Fraudulent Apps, Stealth Mining Botnet And Other Cybersecurity Events
We have collected the most important news from the world of cybersecurity for the week.
- The FBI spoke about criminals targeting crypto investors who stole more than $42 million through fraudulent applications.
- Yuga Labs has warned of possible upcoming cyber attacks on the NFT community.
- The alleged creator of the Gozi malware has been extradited to the United States.
Table of Contents
FBI Reports Fraudulent Apps Targeting Crypto Investors
The US Federal Bureau of Investigation (FBI) has warned about the activity of cybercriminals creating fraudulent applications for investing in cryptocurrencies.
According to the agency, attackers persuaded victims to install controlled apps used to steal funds. The FBI identified more than 240 victims and estimated the loss at $42.7 million.
Often scammers pretended to be representatives of well-known companies.
Between October 4, 2021, and May 13, 2022, cybercriminals acted on behalf of YiBit, convincing victims to download a fake app and deposit cryptocurrency. Later, the latter received letters demanding they “pay taxes” on their investments to withdraw funds. Thus, they received about $5.5 million from the victims.
The FBI recommended to investors:
- do not install unverified investment applications – make sure that they belong to the company on behalf of which they are distributed;
- do not trust applications with limited functionality;
- verify information about persons providing investment advice before disclosing their personal information.
Experts spoke about the spread of a botnet aimed at hidden mining
SentinelOne has identified a botnet distributed by the 8220 group and used for hidden mining.
Hackers compromised about 30,000 hosts worldwide through vulnerabilities in Linux and cloud applications.
Alleged Creator of Gozi malware extradited to US
Mihai Ionut Paunescu, suspected of distributing the Gozi Trojan, has been extradited to the United States, reports The Register.
US authorities believe that he is one of the malware creators that infected more than a million computers worldwide, causing the victims to suffer “tens of millions of dollars” in losses.
According to US law enforcement, Paunescu also provided the infrastructure for various hacker operations.
Yuga Labs warned of an impending attack on the NFT community
The company behind the Bored Ape Yacht Club NFT collection, Yuga Labs, has discovered a “group of threats” targeting the NFT community.
The project team believes a coordinated attack may soon occur, targeting several communities through compromised social media accounts.
Mandiant named two groups of hackers attacking Ukraine
Mandiant experts spoke about two hacker groups attacking Ukrainian organizations.
UNC2589 hackers are running phishing campaigns by sending malware emails. Subjects of letters can be varied; sometimes, attackers send them from pre-compromised emails.
The UNC1151 group is also actively attacking Ukrainian organizations. Mandiant specialists connect hackers with Belarus.