The Rising Threat of Credential Theft ???? 

Nov 29 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that’s happy for the Indian miners but can’t help wondering who’s going to save the crypto-miners who are constantly being hacked by cybercriminals ???? 

Today’s hottest cybersecurity news stories:  

  • ???? Plenty more phish in the sea. How hackers phish and sell credentials ????‍???? 

  • ???? N. Korean hackers and mixing and Macintoshing to evade detection  ???? 

  • ???? Serial scammer caught red-handed, ordered to pay back $1.2m. Oops ???? 

Hackers are phishing for compliments ???? Don’t let them PhaaS you ????


???? Protecting Your Organisation: The Rising Threat of Credential Theft ???? 

Did you know that stolen account credentials are the golden ticket for cybercriminals? ???? According to the 2023 Verizon Data Breach Investigation Report, external parties caused 83% of breaches, and a whopping 49% involved stolen credentials! ???? 

???? Phishing on the Rise ???? 

Phishing, a major player in cyber threats, is evolving! Threat actors are no longer just using emails. Now, they’re hitting us with multi-channel attacks using texts, voicemails, and AI-driven personalised messages. ???????????? 

????️ Phishing-as-a-Service (PhaaS) ????️ 

Even without hacking skills, anyone can jump on the credential theft bandwagon thanks to PhaaS! ???? W3LL’s BEC phishing ecosystem and Greatness phishing kit are causing havoc, infiltrating thousands of accounts and raking in big bucks. ???? 

???? Underground Markets Boom ???? 

The dark web is buzzing with over 24 billion credentials for sale! ???? Prices vary, but stolen credentials mean serious business. The risks multiply when users reuse passwords across accounts. 

???? Financial Gain Drives Threats ???? 

Remember, financial gain is the game! After stealing credentials, threat actors can wreak havoc, but often, they sell the loot to others who execute the attacks later. ???? 

????️ Stay Secure with Specops Password Policy! ????️ 

Protect your organisation! Use Specops Password Policy to block compromised passwords, enforce strong policies, and fortify your password infrastructure. ???? Try it free here! 

What steps are YOU taking to secure user credentials? Let’s fortify our defences together! ????️???? 


Clean your Mac or PC


Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.

That’s where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:

  • Remove junk files and malware to free up space and improve performance

  • Protect your privacy by erasing sensitive data

  • Optimize your startup settings to speed up boot times

  • Manage your extensions and apps to keep your Mac or PC running smoothly

Since 2008 MacPaw is trusted by over 30 million users worldwide, and it’s the perfect solution for keeping your Mac or PC safe and secure.

Mix and Mac ????


???? Alert: North Korean Cyber Threats on the Rise! ???? 

???? They’re a ‘Mixing and Matching’ menace. Hold on tight! The notorious Lazarus Group, the masterminds behind macOS malware RustBucket and KANDYKORN, are now “mixing and matching” elements from both in a devious move. ???? SentinelOne uncovered this dangerous trend, revealing the use of RustBucket droppers to deliver the formidable KANDYKORN. ???? 

???? Attack Chains Unveiled ???? 

In the RustBucket realm, SwiftLoader, a backdoored PDF reader, acts as the gateway for a Rust-powered malware. Meanwhile, KANDYKORN hits crypto exchange platform engineers through Discord, unleashing a complex multi-stage attack. ???? 

???? Puzzle Piece: ObjCShellz ???? 

Enter ObjCShellz! The third player in this cyber drama, recently revealed by Jamf Threat Labs, acts as a remote shell executing commands from the attacker server. ???? 

???? SwiftLoader’s Dual Role ???? 

Hold the phone! SwiftLoader is not just for RustBucket; it’s now distributing KANDYKORN too. North Korea’s Lazarus Group seems to be sharing tactics and tools, making tracking and defence a real challenge. ????️‍♂️ 

???? Collaborative Adversaries on the Move ???? 

The cyber landscape in North Korea has evolved into a streamlined organisation, with shared tools and tactics. A recent Mandiant report highlighted this collaborative approach, making the adversary more elusive and adaptable. ???? 

????️ Stay Vigilant, Cyber Defenders! ????️ 

As Lazarus subgroup Andariel exploits Apache ActiveMQ vulnerabilities, installing NukeSped and TigerRAT, the cybersecurity battlefield is heating up! ???? 

Keep your defences strong, stay updated, and let’s outsmart these cyber threats together! ???????? 

???? Catch of the Day!! ????????????

???? The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” Good ol’ George Dubya ???? Let us tell who’s not fooling around though; that’s the Crüe ???? at Motley Fool. You’d be a fool (alright, enough already! ????) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ???? Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ???? (LINK)

???? Wander: Find your happy place. Cue Happy Gilmore flashback ????️⛳????????️ Mmmm Happy Place… ???? So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ????️???? (LINK)

???? Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ???????? (Great movie, to be fair ????). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty ????). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho ???? And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ???? (LINK)

Cybercrime doesn’t pay. But it does pay BACK ????


???? Serial Cybercriminal Sentenced: Beware of Modern Scams! ???? 

Brace yourselves for the scoop on Amir Hossein Golshan, a 25-year-old “serial cybercriminal and scammer” from Los Angeles! ????️‍♂️✨ 

???? SIM-Swap Shenanigans and More ???? 

Golshan, dubbed a cyber maestro, pulled off SIM-swap attacks, hijacked social media accounts, committed Zelle payment fraud, and even impersonated Apple support. ???????? 

???? Behind Bars for Eight Years ???? 

After pleading guilty to unauthorised access, wire fraud, and computer fraud, Golshan was sentenced to eight years in prison and ordered to pay over $1.2 million in restitution. ⚖️???? 

???? Four Years of Digital Deception ???? 

Between 2019 and 2023, Golshan targeted “hundreds” with online scams, swindling a staggering $740,000 from over 500 victims! ???????? 

???? From Zelle Fraud to SIM Swapping ???? 

Golshan started with Zelle merchant fraud on Instagram, offering fake services. He then escalated to SIM swapping, seizing control of victims’ accounts and demanding ransom via WhatsApp. ???????? 

???? Impersonating Apple Support ???? 

In his cyber crime spree, Golshan impersonated Apple Support, infiltrating victims’ iCloud accounts and looting digital wallets for NFTs and cryptocurrency. ???????? 

⚠️ Stay Vigilant Against Cyber Threats! ⚠️ 

Golshan’s crimes highlight the evolving landscape of cyber threats. Let’s stay vigilant, educate ourselves, and strengthen our digital defences! ????️???? 

Spread the word and keep our online community safe! ???????? 

????️ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Libby Copa: The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.

  • Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles