Here is a rundown of all the major cybersecurity news from this week.
There was a compromise of 1,590 CoinStats crypto wallets.
False cryptocurrency return services have been issued a warning by the FBI.
If the Russian hacker can be apprehended, the United States will pay $10 million.
Even though they called it a “Fed leak,” LockBit only revealed one bank’s information.
The hack affected 1590 CoinStats cryptocurrency wallets.
An assault affecting 1,590 wallets on the CoinStats platform, accounting for 1.3% of all wallets, was reported by the service team on June 22. Two million dollars was the total damage.
Some victims were missing from the company’s shared list of compromised addresses, which became apparent shortly after. Wallets and accounts on centralized exchanges that users had externally linked were unaffected by the attack.
In an attempt to profit from the CoinStats hack, scammers promoted phoney refund programs.
The crew announced compensation to the victims and restored service six days after the incident, on June 28.
First indications point to the North Korean hacking group Lazarus Group as a possible perpetrator.
Beware of bogus cryptocurrency return services: FBI issues warning
An increasing number of cybercriminals are impersonating legitimate law firms in an effort to trick victims of investment fraud into parting with their cryptocurrency and sensitive information. A warning about this was issued by the FBI.
An attacker may pretend to be a government agency or a legitimate bank or exchanger in order to gain trust.
The victim is tricked into giving over their banking details and paying “legal fees” or other taxes and fees in advance as part of the scheme.
The Federal Bureau of Investigations (FBI) reminded the public that private entities cannot legally demand the seizure of cryptocurrency, and that victims of cybercrime can rest assured that local and federal authorities will assist them at no cost in tracing their stolen assets.
Ten million dollars offered by US in exchange for the apprehending of Russian hacker
Amin Stigal, a 22-year-old Russian national, was accused by US authorities of conducting cyberattacks on Ukrainian and other countries’ computer networks on behalf of the GRU.
The “Fed hack” and the hacking of over 1,500 CoinStats crypto wallets are among the recent cybersecurity incidents.
Login to ForkLog
The case file states that in January 2022, Stigall infected the computers of numerous Ukrainian government agencies with the pseudo-ransomware WhisperGate. Although the hacker had demanded $10,000 in bitcoin as ransom, the malware had irreparably corrupted all disk partitions. The stolen data was also resold on the darknet by the Russians.
Steagall and his accomplices have broadened the scope of their attacks since August 2022. They have compromised a country’s transportation infrastructure in Central Europe and launched attacks against government agencies in the US and other NATO member states.
A $10 million reward has been announced by the US State Department for information leading to the hacker’s location. He could spend the next five years behind bars.
A “Fed leak” was announced by LockBit, but the data of only one bank was posted.
According to an announcement made by the hacker group LockBit on June 23, 33 TB of sensitive banking data was stolen from the US Federal Reserve. If the ransom wasn’t paid within 48 hours, the data would be made public by the cybercriminals.
The twenty-one files that LockBit uploaded on June 25 were all associated with Evolve Bank and Trust, an outside financial institution. At first glance, the researchers who examined the dump did not discover any private data.
Officials from Evolve Bank & Trust verified the occurrence. The Bank is currently communicating with impacted customers and is working with authorities to conduct an investigation.
Authorities felt that the major announcement was an effort by LockBit to “remain relevant.”
Exploits for Chrome and Linux made available for purchase in cryptocurrency for several thousand dollars
On a hacker forum, a user going by the handle Cas advertised a UAF zero-day vulnerability in the Linux kernel for sale. This vulnerability allows for the execution of privileged code in certain versions of the operating system.
The “Fed hack” and the hacking of over 1,500 CoinStats crypto wallets are among the recent cybersecurity incidents.
Login to ForkLog
You can pay $150,000 in Bitcoin or Monero for the source code. The deal’s middleman is IntelBroker, which has announced leaks from T-Mobile, AMD, Apple, Atlassian, and Atlassian in the past.
The Sandbox Escape RCE vulnerability in Google Chrome is being sold by another ctf user. Affected systems may be able to execute arbitrary code.
The “Fed hack” and the hacking of over 1,500 CoinStats crypto wallets are among the recent cybersecurity incidents.
Login to ForkLog
According to the vendor, the vulnerability test verified that it works on Windows.
He put a million Monero, or Bitcoin, on the item’s value.
A Russian exchanger will buy BitOK, an anti-money-laundering and know-your-customer solution.
The Kazan-based cryptocurrency exchanger RSI GARANT organized an open tender for the purchase of an AML/KYT solution, and the international service BitOK won.
A comprehensive functional analysis was conducted on the six major AML program CIS drivers within one month. Because of this, BitOK was named top in three categories:
high-quality data markup; diverse risks; reporting system.
We also took into account the client portfolio and how well the service standard was received by the market.
The solution will be purchased by RSI GARANT from BitOK and will be seamlessly integrated into its services going forward.