Welcome to the not-lost-in-transmissals inside Cyberland:
1 "Pig Butchering" Pig Butchering is a relatively new social engineering scam where fraudsters contact people (the "Pigs") on social media and build trust by engaging in long-term communication, establishing the idea of a fabricated friendship or romantic partnership. Sometimes, the scammers impersonate real friends of the target.
DNS -- DNS, or the Domain Name System, translates human readable domain names (for example, www.amazon.com) to machine readable IP addresses (for example, 192.0. 2.44).
EXAMPLE 1
FBI warns of "Pig Butchering" cryptocurrency investment schemes
The Federal Bureau of Investigation (FBI) warns of a rise in 'Pig Butchering' cryptocurrency scams used to steal ever-increasing amounts of crypto from unsuspecting investors.
The warning was issued as a Private Industry Notification from the FBI Miami Field Office in coordination with the Internet Crime Complaint Center (IC3) yesterday to raise awareness among cryptocurrency investors who are increasingly being targeted by these types of scams.
Pig Butchering is a relatively new social engineering scam where
fraudsters contact people (the "Pigs") on social media and build trust
by engaging in long-term communication, establishing the idea of a
fabricated friendship or romantic partnership. Sometimes, the scammers
impersonate real friends of the target. . .
At some point, the fraudsters propose that the victim invests in cryptocurrency on phony platforms that aren't linked to an actual cryptocurrency exchange or market.
Victims visiting these fake investment dashboards see massive returns, thinking their investment is already generating profit. The fake investment returns prime the target for the next stage of the scam, which is to press them to invest ever-increasing amounts and not withdraw anything.
At some point, the victim attempts to cash out on their investments, which is when they are told that they need to pay income taxes first, additional processing fees, international transaction costs, etc.
Eventually, the fraudster stops communication and shuts down the fake crypto exchange, or the victim gives up after realizing they have been scammed. Unfortunately, this can be months into the scam with the victim already giving huge amounts of funds to the fraudsters ranging from thousands to millions of dollars.
"Many victims report being directed to make wire transfers to overseas accounts or purchase large amounts of prepaid cards," explains the FBI notice.
"The use of cryptocurrency and cryptocurrency ATMs is also an emerging method of payment. Individual losses related to these schemes ranged from tens of thousands to millions of dollars."
Forbes recently reported on a 52-year-old man from San Francisco who lost $1 million to a Pig Butchering scam after being contacted by fraudsters pretending to be an old colleague.
Spot the scams early
Due to the rising growth of these types of scams and the significant financial losses victims can suffer, it's crucial to recognize them as early as possible.
The FBI has listed the following characteristics of "Pig Butchering" that people should consider as red flags:
- You are contacted by a long-lost contact or a stranger on social media.
- The URL of the investment platform doesn't match the official website of a popular cryptocurrency market/exchange but is very similar (typo-squatting).
- The investment app you have downloaded generates warnings of being "untrusted" when launched on Windows, or your anti-virus marks it as potentially dangerous.
- The investment opportunity sounds too good to be true.
People who suspect they may have been victims of "Pig Butchering" are urged to report it to the crime complaint center at ic3.gov, including as many details as possible, to help law enforcement track down the scammers."
EXAMPLE www.bleepingcomputer.com
Russian retail chain 'DNS' confirms hack after data leaked online
- October 3, 2022
- 02:35 PM
Bill Toulas is a technology writer and infosec news reporter with over a decade of experience working on various online publications. An open source advocate and Linux enthusiast, is currently finding pleasure in following hacks, malware campaigns, and data breach incidents, as well as by exploring the intricate ways through which tech is swiftly transforming our lives.
✓ "Russian retail chain 'DNS' (Digital Network System) disclosed yesterday that they suffered a data breach that exposed the personal information of customers and employees.
DNS is Russia's second-largest computer and home appliance store chain, with 2,000 branches and 35,000 employees.
