Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label FTX. Show all posts
Kraken
Artifical Intelligence Binance Binance Coins (BNB) Bitcoin Bybit Coinbase Cyber Attacks Cybersecurity CyberThreat Engineering Attacks FTX Kraken

Reports Indicate Social Engineering Attacks on Binance and Kraken

 


As a result of sophisticated social engineering attacks mimicking a recent attempt to breach Coinbase Global Inc., Binance and Kraken exchanges have both been able to thwart such attacks. In the report by Bloomberg, sources familiar with the matter claim that Binance and Kraken (NASDAQ: COIN) have successfully neutralised the threats before any customer information was compromised. 

Despite the fact that information remains confidential and neither exchange has publicly commented, insiders indicate that neither platform has been compromised. This attempt to breach a digital asset firm is part of a broader, ongoing trend where cybercriminals are increasingly targeting digital asset companies, particularly when the cryptocurrency market is experiencing a surge. 

The latest wave of attacks, which have cost the crypto industry billions, impacted platforms such as Bitfinex, Bybit, and now-defunct FTX, was reported to be a result of Binance and Kraken having robust internal controls and security protocols in place to prevent them from taking place. Based on the findings of the sources, it appears that the attackers employed elaborate manipulation tactics aimed at customer service personnel, which had striking similarities to the attack Coinbase faced earlier. 

The scammers were alleged to have attempted to bribe Binance support agents, even going so far as to share their Telegram contact address in order to facilitate illicit communication with the agents. As a result of the resilience demonstrated by these exchanges, it is clear that cybersecurity strategies in the crypto industry have become more sophisticated, despite adversaries continuing to develop more deceptive methods of infiltration. 

Despite the increasing complexity of cyber threats, both Binance and Kraken proved to be incredibly effective against these threats by successfully preventing potentially damaging data breaches, despite the fact that the threats have become more complex and challenging. Several individuals with knowledge of the matter have told me that the exchanges were targeted by social engineering schemes meant to exploit human weaknesses rather than technical flaws in order to get access to the exchanges. 

The criminals have been reported to impersonate legitimate contact information and bribe customer service representatives via encrypted messaging platforms such as Telegram in order to gain access to confidential user information, including home addresses, account credentials, and other information relating to the individual. The response of Binance was notably facilitated by its sophisticated artificial intelligence-driven detection systems, which had a significant impact on identifying and intercepting suspicious communications, leading to a successful outcome. 

As soon as these Artificial Intelligence tools were able to recognise deceptive patterns across multiple languages, they flagged malicious attempts immediately, before any breaches could occur. Furthermore, Binance's internal security protocols strictly limit data access privileges, which ensure that only verified personnel can retrieve sensitive user information under controlled circumstances during official support interactions. With the multi-layered approach, human error or manipulation was drastically reduced as a result of the multiple layers of security. 

In addition, Kraken implemented rigorous protective measures to counter the threat, though it has not released specific technical details of what was done. A swift and structured internal response was critical in neutralising the attack, according to sources. During the exchange's confirmation process, all user data, including login credentials, private keys, and digital assets, was assured to be completely secure. As a result of these incidents, there is an increasing need to strengthen proactive defence mechanisms and internal accountability to protect customer assets, especially at a time when social engineering is continuing to become more popular among cyber adversaries targeting the cryptocurrency industry as a tactic. 

The recent cyberattacks that occurred on Coinbase, Binance, and Kraken suggest that cybercriminals are shifting their tactics in the cryptocurrency industry in a significant way. Several high-profile breaches have historically been the result of direct technical exploits, including the collapse of Mt. Gox, which resulted in the loss of approximately $460 million, and the hack of Bitstamp in 2015, which cost the exchange $5 million. 

Often, these attacks are based on weaknesses in platform infrastructure, such as code, server configurations, or security protocols, which are exploited to attack platforms. The latest wave of attacks, on the other hand, seems to have adopted a psychologically more refined, socially oriented approach. Cybercriminals are now focusing on manipulating individuals within organisations, specifically those who have access to sensitive systems, rather than attempting to penetrate hardened technical defences. 

