Tag: Phishing

KuCoin User Linked to Memecoin Scams

by Blockchain News

KuCoin, which is a famous cryptocurrency exchange, has just verified that the address of a user is related to the start of hundreds of frauds using memecoin. This news was recently reported. A user on Twitter discovered on April 26 that the in question address had been responsible for the creation of two to five memecoins each and every day for the previous two years. The community member also brought up the fact that KuCoin “owned and controlled” the wallet addresses, which they mentioned in their post. Despite the fact that the blockchain explorer Etherscan has identified the address as belonging to a false phishing wallet, KuCoin has declared that they would not freeze the user’s funds in the absence of an official warning from law enforcement.

However, KuCoin has also stated that they will assist and cooperate with law enforcement agencies to take temporary risk control measures if the reporting party provides relevant legal documents, procedures, or reporting records. KuCoin made this statement in response to a question about whether or not they would do this. This action will be carried out in compliance with user agreements, complaints and reports, as well as the laws of the Seychelles.

The KuCoin platform had a security breach on April 24, which led to the official Twitter account of the platform being hacked. This issue arises as a consequence of that incident. The account intentionally uploaded misleading activities, which resulted in the loss of assets for several of its followers. After discovering the security flaw, KuCoin collaborated with Twitter to restore the hacked social media account and made a commitment to compensate the users whose accounts were compromised.

Some people in the cryptocurrency community have voiced their disagreement with KuCoin’s decision to not place a freeze on the user’s assets. These individuals believe that it is the responsibility of the exchange to protect its users from fraudulent behavior on its platform. On the other hand, some people have pointed out that KuCoin does not have the legal power to freeze assets since it has not received an official warning from law authorities.

This incident demonstrates how vitally important security is in the cryptocurrency business and how essential it is for exchanges to take preventative steps to thwart fraudulent conduct. Although KuCoin has pledged to assist law enforcement agencies, it is not yet clear how this situation will be resolved or what steps will be taken to prevent incidents of this nature from occurring in the future. KuCoin has stated that it will assist law enforcement agencies.

Source

Tagged : / / / / /

Google Ads Used in $4M Crypto Phishing Scam

by Blockchain News

A recent study by ScamSniffer, a Web3 anti-scam service provider, has revealed that scammers have stolen over $4 million in cryptocurrency from unsuspecting users through phishing websites promoted on Google Ads. The fraudulent websites prompt wallet login signature requests that compromise users’ addresses, and have specifically targeted decentralized finance protocols, websites, and brands, including Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant.

The phishing websites use slight variations to official URLs, making it challenging for users to identify that they’ve clicked on malicious links. Analysis of metadata from some of the phishing websites shows that they are linked to advertisers in Ukraine and Canada, who employ several methods to bypass Google’s ad review process. This includes manipulating the Google Click ID parameter, allowing the attackers to show a normal webpage during Google’s ad review. Other malicious adverts use anti-debugging methods to redirect users with developer tools enabled to a normal website, while a direct click takes users to the malicious website. These tactics allow scammers to bypass some of Google Ads’ machine reviews.

On-chain data analysis from addresses linked to malicious websites advertised on Google from ScamSniffer’s database suggests that $4.16 million has been stolen from over 3,000 users in the past month. The anti-scam service provider followed on-chain flows of funds to various exchange and mixing services, including SimpleSwap, Tornado Cash, KuCoin, and Binance.

ScamSniffer also suggests that promoting crypto-related phishing websites is a lucrative business. The average cost per click for associated keywords is between $1 to $2, estimating a conversion rate of 40% from 7,500 users clicking on malicious adverts, scammers have spent around $15,000 on advertising which provided a return on their malevolent investments of 276%, given the $4 million stolen to date.

This news comes as Russian cybersecurity and anti-virus provider Kaspersky highlights a significant increase in crypto-related phishing attacks through 2022, with over 5 million phishing attacks identified last year, up 40% year on year.

It is essential for users to be vigilant and take precautions to protect their cryptocurrency. Users should avoid clicking on suspicious links, ensure their devices have up-to-date anti-virus software, use two-factor authentication (2FA) wherever possible, and use a reputable wallet with secure features.

Source

Tagged : / / / / /

Cryptocurrency Phishing Attacks Rise by 40% Year-on-Year in 2022

by Blockchain News

Cryptocurrency-related cyberattacks have seen bad actors shift their focus from traditional financial threats to phishing. Kaspersky has revealed a 40% year-on-year increase in cryptocurrency phishing attacks in 2022, with 5,040,520 attacks detected compared to 3,596,437 in 2021. Phishing attacks involve reaching out to investors through fake websites and communication channels that mimic official companies, and prompting users to share personal information such as private keys, which ultimately provides attackers unwarranted access to crypto wallets and assets.

