🚀 Blockchain Security Firm Warns Of Hacked Social Media Account
#Blockchain #CyberSecurity #Phishing #Cryptocurrency #BreachAlert #DigitalSafety #AssetProtection #PersonalInformation #TwoFactorAuthentication #PeckShieldAlert
According to PANews, blockchain security organization PeckShieldAlert has issued a warning regarding the hacking of Brett's X account, known as @BasedBrett. Users are advised to exercise caution and avoid clicking on the phishing link claimtoken-basedbrett[.]com to prevent potential asset loss or information leakage.
PeckShieldAlert's warning highlights the ongoing risks associated with phishing attacks in the digital space. Such incidents underscore the importance of vigilance among users to safeguard their personal and financial information. The compromised account could be used by hackers to disseminate malicious links, aiming to deceive users into revealing sensitive data or transferring funds.
This incident serves as a reminder of the persistent threats in the online environment, particularly within the blockchain and cryptocurrency sectors. Users are encouraged to verify the authenticity of links and communications before engaging with them. Maintaining robust security practices, such as enabling two-factor authentication and regularly updating passwords, can help mitigate the risks posed by such cyber threats.#Blockchain #CyberSecurity #Phishing #Cryptocurrency #BreachAlert #DigitalSafety #AssetProtection #PersonalInformation #TwoFactorAuthentication #PeckShieldAlert
🚀 Crypto Phishing Attacks Expected To Rise During Holiday Season
#Crypto #PhishingAttacks #HolidaySeason #Cybersecurity #Investors #Scams #DigitalAssets #WalletDrain #TwoFactorAuthentication #Web3 #Blockchain #OnlineTransactions #CryptoHacks #CryptoLosses #ThalaHack
According to Cointelegraph, cybersecurity experts have issued a warning that crypto phishing attacks are likely to increase in December as scammers seek to exploit the Christmas holiday shopping season. In November, more than 9,200 cryptocurrency investors collectively lost $9.3 million to phishing scams, as reported by Scam Sniffer, a platform dedicated to monitoring crypto scams. The platform highlighted that one victim lost $661,000 in stETH within minutes, emphasizing the severity of these attacks.
Malicious signatures continue to be a significant threat, as they allow attackers to gain full control over a wallet's digital assets, leading to wallet drain attacks. Despite a 53% decrease in phishing losses from October's $20.2 million, experts anticipate a surge in December due to increased online transactions. Deddy Lavid, co-founder and CEO of Cyvers, a Web3 security platform, advised investors to verify communications, enable two-factor authentication, and avoid public WiFi for sensitive activities. He stressed the importance of being aware of holiday-themed phishing tactics and using real-time monitoring tools to detect suspicious behaviors promptly.
Lavid also emphasized the need for users to be cautious when signing blockchain transactions, recommending thorough scrutiny and simulation of transactions beforehand to prevent authorizing malicious activities inadvertently. Despite the heightened risks during the holiday season, there have been fewer crypto hacks compared to 2023, with $1.48 billion stolen year-to-date as of November 28, marking a 15% decrease from the same period in 2023. Notably, the largest hack in November was the $25.5-million Thala hack, from which the protocol successfully recovered all assets lost to the farming vulnerability. As of June, the crypto industry had suffered over $19 billion in losses across 785 reported hacks and exploits over the past 13 years.#Crypto #PhishingAttacks #HolidaySeason #Cybersecurity #Investors #Scams #DigitalAssets #WalletDrain #TwoFactorAuthentication #Web3 #Blockchain #OnlineTransactions #CryptoHacks #CryptoLosses #ThalaHack
🚀 Phishing Attacks Compromise Multiple X Accounts
#PhishingAttacks #Cybersecurity #XAccounts #TwoFactorAuthentication #DataBreach #OnlineSafety #KYC #AIAgents #UserAwareness
According to Odaily, SlowMist founder Yu Jian recently reported on X that several accounts have been compromised by phishing attacks. Among the affected are Aizel Network (@aizel_network) and Foresight Ventures (@ForesightVen). The breaches occurred after individuals entered correct passwords, possibly along with two-factor authentication (2FA) details, allowing attackers to take control of the accounts. The phishing scheme involved intimidation tactics, claiming copyright infringement to deceive users into providing passwords, 2FA codes, email addresses, phone numbers, and some Know Your Customer (KYC) documents. Once attackers obtained this information, they launched further phishing attacks, such as promoting tokens related to AI Agents. Users are advised to remain vigilant and not to trust any suspicious requests for passwords, mnemonic phrases, or private keys.#PhishingAttacks #Cybersecurity #XAccounts #TwoFactorAuthentication #DataBreach #OnlineSafety #KYC #AIAgents #UserAwareness
🚀 Over 7 Million OpenSea User Emails Publicly Leaked, SlowMist Warns of Increased Phishing Risks
#OpenSea #dataBreach #phishing #emailLeaked #cryptocurrency #SlowMist #CustomerIO #digitalassets #security #twoFactorAuthentication
The email addresses of over 7 million OpenSea users have been fully publicized online, following a data breach involving the marketplace’s email vendor in June 2022, according to blockchain security firm SlowMist. This latest development raises significant concerns over potential phishing and scam attacks.Details of the BreachThe leak originates from Customer.io, OpenSea’s email automation vendor, whose employee leaked user emails to an outside party.While the breach was initially reported on June 29, 2022, the data has now been fully publicized, making it available to bad actors worldwide.A Telegram message shared by SlowMist’s 23pds shows a file titled “opensea.io_mail_list.rar”, reportedly containing 7 million email addresses.Impact on the Crypto CommunityThe leaked data includes the email addresses of prominent cryptocurrency practitioners, companies, and key opinion leaders (KOLs), exposing them to targeted phishing attacks.Phishing scams accounted for over $1 billion in stolen digital assets across 296 incidents in 2024, making it the costliest attack vector of the year, according to CertiK.Protecting Yourself from Phishing ScamsUse strong and unique passwords stored securely in a password manager.Enable two-factor authentication (2FA), preferably through an authenticator app rather than SMS.Keep device software updated to mitigate security vulnerabilities.OpenSea’s ResponseWhen the breach was first discovered, OpenSea advised users to assume their email addresses were impacted and pledged to cooperate with law enforcement and Customer.io in the ongoing investigation, according to Cointelegraph.#OpenSea #dataBreach #phishing #emailLeaked #cryptocurrency #SlowMist #CustomerIO #digitalassets #security #twoFactorAuthentication
🚀 Data Breach at Major Exchange Raises Security Concerns
#DataBreach #CyberSecurity #Exchange #EmployeeInformation #Phishing #SocialEngineering #PasswordSecurity #TwoFactorAuthentication #AccountSafety #InformationSecurity
According to PANews, SlowMist Technology's Chief Information Security Officer, 23pds, reported on the X platform that a data breach has occurred involving a third-party service used by a leading exchange. The breach has exposed a significant amount of employee information, including emails and passwords. The issue has been communicated to the relevant parties for resolution.
As the year-end approaches, individuals are advised to remain vigilant and ensure the security of their funds. It is crucial to guard against phishing emails and social engineering attacks by avoiding clicking on unknown links or providing account information.
Users are encouraged to promptly change passwords for high-risk accounts and avoid reusing passwords. Enabling two-factor authentication (2FA) is recommended to enhance account security. In the event of unusual logins or suspicious transactions, users should verify and take necessary security measures immediately.#DataBreach #CyberSecurity #Exchange #EmployeeInformation #Phishing #SocialEngineering #PasswordSecurity #TwoFactorAuthentication #AccountSafety #InformationSecurity
🚀 Jupiter Co-Founder Recovers Social Media Account After Security Breach
#Jupiter #CoFounder #SocialMedia #SecurityBreach #TwoFactorAuthentication #AccountRecovery #CyberSecurity #Meow #SIMCardSwap #Hacking
According to BlockBeats, on March 5, Jupiter co-founder Meow announced on X that he has regained control of his social media account. Meow expressed confusion over the incident, stating that despite having a unique password and two-factor authentication enabled, his account was compromised. He noted that all his devices were secure and the only connected applications were Typefully and Streamyard. Past login records showed access only from his phone, Typefully, and Streamyard, with no recent activity. Although there is a possibility that his SIM card was swapped, the attacker would still have needed the password, prompting Meow to replace the SIM card as a precaution. Despite deleting other login sessions, the attacker managed to post content, possibly before the sessions were removed. Meow also mentioned that he had performed a complete logout just a week prior to the breach.#Jupiter #CoFounder #SocialMedia #SecurityBreach #TwoFactorAuthentication #AccountRecovery #CyberSecurity #Meow #SIMCardSwap #Hacking
🚀 HyperFND's Official Account Restored After Security Breach
#HyperFND #HyperliquidX #SecurityBreach #TwoFactorAuthentication #BlockchainSecurity #OfficialAccountRestored #StayVigilant #Discord #Telegram
According to Odaily, HyperliquidX announced that the HyperFND official X account, previously compromised, has been successfully restored. Hyperliquid's blockchain and other social media accounts remained secure and unaffected throughout the incident. The team collaborated with the X security team to investigate the breach, confirming no leaks of system, email, or credentials, and that two-factor authentication (2FA) was not compromised. Security measures are still being enforced. Users and community members are advised to verify any suspicious announcements through official channels like Discord and Telegram, as genuine announcements will not create a sense of urgency. Stay vigilant.#HyperFND #HyperliquidX #SecurityBreach #TwoFactorAuthentication #BlockchainSecurity #OfficialAccountRestored #StayVigilant #Discord #Telegram
🚀 North Korean Hackers Target Individual Investors in Recent Cyber Attack
#NorthKorea #Hackers #Lazarus #CyberAttack #Investors #Malware #Security #Blockchain #ETH #TornadoCash #HardwareWallets #TwoFactorAuthentication #CyberSecurity #ProtectiveMeasures
According to PANews, the North Korean hacker group Lazarus has shifted its focus to individual investors, stealing over $5.2 million through malware on May 24. The stolen funds were taken from various wallet types, including exchange wallets, multi-signature wallets, and external accounts. Blockchain analyst ZackXBT tracked the hackers, discovering that approximately 1,000 ETH had been moved through the mixer Tornado Cash.
Security experts advise individual investors to take protective measures such as using hardware wallets for large assets, enabling two-factor authentication, regularly updating software patches, being cautious of suspicious links, and routinely checking transaction records. This attack signifies a strategic shift by the group from targeting institutions to focusing on individual investors.#NorthKorea #Hackers #Lazarus #CyberAttack #Investors #Malware #Security #Blockchain #ETH #TornadoCash #HardwareWallets #TwoFactorAuthentication #CyberSecurity #ProtectiveMeasures
🚀 Massive Data Breach Exposes 16 Billion Login Credentials
#DataBreach #Cybersecurity #LoginCredentials #InformationSecurity #Cryptocurrency #PasswordSecurity #TwoFactorAuthentication #Malware #Elasticsearch #CloudSecurity
According to Odaily, a Cybernews research team has revealed a significant data breach involving 16 billion login credentials from major online service providers, including Apple, Google, and Facebook. The largest single database in this breach contains 3.5 billion records. The exposed data was primarily found through unencrypted Elasticsearch or object storage instances and includes access tokens, session cookies, and account metadata stolen by information-stealing malware.
This breach poses a severe threat to the cryptocurrency industry, as attackers could exploit the leaked credentials to take over accounts, particularly those linked to custodial wallets or associated email platforms. The risk is heightened for wallets that allow mnemonic phrases to be backed up to cloud services. Security experts advise users to update their passwords immediately, enable two-factor authentication, and avoid storing recovery phrases in insecure digital environments.
The identities of the original data holders remain unclear, but researchers have confirmed that some databases may belong to cybercriminal organizations.#DataBreach #Cybersecurity #LoginCredentials #InformationSecurity #Cryptocurrency #PasswordSecurity #TwoFactorAuthentication #Malware #Elasticsearch #CloudSecurity
🚀 Phishing Attack Exploits X Platform Authorization Mechanism
#Phishing #X #AppAuthorization #CalendarApp #GoogleCalendar #MaliciousApp #AccountHijack #2FA #TwoFactorAuthentication #CyberSecurity
According to PANews, a recent sophisticated phishing attack has targeted users in the cryptocurrency sector by exploiting the X platform's application authorization mechanism. This attack bypasses passwords and two-factor authentication, leading to the hijacking of several accounts. The attackers used phishing messages disguised as Google Calendar links to trick users into authorizing a malicious application named 'Calendar.' This application, containing disguised characters, requests full account control permissions. Security experts advise affected users to promptly visit the authorized applications page on X and remove the suspicious 'Calendar' app to prevent further damage.#Phishing #X #AppAuthorization #CalendarApp #GoogleCalendar #MaliciousApp #AccountHijack #2FA #TwoFactorAuthentication #CyberSecurity
🚀 Angel Investor Loses Cryptocurrency to Malicious Software
#AngelInvestor #Cryptocurrency #Malware #CyberAttack #Web3 #Blockchain #Polygon #DigitalWallet #CyberSecurity #TwoFactorAuthentication #MetaToy #Telegram #MaliciousSoftware #OnlineScams #CryptoTheft #SecurityBreach #TechNews
According to PANews, a professional angel investor, known for evaluating numerous Web3 projects and having extensive knowledge of online scams, recently fell victim to a cyber attack. The investor, Xu Xianlong, inadvertently downloaded a game launcher containing malware while testing a network game, resulting in the theft of cryptocurrency assets worth at least 100,000 yuan from his digital wallet.
Xu, an early investor in the blockchain platform Polygon, shared his experience to caution the public against downloading software from unknown sources and sharing two-factor authentication information. He recounted that on December 5, while browsing the messaging platform Telegram, he encountered a post about testing a game project called 'MetaToy.' A user named Shanni, claiming to be a co-founder of the 'Meta team,' contacted him. Following instructions, Xu downloaded the game launcher, unaware that the malware had already compromised his crypto wallet data.
Despite reinstalling the Microsoft system for security reasons, the malware persisted. Xu reported the incident to the authorities on Friday, December 12.#AngelInvestor #Cryptocurrency #Malware #CyberAttack #Web3 #Blockchain #Polygon #DigitalWallet #CyberSecurity #TwoFactorAuthentication #MetaToy #Telegram #MaliciousSoftware #OnlineScams #CryptoTheft #SecurityBreach #TechNews
🚀 Instagram Data Breach Exposes Sensitive Information of 17.5 Million Users
#Instagram #DataBreach #SensitiveInformation #Users #Security #DarkWeb #PhishingAttacks #Malware #APIExposure #Meta #PasswordReset #TwoFactorAuthentication #AccountSecurity
According to BlockBeats, a data breach on Instagram has exposed sensitive information of approximately 17.5 million users, including usernames, email addresses, phone numbers, and physical addresses. The compromised data has reportedly been sold on the dark web and may be used for phishing attacks and account takeovers. Malwarebytes, a security company, suggests the incident might be linked to an API exposure issue from Instagram in 2024. Affected users have been receiving frequent password reset emails. As of now, Meta has not issued an official response. Security experts recommend users enable two-factor authentication (2FA) and change their passwords to enhance account security.#Instagram #DataBreach #SensitiveInformation #Users #Security #DarkWeb #PhishingAttacks #Malware #APIExposure #Meta #PasswordReset #TwoFactorAuthentication #AccountSecurity
🚀 ZeroDayRAT Spyware Threatens Mobile Financial Security
#ZeroDayRAT #Spyware #MobileSecurity #Android #iOS #BankingSecurity #CryptocurrencySecurity #Phishing #Smishing #TwoFactorAuthentication #FinancialSecurity
A newly identified spyware platform, ZeroDayRAT, has surfaced with the capability to fully compromise both Android and iOS devices, including the latest models like the iPhone 17 Pro. According to NS3.AI, this spyware is designed to steal sensitive data such as GPS location, banking and cryptocurrency app notifications, and account credentials, while also bypassing two-factor authentication. ZeroDayRAT is distributed through malicious links found in smishing texts, phishing emails, and fake app stores, posing a significant threat to mobile financial security.#ZeroDayRAT #Spyware #MobileSecurity #Android #iOS #BankingSecurity #CryptocurrencySecurity #Phishing #Smishing #TwoFactorAuthentication #FinancialSecurity
🚀 iOS Users Urged to Update Amid Critical Security Vulnerability
#iOSUpdate #SecurityVulnerability #DarkSword #iPhone #iPad #CryptoSecurity #Malware #CyberSecurity #TwoFactorAuthentication #GTIG #BinanceWallet #AppPermissions #CryptoWallet #SecurityAlert #UpdateNow #StaySafe
Binance Wallet announced on X that Apple is urging iPhone and iPad users to immediately update their iOS systems due to a critical security vulnerability. The Google Threat Intelligence Group (GTIG) has identified an exploit chain, named “DarkSword,” which affects iOS versions 18.4 to 18.7. This vulnerability is a system-level issue and is not linked to any exchange or wallet application.
The exploit can be triggered when users visit compromised websites that appear legitimate. It allows attackers to extract sensitive data, including information from crypto wallets, without any user interaction. The malware is capable of erasing its traces post-execution, making it challenging to detect. Devices running iOS 18.4 to 18.7 are particularly at risk.
To mitigate the risk, users are advised to update their devices to the latest iOS version immediately. Additionally, it is recommended to avoid clicking on unknown links or visiting untrusted websites. Users should also review app permissions and disable any unnecessary access. Enabling Two-Factor Authentication (2FA) on all crypto-related accounts and activating withdrawal whitelists are further suggested precautions.
This security alert is crucial for all users, not just those associated with Binance, as security is fundamental to the entire ecosystem. Protecting user assets is a top priority, and taking these steps can help safeguard against potential threats.#iOSUpdate #SecurityVulnerability #DarkSword #iPhone #iPad #CryptoSecurity #Malware #CyberSecurity #TwoFactorAuthentication #GTIG #BinanceWallet #AppPermissions #CryptoWallet #SecurityAlert #UpdateNow #StaySafe