Security Alerts & News
by Tymoteusz A. Góral

History
#990 Bitcoin phishing campaign uncovered
For the last month, attackers have used a combination of phishing and typosquatting to carry out a campaign aimed at stealing Bitcoin and blockchain wallet credentials.

More than 100 phony Bitcoin and blockchain domains have been set up so far, many which mimic legitimate Bitcoin wallets. Most of the sites were registered on May 26 and more continue to pop up daily suggesting the campaign is still in the early goings.

Artsiom Holub, Dhia Majoub, and Jeremiah O’Connor, researchers with OpenDNS’ Security Labs, traced connections between IP addresses, name servers and Whois indicators over the last few weeks in order to determine the scope of the campaign.

Cyren, an Israeli cloud-based security firm, spotted the first signs of life from the campaign in early June when it observed the domain blocklchain[.]info spreading through a pay-per-click advertising scam via Google AdWords. If a user was tricked into visiting the site – a replica of the real deal – and actually logged in, they would have handed their Blockchain credentials over to attackers.
Read more
#993 KSN Report: Ransomware from 2014-2016
#992 3 million strong botnet grows right under Twitter's nose
#991 PayPal dumped cloud company (Seafile) after It refused to monitor customers' files
#990 Bitcoin phishing campaign uncovered
#989 Bitcoin rival Ethereum fights for its survival after $50 million heist
#988 NEC to launch AU$4.38m IoT-focused cybersecurity centre in Adelaide
#987 Tech support scams target victims via their ISP
#986 Hackers hit central banks in Indonesia and South Korea
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12