Security News
The malware peddlers' focus on Apple fans was clearly reflected in the name they gave their "Product": Atomic macOS Stealer, or AMOS for short. Well-informed Mac users should spot that the popup produced clearly belongs to the malware app itself, which is imaginatively called Setup.
Working with law enforcement from 15 other nations, the US Department of Justice yesterday seized [PDF] the criminal souk's main website, domains, and servers, and "Conducted a number of law enforcement actions against hundreds of Genesis Market users worldwide" as part of a global law enforcement effort dubbed Operation Cookie Monster, according to a senior FBI official. According to court documents, in December 2020 the FBI, in conjunction with an unnamed foreign law enforcement, managed to image the Genesis backend server, and downloaded usernames, passwords, email account, search histories, purchase history and comment for 33,000 Genesis Market users and approximately 900,000 individual packages.
In what's a case of setting a thief to catch a thief, the U.K. National Crime Agency revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. "All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks," the law enforcement agency said.
The Brazilian National Telecommunications Agency is seizing incoming Flipper Zero purchases due to its alleged use in criminal activity, with purchasers stating that the government agency has rejected all attempts to certify the equipment. Multiple people in Brazil who purchased the Flipper Zero hacking tool have reported that their shipments are being redirected to Brazil's telecommunications agency, Anatel, due to a lack of certification with the country's Radio Frequencies department.
"In 2022, investment scam losses were the most scheme reported to the Internet Crime Complaint Center," the FBI shared in its 2022 Internet Crime Report. 2022 Internet Crime Report: Additional findings The number of complaints received by the IC3 is a bit smaller than the year before, but the overall recorded losses are highest than ever When it comes to BEC scams, the IC3 saw a slight increase of targeting victims' investment accounts instead of the traditional banking accounts, and an increase of BEC bad actors spoofing legitimate business phone numbers to confirm fraudulent banking details with victims.
Y is the author of a book I can very greatly recommend, with the fascinating title Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency. DUCK. Andy, do you think, perhaps that there's nothing wrong with Satoshi Nakamoto saying, "You *can* be anonymous when you use Bitcoin?".
DUCK. Today's topic is: Incident response - A day in the life of a cyberthreat responder. PETER. Typically, we're brought in either just after an attack or while one is still unfolding.
The International Criminal Police Organization, also called the Interpol, has announced the arrests of 75 individuals as part of a coordinated global operation against an organized cybercrime syndicate called Black Axe. "'Black Axe' and other West African organized crime groups have developed transnational networks, defrauding victims of millions while channeling their profits into lavish lifestyles and other criminal activities, from drug trafficking to sexual exploitation," the agency said.
For the report, the ITRC surveyed victims who contacted the ITRC and victims who did not. According to the responses, the number of repeat identity crime victims dropped year-over-year among victims.
In this Help Net Security video, James E. Lee, Chief Operating Officer of the Identity Theft Resource Center, discusses the 2021 Trends in Identity Report, which looks at the trends in identity based on information from the victims that contact the ITRC. For the report, researchers looked at the wide range of identity crimes committed against people as reported by the victims of the crimes. In 2021, the ITRC received its highest number of contacts in its history, with Google Voice being the most reported identity-related scam.