CyberSecurityBoard
Sponsor Register Login

Netgear, Hyundai latest X accounts hacked to push crypto drainers

The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
While Hyundai has already regained access to their account and has cleaned up the timeline of all links pointing X users to malicious websites, Netgear has yet to take control of theirs, with some of the attacker's tweet replies still available.
Netgear's account has been hijacked since at least January 6th and was only used to reply to BRCapp tweets, luring followers to a malicious website promising to give the first 1,000 newly registered users $100,000.
Anyone who connected their wallets to the site would have had their assets and NFTs stolen by the threat actors.
Netgear and Hyundai spokespersons were not immediately available for comment when contacted by BleepingComputer earlier today.
Hackers are increasingly targeting and compromising verified government and business X accounts with 'gold' and 'grey' checkmarks to add legitimacy to their malicious tweets pushing cryptocurrency scams, phishing sites, and sites dropping crypto drainers.
The X account of web3 security firm CertiK was hacked to push a crypto drainer on Friday, while the account of Google subsidiary and cybersecurity firm Mandiant was hijacked on Wednesday, although it had two-factor authentication toggled on.
Previously, scammers used the official Twitter account for Bloomberg Crypto to lure almost its 1 million followers to a malicious website designed to steal their Discord credentials.
As blockchain threat analysts at ScamSniffer revealed in December, a single waller drainer known as 'MS Drainer' stole roughly $59 million worth of cryptocurrency from 63k people in a Twitter ad push between March and November.
X users are also under a constant barrage of malicious cryptocurrency ads redirecting to fake airdrops, various scams, and, of course, crypto drainers.
Since X says it shows ads based on each user's interests, those not linked to other cryptocurrency accounts may not see these malicious ads.
Those in the crypto space are now besieged by what looks like a neverending torrent of such malicious ads, as BleepingComputer reported over the weekend.
Web3 security firm CertiK's X account hacked to push crypto drainer.
X users fed up with constant stream of malicious crypto ads.
Hackers hijack govt and business accounts on X for crypto scams.
Mandiant's account on X hacked to push cryptocurrency scam.
Crypto drainer steals $59 million from 63k people in Twitter ad push.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 08 Jan 2024 21:10:27 +0000


Cyber News related to Netgear, Hyundai latest X accounts hacked to push crypto drainers

Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
1 year ago Bleepingcomputer.com
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
1 year ago Bleepingcomputer.com
US SEC's X account hacked to announce fake Bitcoin ETF approval - The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC's hacked X ...
1 year ago Bleepingcomputer.com
Hyundai Motor Europe Grapples with Cyber Threat as Black Basta Ransomware Strikes - A California union and Hyundai Motor Europe both announced separately this week that they had suffered cyberattacks in the past month, resulting in the loss of their data. According to Black Basta, a group that first emerged in 2022 as a ...
11 months ago Cysecurity.news
SEC confirms X account was hacked in SIM swapping attack - The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Earlier this month, the SEC's X account was hacked to issue a fake ...
11 months ago Bleepingcomputer.com
X adds passkeys support for iOS users in the United States - X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. The passkeys will be linked to the iOS device they're generated on and will significantly reduce the risk of breaches by ...
11 months ago Bleepingcomputer.com
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
1 year ago Bleepingcomputer.com
Hyundai Motor Europe hit by Black Basta ransomware attack - Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. BleepingComputer first learned of the attack in early January, but when we contacted Hyundai, ...
11 months ago Bleepingcomputer.com
X users fed up with constant stream of malicious crypto ads - Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams. Like all advertising platforms, X, formerly known as Twitter, claims to show advertisements based on a user's activity, ...
1 year ago Bleepingcomputer.com
Hacker spins up 1 million virtual servers to illegally mine crypto - A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. As announced today by Europol, the suspect is believed to be the mastermind behind a ...
1 year ago Bleepingcomputer.com
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com
Navigating the Perilous Waters of Crypto Phishing Attacks - Key Highlights: Check Point Research Unveils Rise in Sophisticated Crypto Phishing: An investigation reveals an alarming increase in advanced phishing schemes targeting a variety of blockchain networks, employing wallet-draining techniques. ...
1 year ago Blog.checkpoint.com
New Balada Injector campaign infects 6,700 WordPress sites - A little over 6,700 WordPress websites using a vulnerable version of the Popup Builder plugin have been infected with the Balada Injector malware in a campaign that launched in mid-December. Initially documented by researchers at Dr. Web who observed ...
1 year ago Bleepingcomputer.com
CVE-2022-30426 - There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow ...
2 years ago
Hackers hijack govt and business accounts on X for crypto scams - Hackers are increasingly targeting verified accounts on X belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams. A recent high-profile case is the X account of cyber threat ...
1 year ago Bleepingcomputer.com
Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware - Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. BleepingComputer has learned there is more to this attack, with threat actors ...
10 months ago Bleepingcomputer.com
Hyundai MEA X Account Hacked, Followed by Crypto Promotion - The social media account for Hyundai MEA was taken over to distribute cryptocurrency promotions. The Hyundai MEA account on X was briefly changed to impersonate Overworld, a role-playing game that is backed by the venture capital and incubator arm ...
1 year ago Darkreading.com
The Week in Ransomware - January 20th, 2023 Crypto Exchanges Under Attack - The week of January 20th, 2023 brought yet another wave of ransomware attacks targeting crypto exchanges. Crypto exchanges all around the world have been hit by a barrage of sophisticated and well-planned ransomware campaigns. From high-profile ...
2 years ago Bleepingcomputer.com
Crypto wallet founder loses $125,000 to fake airdrop website - A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd ...
1 year ago Bleepingcomputer.com
Bloomberg Crypto X account snafu leads to Discord phishing attack - The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link ...
1 year ago Bleepingcomputer.com
Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads - Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years. Several techniques ...
1 year ago Gbhackers.com
Mandiant's X Account Was Hacked in Brute-Force Password Attack - Cyber threat intelligence giant Mandiant has shared the result of its investigation on its recent X account hijacking following a wave of crypto-related X account hacks. On January 3, 2024, the X account of Mandiant, a subsidiary of Google Cloud, was ...
1 year ago Infosecurity-magazine.com
Mandiant's X Account Hacked to Push Crypto Scams - The exploitation of crypto scams by hackers can be attributed to the inherent characteristics of cryptocurrencies that provide two critical environments that enable the concealment of illicit activities. Cryptocurrencies' decentralized nature and the ...
1 year ago Cybersecuritynews.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
9 months ago Securityboulevard.com
Google and Apple Admit Government Spies On Users Via Push Notifications - Government authorities have been snooping on smartphone users via push notifications sent out by applications, wrote a US senator in a letter to the Department of Justice on December 6. Senator Ron Wyden of Oregon has requested that the Department of ...
1 year ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)