Scam spoofs Binance website and uses TRUMP coin as lure for malware | The Record from Recorded Future News

The researchers said that if victims follow the instructions in the email and hit the download link to get the TRUMP coins, they instead install a malicious version of a remote access tool known as ConnectWise. Hackers are spreading a malicious remote access tool through an email campaign that targets people interested in buying President Donald Trump’s cryptocurrency through the Binance platform. The emails are made to look like they come from Binance — currently the largest cryptocurrency platform in the world — and offer the ability to earn TRUMP coins through various actions like installing Binance software, registering an account on the platform and depositing funds. Cybersecurity researchers at Cofense told Recorded Future News that they are unsure of who is behind the recent campaign, which allows the hackers to steal information from infected computers. “Moreover because it is technically legitimate there are a large number of files that it uses which cannot simply be blocked because they are also used by legitimate installations of ConnectWise RAT,” Cofense’s name for the malicious version. Gannon said due to its simplicity, ConnectWise RAT can be used by threat actors of varying skill levels — from people who really don’t know what they are doing all the way up to advanced persistence threat (APT) groups trying to disguise their activities. This is in contrast to most ConnectWise RAT installations where the threat actor will only decide to interact with an infected host after some time has passed,” Cofense explained. The emails take multiple steps to impersonate Binance, using the name of the company in the sender’s name and even including a “risk warning” in an effort to make the emails look legitimate. Max Gannon, Intelligence Manager at Cofense, said the company has seen a wide variety of threat actors abuse ConnectWise recently. The fake website that greets victims is also painstakingly designed to look legitimate, using real images from the Binance and TRUMP coin websites. The download link on the site downloads the installer for the malicious version of ConnectWise instead of Binance’s desktop platform. Trump announced the coin ahead of his inauguration in January and companies tied to the president allegedly earned millions from it, raising severe concerns of corruption by ethics experts and even cryptocurrency advocates. Cofense has released multiple reports this year on various phishing campaigns deploying ConnectWise RAT.

This Cyber News was published on therecord.media. Publication date: Mon, 10 Mar 2025 16:45:11 +0000


Cyber News related to Scam spoofs Binance website and uses TRUMP coin as lure for malware | The Record from Recorded Future News

Scam spoofs Binance website and uses TRUMP coin as lure for malware | The Record from Recorded Future News - The researchers said that if victims follow the instructions in the email and hit the download link to get the TRUMP coins, they instead install a malicious version of a remote access tool known as ConnectWise. Hackers are spreading a malicious ...
1 month ago Therecord.media
How Each Pillar of the 1st Amendment is Under Attack – Krebs on Security - In an address to Congress this month, President Trump claimed he had “brought free speech back to America.” But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of ...
2 weeks ago Krebsonsecurity.com
Binance Changpeng Zhao Refused Leave US - US judge refuses to allow Binance founder Zhao to travel to UAE, despite pledge of $4.5 billion equity stake in Binance. Binance's founder and former CEO Changpeng Zhao has had to remain in the United States, after a judge ruled against his request ...
1 year ago Silicon.co.uk
When It Comes to January 6 Lawsuits, a Court Splits Donald Trump in Two - Donald Trump, the president, may well be immune from any civil action for allegedly inciting an attack against the US Capitol on January 6, 2021. The candidate, is not, an appellate court in the District of Columbia says. "When a first-term President ...
1 year ago Wired.com
The Essential Guide to Incident Response and Cyber Resilience - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Ransomware Revealed: From Attack Mechanics to Defense Strategies - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
OffSec Yearly Recap 2023 - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Unveiling the OWASP Top 10:2021 Learning Path - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Secure coding training for robust software 2024 - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Cybersecurity training aligned with the MITRE ATT&CK framework - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Cloud security training: Build secure cloud systems - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Preference cookies enable a website to remember information that changes the way the website behaves or looks, ...
1 year ago Offsec.com
Proactive Threat Detection: Introducing Threat Hunting Essentials - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Session HTTP cfuvid [x5] discord.comHubspotVimeozoominfo.com This cookie is a part of the services provided by ...
11 months ago Offsec.com
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
1 year ago Blog.checkpoint.com
DOJ Charges Binance With Vast Money-Laundering Scheme and Sanctions Violations - For years, the world's largest cryptocurrency exchange, Binance, has been dogged by rumors of malfeasance and federal investigations. Today, in a set of accusations that will rock the already tumultuous world of crypto, the US Department of Justice ...
1 year ago Wired.com Cuba
The Fake Browser Update Scam Gets a Makeover - One of the oldest malware tricks in the book - hacked websites claiming visitors need to update their Web browser before they can view any content - has roared back to life in the past few months. New research shows the attackers behind one such ...
1 year ago Krebsonsecurity.com
Face Off: US Election Debate Sparks New Wave of Crypto-Doubling Scams | Netcraft - The page features Elon Musk’s Tesla logo instead of Trump’s campaign logo, demonstrating how criminals tailor their content to appeal to different audiences, i.e., politically engaged vs cryptocurrency minded. The perpetrators of these scams ...
6 months ago Netcraft.com
Fraudulent "CryptoRom" Apps Slip Through Apple and Google App Store Review Process - Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam. What is new is that apps perpetrating the scam can be downloaded from the official Apple and Android app stores - giving them greater apparent validity to ...
2 years ago Securityweek.com
Infrastructure Hardening and Proactive Defense: The System Administrator's Toolkit - Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Session HTTP cfuvid [x5] discord.comHubspotVimeozoominfo.com This cookie is a part of the services provided by ...
10 months ago Offsec.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
9 months ago Pandasecurity.com
DOGE to Fired CISA Staff: Email Us Your Personal Data – Krebs on Security - On Monday, The New York Times reported that U.S. Secret Service agents at the White House were briefly on alert last month when a trusted captain of Elon Musk’s “Department of Government Efficiency” (DOGE) visited the roof of the ...
3 weeks ago Krebsonsecurity.com
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com
Nigerian court orders Binance to release user data, as company execs continue to be held without charge - A federal high court in Abuja has ordered the world's largest cryptocurrency exchange Binance to provide Nigeria's Economic and Financial Crimes Commision with information on all the Nigerians who are using its trading platform. The African nation ...
1 year ago Therecord.media
February 2024's Most Wanted Malware: WordPress Websites Targeted by Fresh FakeUpdates Campaign - Our latest Global Threat Index for February 2024 saw researchers uncover a fresh FakeUpdates campaign compromising WordPress websites. These sites were infected using hacked wp-admin administrator accounts, with the malware adapting its tactics to ...
1 year ago Blog.checkpoint.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
11 months ago Pandasecurity.com

Latest Cyber News


Cyber Trends (last 7 days)