11-24-2021, 09:44 PM
CyberScoop Wrote:When the Shiba Inu token, a meme-based virtual currency, hit its highest all-time value in October, it didn’t take long for scammers to seize on the trend for their own benefit.
Live YouTube videos promising bogus giveaways of the token have racked up hundreds of thousands of views, while groups on Telegram promoting other frauds have also exploded, according to research shared exclusively with CyberScoop.
Many Shiba scams identified by the security firm Tenable all take a nearly identical approach. Accounts live-stream old footage from a June event featuring Jack Dorsey and Elon Musk, a popular name among crypto enthusiasts, with on-screen instructions for users to send an arbitrary amount of currency into a wallet, with the promise of getting twice as much or more in return.
Scams have earned $239,000 worth of cryptocurrency since October 20, based on an analysis of online wallet addresses associated with nefarious Shiba Inu-themed pages, according to Satnam Narang, a researcher at Tenable. Such ruses are known as “giveaway scams” and are among the most common forms of cryptocurrency fraud, according to the Federal Trade Commission.
...
Because cryptocurrency exchanges lack the same federal protections as traditional financial exchanges, victims’ losses are not protected by the federal government.
Shiba Inu, which actually encompasses three different virtual currency tokens, was launched in 2020 by an anonymous group as a competitor to Dogecoin. While the currency started out as what investors call a “meme coin” — meaning it has no real-world use — it has gained credibility in recent months through listings on major exchanges, including Binance. AMC theaters this month announced it would be the first company to accept the token as payment.
According to Shiba Inu token’s official Reddit page, users have been reporting scams at least as far back as May.
...
While Shiba’s value has dipped in recent days, fraud efforts are still prevalent.
In addition to the research provided by Tenable, CyberScoop was also able to quickly surface six similar giveaway videos on YouTube using a sample search for the term “Shiba” between Monday, Nov. 22 and Tuesday, Nov. 23.
The fake giveaways identified by CyberScoop racked up more than half a million views collectively. Multiple streams came from the same Thailand-based account “SHIBA INU.” All of the live-streamed videos turned up within the first ten search results, often outranking a warning video about the scam that has received just 1,400 views.
CyberScoop Wrote:On the same day Apple announced a lawsuit against Israeli spyware vendor NSO Group for developing hacking tools to help breach iOS technology, the company was notifying potential targets of those exploits.
El Faro, a news organization in San Salvador, El Salvador, reported late Tuesday that 12 of its staff members received notices from the company, which warned that that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID.” The company also sent notices to four others in San Salvador who are “leaders of Civil Society organizations and opposition political parties,” the news organization reported.
Notices were also sent to six Thai activists and researchers critical of the government there, Reuters reported.
...
In announcing its suit against NSO Group, Apple said that the FORCEDENTRY spyware, built by NSO Group, was “used to attack a small number of Apple users worldwide.” The company would be notifying the uses that it discovered the possible targeting using the exploit. “Any time Apple discovers activity consistent with a state-sponsored spyware attack, Apple will notify the affected users in accordance with industry best practices,” the company’s announcement read.
The following news article might serve as an alert for users owning websites hosted by GoDaddy.
CyberScoop Wrote:Data connected with up to 1.2 million GoDaddy customers may have been accessed by an unauthorized party, the company reported to the U.S. Securities and Exhcnage Commission Monday.
GoDaddy, a behemoth in the commercial web hosting and domain registrar space, reported that it discovered the apparent intrusion on Nov. 17, and that the improper access dated back to Sept. 6.
Using a compromised password, an unknown party accessed a GoDaddy system dedicated to managed WordPress services, where the company offers customers hosting and other content management features. Up to 1.2 million active and inactive customers’ email addresses and customer numbers were exposed, which could set them up for phishing attacks, Demetrius Comes, the company’s chief information security officer, wrote in the notice.
...
The active customers’ data included database usernames and passwords, and a subset of customers’ private SSL encryption keys were exposed, Comes wrote. Passwords have been reset and the company is in the process of issuing and installing new SSL certificates.
GoDaddy regularly faces distributed denial-of-service attacks, as well as an “increased level” of social engineering efforts, including “several successful” campaigns by “a persistent threat actor” attempting to transfer domain names related to cryptocurrency, the company noted in its Nov. 4 quarterly SEC filing.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE