US cybercops trace and return nearly $9M stolen by scammers The Register

The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called "Pig butchering" scams. Authorities tracked payments to cryptocurrency addresses belonging to one organization known for romance scams and fake cryptocurrency investments, known together as "Pig butchering" which means the marks are "Fattened" for slaughter as they load up scammers' accounts before being taken for as much as the crims can extract. The Department of Justice said on Tuesday that the cybercriminals worked together to create and pitch fake investment companies and crypto exchanges to investors, convincing them to deposit their money which was then stolen. The criminals then attempted to launder the proceeds using chain hopping techniques, which involve quick and frequent transactions whereby the crims switch cryptocurrency tokens in an attempt to evade detection. Cryptocurrency laundering used to be performed using services called mixers and tumblers but after a series of arrests and sanctions, scammers have started to use fresh forms of laundering. "A cross-chain bridge connects different blockchains and enables the transfer of assets and information between them. Services like these can be used for legitimate privacy purposes but can also be abused to launder funds." Analysts at the US Secret Service San Franciso Field Office tied the criminals' laundering efforts to multiple wallet addresses associated with the criminal organization and various reports made through the FBI's and FTC's cybercrime reporting portals. The DoJ didn't mention any arrests or the names of the cybercriminals in the organization, but the case continues to be handled by its computer crime division, the National Cryptocurrency Enforcement Team, and assistant US attorneys Chris Kaltsas and Galen Phillips for the Northern District of California. Romance scammers and fake crypto investors have been firmly in the crosshairs of law enforcement for some time, in part due to the continued success they continue to generate. According to the FTC's figures, nearly 70,000 US citizens reported romance scams in 2022, netting cybercriminals at least $1.3 billion in the process. These romance scams typically involve criminal Cassanovas drumming up a rapport with their victims, usually over dating apps, then selling an excuse as to why they need to be sent some money, perhaps for hospital bills, or desperately needing money for an emergency flight home to see a dying relative - you know the ones. Pig butchering is a more recent twist on the typical romance scam. It still involves a high degree of social engineering but instead of playing on victims' heartstrings, criminals prey on victims' desire to get rich quickly. Some involve the traditional formula of making contact, building a bond, and then introducing the scam with a quick "You seem cool, I'll let you in on this crypto opportunity that's made me some serious cash recently". Others are a bit more high-tech and involve creating a brand-new beta crypto-trading app to download, which of course is actually just some stealer malware skinned with enough buttons and features to trick users, who download them outside of approved app stores, to enter their financial information. Romance scam targets security researcher, hilarity ensues British woman loses £1.6 million to romance scam love rats FBI boss: We went to the Moon, so why can't we have crypto backdoors? - and more this week 'Toyota dealer stole my wife's saucy snaps from phone, emailed them to a swingers website'. Speaking on the most recent seizure, Ismail J. Ramsey, US attorney for the Northern District of California, said the government would continue to crack down on these scams. "This seizure is the culmination of the exceptional hard work and collaborative partnership between the Justice Department and the United States Secret Service," he said. "Silicon Valley remains one of the world's preeminent locations for cryptocurrency firms," he added. We remain dedicated to using all tools at our disposal to bring justice to the victims of frauds and scams. Even when money and criminals are abroad, we will work with our partners to seize cyber criminals' illegal proceeds." .

This Cyber News was published on www.theregister.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to US cybercops trace and return nearly $9M stolen by scammers The Register

