Security News

The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called "Pig butchering" scams. Authorities tracked payments to cryptocurrency addresses belonging to one organization known for romance scams and fake cryptocurrency investments, known together as "Pig butchering" which means the marks are "Fattened" for slaughter as they load up scammers' accounts before being taken for as much as the crims can extract.

The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link to a Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members.

The official Twitter account for Bloomberg Crypto was compromised earlier today, ultimately redirecting users to a deceptive website used to steal Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the hijacked profile contained a link to a fake Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members.

Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X. To lure potential victims, the scammer uses a breach on major cryptocurrency exchange platforms. The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea.

The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea. To impersonate the legitimate accounts, the threat actors created new X accounts with similar account names.

NIST, the US National Institute of Standards and Technology, is leading a process to create and standardize new encryption algorithms to replace RSA and ECC. The new algorithms rely on mathematical approaches that are not easily broken by quantum or classical computers. In December of 2022, US President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act which mandates timelines for moving government systems to PQC algorithms.

Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. After picking their targets following initial contact on LinkedIn, the BlueNoroff hackers backdoor their systems by deploying malware hidden in malicious documents pushed via private messages on various social networks.

The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of user funds from the cryptocurrency exchange in a raid on Friday. "We are offering a five percent white hat bounty to the Poloniex hacker," Sun wrote.

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Developed by Microsoft, it's a cloud-based automation service that allows users to automate the creation, deployment, monitoring, and maintenance of resources in Azure.

Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets. Published with the name Ledger Live Web3, the fake application appears to have been present in the Microsoft Store since October 19 but the cryptocurrency theft started being reported just a couple of days ago.