Security News
Scammers are impersonating government officials and law enforcement in active and rampant extortion schemes targeting Americans' money or personally identifiable information. "The FBI is warning the public of ongoing widespread fraud schemes in which scammers impersonate law enforcement or government officials in attempts to extort money or steal personally identifiable information," the FBI warned.
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned US organizations that data wiping attacks targeting Ukraine could spill over to targets from other countries. Although the two malware strains have only been deployed against Ukrainian networks so far, the threat actors deploying them could also accidentally hit other targets, and US organizations should be ready to prevent such devastating attacks.
The Federal Bureau of Investigation warned today that US organizations and individuals are being increasingly targeted in BEC attacks on virtual meeting platforms. In a Public Service Announcement issued today, the FBI said it noticed scammers switching to virtual meeting platforms matching the overall trend of businesses moving to remote work during the pandemic.
The US Federal Bureau of Investigation revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. "As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors.," the federal law enforcement agency said [PDF].
Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. "Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors' growing technological sophistication and an increased ransomware threat to organizations globally," the agencies said in the joint bulletin.
FBI: Criminals escalating SIM swap attacks to steal millions of dollars. The FBI says criminals have escalated SIM card swap attacks to hijack victims' phone numbers and steal millions of dollars from fiat and virtual currency accounts.
Crane Hassold, former FBI analyst turned director of threat intel at Abnormal Security, shares stories from his covert work with cyberattackers. "Behavioral characteristics and motivations of cybercriminals in the real world and virtual world are the same," said Crane Hassold, who helped to create the CBAC after spending more than 11 years as an FBI analyst, offering strategic and tactical analytical support to cyber, financial crime and violent crime cases.
The Federal Bureau of Investigation says criminals have escalated SIM swap attacks to steal millions by hijacking victims' phone numbers. "From January 2018 to December 2020, the FBI Internet Crime Complaint Center received 320 complaints related to SIM swapping incidents with adjusted losses of approximately $12 million. In 2021, IC3 received 1,611 SIM swapping complaints with adjusted losses of more than $68 million."
Two New York-based "Tech entrepreneurs" were arrested on Tuesday for allegedly conspiring to launder $4.5bn in stolen cryptocurrency, the US Department of Justice said, adding it's so far recovered $3.6bn in purloined digicah - based on current prices. At the time the funds were stolen in August 2016, a single BTC traded for about $540, making 119,754 BTC worth about $65m. Today, one BTC sells for roughly $43,170, making the total haul worth about $5.2bn; it was valued at around $4.5bn at the time the feds filed their court documents.
The Federal Bureau of Investigation has released technical details and indicators of compromise associated with LockBit ransomware attacks in a new flash alert published this Friday. Two years later, in June 2021, LockBit announced the LockBit 2.0 RaaS on their data leak site after ransomware actors were banned from posting on cybercrime forums [1, 2]. With the relaunch, the ransomware gang redesigned Tor sites and overhauled the malware, adding more advanced features, including the automatic encryption of devices across Windows domains via Active Directory group policies.