Security News
The United States has taken legal action to seize and return over $154 million purportedly stolen from Sony Life Insurance Company Ltd, a SONY subsidiary, by an employee in a textbook business email compromise attack. "According to the government's complaint, Rei Ishii, an employee of Sony Life Insurance Company Ltd. in Tokyo, allegedly diverted the $154 million when the company attempted to transfer funds between its financial accounts," the Justice Dept said today.
Unsecured QNAP NAS devices are getting covertly saddled with a new bitcoin miner, QNAP has warned users. "Once a NAS is infected, CPU usage becomes unusually high where a process named '[oom reaper]' could occupy around 50% of the total CPU usage. This process mimics a normal, legitimate kernel process with the same name. However, while the legitimate kernel process PID is usually below 1000, the bitcoin miner PID is usually greater than 1000," the company explained.
Network-attached storage appliance maker QNAP on Tuesday released a new advisory warning of a cryptocurrency mining malware targeting its devices, urging customers to take preventive steps with immediate effect. "A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process named '[oom reaper]' could occupy around 50% of the total CPU usage," the Taiwanese company said in an alert.
QNAP warned customers today of ongoing attacks targeting their NAS devices with cryptomining malware, urging them to take measures to protect them immediately. Customers who suspect their NAS is infected with this bitcoin miner are advised to restart their device, which may remove the malware.
PCrisk found a new Dharma ransomware variant that appends the. PCrisk found a new STOP ransomware variant that appends the.
Infosec must "Reclaim" the word crypto from people who trade in Bitcoins and other digital currencies, according to industry veteran Bruce Schneier - and it seems some Reg readers agree. "I have long been annoyed that the word 'crypto' has been co-opted by the blockchain people, and no longer refers to 'cryptography'," blogged Schneier in a classically brief post on Monday.
As the agency describes it, the scammer will contact their victim and somehow convince them that they need to send money, either with promises of love, further riches, or by impersonating an actual institution like a bank or utility company. After the mark is convinced, the scammer will have them get cash, and head to an ATM that sells cryptocurrencies and supports reading QR codes.
During the early days of the pandemic, while the rest of the world was stress streaming and working on sourdough starter, an ambitious teen stuck in his bedroom decided to set up a fake "Love2Shop" gift card site to harvest people's payment information, invest the stolen money in cryptocurrency and become a millionaire. His age certainly didn't prohibit the scammer from being allowed to purchase Google ads to help lure people to his phishing scam site, according to prosecutors, ultimately ranking the scam phishing site over the legitimate one.
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster. The DarkSide ransomware gang has extorted dozens of victims of tens of millions of U.S. dollars, their most famous attack being on May 7, against the largest fuel pipeline in the United States, Colonial Pipeline.
Ransomware extracted at least $590 million for the miscreants who create and distribute it in the first half of 2021 alone - more than the $416 million tracked in all of 2020, according to the US government's Financial Crimes Enforcement Network. FinCEN analysed 635 SARs, of which 458 described transactions reported between 1 January 2021 and 30 June 2021 and the remainder reported older transactions later found to be suspicious.