Security News

FBI warns of phony cryptocurrency apps aiming to steal money from investors. The FBI is urging cryptocurrency investors and investment firms to beware of fraudulent cryptocurrency apps that try to steal money from unsuspecting victims.

In the first half of 2022, BioCatch estimates fraudulent transfers to money mule accounts totaled $3 billion and that there are approximately 2 million mule accounts in the US. Additionally, researchers found that the average mule transaction amount is $1,500 - a low amount to avoid detection when executing mule campaigns at a large scale. In this Help Net Security video, Erin Englund, Threat Analytics Lead at BioCatch, explains what money mules are, why are they becoming so prevalent, and how we can defend against them.

Maastricht University, a Dutch university with more than 22,000 students, said last week that it had recovered the ransom paid after a ransomware attack that hit its network in December 2019. One week later, on December 30, the university decided to pay the ransom to have its files decrypted after deciding that rebuilding all infected systems from scratch or creating a decryptor were not viable options.

Cybersecurity researchers have disclosed a new ransomware strain called GoodWill that compels victims into donating for social causes and provide financial assistance to people in need. "The ransomware group propagates very unusual demands in exchange for the decryption key," researchers from CloudSEK said in a report published last week.

A security researcher disclosed details of a clickjacking attack demonstrated against PayPal that could be exploited to steal victims' account balances in a single click. "But during my deep testing, I found that we can pass another token type, and this leads to stealing money from [a] victim's PayPal account."

The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks' threat intelligence team. For the espionage strikes, Cobalt Mirage pulls off targeted intrusions to gain access and collect intelligence, though the snoops appear to be experimenting with ransomware here as well, the threat hunters wrote.

How password fatigue can cost organizations time, money and mental energy. For its study, "Measuring Password Fatigue: Usability and Cybersecurity Impacts," Beyond Identity surveyed 1,047 Americans, including more than 600 full-time employees, to determine how password fatigue is affecting their daily lives.

China's internet regulator, the Cyberspace Administration of China, has published guidelines that aim to stop minors from giving tips or other forms of payment to livestreamers, watching after 10pm, or livestreaming themselves. "Website platforms must not develop functional applications that attract minors to tip or induce minors to give 'gifts.' If it is found that the website platform violates the aforementioned requirements, measures such as suspending the tipping function and shutting down the live broadcast business will be implemented," said the recently published Opinions on Regulating Online Live Rewards and Strengthening the Protection of Minors.

Ransomware operators have reimagined their business model with ransomware as a service, selling related services to other attackers through membership, subscription or customization. Learning from advanced persistent threat campaigns, threat actors are customizing ransomware attacks by using highly experienced attack teams that hit targeted victims with APT-like precision and capability.

The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. First came the bank sanctions and the blocking of SWIFT payments, a result of the Russian invasion of Ukraine.