While Kaspersky could not predict if the trend of cryptocurrency phishing attacks would increase in 2023, phishing attacks continue to gain momentum in 2023. In a survey conducted by Kaspersky, one out of seven respondents admitted to being affected by cryptocurrency phishing.

Phishing attacks predominantly involve giveaway scams or fake wallet phishing pages, but attackers continue to evolve their strategies. Kaspersky has noted that “crypto still remains a symbol of getting rich quick with minimal effort,” which attracts scammers to innovate their techniques and stories to lure in unwary crypto investors.

Recently, hardware cryptocurrency wallet provider Trezor issued a warning against attempts to steal users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site. This highlights the importance of being vigilant and taking necessary precautions to protect one’s crypto assets.

In a recent incident, Arbitrum investors were exposed to a phishing link via its official Discord server. A hacker reportedly hacked into the Discord account of one of Arbitrum’s developers, which was then used to share a fake announcement with a phishing link. This shows that attackers are constantly finding new ways to trick investors into sharing their personal information, and highlights the need for increased security measures to protect against cryptocurrency phishing attacks.

In conclusion, cryptocurrency phishing attacks continue to rise, with attackers evolving their strategies to lure unwary crypto investors. It is crucial for investors to be vigilant and take necessary precautions, such as avoiding clicking on suspicious links, verifying the authenticity of websites and communication channels, and using hardware wallets to store their crypto assets. Additionally, companies must prioritize security measures and educate their users to help prevent and mitigate the effects of cryptocurrency phishing attacks.

Source

Tagged : / / / / / / / / /

MetaMask Users Email Addresses Exposed in Cybersecurity Incident

by Blockchain News

MetaMask, the popular Ethereum wallet, recently experienced a cybersecurity incident that exposed the email addresses of some of its users who submitted a customer support ticket between August 1, 2021, and February 10, 2023. Parent company ConsenSys released a blog post on April 14, 2023, which disclosed the details of the incident.

According to the post, unauthorized actors gained access to a third-party computer system that was used to process customer service requests. This allowed them to potentially view customer support tickets submitted by MetaMask users. While the tickets did not ask for information other than what was necessary to help the user, they did include a free text field that some users may have used to submit personally identifying information. This may have included economic or financial information, name, surname, date of birth, phone number, and postal address.

ConsenSys emphasized that it does not ask for personally identifying information in customer conversations, but some users may have provided it anyway. The breach may have affected up to 7,000 MetaMask users who submitted customer support tickets during the affected timeframe.

As a response to the incident, hardware wallet provider Keystone warned MetaMask users that they might receive more phishing emails. The attacker may use this swiped email database to look for potential victims. Phishing is a scam that tricks a user into providing sensitive information to an attacker. It is often performed by sending an email to the victim that appears to be from a trusted party or someone the victim knows.

ConsenSys said it had taken steps to eliminate unauthorized access in the future. As a result, tickets submitted after February 10 should be unaffected by the incident. The company also contacted the Data Protection Commission of Ireland and the Information Commissioner’s Office of the United Kingdom to report the breach. Additionally, the company’s third-party customer service provider is working with a cybersecurity and forensics team to perform a more detailed investigation of the incident.

This is not the first time MetaMask has come under scrutiny from privacy advocates. In late 2022, the company revealed that it sometimes logged users’ IP addresses. However, it updated its app in March to give users more control over which providers could obtain this information.

The incident highlights the importance of cybersecurity in the cryptocurrency industry. Users should remain vigilant and take steps to protect their personal information, such as using strong and unique passwords and enabling two-factor authentication.

Source

Tagged : / / / / /

Cryptocurrency Phishing Attacks Surge in 2022

by Blockchain News

When it comes to cryptocurrency-related cyberattacks, bad actors have seemingly reduced the use of traditional financial threats like desktop and mobile banking malware, shifting their focus to phishing. Russian cybersecurity and anti-virus provider Kaspersky has revealed that cryptocurrency phishing attacks witnessed a 40% year-on-year increase in 2022. The company detected 5,040,520 crypto phishing attacks in the year, compared with 3,596,437 in 2021. This represents a significant increase in the number of phishing attacks targeting crypto investors.

A typical phishing attack involves reaching out to investors through fake websites and communication channels that mimic official companies. Users are then prompted to share personal information such as private keys, which ultimately provides attackers unwarranted access to crypto wallets and assets. This is a serious threat, as once attackers have access to a user’s private keys, they can gain control over their cryptocurrency holdings and potentially steal their assets.

