We have collected the most important news from the world of cybersecurity for the week.
122 GB of stolen credentials were extracted from Telegram channels.The hacked Microsoft X account promoted a fake cryptopresale on behalf of Roaring Kitty.The FBI has warned about \"recruitment agencies\" stealing cryptocurrency.The number of alleged victims of the Snowflake attack has increased.122 GB of stolen credentials were extracted from Telegram channels
Anonymous researchers transferred 122 GB of credentials collected in various Telegram channels of cybercriminals to the Have I Been Pwned leak aggregator. This was announced by the owner of the service, Troy Hunt.
New breach: Last week, 361M unique email addresses were collated from malicious Telegram channels. Data also included passwords and often, the website they were entered into, captured by info stealer malware. 58% were already in @haveibeenpwned. More: https://t.co/5DSTy4xfLN
— Have I Been Pwned (@haveibeenpwned) June 3, 2024According to him, the resulting dump contains 361 million email addresses. 151 million of them had not previously been included in the database. The transmitted data also included passwords and, in many cases, the site to which they related.
Due to the huge amount of information, it is impossible to fully verify its legitimacy. However, Hunt confirmed the connection of a number of leaked email addresses linked to websites through a password reset form.
Hacked Microsoft X Account Promoted Fake Cryptopresale on Behalf of Roaring Kitty
Scammers hacked Microsoft's X account in India, which has a golden authenticity check mark, to advertise a fake cryptocurrency presale allegedly on behalf of financial analyst and trader Keith Gill, known by the nickname Roaring Kitty.
His recent return caused a stir, in the wake of which the attackers decided to make money. They posted a link to a phishing site for more than 211,000 subscribers, where they offered to purchase GameStop cryptocurrency in the amount of 0.1 to 0.5 ETH as part of the presale. However, their main goal was to empty user wallets.
A fraudulent tweet. Data: X.The campaign received additional distribution due to numerous retweets from bot accounts.
The FBI warned about stealing cryptocurrency \"recruitment agencies\"
Residents of the United States are asked to be careful about ads for remote work, since hackers began to look for victims to steal cryptocurrencies in this way.
Under the guise of recruiters of legitimate companies, scammers offer simple work at home, such as rating restaurants or "optimizing" services through interaction with a certain platform.
The reward for completing these tasks has a confusing structure. In the personal account, the user allegedly sees the amount earned, but to withdraw it, it is necessary to replenish the balance of the cryptocurrency wallet. In some cases, they also offer to pay for \"unlocking \" new tasks. However, the scheme assumes that all funds are received by its organizers.
Advance Auto Parts and LendingTree are supposedly the next victims of the Snowflake attack
A user under the nickname Sp1d3r stated that he has data from customers of the automotive giant Advance Auto Parts, as well as the financial company LendingTree and its "daughter" QuoteWizard — 380 million and 190 million records, respectively. He posted an announcement about the sale of leaks on the recently reopened hacker forum BreachForums, Wired writes.
Data: BreachForums.According to the seller, both dumps were obtained as a result of hacking the account of an employee of the Snowflake cloud storage company. Earlier, leaks from the American ticket operator Ticketmaster and the Spanish bank Santander were linked to this incident.
The attacker demands $1.5 million for 3 TB of Advance Auto Parts data, and $2 million for 2 TB of LendingTree and QuoteWizard files. The potentially affected companies have not publicly confirmed any security breaches.
In a recent comment on the situation, Snowflake representatives reported that hackers used usernames and passwords stolen with the help of inforstilers to access their systems. The campaign was aimed at users with one-factor authentication.
The investigation of the incident is ongoing.
Law enforcement officers received 7,000 decryption keys for LockBit victims
FBI officials have announced that they have more than 7,000 decryption keys of the LockBit hacker group, with which victims of the ransomware can recover data.
We are talking about the victims from June 2022 to February 2024. During this period, cybercriminals earned up to $1 billion.
Earlier, law enforcement officers seized the gang's infrastructure and revealed the identity of the malware administrator.
Media: Bangladesh police officers suspected of selling citizens' data via Telegram
Two senior officials of the Bangladesh anti-terrorist police allegedly sold personal information of citizens obtained from a secret state database to criminals via Telegram. This is reported by TechCrunch with reference to a letter signed by a local intelligence officer.
Potentially, criminals could get hold of national identification data of citizens, recordings of conversations on mobile phones and other "secret information".
According to the letter, police agents were suspected of criminal activity because they too often requested access to NTMC system logs.
An investigation is underway.
Also on ForkLog:
Sky Mavis returned the stolen $5.7 million.Cosmos Hub has resumed operation after a four-hour outage.A student from China has challenged a prison sentence for withdrawing the token's liquidity.DMM Bitcoin will raise $350 million to compensate victims of hacking.The CEO of Tether warned about the hacking of the email mailing service.The right to speak and the fear of AGI. Employees of AI companies sounded the alarm.SlowMist named the main reasons for the loss of funds by users.Lawyers reported on the mass detention of P2P traders with Bybit in Moscow.The top manager of the media company was accused of $67 million in cryptocurrency fraud.The Binance user lost $1 million due to the Chrome plugin, the exchange shifted the blame to the client himself.Elon Musk's deepfake "distributed" bitcoins on YouTube.The Frax Finance team linked the hacking of the X account to an insider from the social network.DEX Velocore lost $6.8 million as a result of the exploit.What should I read on the weekend?
Together with the company \"SHARD\" we talk about popular NFT fraud schemes.
https://forklog.com/exclusive/nft-skam-populyarnye-shemy-i-sredstva-zashhity