They are using psychological manipulation to gain access to sensitive systems within a company. It has been reported that the attackers who are responsible for these recent incidents are using platforms such as Telegram to impersonate trustworthy sources and offer bribes in exchange for confidential customer data, including their home addresses, credentials, and other personal identifiers. In addition to this change in strategy, technical security frameworks within top crypto exchanges are becoming increasingly resilient, demonstrating the growing resilience of these frameworks. 

Binance and Kraken, among others, continue to strengthen their digital defences by utilising artificial intelligence and behaviour-detection systems, leading threat actors to exploit the human element, which is considered to be one of the most vulnerable components of cybersecurity. As a result, they are more likely to exploit the human element.

A notable difference between Coinbase and Binance, and Kraken is that, despite similar manipulation tactics successfully compromising Coinbase systems, similar attempts were swiftly identified and neutralised near-instantly due to robust internal safeguards and real-time AI monitoring conducted at those exchanges. These recent attacks have many parallels to earlier incidents, including the Bitstamp breach, which was also a result of employee phishing, which illustrates that while tools and platforms may have evolved, the fundamental tactic of targeting insider access remains a persistent threat, even though they are using a different approach. 

In order to combat the increasing sophistication of social engineering threats in the cryptocurrency space, continuous training, layered security policies, and proactive detection mechanisms are needed to combat the evolving landscape. As sources familiar with the matter have reported, attempts at hacking Binance and Kraken closely resembled those of Coinbase in recent months, but the attacks were ultimately stopped due to strict internal protocols and advanced security technology, sources familiar with the matter said. 

In Binance, scammers are reportedly offering bribes to customer service representatives and providing them with Telegram handles for further communication, and these scammers are reportedly targeting customers at Binance. As a result of AI-powered monitoring tools, it was possible for the exchange to intercept and halt malicious interactions before any data was compromised by detecting suspicious messages across multiple languages. There are many leading platforms, but Binance is one of the most restrictive. 

Binance limits access to customer data to sessions initiated by users themselves. Over the past two years, it has become increasingly evident that social engineering is an increasing threat in the cryptocurrency sector. For example, Coinbase's support staff was bribed by hackers to obtain sensitive client information, including personal and banking details. The hackers then demanded $20 million as a ransom. It has also been observed that hackers have used stolen user data, obtained through malware and traded on the dark web, to impersonate support teams and to trick their victims, as they have done in recent incidents targeting Binance users in Israel, where attackers used convincing accents and fake credentials to trick them. 

According to cybersecurity experts, the most effective way to protect yourself against social engineering attacks is by strengthening procedures and maintaining an organisational culture that is vigilant. Several recent incidents have demonstrated the importance of conducting comprehensive employee training, ensuring stricter contractor vetting, minimising privileged access, and deploying real-time monitoring processes to detect anomalies in the behaviour of support personnel. As a result, key strategies are emerging, such as implementing a zero-trust access framework, where internal employees only have access to the limited information they need, and using artificial intelligence (AI) to identify indicators of bribery, unauthorised data requests, or attempts to communicate outside official channels. 

A whistleblower system can also provide employees with the confidence they need to report suspicious activity without fear of reprisals. Moreover, smart contracts and automated logs can be integrated into the on-chain auditing process to ensure transparency and traceability of data access. By sharing intelligence among exchanges, the sector will be strengthened by allowing platforms to learn from emerging attack patterns, by enhancing the level of resilience on the platform. 

In the opinion of experts, it is highly likely that if such measures had been fully implemented, the Coinbase breach might have been significantly reduced—or perhaps even avoided altogether. Trust has remained a fundamental pillar in the realm of digital finance, especially for centralised cryptocurrency exchanges that are responsible for the protection of billions of dollars worth of user assets. 

An investment can be eroded quickly by high-profile security incidents, so robust cybersecurity is not only a technical necessity but also a business imperative if such an incident occurs. In response to recent social engineering attacks, Binance and Kraken responded quickly and transparently to send a strong message to their users and stakeholders that they have strengthened their platforms and that cybersecurity is a top priority for them. 

