- Gone Phishing
- Posts
- The Rising Threat of Credential Theft π
The Rising Threat of Credential Theft π
Cyber Dawg
November 29, 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter thatβs happy for the Indian miners but canβt help wondering whoβs going to save the crypto-miners who are constantly being hacked by cybercriminals π³
Todayβs hottest cybersecurity news stories:
π£ Plenty more phish in the sea. How hackers phish and sell credentials π¨βπ»
π N. Korean hackers and mixing and Macintoshing to evade detection π
π€ Serial scammer caught red-handed, ordered to pay back $1.2m. Oops π°
Hackers are phishing for compliments π Donβt let them PhaaS you π
π Protecting Your Organisation: The Rising Threat of Credential Theft π
Did you know that stolen account credentials are the golden ticket for cybercriminals? π± According to the 2023 Verizon Data Breach Investigation Report, external parties caused 83% of breaches, and a whopping 49% involved stolen credentials! π¨
π£ Phishing on the Rise π£
Phishing, a major player in cyber threats, is evolving! Threat actors are no longer just using emails. Now, they're hitting us with multi-channel attacks using texts, voicemails, and AI-driven personalised messages. π±π§π€
π‘οΈ Phishing-as-a-Service (PhaaS) π‘οΈ
Even without hacking skills, anyone can jump on the credential theft bandwagon thanks to PhaaS! π W3LL's BEC phishing ecosystem and Greatness phishing kit are causing havoc, infiltrating thousands of accounts and raking in big bucks. πΈ
πΌ Underground Markets Boom πΌ
The dark web is buzzing with over 24 billion credentials for sale! π Prices vary, but stolen credentials mean serious business. The risks multiply when users reuse passwords across accounts.
π¨ Financial Gain Drives Threats π¨
Remember, financial gain is the game! After stealing credentials, threat actors can wreak havoc, but often, they sell the loot to others who execute the attacks later. π
π‘οΈ Stay Secure with Specops Password Policy! π‘οΈ
Protect your organisation! Use Specops Password Policy to block compromised passwords, enforce strong policies, and fortify your password infrastructure. π° Try it free here!
What steps are YOU taking to secure user credentials? Let's fortify our defences together! π‘οΈπͺ
Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.
That's where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:
Remove junk files and malware to free up space and improve performance
Protect your privacy by erasing sensitive data
Optimize your startup settings to speed up boot times
Manage your extensions and apps to keep your Mac or PC running smoothly
Since 2008 MacPaw is trusted by over 30 million users worldwide, and it's the perfect solution for keeping your Mac or PC safe and secure.
Mix and Mac π
π¨ Alert: North Korean Cyber Threats on the Rise! π¨
π Theyβre a βMixing and Matchingβ menace. Hold on tight! The notorious Lazarus Group, the masterminds behind macOS malware RustBucket and KANDYKORN, are now "mixing and matching" elements from both in a devious move. π± SentinelOne uncovered this dangerous trend, revealing the use of RustBucket droppers to deliver the formidable KANDYKORN. π€―
π» Attack Chains Unveiled π»
In the RustBucket realm, SwiftLoader, a backdoored PDF reader, acts as the gateway for a Rust-powered malware. Meanwhile, KANDYKORN hits crypto exchange platform engineers through Discord, unleashing a complex multi-stage attack. π
𧩠Puzzle Piece: ObjCShellz π§©
Enter ObjCShellz! The third player in this cyber drama, recently revealed by Jamf Threat Labs, acts as a remote shell executing commands from the attacker server. π
π SwiftLoader's Dual Role π
Hold the phone! SwiftLoader is not just for RustBucket; it's now distributing KANDYKORN too. North Korea's Lazarus Group seems to be sharing tactics and tools, making tracking and defence a real challenge. π΅οΈββοΈ
π Collaborative Adversaries on the Move π
The cyber landscape in North Korea has evolved into a streamlined organisation, with shared tools and tactics. A recent Mandiant report highlighted this collaborative approach, making the adversary more elusive and adaptable. π
π‘οΈ Stay Vigilant, Cyber Defenders! π‘οΈ
As Lazarus subgroup Andariel exploits Apache ActiveMQ vulnerabilities, installing NukeSped and TigerRAT, the cybersecurity battlefield is heating up! π₯
Keep your defences strong, stay updated, and let's outsmart these cyber threats together! πͺπ»
π£ Catch of the Day!! πππ¦
π The Motley Fool: βFool me once, shame on β shame on you. Fool me β you can't get fooled again.β Good olβ George Dubya π Let us tell whoβs not fooling around though; thatβs the CrΓΌe π at Motley Fool. Youβd be a fool (alright, enough already! π) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! π Kidding aside, if you check out their website theyβve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets π€ (LINK)
π΅ Wander: Find your happy place. Cue Happy Gilmore flashback ποΈβ³πποΈ Mmmm Happy Placeβ¦ π So, weβve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itβs easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ποΈπ (LINK)
π Digital Ocean: If you build it they will come. Nope, weβre not talking about a baseball field for ghosts βΎπ»πΏ (Great movie, to be fair π). This is the Digital Ocean whoβve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youβll find yourself catching the buzz even if you canβt code (guilty π). But if you can and youβre looking for somewhere to test things out or launch something new or simply enhance what youβve got, weβd recommend checking out their services foβ sho π And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! πΏ (LINK)
Cybercrime doesnβt pay. But it does pay BACK π
π¨ Serial Cybercriminal Sentenced: Beware of Modern Scams! π¨
Brace yourselves for the scoop on Amir Hossein Golshan, a 25-year-old "serial cybercriminal and scammer" from Los Angeles! π΅οΈββοΈβ¨
π SIM-Swap Shenanigans and More π
Golshan, dubbed a cyber maestro, pulled off SIM-swap attacks, hijacked social media accounts, committed Zelle payment fraud, and even impersonated Apple support. π±πΈ
π Behind Bars for Eight Years π
After pleading guilty to unauthorised access, wire fraud, and computer fraud, Golshan was sentenced to eight years in prison and ordered to pay over $1.2 million in restitution. βοΈπ°
π» Four Years of Digital Deception π»
Between 2019 and 2023, Golshan targeted "hundreds" with online scams, swindling a staggering $740,000 from over 500 victims! ππ
π² From Zelle Fraud to SIM Swapping π²
Golshan started with Zelle merchant fraud on Instagram, offering fake services. He then escalated to SIM swapping, seizing control of victims' accounts and demanding ransom via WhatsApp. ππ¬
π Impersonating Apple Support π
In his cyber crime spree, Golshan impersonated Apple Support, infiltrating victims' iCloud accounts and looting digital wallets for NFTs and cryptocurrency. πΌπ°
β οΈ Stay Vigilant Against Cyber Threats! β οΈ
Golshan's crimes highlight the evolving landscape of cyber threats. Let's stay vigilant, educate ourselves, and strengthen our digital defences! π‘οΈπ»
Spread the word and keep our online community safe! ππ
ποΈ Extra, Extra! Read all about it!
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa: The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!
Give us a rating? |