US cybercops trace and return nearly $9M stolen by scammers The Register - The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called "Pig butchering" scams. Authorities tracked payments to cryptocurrency addresses belonging to one organization known for ...
10 months ago Theregister.com
Fraudsters Successfully Inserted Cryptocurrency Programs into Apple and Google's App Stores - Scammers were able to get two malicious apps onto the app stores of both Google and Apple, allowing them to trick users into investing in fake cryptocurrency. According to a report from Sophos, the apps, Ace Pro and MBM BitScan, were found on both ...
1 year ago Therecord.media
Most scammed items for this Christmas season - As the festive season is just a couple of days ahead, the joy of giving and receiving is accompanied by an unfortunate increase in scams targeting unsuspecting holiday shoppers. Scammers are adept at exploiting the spirit of generosity and the rush ...
9 months ago Cybersecurity-insiders.com
Best of 2023: Why is everyone getting hacked on Facebook? - Importantly, phishing relies on the victim trusting the scammer and taking an action - like clicking a link or sending bank account information - in order for the scammer to get what they want. It's not your imagination - social media scams really ...
9 months ago Securityboulevard.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
Romance Scammers are Adopting Approval Phishing Tactics - Romance scams are labor-intensive and time-consuming schemes to run. They can be lucrative, pulling in millions in stolen cryptocurrency, but they also can end up going nowhere if the targeted victim becomes suspicious or the bad actor decides there ...
9 months ago Securityboulevard.com
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
4 months ago Tenable.com
Massive utility scam campaign spreads via online ads - When customers want to discuss their bills or look for ways to save money, scammers are just a phone call away. Enter the utility scam, where crooks pretend to be your utility company so they can threaten and extort as much money from you as they ...
7 months ago Malwarebytes.com
Fraudulent "CryptoRom" Apps Slip Through Apple and Google App Store Review Process - Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam. What is new is that apps perpetrating the scam can be downloaded from the official Apple and Android app stores - giving them greater apparent validity to ...
1 year ago Securityweek.com
How Criminals Are Leveraging AI to Create Convincing Scams - Cybercriminals create far more sophisticated scams with generative AI than traditional phishing scams. According to Visa research, scammers are fooling even the savviest internet users by launching pig butchering, inheritance, humanitarian relief ...
4 months ago Tripwire.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
3 months ago Bleepingcomputer.com
Innovative Legal Move Restores Hospital's Stolen Information - There has been a handover of patient data stolen by the notorious LockBit gang from a cloud computing company to a New York hospital alliance that is partnered with that company. There was a lawsuit filed by the North Star Health Alliance - a group ...
8 months ago Cysecurity.news
CVE-2024-1522 - I have activated the CORS because I had a development ui that uses another port number then I forgot to remove it. So what I just did is : - First removed the cors configuration that allows everyone to access it : before: ```python sio = ...
6 months ago Tenable.com
New Phishing Scam Hooks META Businesses with Trademark Threats - The phishing scam falsely asserts that the victim's Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. There is no actual infringement; it's all part of the scammer's malicious plan. In a recent wave of ...
8 months ago Hackread.com
Social media influencers targeted by identity thieves - Social media influencers are attractive targets for identity thieves. With large followings and a literal influence on their followers, it's no wonder they are targeted by scammers and spreaders of fake news. Such a person influences the financial ...
6 months ago Malwarebytes.com
Have I Been Pwned adds 71 million emails from Naz.API stolen account list - Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service. The Naz.API dataset is a massive collection of 1 billion credentials compiled using ...
8 months ago Bleepingcomputer.com
Crypto scam apps infiltrate Apple App Store and Google Play - Operators of high-yielding investment scams known as "Pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps. Pig butchering scams have been happening for a few ...
1 year ago Bleepingcomputer.com
9 online scams to watch out for this holiday season - By being aware of these common online scams and taking precautions, you can protect yourself and your family from becoming victims this holiday season. The holiday season is upon us, and that means it's time to start shopping for gifts. It's not just ...
10 months ago Blog.avast.com
We're not talking about cryptocurrency as much as we used to, but there are still plenty of scammers out there - A report in March found that 72% of cryptocurrency projects had died since 2020, with crypto trading platform FTX's downfall taking out many of them in one fell swoop. This, in turn, means there are fewer instances of cryptocurrency mining malware ...
3 months ago Blog.talosintelligence.com
Is that survey real or fake? How to spot a survey scam - Online surveys and quizzes are all over the internet. They're quick and cheap to set up, easy for recipients to fill out, and simple for researchers to interpret. It's no wonder that they remain a popular tool for marketers to reach and research ...
1 year ago Welivesecurity.com
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
7 months ago Helpnetsecurity.com
Apple Settles Lawsuit iTunes Gift Card Scam - Agreement reached with Apple to settle a lawsuit that alleged it knowingly let scammers exploit iTunes gift cards, and kept stolen funds. Apple in the new year has sought to rid itself of another legal claim, after it reportedly agreed to settle a ...
9 months ago Silicon.co.uk
Here are all the red flags Charlotte Cowles missed in that viral NY Mag article - Last week, Charlotte Cowles-a seasoned journalist with a notable tenure at the New York Times and a seven-year streak of writing a personal finance column at The Cut-published a piece about how she'd fallen for a wild scam. The situation escalated ...
7 months ago Blog.avast.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)