Microsoft Warns of Scammers Targeting Crypto Startups With ‘Weaponized’ Excel Files

2022-12-7 14:30

The security team of Microsoft has uncovered threat actors targeting crypto startups and claims Telegram chat is being used to gain access and trust of other firms.

Ransomware is a malicious program or malware that blocks access to files on a computer until a fee is paid to the perpetrator. Like any other virus, it can spread between computers bringing down whole networks. Over 30 years, ransomware has transformed from a fringe internet novelty to a massive illegal business. 

Crypto Playing a Part

Now cryptocurrencies have played a big part in the rise of ransomware. The anonymity of cryptocurrencies like Bitcoin has made ransomware even more appealing to cybercriminals. As hackers move and exchange cryptocurrency through a maze of accounts and across countless borders, it can become virtually untraceable. It isn’t easy to know exactly how much criminal activity relies on cryptocurrency.

Hackers might feel so secure in their anonymity that they set up customer care websites and portals to help victims send payments. They operate very much like legitimate businesses. 

These attacks can come in various forms, including illicit actors directly engaging with an organization within an industry for financial gains. While most of these hacks go undetected, a small share does see the light, as is the case. 

Threat Actor DEV-0139

The Microsoft Security Threat Intelligence team highlighted one attack targeting cryptocurrency startups. In a report dated Dec. 6, the team looked into a threat actor named “DEV-0139.”

The actor posed as a representative of a different crypto investment company and gained access through the Telegram chat. Even asked for feedback on the fee structure used by crypto exchange platforms. After gaining trust, the alleged actor sent a spreadsheet titled “OKX Binance & Huobi VIP fee comparison.xls.” However, it contained a malicious code that could remotely access the victim’s system. 

Zooming out, the entire attack, as compiled by Microsoft’s security team, looked like this: 

Source: Microsoft

Needless to say, the hacker had in-depth exposure and knowledge of cryptocurrency companies as evident in the chart above. In addition to this, Microsoft also identified another similar attack with a “similar mechanism as ‘logagent.exe’ and delivering the same payload.”

The infamous North Korean group, Lazarus, was one of the leading names using ransomware attacks to their advantage. 

Overall, given the rise in cryptocurrency and the lump sum of money flowing in, companies, and individuals need to maintain caution against such risks. 

The post Microsoft Warns of Scammers Targeting Crypto Startups With ‘Weaponized’ Excel Files appeared first on BeInCrypto.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Emerald Crypto (EMD) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 4.67 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0095806 (-100%)

targeting microsoft startups crypto excel warns scammers

targeting microsoft → Результатов: 9


Фото:

iPhone spyware campaign reportedly targeted Uyghur Muslims for 2 years

The data-stealing iPhone exploits detailed by Google last week may been used for state-sponsored campaigns targeting the Uyghur Muslim minority in China‘s autonomous region of Xinjiang. “The websites were part of a campaign to target the religious group by infecting an iPhone with malicious code simply by visiting a booby-trapped web page,” TechCrunch revealed, citing sources familiar with the matter.

2019-9-2 08:45


Фото:

Microsoft: Russian government hackers are targeting IoT devices

Microsoft today warned that Russian government hackers have been using video decoders, printers, and internet of things devices to breach computer networks. In a blog post, the Microsoft Threat Intelligence Center wrote that the “devices became points of ingress from which the actor established a presence on the network and continued looking for further access.

2019-8-6 03:36


Фото:

Microsoft Security Expert says Cyber Criminals now Targeting Korea

Microsoft Korea has urged individuals and businesses in the region to adequately protect their computers and other devices against new cyber attacks such as supply chain compromises, cryptojacking, and phishing attacks, by regularly backing up their data on cloud platforms and keeping security software as well as operating systems up to date, reports The KoreaRead MoreRead More.

2019-4-23 11:00