Build-A-Scam: prepare for kopycat attacks ๐Ÿ˜

Nov 27 2023

Gone Phishing Banner

Welcome to Gone Phishing, your cybersecurity newsletter that wishes cybercriminals hibernated for the winter ๐Ÿป๐Ÿ’ค๐Ÿ™ƒ

Todayโ€™s hottest cybersecurity news

  • ๐Ÿค– โ€˜Telekopyeโ€™ Telegram bot crafts phishing attacks en masse ๐ŸŽฃ

  • ๐Ÿ‘ณโ€โ™‚๏ธ Hamas uses Rust-powered โ€˜SysJokerโ€™ backdoor on Israel โœก๏ธ

  • ๐ŸŽฉ Introducing Rug Pull schemes: one crypto investor lost $1m ๐Ÿ’ฐ

Build-A-Scam: prepare for kopycat attacks ๐Ÿ˜

 

giphy.com

 

๐Ÿ” Beware of Telekopye: Unveiling a Malicious Telegram Bot! ๐Ÿ”

๐Ÿšจ New Threat Alert! Security experts have uncovered Telekopye, a sinister Telegram bot used by a group dubbed “Neanderthals” for large-scale phishing scams. ๐Ÿค–๐ŸŽฃ

๐ŸŒ How it Works: Telekopye crafts phishing websites, emails, SMS messages, and more, with Neanderthals running a criminal enterprise under the guise of a legitimate company. They recruit aspiring Neanderthals through underground forums, utilising Telegram channels for communication.

๐Ÿฆด Neanderthal Roles: The Neanderthal operation employs a hierarchical structure with different members handling various roles. Their ultimate goal is to execute scams categorised as sellers, buyers, or refunds.

๐Ÿ•ต๏ธโ€โ™‚๏ธ Scam Tactics: Neanderthals, posing as sellers or buyers, trick victims into purchasing non-existent items or divulging financial details. Refund scams involve duping victims a second time under the pretext of offering refunds.

๐Ÿ’ธ Illicit Profits: Telekopye, also known as Classiscam, has reportedly earned criminal actors $64.5 million since 2019, according to cybersecurity firm Group-IB.

๐Ÿ”’ Stay Vigilant: Neanderthals use web scrapers, VPNs, proxies, and TOR to stay anonymous. They even delve into real estate scams, creating bogus apartment listings to deceive victims.

๐Ÿšซ Protect Yourself: Be cautious of suspicious transactions, verify details, and report any unusual activity. Stay informed to avoid falling prey to these evolving cyber threats.

๐Ÿ‘ฉโ€๐Ÿ’ป Stay Cyber Smart! Your safety is our priority. Share this information with friends and family to create awareness about the Telekopye threat. ๐ŸŒ๐Ÿ›ก๏ธ

 

Clean your Mac or PC

 

Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.

That’s where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:

  • Remove junk files and malware to free up space and improve performance

  • Protect your privacy by erasing sensitive data

  • Optimize your startup settings to speed up boot times

  • Manage your extensions and apps to keep your Mac or PC running smoothly

Since 2008 MacPaw is trusted by over 30 million users worldwide, and it’s the perfect solution for keeping your Mac or PC safe and secure.

Hamas be some kinda way outta here, said SysJoker to Israelย ๐ŸŽถ

 

giphy.com

 

๐ŸŒ SysJoker Alert: New Threat in Cyber Warfare! ๐Ÿšจ

Cybersecurity experts have uncovered a Rust version of the cross-platform backdoor SysJoker, linked to a Hamas-affiliated threat actor targeting Israel amid regional tensions. ๐Ÿค–๐Ÿ”

๐Ÿ”„ Notable Changes: The malware’s shift to Rust language suggests a complete rewrite, maintaining similar functionalities. The threat actor transitioned from Google Drive to OneDrive for storing dynamic command-and-control server URLs.

๐Ÿ”’ Cross-Platform Threat: SysJoker, documented by Intezer in January 2022, is a cross-platform backdoor capable of system info gathering and remote command execution, affecting major platforms.

๐Ÿ”„ Evolutionary Tactics: The Rust variant employs random sleep intervals to evade sandboxes. Using OneDrive allows attackers to easily change the command-and-control address, maintaining consistency across different versions.

๐ŸŒ Connection Strategy: After establishing contact with the server, SysJoker awaits additional payloads for execution on compromised hosts.

๐Ÿงฉ Complex Windows Samples: Check Point discovered two intricate SysJoker samples for Windows, one utilising a multi-stage execution process.

๐Ÿ›‘ Possible Attribution: While SysJoker hasn’t been formerly attributed, evidence suggests overlaps with malware used in Operation Electric Powder, linked to a Hamas-affiliated threat actor named Molerats.

๐Ÿš€ Stay Informed: Stay vigilant against evolving cyber threats. Share with your network to raise awareness! ๐ŸŒ๐Ÿ›ก๏ธ

๐ŸŽฃ Catch of the Day!! ๐ŸŒŠ๐ŸŸ๐Ÿฆž

๐Ÿƒย The Motley Fool: โ€œFool me once, shame on โ€” shame on you. Fool me โ€” you can’t get fooled again.โ€ Good olโ€™ George Dubya ๐Ÿ˜‚ Let us tell whoโ€™s not fooling around though; thatโ€™s the Crรผe ๐Ÿ‘€ at Motley Fool. Youโ€™d be a fool (alright, enough already! ๐Ÿ™ˆ) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ๐Ÿ› Kidding aside, if you check out their website theyโ€™ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ๐Ÿค‘ย (LINK)


๐Ÿšตย Wander: Find your happy place. Cue Happy Gilmore flashback ๐ŸŒ๏ธโ›ณ๐ŸŒˆ๐Ÿ•Š๏ธ Mmmm Happy Placeโ€ฆ ๐Ÿ˜‡ So, weโ€™ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itโ€™s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ๐Ÿž๏ธ๐Ÿ˜ย (LINK)


๐ŸŒŠย Digital Ocean: If you build it they will come. Nope, weโ€™re not talking about a baseball field for ghosts โšพ๐Ÿ‘ป๐Ÿฟ (Great movie, to be fair ๐Ÿ™ˆ). This is the Digital Ocean whoโ€™ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youโ€™ll find yourself catching the buzz even if you canโ€™t code (guilty ๐Ÿ˜‘). But if you can and youโ€™re looking for somewhere to test things out or launch something new or simply enhance what youโ€™ve got, weโ€™d recommend checking out their services foโ€™ sho ๐Ÿ˜‰ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ๐ŸŒฟย (LINK)

Hackers: Alright, letโ€™s Pull the Rug ๐Ÿ‘€ Itโ€™s the new pumpโ€™nโ€™dump ๐Ÿ’€

 

giphy.com

 

๐ŸŒ Alert: Rug Pull Scam Strikes Again! ๐Ÿšจ

๐Ÿ” Check Point’s Intel Blockchain System Exposes $1M Deception! The relentless threat of Rug Pullsโ€”deceptive tactics causing financial havoc for investorsโ€”is back in the spotlight, with Check Point’s Threat Intel Blockchain system uncovering a sophisticated scheme.

๐Ÿ’ผ Scam Details: The identified wallet address, 0x6b140e79db4d9bbd80e5b688f42d1fcf8ef9779, orchestrated a scam involving the creation of counterfeit tokens like GROK 2.0. The scammer injected funds into the token pool, simulating trading activities to attract investors.

๐Ÿ“ˆ Illusion of Legitimacy: Simulated trades between WETH cryptocurrency and GROK token created a facade of market activity, luring investors. Once a critical mass was reached, the scammer swiftly pulled liquidity from the token pool, causing substantial losses.

๐Ÿ•ต๏ธโ€โ™‚๏ธ Sophisticated Setup: Behind the scenes, two smart contracts played crucial roles in boosting token volume through strategic swaps.

๐Ÿ’ก Investor Reminder: Check Point emphasises the inherent risks in the crypto market, urging constant vigilance and due diligence. “Understanding scam tactics is crucial for creating a safer crypto environment,” the company stated.

๐Ÿš€ Stay Informed and Vigilant: As the crypto landscape evolves, awareness is key. Learn from incidents like these to contribute to a more secure crypto space. ๐Ÿ’ป๐Ÿ›ก๏ธ

๐Ÿ—ž๏ธ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.

  • Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles