November 30, 2025

Dark Light

Search

Cryptocurrency cybercrime News

0

22

“Crazy Evil” Threatens Cryptocurrency Ecosystem

A new and rising threat to decentralized financing has been identified. Threat intelligence researcher, the Insikt group, has uncovered “Crazy Evil,” a rapidly growing Russian crypto-scam gang that targets cryptocurrency users and influencers. According to Insikt Group, over ten active social media scams are linked directly to Crazy Evil, garnering millions of dollars in illicit funds and infiltrating tens of thousands of devices.

Crazy Evil is what is referred to as a “traffer” team, which Insikt describes as “a collective of social engineering specialists tasked with redirecting legitimate traffic to malicious landing pages.” Allegedly operating since 2021 on dark web forums and amassing thousands of followers on their public Telegram channels, Crazy Evil’s primary targets are cryptocurrency users, non-fungible token (NFT) traders and gaming professionals – all of whom often use decentralized platforms with little or no regulatory oversight.

Healthcare News ransomware

0

18

‘Hellcat’ is new breed of cybercriminal

A ransomware gang, Hellcat, that emerged in 2024 is being seen as representative of a new type of threat actor using off-the-shelf malware and innovative extortion techniques.

According to cybersecurity company Cato Networks: “Hellcat’s emergence in 2024 marks a troubling shift in the landscape of cybercrime. By leveraging a ransomware-as-a-service (RaaS) model and utilizing double extortion tactics, Hellcat has not only increased the accessibility of ransomware but also heightened the psychological impact on its victims.”

AI Cybersecurity Executives Expert Opinions Featured SMB

0

28

Shoring up SMEs Cyber-Defenses

In an exclusive interview with Cyber Intelligence, CEO and co-founder of cybersecurity firm EyeR, Sean Tsvik, explains what small-to-medium-sized organizations (SMEs) can do to protect their systems and customers’ critical data from increasingly sophisticated cyber-attacks.
They should start by using a managed detection and response (MDR) service. That allows medium-sized organizations to protect themselves against increasingly sophisticated cyber-attacks without paying high salaries to in-house cyber experts. MDR services work out costing only a couple of dollars per endpoint and are by far the best starting point for small-to-medium-sized companies looking to strengthen their cyber defenses. Small organizations can also benefit from moving to the cloud as this leaves even fewer endpoints to secure.

0

16

Chinese AI offering rattles Big Tech investors

The start of this week saw roughly $1 trillion wiped off leading US tech stocks, following the launch of Deepseek, a Chinese rival to AI offerings such as Microsoft ChatGPT. What has really spooked the markets is that the Chinese artificial intelligence (AI) assistant uses less data and generates lower all-round costs than its current Silicon Valley rivals.

The expense of training and developing DeepSeek’s models is claimed to be only a small fraction of that required for OpenAI, putting into question the need to invest in the latest and most powerful AI accelerator chips from Nvidia. At the start of trading this week, Shares in Nvidia dropped a full10 percent and AI data analytics company Palantir lost seven percent in pre-market trading. Microsoft, Google’s parent company Alphabet, and Meta all also experienced a drop in their share price.

AI cybercrime News

0

19

GenAI speeds up cybercrime

While Silicon Valley is finding that artificial intelligence (AI) is proving a tough sell to businesses and consumers, cybercriminals worldwide have lost little time in adapting the technology to cybercrime.

The latest rogue AI offering is GhostGPT. According to Abnormal Security, Ghost GPT follows hard on the heels of earlier illicit AI offerings: WormGPT, WolfGPT, and EscapeGPT. To test its capabilities, Abnormal Security researchers asked GhostGPT to create a Docusign phishing email. The chatbot produced a convincing template with ease, demonstrating its ability to trick potential victims

Arrest Cryptocurrency News

0

26

FBI Takes Down Crypto-Laundering Scam

The line between cybercrime and plain old-fashioned fraud has become yet more blurred following the sentencing of international virtual currency vendor Anurag Pramod Murarka to 121 months in prison for his involvement in a classic money laundering operation that he advertised on Darknet marketplaces.

According to recently unsealed court documents, Murarka operated an international money laundering business from April 2021 until September 29, 2023. Murarka was able to operate out of India and serviced shady clients in the United States through an intricate Indian “hawala” money transferring system and the use of the US Postal Service as his “unwitting partner in transferring ill-begotten funds.” The original Hawala scam was an Indian political and financial scandal involving illicit payments allegedly sent by politicians through a network of four Hawala brokers that implicated some of the country’s leading politicians.

News One Minute Roundup

0

13

HPE Investigating Hacker Breach Claims – January 21st

Following claims from the IntelBroker group on BreachForums of having access to large amounts of Hewlett Packard Enterprise (HPE) company data, HPE has begun its investigations.

The breach allegedly includes private GitHub repositories, Docker builds, and source codes. Arctic Wolf researchers helped HPE uncover the potential breach, and are continuing to work on validating the claim.

China News Telecommunications

0

19

US takes on Chinese hackers

A man alleged to be behind the recent Salt Typhoon US telecoms network and US Treasury department breaches has been sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC). Yin Kecheng “has been a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State Security (MSS)”, says the Treasury Office. Yin is alleged to have had direct and associated involvement in both breaches.

Two key individuals in President Donald Trump’s new administration, Elon Musk, and the president’s nominee to head the Department of Homeland Security, Kristi Noem, have specifically cited the two devastating breaches as the prime examples of why the nation’s cybersecurity strategy is in pressingly urgent need of being overhauled.

News One Minute Roundup

0

12

Healthcare Attacks will not Slow Down in 2025 – January 22nd

According to a report by Netwrix, 84% of organizations in the healthcare sector faced a cyber attack in 2024 and predicts this will not slow down in 2025.

The report also found that nearly 70% of healthcare organizations have dealt with financial damages brought about by cyber incidents. Additionally, 21% reported a change in leadership due to the attacks last year.

Geopolitics Government News

0

24

Fresh Focus on Cyber-Attacks for CISA

One of the greatest challenges now facing President Trump’s new administration is to protect the US’s critical infrastructure and its economy from the rapidly growing menace of cyber-attacks.

On Friday, the president’s nominee to head the Department of Homeland Security, Kristi Noem, signalled a new direction for America’s main cybersecurity agency, the Cybersecurity and Infrastructure Security Agency (CISA), which, she says, urgently needs to be realigned away from focusing on misinformation and curtailing free speech and more towards preventing cyber-attacks on critical infrastructure in the US.

Breaking News European Union News

0

17

The rising costs of DORA compliance

The European Digital Operational Resilience Act (DORA), which came into force on Friday, January 17, is already having unforeseen costs for organizations right across the financial sector. Although the act is the brainchild of the European Union (EU), the financial services industry has been global for some years, and firms in the US and the UK are also impacted. As of Friday, the new regulations now also apply to US companies providing financial services within the EU or catering to EU customers.

California-based cybersecurity company Rubrik has commissioned research that almost half of UK financial businesses report spending over €1 million each over the last two years in trying to comply with the new EU regulation. DORA mandates key provisions such as contractual safeguards and contingency plans to mitigate risks from partners and third parties. DORA compliance also requires regular testing of digital resilience and attack simulations.

News One Minute Roundup

0

13

Mercedes Benz Vulnerability Places Risk of Remote Access – January 20th

CERT-UA warns of attackers impersonating the agency via fake AnyDesk requests for “security audits.” Remote access should only occur with prior approval through official channels to mitigate these risks.

Amid ongoing cyberattacks linked to the Russo-Ukrainian war, over 1,042 incidents were detected in 2024, including espionage and malware campaigns by groups like Gamaredon and Sticky Werewolf. Pro-Russian and pro-Ukrainian actors continue targeting each other with phishing and credential theft efforts.

Arrest Cryptocurrency News

0

22

Pastor Charged with Cryptocurrency Scam

Washington-based Pastor Francier Obando Pinillo has been charged for his involvement in “Solano Fi,” a fraudulent cryptocurrency investment business that Pinillo claims “came to him in a dream.” A pastor in a church based in Pasco, Washington, Pinillo allegedly took advantage of his position to sway members of the congregation to invest in Solano Fi, defrauding over a thousand victims of millions of dollars in what he claimed was a “safe and guaranteed investment.”

“Fraudulent investment schemes are not new, but cryptocurrency scams are a new way fraudsters take money from hardworking, honest people,” states US Attorney Vanessa Waldref.

The landmark case illustrates how cryptocurrency scams have now become mainstream. Fraudulent cryptocurrency schemes have previously been viewed as the province of highly organized hostile nation-state-backed cybercriminals and shadowy ‘market makers”. But the Pinillo case illustrates how even relatively unskilled crooks are now capable of preying on the greed of unsuspecting investors.

China Cyber Espionage News

0

19

FBI unplugs Chinese hackers

The US Justice Department and FBI have completed a law enforcement operation to delete Chinese malware from approximately 4,258 U.S.-based computers and networks. The international operation was led by French law enforcement and France-based private cybersecurity company Sekoia.io.

According to court documents unsealed in the Eastern District of Pennsylvania, a group of hackers paid by the People’s Republic of China (PRC), known as “Mustang Panda” and “Twill Typhoon,” used a version of PlugX malware to infect, control, and steal information from victim computers. Since at least 2014, Mustang Panda hackers have infiltrated thousands of computer systems in campaigns targeting US victims, European and Asian governments and businesses, and Chinese dissident groups.

AI News ransomware

0

17

AI enables ransomware boom

A new ransomware group, named Funksec, is the latest example of relatively inexperienced cybercriminals using AI to develop weaponized malware. The group claims that over 85 organizations fell victim to its ransomware attacks in December alone, potentially surpassing every other ransomware group in terms of victim numbers.

According to Check Point Research: “FunkSec operators appear to use AI-assisted malware development which can enable even inexperienced actors to quickly produce and refine advanced tools…Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec appears to have no known connections to previously identified ransomware gangs.”

Investment Scam News Workforce Cyber

0

21

Fake job offer scams gather pace

The New Year has begun with further news of a particularly cynical fraud campaign aimed at jobseekers. Lucrative-seeming fake job offers are being sent by email to individuals working in targeted organizations and in companies operating in critical industries.

This month, cybersecurity company Crowdstrike has identified an email phishing campaign exploiting its recruitment branding to deliver malware disguised as an “employee CRM application.” The fake email impersonates Crowdstrike recruitment and directs recipients who are curious about the personalized job offer to a malicious website. But Crowdstrike also reports that the cybersecurity company is also aware of a number of other fake job offer scams currently taking place.

Cybersecurity Executives Expert Opinions Featured SMB

0

24

SMEs in urgent need of cybersecurity overhaul

In an exclusive interview with Cyber Intelligence, Brian Buiwe, Technology Specialist at Sage, explains how SMEs and other smaller organizations urgently need to re-address their approach to cybersecurity.

There is a huge knowledge gap among C-suite executives of small-to-medium-sized enterprises (SMEs), as well as among other professionals such as senior doctors and lawyers, where cybersecurity is concerned. Many do not yet grasp the urgent need for cybersecurity. The mainstream media has actually done a very poor job of keeping them informed of the growing threat facing all sectors.

China Geopolitics News

0

20

China ramps up cyber-attacks on the US

The latest US security breach attributed to systematic attempts by China to compromise US institutions and critical infrastructure has impacted the US Treasury. The intrusion is being billed as “a major cybersecurity incident”.

According to a letter from the US Department of the Treasury: “The threat actor was able to override the service’s security, remotely access certain Treasury Departmental Office user workstations, and access certain unclassified documents maintained by those users… Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”

AI News Vulnerability

0

22

AI gives the game away

The latest threat for companies using large language (LLM) AI software to replace human staff is the software’s innate gullibility. LLM software can be likened to some cowardly bank clerk in an old Western hold-up who not only willingly opens a back door for the bad guys but also willingly tells them the combination of the safe.

The methods for persuading LLMs into naively disclosing the keys to the corporate kingdom are known as ‘LLM Jailbreak’ techniques. Palo Alto Networks Unit 42 researchers have named one such LLM Jailbreak, “Bad Likert Judge”.

AI Cybersecurity Executives Expert Opinions Featured

0

30

Security minefield ahead for GenAI users

In an exclusive interview with Cyber Intelligence, Gadi Bashvitz, CEO of cybersecurity testing firm, Bright Security warns of the security challenges facing organizations in the wake of widespread adoption of GenAI.

Cyber Intelligence: Are there any specific dangers of which companies using GenAI to generate new code should be particularly aware?

Gadi Bashvitz: There are multiple considerations here. On one hand, any solution developed leveraging LLMs is prone to LLM-specific vulnerabilities such as Insecure Output Handling and Broken Access Control and it is critical to make sure organizations are aware and can detect such vulnerabilities before releasing LLM-based solutions.

Banking Threats Finance News

0

19

Ransomware gangs target law and accountancy firms

In what is bad news for law and accounting firms, the professional and technical services sector has now overtaken the manufacturing sector as the prime target for ransomware attacks of Q3 2024.

According to cybersecurity company Nuspire: “These firms handle highly sensitive client data, such as financial records, legal documents, and business strategies, making them prime targets for ransomware operators.”

Nuspire predicts that, with ransom demands averaging around $2.5 million a hit for law firms, ransomware operators will continue to target this sector as long as the potential rewards outweigh the effort. The situation is particularly dire for smaller practices, which may lack the resources to protect against today’s increasingly ruthless and sophisticated cyber-attacks.

China Cyber Espionage News

0

16

US Puts $10M Bounty on Chinese Hacker

A Chinese national, Guan Tianfeng, has been accused of involvement in the hacking of 81,000 firewall devices all over the world in 2020. Some of the compromised devices were protecting systems running US critical infrastructure and, had the attacks gone undetected, they could have had potentially deadly consequences. The US Department of State’s Rewards for Justice (RFJ) program has since announced a reward of up to $10 million for information leading to the arrest of Guan and his alleged co-conspirators.

“The defendant and his conspirators compromised tens of thousands of firewalls and then continued to hold at risk these devices, which protect computers in the United States and around the world,” said Assistant Attorney General for National Security Matthew G. Olsen.

News Vulnerability Workforce Cyber

0

22

Unsecured PCs and laptops put organizations at risk

Tech giant HP has issued a stark warning that most global organizations fail to secure the hardware and firmware of PCs, laptops and printers, “weakening cybersecurity posture for years to come.”

According to a new report from HP’s Wolf Security Unity, 68 percent of IT and security decision-makers (ITSDMs) report that investment in hardware and firmware security is often overlooked in the total cost of ownership (TCO) for devices.

“This is leading to costly security headaches, management overheads, and inefficiencies further down the line,” says HP.

Analysis Healthcare Latest News

0

16

US Healthcare companies on high cyber-alert

While the assassination of health insurance CEO Brian Thompson on the streets of central New York last week has been grabbing headlines this month, life-endangering cyber-attacks on the US healthcare industry are escalating at an alarming rate. Once again, the pressing need for both IT and physical security could not be more clear.

According to John Riggi, national advisor for healthcare security and risk at the American Hospital Association, healthcare security must now be seen as far more than just an IT issue. This year has seen what amounts to a sea change in the way healthcare executives must view not only their own personal security but also the impact of cyber-attacks not only on their bottom line but also on the lives and well-being of patients.

Geopolitics News Russia

0

25

Russian cyber gangs escalate attacks on US

Two Russian groups, the People’s Cyber Army and Z-Pentest, claim to have taken attacks on critical infrastructure in the US to a new and more dangerous level. Dark web researchers at threat intelligence firm Cyble have discovered Telegram videos detailing attacks on US energy and water facilities far beyond the previously supposed capabilities of such groups.

Cyble believes that the two groups may be working in cooperation with one another. Previously, the People’s Cyber Army, which also goes by the name of the Cyber Army of Russia Reborn, and lesser-known groups such as Z-Pentest, have largely confined their attacks on US critical infrastructure to simple and easy-to-repel distributed denial of service (DDoS) attacks.

Arrest News Russia

0

19

Russian Authorities Arrest FBI’s Most Wanted Hacker

The FBI’s most wanted hacker, Mikhail Pavlovich Matveev, dubbed the “Moriarty” of cybercrime, has finally been arrested by Russian authorities. Described by the FBI as a “prolific” cybercriminal, Matveev has had a $10 million bounty on his head for any information leading to his arrest since 2023.

The arrest is a turning point on the part of the Russian authorities, as cybercriminals have long seen Russia as a safe haven. According to intelligence sources, this could either represent an attempt to try and legitimize the Russian economy or an indication that the state is taking back control of cyber-attacks on Western economies.

Analysis Data Leak Vulnerability

0

21

The data currency time bomb

Corporations are not only amassing huge amounts of personal data on their customers as never before but also trading that data, frequently without the customer’s knowledge. As yet, the general public is largely unaware of the uses to which their personal information is being put or whose hands it ends up in. At the same time, companies holding the data must tread an increasingly complex regulatory minefield.

According to Chris Diebler, Security VP at cybersecurity company DataGrail: “Companies are all terrified of not having enough data as data is the new currency. However, companies need to think seriously about reducing these vast mountains of data. The value of data must be balanced against the cost and security risk of maintaining it.”

Companies that fail to secure personal data effectively or trade customer data with third parties face considerable potential brand damage when the details are obtained by bad actors and they suffer identity theft or financial fraud as a consequence.

News One Minute Roundup

0

17

UK Takes Down Russian Money Laundering Ring – December 5th

The FBI warns the public about rising fraud schemes using generative artificial intelligence. The FBI observed that GenAI can be utilized by hackers to create fraudulent social media accounts, generate false websites to entice cryptocurrency investors, and create AI chatbots in order to lure victims into clicking malicious links.

News One Minute Roundup

0

12

INC Ransom Hits Three UK Health Orgs – December 4th

German authorities have made arrests linked to drug-selling platform Crimenetwork, seizing over $1 million in crypto assets. Crimenetwork is alleged to be the largest darkweb marketplace in the country and enabled users to buy and sell drugs, and offered illicit services such as the forging of documents and trading of stolen data.

Cybersecurity Executives Expert Opinions Vulnerability

0

14

How can companies deal with data overload?

Sanjaya Kumar, MD, is the CEO of cybersecurity company SureShield, Inc. Dr. Kumar has more than 25 years of healthcare compliance, risk management, and security experience. In an exclusive interview with Cyber Intelligence, he outlines the challenge presented by the current environment of data overload and some of the steps organizations should take to mitigate the associated risks from it.

News One Minute Roundup

0

17

Stoli Announces Bankruptcy after Ransomware – December 3rd

Vodka Manufacturing Group Stoli USA declares bankruptcy after a ransomware attack. In a filing on Nov 29, CEO Chris Caldwell states that the ransomware attack was one factor among several others that led them to the bankruptcy filing, including decades-long legal battles with the Russian government.

Arrest cybercrime News North Korea

0

24

$1bn Korean bust is tip of SE Asian cybercrime iceberg

Authorities in Korea and Beijing dismantled a sprawling voice phishing syndicate responsible for financial losses totaling US$ 1.1 billion. But South-East Asian observers believe this to be only the tip of an impenetrable iceberg of cybercrime in South-East Asia that is rapidly starting spread around the globe.

The Korean bust was part of an Interpol-co-ordinated global operation involving law enforcement from 40 countries, territories, and regions and has ended with the arrest of over 5,500 financial crime suspects and the seizure of more than US$400 million in virtual assets and government-backed currencies.

China Cyber Espionage Geopolitics News

0

28

China’s Telecom Hack ‘Most Serious’ in US History

US Senator Mark Warner has called the Salt Typhoon hack, conducted by a group that has been linked to Chinese intelligence, “the most serious telecoms hack in our history.” In a recent interview with the NY Times, Warner also said that hackers were able to listen in on telephone calls and access text messages, emphasizing that “every major provider has been broken into.”

This follows hard on the FBI releasing a joint statement with the US Cybersecurity and Infrastructure Security Agency (CISA), in which they announced that “China-affiliated actors have compromised networks at multiple telecommunications companies.”

News Retail Vulnerability

0

27

Scammers circling Black Friday shoppers

Scammers have stolen £11.4 billion from UK citizens over the last 12 months. According to the Global Anti-Scam Alliance’s (GASA) latest report, The State of Scams in the UK, conducted in association with the UK’s leading fraud prevention service, Cifas, this represents an increase of £4 billion over the previous year.

