"Cybercrime is an evolution, not a revolution," says Europol's Philipp Amann, who oversees the EU law enforcement intelligence agency's annual study of the latest cyber-enabled crime trends. Ransomware, social engineering and the criminal abuse of cryptocurrency and encryption are some of the top threats.
The Treasury Department has fined the owner of two bitcoin "mixing" sites $60 million for violating anti-money laundering laws. It's the first time the department's Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
In October, Nacha will launch the Payment Information Exchange Platform, or Phixius, a secure network of linked credentialed service providers designed to improve data exchange for payments to help fight fraud. George Throckmorton of Nacha explains how it works.
Two Russian nationals have been charged with using phishing techniques and spoofed domains to steal over $16 million from three cryptocurrency exchanges in 2017 and 2018, according to the U.S. Justice Department.
The pandemic has accelerated the shift to e-commerce and raised new concerns about the use of paper money. Jim Cunha of the Federal Reserve Bank of Boston describes a collaborative research project with the Massachusetts Institute of Technology to determine the feasibility of a digital alternative.
The U.S. Justice Department has filed a civil forfeiture complaint in an effort to recover millions in cryptocurrency from 280 accounts that allegedly was stolen by North Korean hackers. Prosecutors believe much of the money was laundered through Chinese exchanges.
The operators behind the "Lemon Duck" cryptominer have developed new techniques to better target enterprise-grade Linux systems, according to Sophos. In the latest cases, potential victims are spammed with COVID-19-themed emails.
The Lazarus Group, which has ties to the North Korean government, recently targeted an employee of a cryptocurrency exchange with a fake job offer in order to plant malware and steal virtual currency, according to F-Secure.
A P2P botnet dubbed "FritzFrog" has breached about 500 SSH servers, infecting universities in the U.S. and Europe and a railway company in an effort to plant cryptomining malware, Guardicore Labs reports. The botnet has also tried to infect banks, medical centers, governmental offices and others.
The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.
Any nationally chartered bank can now serve as a custodian of the cryptographic keys for a cryptocurrency wallet, according to a letter from the Office of the Comptroller of the Currency. James Wester of IDC analyzes the implications.
For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don't understand...
Police have confiscated $90 million from a company allegedly owned by Alexander Vinnik, who is accused of money laundering and defrauding individuals through BTC-e, a cryptocurrency exchange he controlled.