Threat Actor: Hacker | hacker Victim: Albatross Protocol | Albatross Protocol Price: $10,000 Exfiltrated Data Type: Remote Code Execution (RCE) exploit

Key Points :

Exploit leverages a buffer overflow vulnerability. Does not work with Address Space Layout Randomization (ASLR) enabled. Faces issues bypassing FULL RELRO as it requires writing in the Global Offset Table (GOT).…
Read More

In the past few months, the Telegram clicker game Hamster Kombat has taken the world of cryptocurrency game enthusiasts by storm. Even though the gameplay, which mostly entails repeatedly tapping the screen of one’s mobile device, might be rather simple, players are after something more: the possibility of earning big once Hamster Kombat’s creators unveil the promised new cryptocoin tied to the game.…

Read More

Summary: Indian crypto exchange WazirX suffered a cyber attack resulting in the loss of virtual assets valued at over $230 million, linked to North Korean threat actors. The breach exploited vulnerabilities in a multi-signature wallet system designed for enhanced security.

Threat Actor: North Korea | North Korea Victim: WazirX | WazirX

Key Point :

The attack targeted a multi-signature wallet, bypassing security measures by exploiting discrepancies in transaction data.…
Read More

Insikt Group examines a large-scale Russian-language cybercrime operation using fake Web3 gaming initiatives to distribute malware designed to steal information from both macOS and Windows users. These Web3 games, which are based on blockchain technology, offer the potential for financial gains through cryptocurrency earnings.

Web of Deceit: The Rise of Imitation Web3 Gaming Scams and Malware Infections

The campaign involves creating imitation Web3 gaming projects with slight name and branding modifications to appear legitimate, along with fake social media accounts to bolster their authenticity.…

Read More

Summary: Tether, a cryptocurrency company, has frozen over 29 million of its stablecoins that were connected to a Cambodian online marketplace involved in pig butchering scams and other cybercriminal activities in Southeast Asia.

Threat Actor: Tether | Tether Victim: Huione Guarantee | Huione Guarantee

Key Point :

Tether has frozen 29 million of its stablecoins that were linked to Huione Guarantee, an online marketplace involved in cybercriminal operations in Southeast Asia.…
Read More

June 2024 has been a whirlwind of significant cyber attacks targeting high-profile organizations worldwide. Following the ongoing Snowflake-related issues, the past month has seen cases such as a TeamViewer data breach by a notorious Russian espionage group, massive Ethereum and Bitcoin thefts, and the sprawling Polyfill supply chain attack affecting hundreds of thousands of websites.…

Read More

Summary: Coordinated DNS hijacking attacks targeting decentralized finance (DeFi) cryptocurrency domains are redirecting visitors to phishing sites hosting wallet drainers.

Threat Actor: Unknown | Unknown Victim: Decentralized finance (DeFi) cryptocurrency platforms | Decentralized finance (DeFi) cryptocurrency platforms

Key Point :

A wave of coordinated DNS hijacking attacks is targeting DeFi cryptocurrency domains.…
Read More

Summary: The content discusses how the online marketplace Huione Guarantee is being used for money laundering from online scams, particularly the “pig butchering” investment fraud.

Threat Actor: Huione Guarantee | Huione Guarantee Victim: Individuals targeted by online scams | online scam victims

Key Point :

Huione Guarantee, a seemingly legitimate online marketplace, is being used as a platform for money laundering from online scams, including the “pig butchering” investment fraud.…
Read More

Summary: A new malware distribution campaign is using fake Google Chrome, Word, and OneDrive errors to deceive users into running malicious PowerShell “fixes” that install malware.

Threat Actor: ClearFake, ClickFix, TA571

Victim: Multiple victims targeted by the threat actors mentioned above.

Key Point :

The campaign involves the use of website overlays that prompt users to install a fake browser update, resulting in malware installation.…
Read More

Key findings 

Proofpoint researchers identified an increasingly popular technique leveraging unique social engineering to run PowerShell and install malware. Researchers observed TA571 and the ClearFake activity cluster use this technique. Although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk.…

Read More

Summary: This article discusses the phishing activity targeting Brazil, with a focus on the involvement of threat actors linked to North Korea.

Threat Actor: Threat actors linked to North Korea | North Korea Victim: Brazilian government, aerospace, technology, and financial services sectors | Brazil

Key Point :

Threat actors linked to North Korea have been responsible for one-third of all phishing activity targeting Brazil since 2020.…
Read More