Reading view

There are new articles available, click to refresh the page.

Crypto scammers posing as real brands on X are easily hacking YouTubers

For months, popular fighting game YouTubers have been under attack. Even the seemingly most cautious among them have been duped by sophisticated phishing attacks that hack their accounts to push cryptocurrency scams by convincingly appearing to offer legitimate sponsorships from established brands.

These scams often start with bad actors seemingly taking over verified accounts on X (formerly Twitter) with substantial followings and then using them to impersonate marketing managers at real brands who can be easily found on LinkedIn.

The fake X accounts go to great lengths to appear legitimate. They link to brands' actual websites and populate feeds with histories seemingly spanning decades by re-posting brands' authentic posts.

Read full article

Comments

© via Capcom USA

Russia takes unusual route to hack Starlink-connected devices in Ukraine

Russian nation-state hackers have followed an unusual path to gather intel in the country's ongoing invasion of Ukraine—appropriating the infrastructure of fellow threat actors and using it to infect electronic devices its adversary’s military personnel are using on the front line.

On at least two occasions this year, the Russian hacking group, tracked under names including Turla, Waterbug, Snake, and Venomous Bear, has used servers and malware used by separate threat groups in attacks targeting front-line Ukrainian military forces, Microsoft said Wednesday. In one case, Secret Blizzard—the name Microsoft uses to track the group—leveraged the infrastructure of a cybercrime group tracked as Storm-1919. In the other, Secret Blizzard appropriated resources of Storm-1837, a Russia-based threat actor with a history of targeting Ukrainian drone operators.

The more common means for initial access by Secret Blizzard is spear phishing followed by lateral movement through server-side and edge device compromises. Microsoft said that the threat actor’s pivot here is unusual but not unique. Company investigators still don’t know how Secret Blizzard obtained access to the infrastructure.

Read full article

Comments

5 charged in “Scattered Spider,” one of the most profitable phishing scams ever

Federal prosecutors have charged five men with running an extensive phishing scheme that allegedly allowed them to compromise hundreds of companies nationwide, gain non-public information, and steal millions of dollars in cryptocurrency.

The charges, detailed in court documents unsealed Wednesday, pertain to a crime group security researchers have dubbed Scattered Spider. Members were behind a massive breach on MGM last year that cost the casino and resort company $100 million. MGM preemptively shut down large parts of its internal networks after discovering the breach, causing slot machines and keycards for thousands of hotel rooms to stop working and slowing electronic transfers. Scattered Spider also breached the internal network of authentication provider Twilio, which allowed the group to hack or target hundreds of other companies.

Not your father’s phishing campaign

Key to Scattered Spider’s success were phishing attacks so methodical and well-orchestrated they were hard to detect even when sophisticated defenses were implemented. Microsoft researchers, who track the group under the name Octo Tempest, declared it “one of the most dangerous financial criminal groups.”

Read full article

Comments

© Getty Images

❌