According to the scant details provided in the announcement, a group
of hackers residing outside the Russian Federation exploited a security
gap in the company's IT systems and accessed customer and employee
details.
"We have already found gaps in the protection of our information infrastructure and are working to strengthen information security in the company," says the DNS announcement.
While the firm has not provided details on what information was compromised, it clarified that the hackers didn't steal user passwords and payment card data, as that data isn't stored on their systems.
DNS data leaked on hacker forum
DNS' disclosure of a security breach comes hours after a threat actor began leaking the company's data on a hacking forum, allegedly stolen by a hacking group known as 'NLB Team.'
The data was allegedly stolen on September 19 and contains full names, usernames, email addresses, and phone numbers of DNS customers and employees for 16 million people.
Source: BleepingComputer
According to SimilarWeb data, DNS-shop.ru receives approximately 81.3 million visits per month, being in the top 30 most visited sites in the country, so the alleged number of impacted individuals seems plausible.
Neither the volume of the stolen data nor the type of the information has been officially confirmed.
It is worth noting that the same person leaking DNS' data had previously offered databases belonging to other Russian organizations, "Cherlock.ru," a legal information portal, and "CDEK.market," a consumer goods e-commerce platform.
Russian sites facing “insider” threats
The attack against DNS is allegedly the work of pro-Ukrainian hackers, but new reports have surfaced over the weekend that put a new threat in the frame for Russian sites.
Kyiv Post reports that hackers affiliated with the so-called "National Republican Army" (NRA), an organization uniting dissidents seeking to overthrow Putin, are launching attacks against key Russian firms.
Their first high-profile victim is allegedly "Unisoftware," a software development firm that works closely with the Russian government, the Central Bank, and the federal tax service.
Reportedly, the attack involved the deployment of a ransomware strain to cause damage, while the group also shared some screenshots with the publication as evidence of their access.
Related Articles:
Optus confirms 2.1 million ID numbers exposed in data breach
SITA data breach affects millions of travelers from major airlines
Hacker sells stolen Starbucks data of 219,000 Singapore customers
LastPass says hackers had internal access for four days
Russian streaming platform confirms data breach affecting 7.5M users
-
US Govt: Hackers stole data from US defense org using new malware
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector.
- October 04, 2022
- 07:08 PM
0
-
Hackers are breaching scam sites to hijack crypto transactions
In a perfect example of there being no honor among thieves, a threat actor named 'Water Labbu' is hacking into cryptocurrency scam sites to inject malicious JavaScript that steals funds from the scammer's victims.
- October 04, 2022
- 02:20 PM
- 0
Save on travel with this Dollar Flight Club subscription deal
Travel is always going to have some costs. This Dollar Flight Club subscription helps you keep them in line for $49 for the Premium tier, or $99 for the Premium Plus tier, saving you up to 94% off the $1690 MSRP.
- October 04, 2022
- 02:08 PM
- 0
Optus confirms 2.1 million ID numbers exposed in data breach
Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month.
- October 04, 2022
- 12:43 PM
- 0
Cheerscrypt ransomware linked to a Chinese hacking group
The Cheerscrypt ransomware has been linked to a Chinese hacking group named 'Emperor Dragonfly,' known to frequently switch between ransomware families to evade attribution.
- October 04, 2022
- 11:46 AM
- 0
FBI warns of "Pig Butchering" cryptocurrency investment schemes
The Federal Bureau of Investigation (FBI) warns of a rise in 'Pig Butchering' cryptocurrency scams used to steal ever-increasing amounts of crypto from unsuspecting investors.
- October 04, 2022
- 09:59 AM
- 0
Want a million bucks for solving a puzzle? Deal Days might help you win
Want to try your own luck? Gather some friends and get ready to solve. Thanks to Deal Days, you can get a copy of the 2 Million Dollar Puzzle for $24.99, more than 15% off the MSRP.
- October 04, 2022
- 07:16 AM
- 0
No comments:
Post a Comment