 It has been a real pleasure to watch both exchanges stand up to sophisticated attacks and maintain a transparent posture while acting decisively in the face of such attacks; as a result, they have set new benchmarks for operational integrity and responsiveness within the crypto industry. Additionally, these events serve as a warning to the industry as a whole-highlighting the need for continued investment into employee education, internal controls, and incident response mechanisms. 

While firewalls and encryption will always be an important part of security systems, it is the human element that often poses the greatest threat. By continuing to train and conduct simulations, it is imperative that we strengthen this vulnerability. As a result of these thwarted cyberattacks, Binance and Kraken continue to advance the advancement of secure, trustworthy, and resilient digital asset platforms, which underscores their leadership. 

As the crypto industry continues to evolve, lessons from these thwarted breaches have been instrumental in defining digital asset security for years to come. Centralised exchanges will need to be aware that as their platforms grow and attract a wider variety of participants, they will face increasingly targeted and nuanced attacks. The emphasis must move from deploying cutting-edge technology to building resilient organisational frameworks that anticipate risks proactively, and not just deploy them. 

Security should be a top priority at every level of organisation, as well as investing in specialised training for frontline personnel, as well as cultivating robust incident response ecosystems that can respond rapidly and efficiently. A regulatory agency and an industry alliance should also use this opportunity to encourage transparent reporting and the sharing of intelligence networks as a means of strengthening collective defences. 

Ultimately, the future of the crypto infrastructure depends not just on innovation in blockchains and finance but also on an unwavering commitment to protecting users from emerging threats in the future. It is in this regard that Binance and Kraken serve as not only success stories but, more importantly, as clarion calls for all digital financial institutions to prioritise resilience, accountability, and trust as the foundation for sustainable digital finance, especially in times of crisis.
Read more »
Russian Hackers
cryptocurrency Cyber Crime Elliptic Elliptic reports FTX Hacking Russian Hackers

Elliptic Claims: FTX Hacks Could Have Possible Connection to Russia


In November 2022, the disorderly collapse of the cryptocurrency exchange FTX resulted in a staggering $477 million hack. The previously inactive stolen funds became active just days before Sam Bankman-Fried, the founder and CEO of FTX, went on trial. Elliptic analysts have investigated the event in-depth, following the intricate blockchain trail left by the hackers and finding evidence of Russia's involvement. 

Elliptic’s Insight for the Hack 

According to a report by Elliptic – one of the largest providers of blockchain analytics and crypto compliance solutions – the hackers cleverly masked their activity by moving the stolen assets through a series of intricate transactions. They used private wallets and decentralized exchanges to make it more difficult to trace them. Elliptic was able to track the money, though, and discovered that the hackers distributed a sizable percentage of it to several locations after converting a considerable amount into ether. Potential connections to Russian actors are also revealed by Elliptic's on-chain analysis.

A Possible FTX Hack-Russia Connection 

According to Elliptic, Russia is potentially behind the FTC hack. Apparently, the hacker’s procedures and the subsequent travel of the stolen funds resemble tactics frequently linked to Russian cybercriminals.

The research firm claimed that the laundering tactics used post-theft are strikingly similar to those typically used by Russian hackers. The method they moved money, the private wallets they preferred, and their affinity for decentralized exchanges are all reminiscent of strategies Russian hackers have employed in the past.

The speed and efficiency with which the stolen fund’s laundering is carried out suggested that the campaign was well-planned by an experienced group of hackers. The suspects so far have included everyone from rogue FTX personnel carrying out an inside job to the North Korean hacking collective Lazarus, which has been linked to a number of crypto protocol flaws. While the suspects could be several in number, Russian threat actors check most of the boxes for the ones behind the hack.

Elliptic stated "A Russia-linked actor seems a stronger possibility. Of the stolen assets that can be traced through ChipMixer, significant amounts are combined with funds from Russia-linked criminal groups, including ransomware gangs and darknet markets, before being sent to exchanges.”

Elliptic’s analysis not only emphasize the significance of advanced blockchain analytics in confronting such challenges but also highlights the geopolitical implications present in cybercrime cases. With the swift developments in the digital currency realm, acquiring an insight into the origins and motivations behind these attacks has become important for both security measures and international diplomatic relations.  

