Security News

FTX fiasco founder SBF faces further fraud charges
2023-02-23 20:30

FTX founder Sam Bankman-Fried's eight-count indictment related to the collapse of his crypto empire has been superseded by a new 12-count indictment unsealed in New York which provide graphic details about the extent the defunct biz paid off politicians. According to the superseding indictment [PDF], SBF "Corrupted the operations of the cryptocurrency companies he founded and controlled through a pattern of fraudulent schemes that victimized FTX customers, investors, financial institutions, lenders and the [FEC]."

Europol busts ‘CEO fraud’ gang that stole €38M in a few days
2023-02-17 18:18

Europol has dismantled a Franco-Israeli 'CEO fraud' group that employed business email compromise attacks to divert payments from organizations to bank accounts under the threat actor's control. The fraudsters impersonated CEOs when approaching employees in the target organizations' financial departments and tricked them into performing payments to bank accounts under the scammer's control.

Authorities break up gang responsible for €38 million CEO fraud
2023-02-17 11:24

8 suspects arrested Seizures include: electronic equipment and vehicles, about EUR 3 million from Portuguese bank accounts, EUR 1.1 million from Hungarian bank accounts, EUR 600 000 from Croatian bank accounts, EUR 400 000 from Spanish bank accounts, EUR 350 000 in virtual currencies. The total value of the seizures is estimated at about EUR 5.5 million.

Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected
2023-02-14 16:51

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation," Sucuri researcher Ben Martin said in a report published last week.

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud
2023-01-23 12:01

Samsung classified the bugs as moderate risk and released fixes in version 4.5.49.8 shipped earlier this month. Samsung Galaxy Store, previously known as Samsung Apps and Galaxy Apps, is a dedicated app store used for Android devices manufactured by Samsung.

Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps
2023-01-23 06:35

Researchers have shut down an "Expansive" ad fraud scheme that spoofed more than 1,700 applications from 120 publishers and impacted roughly 11 million devices. "VASTFLUX was a malvertising attack that injected malicious JavaScript code into digital ad creatives, allowing the fraudsters to stack numerous invisible video ad players behind one another and register ad views," fraud prevention firm HUMAN said.

Massive ad-fraud op dismantled after hitting millions of iOS devices
2023-01-21 15:06

A massive ad fraud operation dubbed 'Vastflux' that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been disrupted by security researchers at cybersecurity company HUMAN. The operation's name was derived from the VAST ad-serving template and the "Fast flux" evasion technique used to conceal malicious code by rapidly changing a large number of IP addresses and DNS records associated with a single domain. The research team at HUMAN discovered Vastflux while investigating a separate ad fraud scheme.

The threat of location spoofing and fraud
2023-01-20 04:30

In this Help Net Security video, André Ferraz, CEO at Incognia, discusses the impact of location spoofing and location-based fraud. Any tool that enables users to alter the location information given by their device is known as location spoofing.

How to protect yourself from bot-driven account fraud
2023-01-13 04:30

Bots continue to evolve and thrive at the expense of companies. Kasada's research shows revenue loss from bot-driven account fraud and web scraping continues to skyrocket, despite companies spending more on bot mitigation solutions every year.

Google Ad fraud campaign used adult content to make millions
2022-12-20 20:08

A massive advertising fraud campaign using Google Ads and 'popunders' on adult sites is estimated to have generated millions of ad impressions on stolen articles, making the fraudsters an estimated $275k per month. The campaign was discovered by Malwarebytes, who reported it to Google and took it down for violating policies forbidding Google Ads on adult sites.