Wall Street Bitcoin Phishing Warning

Wall Street Firms and Funds on High Alert.

My accounts were exposed and several attempts were made...

SIM Jacking and The Honeypot Files.

New Warning.

By Dominic Alvieri, @AlvieriD

December 3rd, 2020.


Cold store your cryptocurrencies for safety.
Secure your phone and digital assets now.
.

Wall Street phishing is more dangerous now.

FINRA fake site this week highlights persistent threat to Wall Street firms, now with greater crypto risks.


Healthcare, Financial and educational infrastructures are under attack. The risks are getting worse. Cyber theft and ransomware is running rampart along with mis and dis information and other ill willed digital variances. Numbing us slowly or with one abrupt jerk.

Goldman Sachs, Morgan Stanley and many other financial firms have always been targets. Many firms are now heavily invested in cryptocurrencies and blockchain investments and are even bigger targets now. Phishing campaigns and security have a whole lot more at stake. 

Several of my crypto accounts and wallets were exposed and several attempts were made to steal what little I had left in 2018, 2019 and again in May and November of this year. 


When it comes to protecting emergency healthcare systems no price is to high. Personally you should listen to official government information and medical professionals about vaccines and distributions. You can secure you digital assets right now. Cold storage is available for most assets and various remote security features for apps, your phone, computer, laptop or any IoT device you use. 
     


SIM Jacking can make your sunny day rainy in a hurry.
A SIM Jacking can quickly change a sunny day in Philadelphia or anywhere. 

Coinbase and Blockchain did well, others didn't.

2FA and cold storage are required, for starters.


As a rough primer keep as much information private, offline and as secure as possible. Use end to end encryption to communicate,  a secure VPN with wireless and mobile, and you can even encrypt your hard drive, SSD please. Have a back up. Use a secure 2FA app to secure your accounts and you can go a step further and use a YubiKey for security. Never place an unknown USB into any drive. There are many ways to protect your data and assets. 

Lives are at stake as well.

Protect everything as if your lives depend on it. The rule of thumb is the colder the better with assets. Anything you keep offline the more secure it is, per se, barring the physical theft or destruction.

Persistent threat actors North Korea, Iran, China and Russia, to name a few are busy targeting every aspect of our daily lives. Current FBI warnings include any and all vaccine makers. Many reports insist that has been underway and advancing much like the ransomware barrage. 

Bad actors are targeting everything digital. Bitcoin preferred.



Your phone is a major target.
Corporate executive and personal phones are big targets. Guard with care.

SIM Jacking and the Honeypot files.


Putting together the lost pieces and data trails the one persistent yearly target has been crypto wallets and services culminating in being SIM Jacked during the summer of the pandemic. Luckily most of the damage was mitigated. Prior years exchange breaches did most of the damage. 

Year after year cryptocurrency exchanges were being hacked. Mt. Gox was the beginning and losses added up. Information was being gathered and assets stolen. 

I looked to cross reference for any crypto-related addresses, emails or accounts exposed within the same breaches.  It is a digital trail that looks to be reversed engineered. I did find two old accounts, both breached and another via GateHub. GateHub sadly did not register any similar domains and has been a frequent target spammers and attacks. 

Individuals, Firms and Exchanges are at risk.


I have just recently began researching several very interesting pieces of bits and bytes if you will of gifts tucked away within a personal honeypot waiting to be extracted and explored. 



Honeypot reveals some interesting items.
Researching this honeypot looks to reveal more than just a remote shell.


The remote shell is bad enough.... 


Researching this newly open jar of honey looks to reveal more than just the remote shell I was expecting. Looks like an infostealer of the older variety hidden in a file.

There it was, the benign data file and more. Lots of clues. It gave me an idea.
Cross referencing old data files of information lost in prior data breaches a common theme was arising. Two old emails tied to old crypto accounts were being attacked, again.

Equifax, Capital One and the list of data breaches goes on. Cryptocurrency exchanges have also been targets. It is the obvious draw and lure.


Wall Street firms and funds with blockchain and cryptocurrency investments are at greater risk.
Security departments have been are aware of the increasing scope of ransomware and attacks overall. 
Email phishing campaigns leverage the same access point with a much greater risk today.

In cases were wallets were left online and in the hot location they would be vulnerable to hacks and loss. In a breach you could lose everything and many exchanges and companies did. Old emails tied to old crypto accounts were consistent avenues in my research here even though the accounts were minimal and idle.

I closed one unnamed firms account two years ago and attempts have been made to reopen it and not of my request.



Beware of phishing and ID theft with your digital wallets.
Use secure 2FA and secure your digital wallets. The colder the better. 


By now everyone should be aware of and use a secure 2FA app at a minimum. Secure your phone, data and all access points and cold store and remotely secure to mitigate losses.

Bleeping Computer had a great article  yesterday, December 2nd in reference to phishing attempts against the financial industry and fake FINRA website set up in a lure. Bleeping Computer
Bad actors are increasing their activity towards Wall Street as you read this. 

It is the obvious next grab. Go to where the coins are. Wall Street funds, firms and people have been phishing targets for many many years and now the stakes are even higher. 

Be aware of phishing campaigns and someone socially engineering their way to your digital assets. 

Everything is hackable.



Beware of new Bitcoin phishing scams.
Beware of Bitcoin email phishing scams.


Patch, update, back up and secure. 


The Cyber Show on Google Blogger. https://www.TheCyberShow.blogspot.com

The Cybersecurity Show and The Cyber Show on Google Blogger and YouTube.


Stay safe, secure and well informed. Stay one step ahead. 

Dominic Alvieri, @AlvieriD
Researcher, Analyst and Tracker, @AlvieriD





The Cybersecurity Show on Blogger
The Cyber Show YouTube Channel
Dominic Alvieri, @AlvieriD

Comments

Post a Comment

Popular posts from this blog

2020 Software is Killing

Image
   Ransomware leads to death.         By Dominic Alvieri, @AlvieriD    September 22nd, 2020.     Did anyone notice ransomware literally just killed someone?     Ransomware just got upgraded to Murderware. German police are treating the cybersecurity event as a homicide. A lifesaving surgery was cancelled at the last minute in Dusseldorf University Hospital on Wednesday, September 9th due to a ransomware attack on the hospital. The patient was immediately rerouted to the next hospital available about 20 miles away. The patient passed away during the ambulance trip. The digital footprints are familiar.  Reports allege that the attack intended to attack a university (Heinrich Heine University) and redirected to Dusseldorf University Hospital. A woman was arriving for a lifesaving procedure when the ransomware attack took down the hospitals IT systems.  The vulnerability in question is a Citrix VPN appliance controll...
Read more

Something New to Cring About

Image
New Cring and a Ransomware Record,  Acer Ransom Doubles to $100,000,000.00 By Dominic Alvieri April 9th, 2021 DoppelPaymer, Egregor, REvil and Ryuk The deadline has come and gone and with it a cool $50 Million more. 2021 has started off where 2020 left off with a new ransomware record. Acer,  Shell, T-Mobile, US Cellular and Molson Coors have all also been targets of ransomware this year.  REvil holds the current record request...for now. Ransomware targets in 2021. Phishing is still the number one entry for malware. Email phishing is still the number one entry point for ransomware and industry reports 90% of all malware access is initially placed by gaining access to corporate networks is through phishing. Antivirus is no longer enough to protect your network.  Blacklist the items? Reactive management won't suffice. How can you blacklist the unknown? The whitelist is the target. Corporate mailing lists, executives, vendors, invoices... Visit CISA.gov for more on how...
Read more

The STABLE Act has Facebook, Bitcoin Buying Non Fungible?

Image
The STABLE Act is Coming. What is a Coin, What is a Token? By Dominic Alvieri, @AlvieriD November 20th, 2020 The Crypto Craze. The proposed STABLE Act will require stablecoin issuers to have a banking charter and report holdings. The STABLE Act may be coming soon. Additional reporting and disclosure of assets securitizing stablecoins is a move in the right direction for security sake. You probably have heard Bitcoin is an investment or a store of value . You may have also heard most ransomware is paid in Bitcoins. Do you know the difference between a coin and a token? Do you know about different blockchains? Do you know what fungible means? What or who is backing your stablecoins? Bitcoin, Ethereum, Ripple and stablecoins are not all created equal. Bitcoin is a digital currency to invest, hold or purchase in exchange for goods or services much the way a dollar in the local store would. Your one dollar or Bitcoin is fungible or able to replace or is interchangeable or equal to the next ...
Read more