While Kaspersky could not predict if the trend would increase in 2023, phishing attacks continue to gain momentum in 2023. Most recently, in March, hardware cryptocurrency wallet provider Trezor issued a warning against attempts to steal users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site. This highlights the need for users to exercise caution and be vigilant in their interactions with cryptocurrency platforms.

In a survey conducted by Kaspersky in 2022, one out of seven respondents admitted to being affected by cryptocurrency phishing. While phishing attacks predominantly involve giveaway scams or fake wallet phishing pages, attackers continue to evolve their strategies. According to Kaspersky, “crypto still remains a symbol of getting rich quick with minimal effort,” which attracts scammers to innovate their techniques and stories to lure in unwary crypto investors.

Even established cryptocurrency platforms and their investors are not immune to phishing attacks. Arbitrum investors were recently exposed to a phishing link via its official Discord server. A hacker reportedly hacked into the Discord account of one of Arbitrum’s developers, which was then used to share a fake announcement with a phishing link. This highlights the importance of securing communication channels and taking measures to ensure that official channels are not compromised.

To protect themselves from phishing attacks, cryptocurrency investors should be wary of unsolicited communications and only interact with official channels. They should also avoid sharing their private keys or recovery phrases with anyone, even if they appear to be legitimate sources. Finally, it’s essential to use two-factor authentication and keep their software and anti-virus systems updated to ensure maximum protection against phishing attacks.

In conclusion, phishing attacks targeting cryptocurrency investors are increasing in frequency, and scammers are continually evolving their techniques to steal investors’ assets. It’s crucial for investors to remain vigilant and exercise caution in their interactions with cryptocurrency platforms to avoid falling victim to these scams. By taking the necessary precautions, investors can help safeguard their cryptocurrency holdings and prevent losses due to phishing attacks.

Source

Tagged : / / / / /

Arbitrum Discord Server Hacked for Phishing Attack

by Blockchain News

Arbitrum, a blockchain platform that aims to provide fast and low-cost transactions, recently experienced a security breach on its official Discord server. On March 25, security firm CetriK warned the crypto community about a possible phishing attack being circulated through the server. According to reports, a hacked Discord account belonging to one of Arbitrum’s developers was used to share a fake announcement with a phishing link.

The phishing message on Discord offered users “the opportunity to re-claim an additional stake in Arbitrum DAO Governance,” citing issues during the initial token claim drive. However, the URL supporting the announcement contained a misspelling of Arbitrum as “Arbtirum,” which is a common tactic used by hackers in phishing attacks. Clicking on the link typically leads unsuspecting users to a fake website that prompts them to enter sensitive information, such as their wallet’s private key.

As of now, Arbitrum has not released an official statement regarding the incident. Investors are advised to avoid interacting with the announcement until further clarification is provided. It is essential to remain vigilant against unrealistic claims and deceptions as hackers continue to exploit the hype surrounding cryptocurrency.

Meanwhile, two airdrop hunters were able to take advantage of the situation and collect approximately $3.3 million worth of ARB tokens. Airdrops are promotional events where crypto projects distribute free tokens to users who complete certain tasks, such as sharing a post on social media or joining a Telegram group. However, it is crucial to exercise caution when participating in airdrops, as scammers often impersonate legitimate projects to steal users’ personal information or funds.

In recent years, the crypto community has seen an increase in phishing attacks and other types of cybercrime. As the value of cryptocurrencies continues to rise, so does the incentive for hackers to target investors and platforms. It is crucial to follow best security practices, such as using strong passwords, enabling two-factor authentication, and avoiding suspicious links and emails. By remaining vigilant and informed, users can protect themselves from potential threats and enjoy the benefits of the crypto revolution.

Source

Tagged : / / / / /

Fake Arbitrum Airdrop Scam Circulated on Discord

by Blockchain News

The blockchain security company CetriK issued a warning on March 25 about a phishing link that was being spread via the official Discord server of Arbitrum, which is a prominent cryptocurrency platform. According to the sources, it was believed that the link was disseminated via the stolen Discord account of one of the developers working on the Arbitrum project.

In the phishing communication, an option to re-claim an extra share in Arbitrum DAO Governance was presented, with the justification that there had been problems with the first token claim campaign. On the other hand, the accompanying URL had a misspelling of Arbitrum as “Arbtirum,” which is a frequent kind of deceit employed in phishing assaults.

If an unwary victim were to click on the phishing link, they would be sent to a false website where they would be prompted to input sensitive information such as the private key to their digital wallet. Investors run the danger of having their bitcoin assets stolen by con artists as a result of this.

