Golden Corral offers an all-you-can-eat buffet and grill in 298 locations across 43 U.S. states and Puerto Rico (operations are temporarily suspended at 24 locations for undisclosed reasons). In a press release published today, the company said that attackers had...