Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Online Banking. Show all posts
Paytm fraud
bank transaction fraud BSF Personnel Cyber Fraud Online Banking Online fraud online transactions Paytm Paytm fraud

Yoga Trainer Defrauded of Rs.94,998 in a Paytm Fraud


In a shocking incident of cyber fraud in Lucknow, India, a yoga trainer lost Rs. 94,998 from her bank account within five transactions that she made online. The victim claims to have been approached by the fraudsters impersonating a BSF personnel who requested to deposit the said amount to a Paytm account.

Sudha Swarnkar, a professional yoga teacher claims to have lost the whopping sum in only 20 minutes. After realizing she has been duped, the victim lodged a complaint to her local cybercrime unit of Lucknow police, with Ashiana police station.

Sudha’s father, Ghanshyam Swarnkar, who works at the information department condemned the police for their delay in investigation, emphasizing the fraudster managed to defraud the money in just 20 minutes with only five transactions, but the police is yet to take action on the matter even after one week since the incident.

Sharing details of the online fraud, Mr. Ghanshyam says that on July 15 his daughter was approached by the fraudster over the phone, claiming to be Pankaj Kumar Pandey, a Border Security Force (BSF) personnel. The ‘BSF personnel’ offered her a role in the two-month-long yoga camp that will be sponsored by BSF in the Lucknow Cantonment area.

After giving more details on the yoga camp to build the victim’s trust, the fraudster asked her to deposit the fees that must be paid as a ‘hiring request’ through the Paytm account linked to her bank account. He claimed that the scammer sent her a Paytm request asking her to complete a Rs 2 transaction and pay the associated fees.

He further noted that the Paytm account showed the username as ‘Bitoli Devi,’ and when it seemed the money was debited, the transaction failed. Following this, at the request of the fraudsters, the victim repeated the transaction process again and again. By the time she realized what was going on, an amount of Rs 94,998 was already debited from her account through the five transactions that she made.

According to Mr. Ghanshyam, the phone number of the fraudster is still active, with him making calls to the victim actively. However, the police did not react to the complaint while confirming that the investigation on the matter is ongoing.

Read more »
USA
Cryptocurrency Fraud Cyber Fraud Cybercrimes Lazarus Group Online Banking USA

US Government Seizes Cryptocurrency Worth $30 Million From Lazarus Hackers

The U.S. government in collaboration with blockchain analysts and FBI agents successfully seized $30 million worth of cryptocurrency stolen by the North Korean-linked hacker group 'Lazarus' from the popular token-based 'play-to-earn' game Axie Infinity earlier in the year. 

The government reported this news during the AxieCon event today, where the officials highlighted it as a big achievement. The officials further appreciated and encouraged large-scale collaboration between multiple law enforcement authorities and private entities against growing cyber threats. 

As per the statements made by blockchain analysts on Thursday, it's a momentous event for law enforcement agencies as it is the first time when the agencies have successfully seized crypto tokens from the infamous Lazarus Group. 

“I am proud to say that the Chainalysis Crypto Incident Response team played a role in these seizures, utilizing advanced tracing techniques to follow stolen funds to cash out points and liaising with law enforcement and industry players to quickly freeze funds”, the blog reads. 

Chainalysis talked about the laundering process of the group which involves the following five stages:  

• Stolen Ether sent to intermediary wallets 
• Ether mixed in batches using Tornado Cash 
• Ether swapped for bitcoin 
• Bitcoin mixed in batches 
• Bitcoin deposited to crypto-to-fiat services for cashout,  

However, following the incident, the US Office of Foreign Assets Control - Sanctions Programs and Information has sanctioned tornado cash for its role in the cryptocurrency laundering case. 

The total financial damage caused by Lazarus' Axie Infinity hack is around $620 million, thus, the amount that has been recovered represents only 5% of that value and 10% of the cryptocurrency amount. 

The analysts further stated they “have proven that with the right blockchain analysis tools, world-class investigators and compliance professionals can collaborate to stop even the most sophisticated hackers and launderers. There is still work to be done, but this is a milestone in our efforts to make the cryptocurrency ecosystem safer.” 

Hence, the US government and New York-based blockchain analysis firm are confident that in the future they will recover more damages from the past.
Read more »
User Security
Banking Trojan malware Online Banking User Security

Newly Discovered ZE Loader Targets Online Banking Users

 

IBM Security researchers have discovered a new form of overlay malware targeting online banking users. Dubbed ZE Loader, is a malicious Windows application that attempts to obtain financial data from victims by establishing a back door connection. However, unlike the typical banking Trojans, the ZE loader employs multiple stealth tactics to remain hidden, and stores permanent assets on infected devices.

The malware is targeting banks, online payment processors, and cryptocurrency exchanges and is able to interact with the victim's device in real-time, thereby greatly enhancing the finesse of the whole operation. Once the victim falls into the trap, the attacker is notified in real-time and can take over the system remotely. Upon installation, the malware performs the steps listed below: 

• It ensures that the Trojan is running with administrator permissions. 
• It establishes a Remote Desktop Protocol (RDP) connection to the command-and-control server. 
• ZE Loader enables multiple RDP connections on the infected device by exploiting with the Windows Registry. 
• The malware also designs a new user account with the name Administart0r and password 123mudar. 
• Finally, the malware makes sure to allow RDP connections through the Windows Firewall. 

In the meantime, the malware will also plant some files on the victim's device. Some of these are created to loosen the security measures, while a JDK_SDK file carries all of the assets that malware uses during its attack. This is rather uncommon – typically, Trojans that execute overlay attacks fetch their images and phishing pages from the remote server. However, this malware stores all of these assets in an encrypted state on the victim's machine. 

The malware actively monitors newly opened processes and active browser sessions. If it spots that the victim is trying to load one of the supported online banking sites or an app that the Trojan targets, the attacker will receive a notification. Once the attackers connect via RDP, they can begin to implement commands. Usually, that would display the phishing assets from the JDK_SDK file that the ZE Loader brought along. The attackers are able to play out various scenarios to obtain data. For example, they could ask the victim for login credentials, credit card data, two-factor authentication, and more.

While the ZE Loader does not implement the most sophisticated overlay attack, it is still a very dangerous piece of malware. Protect your Windows systems from such attacks by using up-to-date antivirus tools and also make sure to learn how to browse the Web safely, researchers advised.
Read more »
Subscribe to: Posts (Atom)