bitcoin scam | Breaking Cybersecurity News | The Hacker News

A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers  said  in a report published last week, linking it to a Russian-speaking threat actor named "Impulse Team." "The scam works via an advanced fee fraud that involves tricking victims into believing that they've won a certain amount of cryptocurrency. However, to get their rewards, the victims would need to pay a small amount to open an account on their website." The compromise chain starts with a direct message propagated via Twitter to lure potential targets into visiting the decoy site. The account responsible for sending the messages has since been closed. The message urges recipients to sign up for an account on the website and apply a promo code specif

The U.S. Justice Department (DoJ) on Monday  announced  the takedown of seven domain names in connection to a "pig butchering" cryptocurrency scam. The fraudulent scheme, which operated from May to August 2022, netted the actors over $10 million from five victims, the DoJ said. Pig butchering, also called Sha Zhu Pan, is a type of scam in which swindlers lure unsuspecting investors into sending their crypto assets. The criminals encounter potential victims on dating apps, social media sites, and through SMS messages. These individuals initiate fake relationships in an attempt to build trust, only to trick them into making a cryptocurrency investment on a bogus platform. But upon transferring the funds to wallet addresses supposedly provided by these domains, the digital currencies are said to have been immediately moved through an array of private wallets and swapping services to conceal the trail. "Once the money is sent to the fake investment app, the scammer van

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Greece just took another U-turn. Mr. Bitcoin a.k.a. Alexander Vinnik is not going to France nor to the United States; instead, he is now possibly going to his homeland Russia. The Supreme Civil and Criminal Court of Greece on Friday has overruled previous decisions and approved to extradite the alleged owner of the now-defunct Bitcoin cryptocurrency exchange BTC-e Vinnik to Russia. Several Greek courts have previously ruled in favor of all three countries, Russia, France, and the United States, where Vinnik is wanted to face different criminal and hacking charges. Vinnik, 38, has been accused of operating BTC-e cryptocurrency exchange, which was shut down right after his arrest by Greek police in July 2017 at the request of the U.S., where he is convicted for fraud and money laundering more than $4 billion worth amount of Bitcoin (BTC) for criminals involved in hacking attacks, tax fraud, and drug trafficking. Vinnik is also accused to the failure of the once-most famous