Investors have been cautioned to refrain from engaging with the bogus statement until Arbitrum gives more information on the matter. Since cybercriminals are continuing to capitalize on the excitement around cryptocurrencies, it is vital for investors to maintain a heightened vigilance and be wary of deceptive promises and claims that are unrealistic.

In a separate but related piece of news, it was revealed that two airdrop hunters had successfully obtained nearly $3.3 million worth of Goods, demonstrating the tremendous benefits that may come from successfully participating in airdrops. While taking part in airdrops or any other activity linked to cryptocurrencies, however, it is essential for investors to do enough research and be vigilant against the possibility of falling victim to a hoax.

In general, the event serves as a useful reminder of how important it is to exercise extreme caution and vigilance whenever one engages in activities that are associated to cryptocurrencies. Since con artists are likely to use more sophisticated strategies as the business continues to get more attention, it is crucial for investors to stay knowledgeable and attentive at all times.

Source

Tagged : / / / / /

MetaMask Warns Investors Against Phishing Attempts by Scammers

by Blockchain News

MetaMask, a popular supplier of cryptocurrency wallets, issued a warning to investors about continuous phishing efforts. These phishing attempts are being carried out by fraudsters who are trying to contact consumers using Namecheap’s third-party upstream system for emails.

The web hosting business Namecheap discovered that one of its third-party services had been abused in the evening of February 12 for the purpose of sending some unwanted emails, which were directed specifically against users of MetaMask. “email gateway problem” was how Namecheap referred to the situation in question.

In the proactive notice, MetaMask informed its million users that it does not collect Know Your Customer (KYC) information and would never contact users through email to discuss account details. This was done to ensure that users are aware that the company does not conduct KYC checks.

Phishing emails sent out by the hacker include a link that, when clicked, takes the recipient to a bogus MetaMask website that requests a confidential recovery phrase “to keep your wallet safe.”

Investors were cautioned by the provider of the wallet not to disclose their seed words, since doing so would give an unauthorized third party entire control over the user’s cash.

NameCheap has additionally verified that its services were not compromised in any way, nor did any customer information get compromised as a result of this incident. Namecheap acknowledged that their mail delivery was restored within two hours after the original notification, and that all future notifications will now come from the official source.

On the other hand, the primary problem with the sending of unwanted emails is still being looked at at this time. When dealing with correspondence from MetaMask and Namecheap, investors are cautioned to double examine any website URLs, email addresses, and points of contact provided by the companies.

A hacker utilized Google Ad services in January to steal nonfungible tokens (NFTs) and cryptocurrencies from investors. This incident took place in January.

After inadvertently installing malicious malware that was placed in a Google advertising, the NFT influencer known as NFT God suffered “a life-changing amount” of loss.

The event took place when the influencer used the Google search engine in order to download OBS, which is open-source software for video streaming. However, he chose to click on the link that led to a sponsored advertising rather than the legitimate link, which resulted in a loss of financial resources.

Source

Tagged : / / / / / / / /

Webaverse Co-Founder Reveals $4 Million Crypto Hack

by Blockchain News

After having a meeting with con artists who pretended to be investors in a hotel lobby in Rome, the co-founder of the Web3 metaverse gaming engine known as “Webaverse” has stated that the company was the victim of a $4 million crypto heist.

According to the co-founder Ahad Shams, the most peculiar feature of the incident is the fact that the cryptocurrency was taken from a Trust Wallet that had just been set up and that the hack took place at some time during the meeting.

He asserts that the burglars had no way of knowing the private key since he was not linked to a public WiFi network at the time and they would not have had access to it.

Shams thinks that the burglars were able to access the wallet while she was photographing the contents of the wallet to record the amount.

The letter, which was published on Twitter on February 7 and comprises testimonies from Webaverse and Shams, explains that they met with a guy called “Mr. Safra” on November 26 after many weeks of negotiations regarding the possibility of receiving funds.

Shams provided the following explanation: “We communicated with ‘Mr. Safra’ by email and video chats, and he stated that he wanted to invest in interesting Web3 startups.”

“He explained that he had been scammed by people in crypto before, and so he collected our IDs for KYC, and stipulated as a requirement that we fly into Rome to meet him because it was important to meet IRL to ‘get comfortable’ with who we were each doing business with,” he added. “He explained that he had been scammed by people in crypto before.”

Even though Shams was initially skeptical, he agreed to meet “Mr. Safra” and his “banker” in person in the lobby of a hotel in Rome. During this meeting, Shams was supposed to show “Mr. Safra” the “proof of funds” for the project, which “Mr. Safra” claimed he needed in order to begin the “paperwork.””

