Google has obtained a court order to take down websites involved in distributing malware. The malware, named CryptBot, likely infected over 670,000 devices in 2022. More: - The websites were impersonating legitimate businesses and were using social engineering tactics to lure users into downloading and installing malware that was designed to steal sensitive information.
- The court order was granted under the Computer Fraud and Abuse Act, which makes it illegal to engage in computer-related fraud and other malicious activities.
- Google's efforts to take down these websites are part of its ongoing fight against online threats and to protect its users from malware and other malicious activities.
- The campaign specifically targets Windows devices.
- Google has advised its users to be cautious of suspicious activity and to take measures to protect their devices and data from online threats.
| |
 A hacker has allegedly leaked the data of around 20,000 Bitcoin wallets from Russia on the dark web. The threat actor responsible for the breach has yet to be tracked. - The leaked data includes:
- wallet IDs,
- passwords,
- and wallet balances of the affected users.
- Some reports claim that the threat actor may have stolen or burned around $300,000 worth of cryptocurrency.
- The authenticity of the data leak has not been confirmed, and it is still unclear how the threat actor was able to pull off the hacking campaign.
- Some reports claim that the leak might have come from a data breach in a Russian Bitcoin exchange or service.
Zoom Out: - Security researchers claim that says at least three of the allegedly Russian wallet addresses have been linked to Russia by third parties before.
- Two of them were said to be involved in the Solarwinds attack, and a third paid for servers used in Russia's 2016 election disinformation campaign.
| |
 A message from QA WOLF In-house QA takes years to scale. QA Wolf takes weeks. Stop dreading whether your next release is ready to ship — get zero-effort, automated end-to-end testing done for you by the experts at QA Wolf. - Tests are written in Playwright — no vendor lock-in
- Run your entire test suite in parallel an unlimited amount of times on QA Wolf's infrastructure
- 24/5 bug investigation and maintenance with a Zero Flake Guarantee
- Integrated into your CI/CD
- In-house engineers based in the US, UK, and Australia
Start a 90-day pilot
| |
Sen. Ted Cruz (R-Texas) has stated that Central Bank Digital Currencies could be used to monitor transactions and enable governments to infringe on privacy rights. Cruz added that he is bullish on Bitcoin. More: - Cruz argued that CBDCs, which are digital versions of national currencies, could be used to replace Bitcoin and other cryptocurrencies, ultimately destroying their value.
- He mentioned China's efforts to create a digital version of the yuan as an example of how CBDCs could be used to control and monitor financial transactions.
- Cruz also expressed concern that CBDCs could lead to increased government surveillance and infringement on personal privacy.
- His comments, however, were considered inaccurate by some industry experts who argue that CBDCs and cryptocurrencies can coexist and serve different purposes.
Zoom Out: - These comments come at a time when government authorities and regulators are heavily criticizing the cryptocurrency industry.
- Since the bankruptcy of FTX, crypto companies have been criticized for their perceived lack of transparency and regulatory adherence.
| |
Vietnam-based hackers are reportedly using malicious advertising to distribute malware. The hackers have been active at least since 2019. More: - The hackers are using social engineering tactics to trick users into clicking on fake ads, which then redirect them to sites hosting malware.
- Once victims click on those posts/links, a malicious ZIP file is downloaded to their computers.
- A browser window popup with a decoy website is then shown to the victim as the stealer deploys, executes, and gains persistence to steal cookies, accounts, crypto-wallets, and more.
- The malware being distributed includes:
- keyloggers,
- remote access,
- trojans,
- and crypto-jacking software.
- The group is believed to be using a number of different attack methods, such as:
- spear-phishing,
- unpatched vulnerability exploitation,
- business email compromise, etc.
- Researchers have recommended users be careful when clicking on ads and use ad blockers to help prevent malware infections.
| |
 A message from IMPACT Ready to grow your business through influencer partnerships? Get our great visual guide to the essential stages of influencer partnerships, and get more from your influencers from day one. Check Out The Infographic
| |
Security researchers have tracked Advanced Persistent Threat groups expanding their operations to multiple new regions. The most persistent activity was tracked in South America and Southeast Asia. More: - APT groups are known for their sophisticated and persistent attacks on high-value targets, such as government agencies and major corporations.
- The expansion of their operations to new regions indicates that APT groups are becoming more global and are targeting new areas to increase their reach.
- APT groups are using a variety of tactics, including:
- phishing attacks,
- social engineering,
- unpatched bug abuse,
- ransomware, etc.
- Researchers claim that the Go, Rust, and Lua programming languages are currently some of the most used ones by hackers.
- To protect against APT attacks, researchers advise organizations to update their software regularly, train their employees, and use advanced threat detection and response tools.
| |
Cybersecurity solutions company AaDya Security has raised a $5M Series A funding round. Left Lane Capital led the funding round. More: - The company offers a range of cybersecurity services, such as:
- Threat detection and response,
- security information and event management,
- and vulnerability management.
- Aadya's services aim to help organizations of all sizes protect their digital assets from cyber threats, including malware, ransomware, and phishing attacks.
- Aadya plans to use the funding to expand its team and continue to develop its cybersecurity offerings, with a focus on helping small and medium-sized businesses improve their security posture.
- 645 Ventures, Firebrand Ventures, Gaingels, and Invest Detroit also participated in the round.
| |
Quick Hits: - This app makes it easy (and fun) to level up fast in math, data, and CS. Try it free for 30 days + get 20% off an annual premium subscription.*
- Cybersecurity company France-based Bastion Technologies has raised a $2.8M Seed round led by Frst, Global Founders Capital, Kima Ventures, Motier Ventures, and angel investors. Bastion was founded by former Palantir employees.
- A group named Anonymous Sudan has continued its cyberattacks against Israeli institutions.
- A ransomware group is believed to have leaked personal student information such as names, birthdays, and mental health records that belong to students in Minneapolis.
- Unleash Google Cloud's full potential! Learn with step-by-step recipes in the GCP Cookbook. Download your copy now.*
*This is sponsored content.
| |
Upcoming events at Inside: - April 27 - Inside Marketing Coffee Break w/Jacob Bowman (Paloma Studios) (Register Here)
- April 27 - Inside.com Book Club - REWORK by 37signals (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
QA Wolf gets web apps to 80% automated end-to-end test coverage in weeks, not years. | |
| |