Read more »
User Privacy
Crypto Crypto Exchange cryptocurrency Data Breach FTX MFA Protocols security measures User Privacy

FTX Reinforces Security Measures After Recent Cyber Breach

 

A notable cryptocurrency exchange called FTX recently experienced a security compromise that briefly caused its gateway to be unavailable. The event sparked worries about the security of users' assets on the network among users and the larger crypto community. To strengthen its defenses against potential attacks, FTX quickly implemented stronger security measures as a response.

FTX CEO, Sam Bankman-Fried, assured users that their funds were safe and that the breach was quickly contained. He stated, "Our team acted promptly to isolate the breach and secure the affected systems. No user funds were compromised, and we have taken steps to prevent such incidents in the future."

Following the breach, FTX collaborated closely with cybersecurity experts to conduct a thorough investigation. The findings led to the identification of vulnerabilities that were promptly addressed. The exchange has now implemented additional security protocols, including multi-factor authentication and advanced intrusion detection systems.

Cybersecurity experts lauded FTX's swift response and proactive approach to fortifying their platform. Dr. Emily White, a leading cybersecurity analyst, commended FTX's efforts, saying, "FTX's rapid response and commitment to shoring up their security measures demonstrate a proactive approach to safeguarding user assets. This incident serves as a reminder of the evolving nature of cyber threats and the importance of continuous vigilance."

In the wake of the breach, FTX has taken steps to enhance communication with its user base. The exchange has established a dedicated channel for updates on security-related matters, providing users with real-time information and transparency about any potential risks.

The incident at FTX serves as a wake-up call for the entire cryptocurrency industry. As the digital asset space continues to grow, exchanges must prioritize security measures to protect user funds and maintain trust in the ecosystem.

The FTX response to the latest security issue emphasizes how crucially important strong cybersecurity procedures are in the cryptocurrency business. FTX has proven its dedication to protecting user assets by quickly fixing vulnerabilities and deploying improved security processes. This incident should serve as a reminder to all exchanges to emphasize security and keep lines of communication open with their user base.


Read more »
SIM swap
Binance crypto exchanges cryptocurrency Cybersecurity Data Breach Digital threats FTX Identity Theft Kroll Online Security Phishing Attacks SIM swap

Emerging Phishing Campaigns Aim FTX Users After Kroll Data Breach

 

In a recent turn of events that has reverberated across the cryptocurrency community, Changpeng ‘CZ’ Zhao, the Chief Executive Officer of Binance, a globally renowned cryptocurrency exchange, has issued a stern caution to users who were formerly associated with the now-defunct FTX platform. 

This alert revolves around a fresh surge of phishing attacks that have been set in motion following a significant data breach stemming from Kroll, the claims agent responsible for managing FTX’s bankruptcy case.

The Core of the Issue: Kroll Data Breach and Its Ramifications

The crux of this matter revolves around a recent breach in cybersecurity suffered by Kroll, the entity tasked with overseeing claims linked to the ongoing bankruptcy proceedings of FTX. While the specific details of the breach were initially kept confidential, it has now been unveiled that the breach exposed certain non-sensitive customer data belonging to specific claimants involved in the case.

Zhao’s warning emphasizes the seriousness of the situation, explicitly connecting the current series of phishing attacks to this data breach. The pronouncements from the CEO of Binance closely follow FTX’s own declaration concerning the breach, a revelation that has understandably triggered significant apprehension among its user community.

However, what renders this breach especially alarming is the technique through which it was executed. Zhao has illuminated the fact that a SIM swap maneuver executed on an employee's account was pivotal in enabling the breach. For those unfamiliar, a SIM swap involves malicious actors deceiving cellular service providers into transferring a victim’s phone number to a device under their control.

Subsequently, this maneuver allows them to intercept crucial information, including authentication codes, effectively circumventing security measures like two-factor authentication. The gravity of the threat was so pronounced that FTX was compelled to temporarily suspend operations on its claims portal.

The Escalating Peril of Phishing Attacks

Phishing attacks are not an emerging concept in the digital domain. Nevertheless, their persistent and evolving nature has solidified their status as one of the most malicious hazards that internet users encounter today. Fundamentally, these attacks capitalize on deception and psychological manipulation to deceive unsuspecting individuals into disclosing sensitive information, spanning from login credentials to personal financial particulars.

Zhao’s recent alert acts as a somber reminder of the possible havoc that phishing attacks can unleash. When successful, these attacks can lead to a spectrum of consequences, encompassing identity theft, unauthorized entry into sensitive accounts, and substantial financial losses. The fact that prominent platforms like FTX, BlockFi, and the now-defunct Genesis crypto exchange have become targets for cybercriminals underscores the sheer scale and audacity of these threats.

Bolstering Defenses Against the Digital Threatscape

In light of these unfolding events, the responsibility falls upon individual users to enhance their digital safeguards. Zhao's message is crystal clear: complacency is not an option. Users are urged to be proactive in their stance on online security, adopting a multifaceted approach to thwart potential threats.

Foremost, staying well-informed is of paramount significance. Being cognizant of the latest threats and comprehending the strategies of cybercriminals can play a pivotal role in precluding potential attacks. Equally important is vigilance. Users ought to exercise caution in response to unsolicited communications, particularly those soliciting personal or financial information.

Furthermore, embracing robust security measures is imperative. This encompasses, but is not limited to, utilizing strong and distinct passwords for various accounts, activating two-factor authentication whenever feasible, and regularly updating software and applications to rectify known vulnerabilities.

While the digital era presents unparalleled conveniences and avenues, it also introduces an array of challenges. The recent events encompassing the FTX platform and the Kroll data breach underline the ever-evolving nature of the threat landscape. Nonetheless, by merging awareness, vigilance, and resilient security practices, users can confidently navigate this landscape, securing their digital well-being.
Read more »
Sensitive Data Leak
Bitcoin Blockchain Crypto Crypto Hack Crypto heist Cryptocurrencies Data Breach Financial Fraud FTX Genesis Market Kroll Phishing Attacks Sensitive Data Leak

Cryptocurrency Giants FTX, BlockFi, and Genesis Hit by Kroll Hack

Customers of prominent cryptocurrency companies FTX, BlockFi, and Genesis had their financial and personal information exposed in a recent cybersecurity breach. Concerns have been expressed about the security of private information in the cryptocurrency sector as a result of the hack.

The breach, according to claims from sources, was carried out by taking advantage of flaws in the systems of Kroll, a reputable data management business. The personal information of innumerable users is now in danger due to Kroll's involvement in processing the client data of these cryptocurrency companies.

FTX, BlockFi, and Genesis being prominent names in the cryptocurrency sector, have a significant user base that relies on their platforms for trading, lending, and other financial services. The compromised data includes user names, email addresses, phone numbers, transaction histories, and potentially even account passwords. This sensitive information falling into the wrong hands could lead to identity theft, phishing attacks, and financial fraud.

The incident raises questions about the industry's overall data security practices. While the cryptocurrency market has been praised for its decentralized nature and robust encryption, this breach underscores the persistent vulnerabilities that exist in digital systems. Companies dealing with such high-value assets and sensitive data must prioritize cybersecurity measures to prevent such incidents.

The breach has consequences beyond only the immediate loss of client data. Users may stop using these platforms, which could result in lost revenue for the impacted businesses. Regulatory organizations might examine these occurrences more closely, which would result in tougher compliance standards for cryptocurrency businesses.

FTX, BlockFi, and Genesis have assured their consumers that they are acting right now in reaction to the intrusion. They are trying to improve their security procedures, assisting law enforcement, and carrying out in-depth investigations to ascertain the scope of the intrusion. Users who are affected are advised to modify their passwords, use two-factor authentication, and be on the lookout for phishing attacks.

The Bitcoin industry as a whole needs to pay attention after this tragedy. The digital world has unmatched prospects, but it also has its own challenges, notably in terms of cybersecurity. To properly protect the information of their users, businesses must implement proactive security measures, carry out routine audits, and spend money on powerful encryption.

Customers of these affected sites must implement suggested security procedures and stay up to date on developments as the investigation progresses. Additionally, the event highlights how crucial industry cooperation is to jointly fix vulnerabilities and improve the overall security posture of the Bitcoin ecosystem.


Read more »
US SEC
bankruptcy cryptocurrency Cyber Attacks FTX Silvergate US SEC

Crypto Withdrawals of $8bn Hit Silvergate, a US bank

 


Silvergate, the US bank that offers cryptocurrency services, has reported that its clients have withdrawn over $8 billion (£6.7 billion) of their cryptocurrency-linked deposits over the past several weeks. 

In the final three months of 2022, roughly one-third of the bank's customers pulled their deposits from the bank. The bank sold assets worth $5.2 billion to cover the cost and maintain liquidity. 

According to three US regulators, issuance or holding crypto would conflict with safe and sound banking practices as it would be "highly likely that such practices would be compromised." 

Listed on the New York Stock Exchange, Silvergate is a bank regulated by the New York Stock Exchange and a part of the financial sector. A few businesses within this sector offer cryptocurrency services, and this business is one of the very few. Before the November bankruptcy filing of FTX, the crypto exchange was once valued at $32 billion. Withdrawals followed the collapse of the FTX exchange. 

A former FTX boss has pleaded not guilty to charges that he defrauded customers and investors as part of his role at the company. Approximately one million credits may have been affected by bankruptcy, according to prosecutors. 

Cryptocurrencies have been affected by the case, leading to bankruptcy filings at other companies and the price of crypto falling. 

Silvergate's chief executive officer, Alan Lane, said the bank had sold assets to cover customer withdrawals to compensate for the trading risks associated with digital assets "in response to increasing changes in the digital asset market." It seems that Silvergate has also fallen victim to the chilling "crypto winter" that has been devouring the cryptocurrency industry since last spring. 

As the name implies, the so-called crypto bank fills an unusual position in the market, serving as a bank for cryptocurrency companies that had difficulty finding banking services that could be offered by traditional banks. 

An Alameda Research company, which is now bankrupt, is owned by Sam Bankman-Fried. He is suspected of fraud and is awaiting trial in the United States. There is no doubt that Bankman-Fried's downfall has been a blow for Silvergate, but the risk of market confidence has been a more risky blow to the company. In the aftermath of Bankman-Fried's collapse, several small and large investors have pulled their money out of crypto companies, transferring billions of dollars from crypto accounts stored by companies. 

Binance and Coinbase have so far survived the unprecedented withdrawals of users and have become some of the biggest names in the industry. While it seems that Silvergate is also weathering the storm, its balance sheet is taking a heavy hit as a direct result of the storm. 

Before entering the world of cryptocurrency, in November 2019, Silvergate was a small US bank that had recently been made public. The shares of the company had grown by more than 1,500% by the time the market reached its climax in 2021. This was mainly due to the massive growth of crypto during this period. There was a period during which it attempted to launch its stablecoin. During this period, it tried to create a cryptocurrency directly tied to an asset such as gold, the US dollar, or another cryptocurrency. 

Additionally, Silvergate spent $182 million in January 2022 to acquire the technology used in Meta's proposed Diem (formerly Libra) stablecoin, which is yet to hit the market. According to a filing filed with the US Securities and Exchange Commission (SEC), the bank said it had sold the debt to cover withdrawals from its accounts. It said that the purchase of the diem is no longer classified as an asset, indicating that the purchase has been written off. The bank has also deducted its workforce by 40% - about 200 people. Since 2013, withdrawals have cost the company $718m in losses, an amount greater than its profit.   
Read more »
FTX
Crypto cryptocurrency Cyber Security CyberCriminal FTX

Cybersecurity in 2023: Will the Crypto Crash Impact It?

 


One of the questions that naturally arise for those working within the cybersecurity industry after the fall of the FTX exchange puts an end to the cryptocurrency crash of 2022, includes asking how it will affect the cybercrime economy as a result of this rapid decline in cryptocurrency valuations. 

Cybercriminals have been using and abusing cryptocurrency ever since the most recent crypto boom began more than a decade ago to build up their empires and make money. Through the use of cryptocurrency, ransomware is creating a world where you can pay extortion and face jail time. By using cryptocurrency, scammers target consumers to steal their wallets and accounts. A wide range of cybercriminal enterprises has traditionally relied on this method to conceal the fact that they are laundering money behind the scenes in an anonymous manner. 