“Despite the fact that we reluctantly agreed to the Trust Wallet ‘evidence,’ we went ahead and set up a brand new account for Trust Wallet at home on a device that we don’t often use when interacting with them. Our logic led us to believe that even if we lost our private keys or seed phrases, the monies would still be secure “explained Shams.

When we first got together, the three of us sat across from each other and put four million USDC into the Trust Wallet. “Mr. Safra” requested to see the current balances on the Trust Wallet app, at which point he pulled out his phone and pretended to “shoot some photographs.”

Shams clarified that he was of the opinion that everything was above board since “Mr. Safra” did not have access to any private keys or seed phrases.

But as “Mr. Safra” left the conference room, ostensibly to confer with his other banking colleagues, he vanished without a trace and was never seen again. Then Shams saw the disappearance of the cash.

“We were never able to locate him again. After a few minutes, the money was gone from the wallet.

Shams reported the theft to a local police station in Rome almost soon after it occurred, and a few days later she sent an Internet Crime Complaint (IC3) form to the Federal Bureau of Investigation in the United States.

Source

Tagged : / / / / / / / / / /

FBI seizes $100,000 in cryptocurrency and NFTs

by Blockchain News

The Federal Bureau of Investigation (FBI) is said to have taken possession of 86.5 ether (ETH) as well as two nonfungible tokens (NFTs) with a combined value of over $100,000 from a phishing scammer.

The suspected con artist in issue, Chase Senecal, also known as Horror (HZ) online, was originally uncovered as a result of a comprehensive investigation that was conducted by an independent blockchain investigator named ZachXBT and publicised in September 2022.

The formal statement that was sent out by the FBI on February 3 said that Seneca’s property, which included a watch with a value of $41,000 made by Audemars Piguet called a royal oak watch, was “seized for federal forfeiture for violation of federal law.”

Aside from mentioning that all of the property was taken into custody on October 24, 2022, the letter from the FBI did not provide a great lot of more information on the incident. The confiscated non-fungible tokens (NFTs) included Bored Ape Yacht Club#9658 and Doodle #3114, which, at the time of the seizure, had respective values of $95,495 and $9,361.

At the time of the seizure, the value of the 86.5 ETH was determined to be $116,433, but it is now estimated to be $144,000.

At this moment, the exact extent of the legal procedures that have been brought against Senecal cannot be determined due to a lack of clarity. However, a law enforcement advisory published by the FBI states that federal forfeiture is a weapon that gives the government the ability to “remove without recompense for the person ownership of property engaged in a crime.”

According to the Federal Bureau of Investigation (FBI), this kind of thing “may arise in a civil proceeding, such a lawsuit against the item, or after the conviction of a person in a criminal prosecution.”

The on-chain detective ZachXBT revealed on February 3 through Twitter that the property seizure did “occur as a consequence” of his investigation, despite the fact that the FBI has not publicly acknowledged ZachXBT’s contribution to the case in any way.

ZachXBT commented, “I look forward to possibly seeing more phishing fraudsters face a similar fate in the future for injuring so many people in this arena.” “I look forward to seeing more phishing scammers suffer a similar fate in the future.”

People in the community have joked that as a result of the recent seizure of a Bored Ape NFT, the FBI will change its profile image to that of Ape #9658.

During the course of the inquiry, ZachXBT was able to uncover Senecal’s identity and on-chain behaviour with the assistance of many crucial indicators, one of which was the flashy watch.

ZachXBT explained that after seeing HZ brag about the new watch on social media, he asked “around a few mutual friends who sell watches” and eventually managed to get in contact with the person who sold that particular AP watch to Senecal. Zach’s explanation was included in a medium post that was published on September 2, 2022.

Unfortunately for Senecal, the transaction was reported to have been completed on the blockchain using USD Coin as the medium of exchange (USDC).

This is not the first time that research conducted by ZachXBT has been an important factor in assisting governmental officials. In October 2022, the national cyber unit of France acknowledged ZachXBT’s efforts in helping it capture and prosecute a gang of accused fraudsters suspected of stealing $2.5 million worth of NFTs using phishing schemes. ZachXBT was able to assist in the investigation because to information provided by ZachXBT.

Source

Tagged : / / / / / / /
Bitcoin (BTC) $ 28,054.52 3.68%
Ethereum (ETH) $ 1,726.04 2.99%
Litecoin (LTC) $ 67.52 2.39%
Bitcoin Cash (BCH) $ 243.07 2.49%