With the Black Friday sales bonanza looming on both sides of the Atlantic, the findings come as a timely warning to online shoppers. GASA and Cifas anticipate a further spike in scam attempts this week and re-urging consumers to remain vigilant. The warning comes as 1 in 7 (15 percent) consumers surveyed said they lost cash to criminals in 2024, an increase from 10 percent in 2023. The average loss per victim was £1,400, and only 18 percent of victims recovered all their money.

cybercrime News Russia

0

24

Women break glass ceiling of Russian cybercrime

Women cybercriminals and lady Darknet hackers are now starting to make inroads into the hitherto male-dominated fraternities of Russian-speaking cybercrime. According to the cybersecurity training and certification cooperative, the SANS Institute, women cybercriminals sometimes now pose as men in order to obfuscate their identities as well as to gain credibility among Russian-speaking criminals.

The SANS Institute interviewed one such woman cybercriminal, who is referred to only as a “Confidential Human Source (CHS)” in order to comply with her request for anonymity.

“I often took my boyfriend to in-person meetings,” CHS revealed, shining a new light on a so-far largely unrecognized aspect of cybercrime, the fact that cybercriminals meetings are frequently also conducted offline.

Cyber Espionage News Vulnerability

0

16

US water supply threatened by cyber-attacks

The USA’s drinking water is under threat. According to the US Environmental Protection Agency (EPA), 97 drinking water systems serving around 27 million users have critical or high-risk cybersecurity.

Although the EPA’s latest report focuses on the potential financial costs of cyber-attacks, there is also strong evidence that such attacks could also result in significant loss of life, with thousands or even millions of people being deliberately poisoned by terrorists or a hostile foreign power.

“We estimate that a [California] state-wide water service disruption could potentially cost at least $61 billion in lost revenue per day,” says the EPA report, Cybersecurity Concerns Related to Drinking Water Systems.

Arrest Cryptocurrency News

0

18

Cryptocurrency Laundering Top Dog Arrested

Russian-Swedish native Roman Sterlingov has been sentenced to twelve years in prison for his alleged involvement in Bitcoin Fog, the longest-running cryptocurrency laundering service on the dark web. Sterlingov reportedly operated Bitcoin Fog for a decade and processed over 1.2 million Bitcoin, valued at approximately $400 million at the time of the transactions.

Bitcoin Fog ran from 2011-2021 and quickly garnered a reputation among the dark web community as the “go-to” cryptocurrency “mixer” for cybercriminals looking to hide their illicit funds from law enforcement. Bitcoin Fog would pool the “dirty” cryptocurrency and redistribute it in order to make the funds untraceable. According to court documents, the cryptocurrency laundered was mainly derived from darknet marketplaces tied to illegal narcotics, identity theft, and child sexual abuse material.

AI Cybersecurity Executives Expert Opinions

0

14

Generative AI – the current state of play

In an exclusive interview with Cyber Intelligence, Mike Finley, the Co-Founder and CTO of AnswerRocket, a business intelligence platform that deals with big data and AI agents, explains what generative AI can do for companies right now.

AI is changing faster than people are capable of understanding. So the general misunderstanding of what AI can do is going to be a lasting problem. The fact is that key scientists believe AI is now capable of improving itself, meaning we are at the start of a runaway path forward. At AnswerRocket, our basic DNA is artificial intelligence (AI) to enable business intelligence (BI). This obviously took a new direction with the widespread introduction of generative AI, but our basic approach remains the same.

Cyber Espionage cybercrime News

0

14

Cybercriminals pose as law enforcement agencies

The US Federal Bureau of Investigation (FBI) has issued an urgent warning to business and law enforcement agencies that cybercriminals are using genuine stolen US and foreign government email addresses to hack into companies.

As of August this year, the FBI has observed an increase in posts on criminal forums relating to fraudulent emergency data requests. In August 2024, a cyber-criminal known to the FBI offered for sale, “High Quality .gov emails for espionage/social engineering/data extortion requests, etc”, that included official US credentials. The cyber-criminals also offered to guide buyers through emergency data requests and to sell real stolen subpoena documents to allow the buyer(s) to pose as law enforcement officers.

1
2
3
4
5
6
…
13