Cybercriminals
3,483 views
7 Posts
Hot
Latest
Hacker Admits to Stealing $37 Million in Cryptocurrency Through a "Cyber Attack"
Evan Frederick Light faces up to 20 years in prison for each of several charges, including conspiracy to commit wire fraud and money laundering.
A #Hacker who infiltrated corporate servers and stole more than $37 million in cryptocurrency from nearly 600 victims has admitted to #conspiracy charges related to wire #fraud and money laundering.
Crime Through Investment Company Servers
The United States Department of Justice announced on October 1st that Evan Frederick Light, from Indiana, illegally accessed the servers of an investment company to obtain sensitive customer information. He then used this data to steal cryptocurrency from clients who held digital assets with the firm.
Covering Tracks Using Crypto Mixers
Light attempted to cover his tracks by passing the stolen funds through #cryptocurrency mixers and gambling websites to hide his identity and obscure the flow of the money.
On September 30th, he pleaded guilty to the charges, facing up to 20 years in prison for each count.
Conviction and Collaboration with Another Offender
Light was charged on June 15, 2023, in South Dakota, where he initially denied his guilt. The Department of Justice stated that the crimes were committed between 2021 and May 2023. During these activities, Light collaborated with at least one other unidentified co-conspirator.
Strong Warning to Cybercriminals
The Department of Justice emphasized its commitment to apprehending #Cybercriminals . "Although this defendant tried to hide in the shadows of the cyber underworld, our team caught up with him," the department said. These charges serve as a reminder that cybercriminals, no matter how sophisticated, will be brought to justice.
Americans' Losses Due to Crypto Scams
According to an FBI report, Americans lost a total of $5.6 billion to cryptocurrency scams in 2023, a 45% increase from 2022. The FBI received approximately 69,000 complaints related to cryptocurrency that year. The most affected victims were those over the age of 60. Around 70% of the scams were linked to investment schemes, while 10% involved call center fraud or fake government agents.
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
A #Hacker who infiltrated corporate servers and stole more than $37 million in cryptocurrency from nearly 600 victims has admitted to #conspiracy charges related to wire #fraud and money laundering.
Crime Through Investment Company Servers
The United States Department of Justice announced on October 1st that Evan Frederick Light, from Indiana, illegally accessed the servers of an investment company to obtain sensitive customer information. He then used this data to steal cryptocurrency from clients who held digital assets with the firm.
Covering Tracks Using Crypto Mixers
Light attempted to cover his tracks by passing the stolen funds through #cryptocurrency mixers and gambling websites to hide his identity and obscure the flow of the money.
On September 30th, he pleaded guilty to the charges, facing up to 20 years in prison for each count.
Conviction and Collaboration with Another Offender
Light was charged on June 15, 2023, in South Dakota, where he initially denied his guilt. The Department of Justice stated that the crimes were committed between 2021 and May 2023. During these activities, Light collaborated with at least one other unidentified co-conspirator.
Strong Warning to Cybercriminals
The Department of Justice emphasized its commitment to apprehending #Cybercriminals . "Although this defendant tried to hide in the shadows of the cyber underworld, our team caught up with him," the department said. These charges serve as a reminder that cybercriminals, no matter how sophisticated, will be brought to justice.
Americans' Losses Due to Crypto Scams
According to an FBI report, Americans lost a total of $5.6 billion to cryptocurrency scams in 2023, a 45% increase from 2022. The FBI received approximately 69,000 complaints related to cryptocurrency that year. The most affected victims were those over the age of 60. Around 70% of the scams were linked to investment schemes, while 10% involved call center fraud or fake government agents.
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Hackers Begin Using AI to Spread Malware
Researchers from HP have discovered malware created using generative #artificialintelligence during the analysis of a suspicious email.
Generative AI Accelerates Malware Creation
The development of malware has become easier and faster thanks to generative AI. Malware developers can now use AI to speed up the process of writing code, leading to an increase in the number of #Attacks and allowing even less experienced individuals to develop harmful software.
A September report from HP’s Wolf Security team uncovered a new version of the AsyncRAT trojan, which is used to remotely control a victim’s computer. Researchers found this version while analyzing a suspicious email sent to one of their clients.
Malware Written with Artificial Intelligence
While the original AsyncRAT was developed by humans, this new version contained an injection technique that researchers believe was created using generative AI. Although AI has previously been used to create phishing lures, the report notes that there was little evidence of AI being used to write malicious code "in the wild" before this discovery.
One of the key indicators was that the code contained detailed comments explaining the function of each part. This is unusual for #Cybercriminals , who generally do not want others to understand how their malware works.
In-Depth Analysis of the Malware
Researchers initially encountered the suspicious email, which was sent to users of HP’s Sure Click threat containment software. The email appeared to be an invoice written in French, likely targeting French-speaking individuals. Initially, the contents of the file were difficult to determine because it was encrypted. However, after breaking the password, the hidden malware was revealed.
The #Malware consisted of a Visual Basic script that wrote data to the user’s registry, installed a JavaScript file, and launched Powershell. This led to the installation of AsyncRAT malware on the device.
AsyncRAT Development and Its Risks
AsyncRAT, originally released on GitHub in 2019, is a remote management tool. Although its developers claim it is a legitimate open-source software, it has been predominantly used by cybercriminals. It allows attackers to remotely control infected devices and can be used to steal sensitive data, such as private keys or phrases for cryptocurrency wallets, leading to potential financial losses.
Although AsyncRAT is not new, this variant uses a new injection method, which shows signs of having been created using generative AI. This indicates that the new technology is making it easier for attackers to carry out cyberattacks.
AI Increases the Threat of Cyberattacks
HP’s report highlights that generative artificial intelligence is accelerating #cyberattacks and lowering the barrier for cybercriminals to infect devices. Security researchers are still grappling with the effects of AI advancements on cybersecurity.
The risks associated with AI include its potential misuse to identify vulnerabilities in smart contracts, which could be exploited by both ethical and malicious hackers. In May 2023, Meta also warned that some malware creators are using fake versions of popular AI tools to lure victims.
Generative artificial intelligence is fundamentally changing the rules of cybersecurity and presents a new challenge in the fight against malware.
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Generative AI Accelerates Malware Creation
The development of malware has become easier and faster thanks to generative AI. Malware developers can now use AI to speed up the process of writing code, leading to an increase in the number of #Attacks and allowing even less experienced individuals to develop harmful software.
A September report from HP’s Wolf Security team uncovered a new version of the AsyncRAT trojan, which is used to remotely control a victim’s computer. Researchers found this version while analyzing a suspicious email sent to one of their clients.
Malware Written with Artificial Intelligence
While the original AsyncRAT was developed by humans, this new version contained an injection technique that researchers believe was created using generative AI. Although AI has previously been used to create phishing lures, the report notes that there was little evidence of AI being used to write malicious code "in the wild" before this discovery.
One of the key indicators was that the code contained detailed comments explaining the function of each part. This is unusual for #Cybercriminals , who generally do not want others to understand how their malware works.
In-Depth Analysis of the Malware
Researchers initially encountered the suspicious email, which was sent to users of HP’s Sure Click threat containment software. The email appeared to be an invoice written in French, likely targeting French-speaking individuals. Initially, the contents of the file were difficult to determine because it was encrypted. However, after breaking the password, the hidden malware was revealed.
The #Malware consisted of a Visual Basic script that wrote data to the user’s registry, installed a JavaScript file, and launched Powershell. This led to the installation of AsyncRAT malware on the device.
AsyncRAT Development and Its Risks
AsyncRAT, originally released on GitHub in 2019, is a remote management tool. Although its developers claim it is a legitimate open-source software, it has been predominantly used by cybercriminals. It allows attackers to remotely control infected devices and can be used to steal sensitive data, such as private keys or phrases for cryptocurrency wallets, leading to potential financial losses.
Although AsyncRAT is not new, this variant uses a new injection method, which shows signs of having been created using generative AI. This indicates that the new technology is making it easier for attackers to carry out cyberattacks.
AI Increases the Threat of Cyberattacks
HP’s report highlights that generative artificial intelligence is accelerating #cyberattacks and lowering the barrier for cybercriminals to infect devices. Security researchers are still grappling with the effects of AI advancements on cybersecurity.
The risks associated with AI include its potential misuse to identify vulnerabilities in smart contracts, which could be exploited by both ethical and malicious hackers. In May 2023, Meta also warned that some malware creators are using fake versions of popular AI tools to lure victims.
Generative artificial intelligence is fundamentally changing the rules of cybersecurity and presents a new challenge in the fight against malware.
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Telegram, WhatsApp Users Targets Of Trojan Apps Stealing Crypto
ESET detected many #Telegram and #WhatsApp clone websites that prey on Android and Windows users with trojanized instant messaging programs with the intention of stealing their victims' cryptocurrency.
