Security News

SEC Twitter hijacked to push fake news of hotly anticipated Bitcoin ETF approval
2024-01-09 21:48

Breaking The SEC today said its Twitter/X account was hijacked to wrongly claim it had approved hotly anticipated Bitcoin ETFs, causing cryptocurrency to spike and then slip in price. In a now-deleted tweet shared in the past hour, the American financial regulator appeared to say: "Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges. The approved Bitcoin ETFs will be subject to ongoing surveillance and compliance measures to ensure continued investor protection."

SEC Twitter hijacked to push fake news of hotly anticipated ETF approval
2024-01-09 21:48

Breaking The SEC today said its Twitter account was hijacked to wrongly claim it had approved hotly anticipated Bitcoin ETFs, causing cryptocurrency to spike and then slip in price. In a now-deleted tweet, shared in the past hour, the American financial regulator appeared to say: "Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges. The approved Bitcoin ETFs will be subject to ongoing surveillance and compliance measures to ensure continued investor protection."

X-ploited: Mandiant restores hijacked Twitter account after attempted crypto heist
2024-01-04 20:00

Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password. "We are aware of the incident that impacted the Mandiant X account and are conducting a thorough investigation," a spokesperson told The Register.

Bloomberg Crypto X account hijacked in Discord phishing attack
2023-11-17 23:01

The official Twitter account for Bloomberg Crypto was compromised earlier today, ultimately redirecting users to a deceptive website used to steal Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the hijacked profile contained a link to a fake Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members.

Requests via Facebook Messenger lead to hijacked business accounts
2023-09-12 10:19

Hijackers of Facebook business accounts are relying on fake business inquiries and threats of page/account suspension to trick targets into downloading password-stealing malware. Hijacked Facebook business accounts a great way to reach a broad audience with ads and more scams.

Microsoft 365 accounts of execs, managers hijacked through EvilProxy
2023-08-10 11:41

A phishing campaign leveraging the EvilProxy phishing-as-a-service tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at over 100 organizations around the world. As organizations increasingly employ multi-factor authentication, threat actors have switched to using phishing services such as EvilProxy, which uses reverse proxy and cookie injection methods to steal authentication credentials and session cookies.

Bing search results hijacked via misconfigured Microsoft app
2023-03-30 17:05

A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS attacks to potentially breach the accounts of Office 365 users. Wiz researchers found that when creating an application in Azure App Services and Azure Functions, the app can be mistakenly configured to allow users from any Microsoft tenant, including public users, to log in to the application.

Facebook accounts hijacked by new malicious ChatGPT Chrome extension
2023-03-22 16:44

A trojanized version of the legitimate ChatGPT extension for Chrome is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts. The extension is a copy of the legitimate popular add-on for Chrome named "ChatGPT for Google" that offers ChatGPT integration on search results.

Illegal Solaris darknet market hijacked by competitor Kraken
2023-01-18 19:21

A large darknet marketplace focused on drugs and illegal substances, has been taken over by a smaller competitor named 'Kraken,' who claims to have hacked it on January 13, 2022. The Tor site of Solaris currently redirects to Kraken, while blockchain monitoring experts at Elliptic report no movements in the cryptocurrency addresses associated with the site after January 13, 2022.

Verizon prepaid accounts hijacked by SIM swap crooks
2022-10-19 22:04

Verizon has notified some prepaid customers that their accounts were compromised and their phone numbers potentially hijacked by crooks via SIM swaps. From there, the crooks could access the personal info in an account and perform a SIM swap.