Although many cybersecurity experts and intelligence analysts agree that there have been some changes in trends and tactics that they believe are loosely related to the crypto crash, the jury is still out on the effects of the crypto crash over the long run, and the jury is still out on how the crypto crash will affect the cyber world. 

The Shifting Trends & Tactics of Cryptocurrencies in 2022 

Despite the value of cryptos this year, cybercriminals have developed a more sophisticated strategy for monetizing their attacks with cryptocurrencies, according to Helen Short, Accenture cybersecurity intelligence analyst, who points to the use of yield farming within the field of decentralized finance, as an example of some ransomware groups making use of yield farming as a monetization method. 

In other words, yield farming is similar to lending money, in that the amount of interest that has to be paid is clearly outlined in the contract that outlines the amount that has to be paid," she explains. As a ransomware group, the advantages are that they will be able to collect legitimate proceeds from the ransom and they will not be forced to launder or hide the funds." 

In her analysis, she has found that threat actors have increasingly turned to 'stablecoins,' which are typically 'pegged' to fiat currencies or gold. This is to decrease the volatility of their wallets. Cryptocurrency is making headlines worldwide due to the recent downturn in its price. This has resulted in cybercriminals having a heightened appetite for risk, leading to more investment frauds and cryptocurrency scams being perpetrated. 

In addition to some people losing their wallet value, others may have simply lost interest in keeping an eye on their accounts. They may have stopped paying as much attention to them. Brittany Allen, the team's trust and safety architect and fraud researcher, offers some insight into how this is fueling another trend. "Fraudsters are noticing that consumers are paying less attention to their crypto wallets than they were when crypto prices were higher earlier this year and in 2021, as a result of plummeting prices for cryptocurrency," she said. Consequently, cryptocurrency account takeover attacks have increased by 79% in the last few months. 

According to the researcher, there is an increasing number of threat actors joining forces instead of being paid by each other for their specialist services. This reduces the costs of the attack as there is a set share of the proceeds included in the agreement. 

Ransomware Will Not Go Away

As far as cybersecurity pundits are concerned, one thing that has been agreed upon almost unanimously is that ransomware will remain prevalent for some time despite the growing volatility of cryptocurrencies. Ransomware activity in 2022 has seen a slight decline compared to early 2022. Despite that, the threat intelligence analyst at Optiv, Aamil Karimi, said that there are other factors out of our control, such as the war in Ukraine. These factors contribute to the decrease in activity.  

A significant regrouping of ransomware cartels has resulted in a decline in activity in recent years, which is more likely to be due to this than anything else. For as long as cryptocurrency is a popular extortion target, he believes extortion will remain a popular business model. 

As of right now, cryptocurrency is the safest medium through which cybercriminals can act as a means of doing transactions. Cryptocurrency is the preferred payment method by extortion," Karimi says. The amount of cybercrime and extortionary activity will not slow down soon, as Karimi doesn't anticipate any slowdown." 

The evolution to be expected in 2023

Cybercriminals may also evolve their techniques in response to increased friction between law enforcement and themselves about other types of attacks in addition to ransomware. This is a result of increased friction between the two organizations. The most common among these is business email compromise (BEC), which does not require cryptocurrency. 

It was determined in the FBI's annual IC3 report [PDF] that business email compromise was the most common method used by attackers to steal fiat coins. It is becoming increasingly easy and convenient for technology to mimic human writing, speech, and even live video. This is a result of advances in artificial intelligence, according to GreyNoise's Rudis. As businesses, ransomware groups have been around for a long time. Therefore, it makes sense to assume that they would use their technological skills to deploy more advanced BEC schemes in addition to their primary mission of stealing money.  

At the same time, attackers are likely to continue advancing technology to stay one step ahead of the authorities. This is regarding the tracking and laundering of money, thereby staying one step ahead of the police. 

"The number of attackers will increase, and they will try to obfuscate their illicit funds by breaking the sequence of blockchain transactions, which will become increasingly sophisticated," Short says. "We will likely see a professionalization of cryptocurrency mixers, such as Tornado Cash, with threat actors offering fast and high value 'cash out as-a-service offerings." 

As a result, she believes that there will be an increase in demand for account takeovers to repurpose stolen accounts to create mule accounts as a way of cashing out on the back end of various scams by 2023, as it will increase the value of personally identifiable information (PII).
Read more »
User Privacy
China Covid Cyber Security Cyptocurrency Elon Musk FTX GRU Russia-Ukraine War User Privacy

5 Most Significant Online Influencers of 2022

The Wired portal has taken the initiative to publish a list of the individuals that sparked the most online debates in 2022. Controversies motives, false information, and online turmoil will also be on the minds of many people going forward. 

Despite some issues that appear to be fading, such as the COVID-19 outbreak and the world of cryptocurrency, these issues frequently come up on social media. Money laundering, theft, and fraud are among the issues frequently in these debates. 

1. Sam Bankman-Fried

Money laundering, theft, and scams have been rampant in the cryptocurrency sector, from the Crypto dark-web drug trade to billions of dollars being taken from crypto firms by cybercriminals. Sam Bankman-Fried is currently charged with fraud of more than $8 billion in connection with the fall of the bitcoin exchange FTX. The exact extent of the misuse of user cash in FTX's collapse is still unknown, and even the new CEO of the firm, John Ray, claims he's never witnessed a greater catastrophe. This could have far-reaching effects on the cryptocurrency economy. 

In addition to the staggering losses, Bankman-Fried stands in as a particularly alarming example of the problems with the crypto economy.  He seemed to really embrace increased government controls of the business, unlike so others in the crypto sphere.

2. Elon Musk

After the purchase of Twitter, Musk's dark side was exposed, and the erratic power of the world's richest person suddenly put a major online institution in danger. Elon fired at least 4,400 contract workers after letting go of nearly 50% of the Twitter personnel, jeopardizing the operations of a service that acts as Twitter's main artery.

Additionally, Twitter has drastically reduced the size of its team of content moderators, creating scenarios where only one employee is left to monitor child abuse-related tweets across the entirety of Japan and the Asia-Pacific area. Twitter has also outlawed left-wing accounts under Musk's supervision which goes against his support for free speech. He provides a glimpse of the conspiracy-minded ideas and trolling that really motivates his behavior. 

3. Xi Jinping

Every wave of brutality under Xi Jinping has been accompanied by a tightening of online restrictions as censors combed social media for any mention of protests. Han Chinese authorities in Xinjiang have even insisted that Uyghurs install an app that checks their phones for prohibited information.

This year's protests against China's oppressive zero-Covid lockdowns have sparked a new round of online repression, in which it is now illegal to even like a protest-related post, and any indication of wrongdoing is monitored through a controlled credit system with the potential to result in users' immediate expulsion from online platforms. He's made it quite apparent that dictatorial control will infiltrate the Chinese digital life.

4. Narendra Modi

India has begun to resemble China ever more in how it suppresses both offline and online protests under Modi and the BJP. The Indian government has recently taken steps to tighten its control over social media, including temporarily shutting down the internet in the disturbed region of Kashmir, banning several Chinese apps, including TikTok, and giving a three-person group control over social media moderation policy choices.

The government can use the new IT regulations as a tool to challenge the platforms when it wants. It's the initial step toward making it possible to restrict online speech like in China.

5. GRU

In the past seven years, Russia's GRU military intelligence units known as Sandworm and APT28 caused two blackouts in Ukraine. In 2022, it started a plethora of cyberattacks aimed at erasing data from the Ukrainian government and business networks, frequently concurrent with direct physical assaults by the invading army. In a NotPetya-like incident of collateral damage, one GRU malware operation even managed to shut down connectivity to 5,000 wind turbines spread around Germany. A third blackout strike in Ukraine was also attempted by GRU's Sandworm hackers, but this time, at least in the view of the Ukrainian government, defenses were able to prevent it.

The year 2022 will be regarded as a time of major global events with several noteworthy events and occasions. Despite some issues that appear to be fading, such as the COVID-19 outbreak and the world of cryptocurrency, money laundering, theft, and fraud are among the issues frequently on social media. 
Read more »
Subscribe to: Posts (Atom)