The researchers found a large number of dangerous programs that are categorized as clippers, a type of malware that either steals or modifies clipboard information. These scammers target #cryptocurrency wallets of their victims and, in some circumstances, expressly target their cryptocurrency funds.
For the first time, Android clippers have been discovered inside of instant messaging programs, opening up new opportunities for hackers to prey on the rising number of cryptocurrency users.
A couple of these applications also use optical character recognition (OCR) technology, a previously unheard-of function in Android malware, to detect text in screenshots captured on the infected devices.
These clippers' main goal is to intercept victims' message conversations and replace any sent or received bitcoin wallet addresses with ones under the attackers' control. As a result, fraudsters can steal money from unaware users who rely on the trojanized applications to deal in cryptocurrencies.
The malicious Windows versions of WhatsApp and Telegram that are packaged with remote access trojans (RATs) were discovered in addition to the trojanized WhatsApp and Telegram Android applications by #ESET researchers. These RATs provide attackers even more access to the victims' devices, enabling them to steal private data and carry out other nefarious deeds.
ESET researchers found the first Android clipper on Google Play before the App Defense Alliance was founded. As a result of this revelation, Google strengthened Android security by restricting background app actions on the system-wide clipboard on Android versions 10 and up.
The most recent research, however, demonstrates that these security measures have not entirely solved the issue.
Users are advised by cybersecurity professionals to take caution when installing instant messaging programs and to only do so from reputable stores like the Google Play Store or the Apple App Store.
To further protect themselves against these kinds of assaults, users should use strong, unique passwords for their accounts and keep their devices updated with the most recent security updates.
The research emphasizes the significance of maintaining vigilance in securing one's digital assets as well as the rising threat posed by malware targeted at cryptocurrencies. #Cybercriminals will probably keep coming up with new strategies and techniques to target people and steal their precious digital assets as cryptocurrencies gain in popularity.
After a recent event involving the decentralized financing (DeFi) site Euler Finance, which had a flash loan attack and lost $197 million in DAI stablecoin, WBTC, stETH, and USDC, this development has occurred.
In order to find the offenders, Euler Labs is presently working with security experts and law enforcement organizations.
The researchers found a large number of dangerous programs that are categorized as clippers, a type of malware that either steals or modifies clipboard information. These scammers target #cryptocurrency wallets of their victims and, in some circumstances, expressly target their cryptocurrency funds.
For the first time, Android clippers have been discovered inside of instant messaging programs, opening up new opportunities for hackers to prey on the rising number of cryptocurrency users.
A couple of these applications also use optical character recognition (OCR) technology, a previously unheard-of function in Android malware, to detect text in screenshots captured on the infected devices.
These clippers' main goal is to intercept victims' message conversations and replace any sent or received bitcoin wallet addresses with ones under the attackers' control. As a result, fraudsters can steal money from unaware users who rely on the trojanized applications to deal in cryptocurrencies.
The malicious Windows versions of WhatsApp and Telegram that are packaged with remote access trojans (RATs) were discovered in addition to the trojanized WhatsApp and Telegram Android applications by #ESET researchers. These RATs provide attackers even more access to the victims' devices, enabling them to steal private data and carry out other nefarious deeds.
ESET researchers found the first Android clipper on Google Play before the App Defense Alliance was founded. As a result of this revelation, Google strengthened Android security by restricting background app actions on the system-wide clipboard on Android versions 10 and up.
The most recent research, however, demonstrates that these security measures have not entirely solved the issue.
Users are advised by cybersecurity professionals to take caution when installing instant messaging programs and to only do so from reputable stores like the Google Play Store or the Apple App Store.
To further protect themselves against these kinds of assaults, users should use strong, unique passwords for their accounts and keep their devices updated with the most recent security updates.
The research emphasizes the significance of maintaining vigilance in securing one's digital assets as well as the rising threat posed by malware targeted at cryptocurrencies. #Cybercriminals will probably keep coming up with new strategies and techniques to target people and steal their precious digital assets as cryptocurrencies gain in popularity.
After a recent event involving the decentralized financing (DeFi) site Euler Finance, which had a flash loan attack and lost $197 million in DAI stablecoin, WBTC, stETH, and USDC, this development has occurred.
In order to find the offenders, Euler Labs is presently working with security experts and law enforcement organizations.