๐Ÿšจ FBI Creates Fake Cryptocurrency to Unmask Crypto Market Manipulation! ๐Ÿ’ฐ

Oct 18 2024

.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
.bh__table_cell { padding: 5px; background-color: #FFFFFF; }
.bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap: break-word; }
.bh__table_header { padding: 5px; background-color:#F1F1F1; }
.bh__table_header p { color: #2A2A2A; font-family:’Trebuchet MS’,’Lucida Grande’,Tahoma,sans-serif !important; overflow-wrap: break-word; }

Gone Phishing Banner

Welcome toย Gone Phishing, your daily cybersecurity newsletter thatโ€™s sending our love down the phishing well โค๏ธ๐ŸŽฃ๐Ÿ’€ All the way down!! ๐Ÿย 

Patch of the Week!ย ๐Ÿฉน

First thingโ€™s first, folks. Our weekly segment goes by many names. Patch of the Week, Tweak of the week. Okay, thatโ€™s itโ€ฆ ๐Ÿ˜ณย 

Congrats to Mozilla, the cybercriminals are no matchโ€ฆ for your patch! ๐Ÿฉน

Check out this freshly hatched patch ๐Ÿฃ

All Mozilla, no filler ๐Ÿค˜

๐Ÿšจ Critical Firefox Flaw Under Active Attack โ€“ Update Now!ย โš ๏ธ

Mozilla has patched a critical security vulnerability, CVE-2024-9680 (CVSS 9.8), impacting Firefox and Firefox ESR, which is being actively exploited in the wild! โš ๏ธ This use-after-free bug in the Animation timeline allows attackers to achieve remote code execution. ๐Ÿšจ๐Ÿ’ปย 

Discovered by ESETโ€™s Damien Schaeffer, the flaw is fixed in Firefox 131.0.2ย and ESR versions 128.3.1 and 115.16.1. While details on real-world attacks are sparse, this could be used in watering hole or drive-by download campaigns. ๐ŸŒ๐Ÿ”’

Even the Tor Browser has issued an emergency update to protect users from this threatย (version 13.5.7). Mozilla shipped the fix within 25 hours of disclosure! ๐Ÿ”ง๐Ÿ’ฅ Update now to stay safe from these active exploits! ๐Ÿ›ก๏ธ๐Ÿ”ฅย 

Now, on to this weekโ€™s hottest cybersecurity news stories:ย 

  • ๐Ÿ•ต๐Ÿป FBI creates fake cryptocurrency to expose crypto corruption ๐Ÿ‘จ๐Ÿปโ€๐Ÿ’ป

  • ๐Ÿš€ N. Korean ScarCrufts spreads RokRAT via Windows zero-day ๐Ÿ€

  • ๐ŸŽฃ Brazil spearโ€“phished by resurfaced Astaroth banking malware ๐Ÿ’ธ

FBI, Robotโ€ฆ ๐Ÿค–

๐Ÿšจ FBI Creates Fake Cryptocurrency to Unmask Crypto Market Manipulation! ๐Ÿ’ฐ

๐Ÿ’ฅ Crypto scammers, watch out! In a bold move, the FBI has taken down a widespread crypto fraud operation by creating a fake cryptocurrency, NexFundAI, to expose shady market manipulation. ๐Ÿ•ต๏ธโ€โ™‚๏ธ

๐Ÿ› ๏ธ How It Worked

As part of Operation Token Mirrors, the FBI launched NexFundAI, a fake crypto token marketed as a bridge between finance and artificial intelligence. However, it was secretly a sting operation designed to uncover illegal trading activities like wash trading and pump-and-dump schemes. ๐ŸŽฃ

๐Ÿ” Wash Trading Explained

In this scam, companies involved in the operation made fake trades with their own tokens to artificially inflate prices. This created a false sense of value, tricking investors into buying in, only for the fraudsters to sell at a profit, leaving everyone else in the dust. ๐Ÿ’ฅ๐Ÿ’ธ

๐Ÿ›‘ Who Got Caught?

The crackdown has led to charges against 18 individuals and entities, including market makers like ZM Quant and CLS Global, who conspired to manipulate prices. So far, $25 million in cryptocurrency has been seized, and several key players arrested in the U.S., U.K., and Portugal.

๐Ÿ’ผ Whatโ€™s the Damage?

Fraudulent companies exploited investors by promising big returns, but it was all smoke and mirrors. Pump-and-dump scams flooded the market with fake value, leaving unsuspecting buyers with worthless assets.

โš ๏ธ Stay Alert!

As the crypto market continues to grow, so do scams. Remember: not all that glitters is Bitcoin! Protect yourself from market manipulation by staying informed and cautious. ๐Ÿšจ

๐Ÿ“ˆ Supercharge Your Bitcoin: 15%+ APY + Multiple Points Multipliers

๐Ÿš€ Earn 15%+ APY on BTC + 3X Lombard Points
๐Ÿ’ฅ MORE points: Babylon, Symbiotic & Corn, Etherfi Veda, and VCX
๐Ÿ”ฅ $300K VCX pool + 2X multiplier in week 1 – Act fast!

Join now!

N. Korean Scarts and Crufts ๐ŸŽจย 

๐Ÿšจ North Korean Hackers Exploit Windows Flaw to Spread RokRAT Malware! ๐Ÿ–ฅ๏ธ๐Ÿ’ฅ

๐Ÿ”“ ScarCruft Strikes Again! The North Korean threat group ScarCruft (aka TA-RedAnt) has been caught exploiting a zero-day flaw in Windows, using it to spread the dangerous RokRAT malware. ๐Ÿšจ

๐Ÿ› ๏ธ The Vulnerability

The bug, known as CVE-2024-38178, is a memory corruption flaw in Windows' Scripting Engine with a CVSS score of 7.5. The vulnerability allows for remote code execution when users open a malicious link in Edge's Internet Explorer mode. It was patched in August 2024, but attackers were quick to exploit it before the update.

๐Ÿ“ฉ Operation Code on Toast

The attack, dubbed Operation Code on Toast by South Korean cybersecurity researchers, targeted toast ads (pop-up notifications) bundled with free software in Korea. Threat actors compromised an ad server and injected malicious code into the ad content to infect users. ๐Ÿ”ฅ

๐Ÿฆ  RokRAT Malware in Action

Once the vulnerable toast program downloaded the infected ad, users were hit with RokRAT. This malware can spy on your files, control your processes, and steal data from apps like KakaoTalk, WeChat, and web browsers. What makes it even sneakier? It uses trusted cloud services like Dropbox and Google Cloud to communicate with its command-and-control server, blending in with regular traffic. ๐ŸŒฉ๏ธ

๐Ÿ” Stay Safe!

ScarCruft has a history of exploiting Internet Explorer flaws. To protect yourself, always keep your system and software up to date, especially if you're using any legacy programs. Hackers are always evolvingโ€”donโ€™t let your system become their next target! ๐ŸŽฏ

Maximize BTC: 15%+ APY & Jaw-Dropping Point Multipliers

๐Ÿ’ฐ Supercharge BTC: 15%+ APY & 3X Lombard Points
๐ŸŒŸ Point bonanza: 1X Babylon, 0.75X Symbiotic & Corn, 2.25X Etherfi & Veda, Upto 2X VCX
โฐ $300K VCX rewards + 2X week 1 multiplier – Limited time!

Deposit now!

Itโ€™s the AstaRothstein of banking malware ๐Ÿง”๐Ÿปย 

๐Ÿšจ New Spear-Phishing Campaign Targets Brazil w/ Astaroth Banking Malware ๐Ÿ’ฐ๐Ÿ’ป

๐Ÿ›‘ Brazil Under Attack! A spear-phishing campaign targeting various industries in Brazil is spreading the notorious Astaroth banking malware (also known as Guildma) through obfuscated JavaScript to evade security defences. ๐Ÿฆ 

๐Ÿ’ผ Targeting Businesses and Government

The attack, dubbed Water Makara by Trend Micro, has been aimed at manufacturing companies, retail firms, and government agencies, using fake tax document emails to trick victims. Posing as official messages from Receita Federal, the emails urge recipients to download malware disguised as personal income tax files. ๐Ÿ“‘

๐Ÿ’ฃ How It Works

The phishing emails deliver a ZIP file containing a malicious Windows shortcut (LNK), which exploits the legitimate mshta.exe utility to run obfuscated JavaScript. This sneaky script connects to a command-and-control (C2) server, where the real damage beginsโ€”infecting devices with the evolving Astaroth malware. ๐Ÿ”—

๐Ÿฆ Astaroth Banking Trojan

Though Astaroth has been around for a while, itโ€™s still evolving and continues to be a serious threat. Once on your system, the malware steals sensitive banking data, leading to financial losses and long-term damage to consumer trust. It also causes business disruptions, from downtime to recovery costs, making it a major headache for affected companies. ๐Ÿ˜จ

๐Ÿ›ก๏ธ Top Tips

To protect yourself from this and similar attacks, make sure to:

  • Enforce strong password policies ๐Ÿ”‘

  • Use multi-factor authentication (MFA) ๐Ÿ”

  • Keep your software and security solutions updated ๐Ÿ›ก๏ธ

  • Apply the principle of least privilege (PoLP) to minimise risk ๐Ÿ“‰

๐Ÿšซ Don't let your business fall victim to Water Makara! Stay vigilant and cautious with any unsolicited emails, especially those that seem urgent or too official. ๐Ÿ’ผ

๐Ÿ—ž๏ธ Extra, Extra! Read all about it! ๐Ÿ—ž๏ธ

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ›ก๏ธ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday ๐Ÿ“…

  • ๐Ÿ’ตCrypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for ๐Ÿ†“

  • ๐Ÿ“ˆBitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future ๐Ÿ‘พ

Let us know what you think.

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles