Nov 29 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter thatโs happy for the Indian miners but canโt help wondering whoโs going to save the crypto-miners who are constantly being hacked by cybercriminals ๐ณย
Todayโs hottest cybersecurity news stories:ย ย
๐ฃ Plenty more phish in the sea. How hackers phish and sell credentials ๐จโ๐ปย
๐ N. Korean hackers and mixing and Macintoshing to evade detectionย ๐ญย
๐ค Serial scammer caught red-handed, ordered to pay back $1.2m. Oops ๐ฐย
Did you know that stolen account credentials are the golden ticket for cybercriminals? ๐ฑ According to the 2023 Verizon Data Breach Investigation Report, external parties caused 83% of breaches, and a whopping 49% involved stolen credentials! ๐จย
๐ฃ Phishing on the Rise ๐ฃย
Phishing, a major player in cyber threats, is evolving! Threat actors are no longer just using emails. Now, they're hitting us with multi-channel attacks using texts, voicemails, and AI-driven personalised messages. ๐ฑ๐ง๐คย
๐ก๏ธ Phishing-as-a-Service (PhaaS) ๐ก๏ธย
Even without hacking skills, anyone can jump on the credential theft bandwagon thanks to PhaaS! ๐ญ W3LL's BEC phishing ecosystem and Greatness phishing kit are causing havoc, infiltrating thousands of accounts and raking in big bucks. ๐ธย
๐ผ Underground Markets Boom ๐ผย
The dark web is buzzing with over 24 billion credentials for sale! ๐ Prices vary, but stolen credentials mean serious business. The risks multiply when users reuse passwords across accounts.ย
๐จ Financial Gain Drives Threats ๐จย
Remember, financial gain is the game! After stealing credentials, threat actors can wreak havoc, but often, they sell the loot to others who execute the attacks later. ๐ย
๐ก๏ธ Stay Secure with Specops Password Policy! ๐ก๏ธย
Protect your organisation! Use Specops Password Policy to block compromised passwords, enforce strong policies, and fortify your password infrastructure. ๐ฐ Try it free here!ย
What steps are YOU taking to secure user credentials? Let's fortify our defences together! ๐ก๏ธ๐ชย
Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.
That's where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:
Remove junk files and malware to free up space and improve performance
Protect your privacy by erasing sensitive data
Optimize your startup settings to speed up boot times
Manage your extensions and apps to keep your Mac or PC running smoothly
Since 2008 MacPaw is trusted by over 30 million users worldwide, and it's the perfect solution for keeping your Mac or PC safe and secure.
๐ Theyโre a โMixing and Matchingโ menace. Hold on tight! The notorious Lazarus Group, the masterminds behind macOS malware RustBucket and KANDYKORN, are now "mixing and matching" elements from both in a devious move. ๐ฑ SentinelOne uncovered this dangerous trend, revealing the use of RustBucket droppers to deliver the formidable KANDYKORN. ๐คฏย
๐ป Attack Chains Unveiled ๐ปย
In the RustBucket realm, SwiftLoader, a backdoored PDF reader, acts as the gateway for a Rust-powered malware. Meanwhile, KANDYKORN hits crypto exchange platform engineers through Discord, unleashing a complex multi-stage attack. ๐ย
๐งฉ Puzzle Piece: ObjCShellz ๐งฉย
Enter ObjCShellz! The third player in this cyber drama, recently revealed by Jamf Threat Labs, acts as a remote shell executing commands from the attacker server. ๐ย
๐ SwiftLoader's Dual Role ๐ย
Hold the phone! SwiftLoader is not just for RustBucket; it's now distributing KANDYKORN too. North Korea's Lazarus Group seems to be sharing tactics and tools, making tracking and defence a real challenge. ๐ต๏ธโโ๏ธย
๐ Collaborative Adversaries on the Move ๐ย
The cyber landscape in North Korea has evolved into a streamlined organisation, with shared tools and tactics. A recent Mandiant report highlighted this collaborative approach, making the adversary more elusive and adaptable. ๐ย
๐ก๏ธ Stay Vigilant, Cyber Defenders! ๐ก๏ธย
As Lazarus subgroup Andariel exploits Apache ActiveMQ vulnerabilities, installing NukeSped and TigerRAT, the cybersecurity battlefield is heating up! ๐ฅย
Keep your defences strong, stay updated, and let's outsmart these cyber threats together! ๐ช๐ปย
๐ย The Motley Fool: โFool me once, shame on โ shame on you. Fool me โ you can't get fooled again.โ Good olโ George Dubya ๐ Let us tell whoโs not fooling around though; thatโs the Crรผe ๐ at Motley Fool. Youโd be a fool (alright, enough already! ๐) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ๐ Kidding aside, if you check out their website theyโve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ๐คย (LINK)
๐ตย Wander: Find your happy place. Cue Happy Gilmore flashback ๐๏ธโณ๐๐๏ธ Mmmm Happy Placeโฆ ๐ So, weโve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itโs easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ๐๏ธ๐ย (LINK)
๐ย Digital Ocean: If you build it they will come. Nope, weโre not talking about a baseball field for ghosts โพ๐ป๐ฟ (Great movie, to be fair ๐). This is the Digital Ocean whoโve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youโll find yourself catching the buzz even if you canโt code (guilty ๐). But if you can and youโre looking for somewhere to test things out or launch something new or simply enhance what youโve got, weโd recommend checking out their services foโ sho ๐ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ๐ฟย (LINK)
Brace yourselves for the scoop on Amir Hossein Golshan, a 25-year-old "serial cybercriminal and scammer" from Los Angeles! ๐ต๏ธโโ๏ธโจย
๐ SIM-Swap Shenanigans and More ๐ย
Golshan, dubbed a cyber maestro, pulled off SIM-swap attacks, hijacked social media accounts, committed Zelle payment fraud, and even impersonated Apple support. ๐ฑ๐ธย
๐ Behind Bars for Eight Years ๐ย
After pleading guilty to unauthorised access, wire fraud, and computer fraud, Golshan was sentenced to eight years in prison and ordered to pay over $1.2 million in restitution. โ๏ธ๐ฐย
๐ป Four Years of Digital Deception ๐ปย
Between 2019 and 2023, Golshan targeted "hundreds" with online scams, swindling a staggering $740,000 from over 500 victims! ๐๐ย
๐ฒ From Zelle Fraud to SIM Swapping ๐ฒย
Golshan started with Zelle merchant fraud on Instagram, offering fake services. He then escalated to SIM swapping, seizing control of victims' accounts and demanding ransom via WhatsApp. ๐๐ฌย
๐ Impersonating Apple Support ๐ย
In his cyber crime spree, Golshan impersonated Apple Support, infiltrating victims' iCloud accounts and looting digital wallets for NFTs and cryptocurrency. ๐ผ๐ฐย
โ ๏ธ Stay Vigilant Against Cyber Threats! โ ๏ธย
Golshan's crimes highlight the evolving landscape of cyber threats. Let's stay vigilant, educate ourselves, and strengthen our digital defences! ๐ก๏ธ๐ปย
Spread the word and keep our online community safe! ๐๐ย
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!
