Breaking News: Four Charged in $80 Million Crypto Scam! ๐Ÿšจ

Dec 19 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that reckons cybercriminals would feel right at home in the House of Lords #MichelleMone ๐Ÿ‘€๐Ÿ˜ฌ๐Ÿ’€

Todayโ€™s hottest cybersecurity news stories:

  • ๐Ÿ‘ฎ Lu Zhang among 4 charged in US for $80m pig butchering scam ๐Ÿท

  • ๐Ÿ›๏ธ CISA begs manufacturers to ditch default passwords on systems ๐Ÿ”“

  • ๐Ÿ‘จโ€๐Ÿ’ป Introducing Rhadamanthys, the โ€˜swiss army knifeโ€™ of info-stealers ๐Ÿด

The (US) Police: I canโ€™t, I canโ€™t, I canโ€™t stand Lu Zhang ๐ŸŽถ๐Ÿ˜๐Ÿ‘ฎ๐ŸŽธ๐Ÿฆ‚

๐Ÿšจ Breaking News: Four Charged in $80 Million Crypto Scam! ๐Ÿšจ

The U.S. Department of Justice (DoJ) has nabbed Lu Zhang, Justin Walker, Joseph Wong, and Hailong Zhu for their roles in a cryptocurrency investment scam. The quartet faces charges of money laundering, including concealing and international money laundering.

โš–๏ธ 20 years in prison โš–๏ธ

๐Ÿ” The DoJ revealed the scam involved opening shell companies and bank accounts for pig butchering schemes, with over $80 million in victim losses. Zhang and Walker could face 20 years in prison if convicted, while co-conspirators remain at large.

๐Ÿ’” What becomes of the broken hearted? ๐Ÿ’”

Pig butchering scams, a type of romance-investment scam, exploit victims through dating apps, promising high returns. Scammers then vanish or create new identities, making recovery difficult.

๐Ÿ’ผ Emerging Trends ๐Ÿ’ผ

Scammers adapt using group chats, luring victims into fake investment groups. The FBI reports a staggering $2.57 billion in losses to crypto scams in 2022, up 183% from 2021. Cybercriminals leverage leaked databases for personal info, highlighting the need for vigilance.

๐Ÿ›ก๏ธ Stay Informed, Stay Safe ๐Ÿ›ก๏ธ

Be cautious online, verify investments, and report suspicious activity to protect yourself and others from falling victim to crypto scams. ๐ŸŒ๐Ÿ’ป

The best eye and brain candy curated from all corners of the web

No news. No politics. No BS.

Just the good stuff

100% Free

Fairplay, canโ€™t default them for that ๐Ÿ˜

๐Ÿ” Cybersecurity Alert! ๐Ÿšจ CISA Urges Action Against Default Password Risks!

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm on manufacturers using default passwords, posing severe risks of exploitation. Iranian threat actors linked to the Islamic Revolutionary Guard Corps are targeting operational technology with default passwords, gaining access to critical infrastructure in the U.S.

๐Ÿค– Default Password Danger ๐Ÿค–

Threat actors can exploit publicly known default passwords, gaining root access and causing havoc. CISA recommends manufacturers adopt secure design principles, provide unique setup passwords, disable them after a set period, and enforce phishing-resistant multi-factor authentication (MFA).

๐Ÿ›ก๏ธ Top Tips ๐Ÿ›ก๏ธ

CISA advises vendors to conduct field tests, bridging the gap between developer expectations and actual product usage. Meanwhile, it's crucial for organisations to:

  • Enforce strong passwords and phishing-resistant MFA

  • Review and limit running ports, protocols, and services

  • Configure service accounts with minimal necessary permissions

  • Change all default passwords

  • End the reuse or sharing of administrative credentials

  • Implement consistent patch management

  • Establish network segregation controls

  • Evaluate and discontinue unsupported hardware and software

  • Encrypt sensitive data like personally identifiable information (PII)

๐ŸŒ Stay Secureย ๐ŸŒ

CISA's guidance comes amid rising cyber threats, emphasising the importance of proactive measures to safeguard critical infrastructure.

๐ŸŽฃ Catch of the Day!! ๐ŸŒŠ๐ŸŸ๐Ÿฆž

๐Ÿƒย The Motley Fool: โ€œFool me once, shame on โ€” shame on you. Fool me โ€” you can't get fooled again.โ€ Good olโ€™ George Dubya ๐Ÿ˜‚ Let us tell whoโ€™s not fooling around though; thatโ€™s the Crรผe ๐Ÿ‘€ at Motley Fool. Youโ€™d be a fool (alright, enough already! ๐Ÿ™ˆ) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ๐Ÿ› Kidding aside, if you check out their website theyโ€™ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ๐Ÿค‘ย (LINK)


๐Ÿšตย Wander: Find your happy place. Cue Happy Gilmore flashback ๐ŸŒ๏ธโ›ณ๐ŸŒˆ๐Ÿ•Š๏ธ Mmmm Happy Placeโ€ฆ ๐Ÿ˜‡ So, weโ€™ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itโ€™s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ๐Ÿž๏ธ๐Ÿ˜ย (LINK)


๐ŸŒŠย Digital Ocean: If you build it they will come. Nope, weโ€™re not talking about a baseball field for ghosts โšพ๐Ÿ‘ป๐Ÿฟ (Great movie, to be fair ๐Ÿ™ˆ). This is the Digital Ocean whoโ€™ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youโ€™ll find yourself catching the buzz even if you canโ€™t code (guilty ๐Ÿ˜‘). But if you can and youโ€™re looking for somewhere to test things out or launch something new or simply enhance what youโ€™ve got, weโ€™d recommend checking out their services foโ€™ sho ๐Ÿ˜‰ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ๐ŸŒฟย (LINK)

Rhadical dude ๐Ÿ˜Ž๐Ÿ„๐Ÿค™

๐Ÿšจ Malware Alert: Rhadamanthys Evolves with New Threats! ๐Ÿฆ 

Cybersecurity researchers have uncovered alarming developments in the information stealer malware, Rhadamanthys. In a recent deep dive, Check Point revealed that the malware's developers are actively enhancing its features, introducing a plugin system for greater customization.

๐Ÿ› ๏ธ MaaS Model and Evolution ๐Ÿ› ๏ธ

Initially documented in October 2022 and sold under the malware-as-a-service (MaaS) model, Rhadamanthys is continuously evolving. The malware, distributed through malicious sites mimicking genuine software, harvests sensitive data from web browsers, crypto wallets, email clients, VPNs, and more.

๐Ÿ” Latest Features ๐Ÿ”

Rhadamanthys version 0.5.2 boasts a new plugin system, making it a versatile tool for malicious actors. The update allows customers to tailor additional tools to their targets, marking a shift towards modularization. The malware includes active components for process manipulation and passive components for credential retrieval.

๐Ÿงฉ Swiss Army Knife of Malware ๐Ÿงฉ

The malware's use of a Lua script runner, capable of loading up to 100 scripts, emphasises its multifunctionality. It targets cryptocurrency wallets, email agents, FTP services, instant messengers, and more. Version 0.5.1 introduces a clipper function to divert cryptocurrency payments and recover Google Account cookies.

๐Ÿ›ก๏ธ Risks and Mitigation ๐Ÿ›ก๏ธ

The evolving nature of Rhadamanthys poses a serious threat, and users are urged to stay vigilant. Check Point recommends staying updated on security measures and adopting a proactive approach to cybersecurity.

๐Ÿ‘พ Stay Protected ๐Ÿ‘พ

As malware continues to evolve, it's crucial to implement robust security practices. Regularly update security measures, employ reliable antivirus software, and exercise caution while interacting online. ๐Ÿ›‘๐Ÿ”’

๐Ÿ—ž๏ธ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.

  • Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles