Early in 2022, malicious actors took advantage of an undiscovered weakness in Revolut’s payment infrastructure to steal more than $20 million from the business. The Financial Times reported the situation and cited numerous unnamed sources who were aware of the occurrence. The breach hasn’t been made publically known. The problem was caused by differences between […]
Hackers Steal $20 Million From Revolut Bank Read More »
Globus Bank Limited has requested a court order for the recovery of N962,019,843.35 that was hacked and fraudulently moved electronically from its vault into accounts held at eight commercial banks in an application that was filed before the Lagos Magistrate Court. The entire amount of N1,755,376,156.34 that was moved from the bank between Monday, June
Globus Bank Gets Hacked – 1 Billion Naira Stolen By Hackers Read More »
Transparent Tribe, an advanced persistent threat (APT) actor based in Pakistan, pretended to be an Indian government organization in order deliver the Poseidon Linux backdoor. Tejaswini Sandapolla, a security researcher at Uptycs, stated that “Poseidon is a second-stage payload malware connected to Transparent Tribe.” in an expert study released last week. It is a general-purpose backdoor that gives attackers a variety of tools to take control of an infected host. Its features include keystroke recording, screen grabs, file uploads and downloads, and different forms of remote system administration. Transparent Tribe has a history of attacking Indian government organizations, military personnel, defense contractors, and educational institutions. It is also known as APT36, Operation C-Major, PROJECTM, and Mythic Leopard. It has also frequently used trojanized versions of Kavach, the 2FA software that the Indian government requires, to spread a range of viruses including CrimsonRAT and LimePad to gather important data. Late last year, another phishing attempt was discovered that used weaponized attachments to download malware intended to steal
Pakistani Hackers Target Indian Government Agencies With The Linux Malware Poseidon. Read More »
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union. The suspects are alleged
$4.33 Million Phishing Scam Gang in Ukraine Busted by Cyber Police Read More »
The Lazarus Group stole cryptocurrencies worth 60 million NOK (about $5.84 million) in March 2022 as a result of the Axie Infinity Ronin Bridge hack, according to a statement from the Norwegian police agency kokrim. The crime-fighting unit in Oslo stated in a statement that “this case illustrates that we also have a great capacity
Norway Seizes $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers Read More »
DevOps platform CircleCI revealed on Friday that unidentified threat actors hacked a worker’s laptop and used malware to obtain their two-factor authentication-backed credentials to access the company’s systems and data a month earlier. The “complex attack,” according to the CI/CD provider CircleCI, occurred on December 16, 2022, and the malware evaded detection by its anti malware.
Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident Read More »
On Thursday, cloud services provider Rackspace acknowledged that the intrusion from last month was caused by the Play ransomware group. A previously unidentified security exploit was used by the security event, which happened on December 2, 2022, to acquire initial access to the Rackspace Hosted Exchange email system. The Texas-based business stated that “CVE-2022-41080 is
Rackspace Admits Play Ransomware Gang Was Behind Recent Breach Read More »
BitKeep, a decentralized multi-chain cryptocurrency wallet, announced a cyber attack on its Android app on Wednesday that allowed threat actors to spread fake copies of it in order to steal users’ digital money. In a “large-scale hacking event,” according to BitKeep CEO Kevin Como, “the altered APK caused the disclosure of user’s private keys and
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies Read More »
The LastPass security breach in August 2022 might have been more serious than the firm had initially revealed. The well-known password management service disclosed on Thursday that, using information stolen from the earlier break-in, malicious actors were able to steal a wealth of personal information belonging to its users, including their encrypted password vaults. Basic
LastPass Acknowledges Serious Data Breach, Password Vaults Stolen Read More »
In an effort to lower the entrance barrier for malicious activity, the U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that provided services to carry out distributed denial-of-service (DDoS) cyberattacks on behalf of other threat actors. Additionally, six individuals were charged for their alleged ownership of the operation: Jeremiah Sam
FBI Files 6 Charges, Seizes 48 Domains Associated with DDoS-for-Hire Service Platforms Read More »
