{"id":18272,"date":"2024-11-02T07:00:00","date_gmt":"2024-11-02T05:00:00","guid":{"rendered":"https:\/\/forklog.com\/en\/cybersecurity-updates-telegram-scams-infostealer-shutdowns-and-more\/"},"modified":"2024-11-02T07:00:00","modified_gmt":"2024-11-02T05:00:00","slug":"cybersecurity-updates-telegram-scams-infostealer-shutdowns-and-more","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/cybersecurity-updates-telegram-scams-infostealer-shutdowns-and-more\/","title":{"rendered":"Cybersecurity Updates: Telegram Scams, Infostealer Shutdowns, and More"},"content":{"rendered":"<p>We have compiled the most significant cybersecurity news of the week.<\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\">\n<li>Infostealers RedLine and META, involved in cryptocurrency theft, have ceased operations.<\/li>\n<li>The number of fraudulent groups on Telegram has decreased as they migrate to Threads.<\/li>\n<li>The FakeCall trojan has learned to intercept bank calls.<\/li>\n<\/ul>\n<\/div>\n<h2 class=\"wp-block-heading\"><strong>Infostealers RedLine and META Cease Operations<\/strong><\/h2>\n<p>On October 28, an international law enforcement coalition halted the operations of infostealers RedLine and META, which victimized millions of users worldwide. Over 1,200 servers operated with the malware, stealing various personal data from infected devices. The obtained information was then sold on the dark web and used for theft of money, cryptocurrencies, and further hacking attacks.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">? Infostealers <a href=\"https:\/\/twitter.com\/hashtag\/Redline?src=hash&#038;ref_src=twsrc%5Etfw\">#Redline<\/a> &#038; <a href=\"https:\/\/twitter.com\/hashtag\/META?src=hash&#038;ref_src=twsrc%5Etfw\">#META<\/a> taken down by international coalition.<\/p>\n<p>?? ?? ?? ?? ?? ??<\/p>\n<p>\u26a0\ufe0f The malware targeted millions of victims worldwide and was used to steal personal data, including usernames and passwords, addresses, phone numbers and more.<\/p>\n<p>? <a href=\"https:\/\/t.co\/Z0AZLiXGOU\">https:\/\/t.co\/Z0AZLiXGOU<\/a> <a href=\"https:\/\/t.co\/4hYKTeCgrA\">pic.twitter.com\/4hYKTeCgrA<\/a><\/p>\n<p>\u2014 Eurojust (@Eurojust) <a href=\"https:\/\/twitter.com\/Eurojust\/status\/1851187414540185861?ref_src=twsrc%5Etfw\">October 29, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In the Netherlands, three servers were shut down and two domains were seized, while two individuals were detained in Belgium. The United States has filed <a href=\"https:\/\/www.justice.gov\/usao-wdtx\/pr\/us-joins-international-action-against-redline-and-meta-infostealers\">charges<\/a> against the alleged developer and administrator of RedLine, Russian Maxim Rudometov. He faces up to 35 years in prison for device fraud, conspiracy to commit cyberattacks, and money laundering.<\/p>\n<p>Authorities also extracted information about RedLine and META clients, including IP addresses, activity timestamps, and registration details. The investigation is ongoing.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Fraudulent Groups Decline on Telegram<\/strong><\/h2>\n<p>In late September to early October, some fraudulent groups began to withdraw from Telegram following the messenger&#8217;s increased cooperation with authorities on data exchange regarding offenders. This was noted by specialists from F.A.C.C.T.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"ru\" dir=\"ltr\">\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F.A.C.C.T. \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u0440\u043e\u0441\u0442\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e \u0441\u0445\u0435\u043c\u0435 \u00ab\u041c\u0430\u043c\u043e\u043d\u0442\u00bb. \u0412 Telegram, \u043d\u0430\u043f\u0440\u043e\u0442\u0438\u0432, \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u0442\u0441\u044f \u0441\u043f\u0430\u0434<\/p>\n<p>\u0414\u0435\u0442\u0430\u043b\u0438: <a href=\"https:\/\/t.co\/SPZXv3c3NH\">https:\/\/t.co\/SPZXv3c3NH<\/a> <a href=\"https:\/\/t.co\/FP8EVcQoo8\">pic.twitter.com\/FP8EVcQoo8<\/a><\/p>\n<p>\u2014 F.A.C.C.T. (@F_A_C_C_T_) <a href=\"https:\/\/twitter.com\/F_A_C_C_T_\/status\/1852284405542211823?ref_src=twsrc%5Etfw\">November 1, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Changes to the Privacy Policy led a group operating under the <span data-descr=\"online fraud involving theft of bank card data and money during fake purchases\" class=\"old_tooltip\">&#8216;Mammoth&#8217; scheme<\/span> with over 10,000 subscribers to announce a full transition to their own platform and the launch of an anonymous onion site.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-qw.googleusercontent.com\/docsz\/AD_4nXcUgSaK2cOTJKBAfRqZSZv8Kb__Mf5iYo11qcL9NSllrsPqnvzUVfSDFx6xiDXNwSGF0DVlEn2srO4IrYg-VCJQFP_ZJNDUrXRM4Y3xWqRTxmv0aLxKrGgrOaHIgRHKoL5tYUafuwjzpV7OSwZSTRY9G0TY?key=sE9y-uAYeacqlWL4Nr_twOGF\" alt=\"Cybersecurity Updates: Telegram Scams, Infostealer Shutdowns, and More\"\/><figcaption class=\"wp-element-caption\">Message in one of the fraudulent groups about leaving Telegram. Data: F.A.C.C.T.<\/figcaption><\/figure>\n<p>Over four weeks, the revenues of 70% of similar fraudulent groups decreased by an average of 22% \u2014 from 58 million to 45 million rubles. Additional difficulties for the perpetrators arose due to the blocking of accounts by the trading bot Crypto Bot, which they used to withdraw criminal funds.<\/p>\n<h2 class=\"wp-block-heading\"><strong>FakeCall Trojan Intercepts Bank Calls<\/strong><\/h2>\n<p>Researchers at Zimperium reported an advanced version of the Android trojan FakeCall, capable of intercepting user calls to banks and redirecting them to a perpetrator&#8217;s number. The ultimate goal is to steal confidential information and money from users&#8217; accounts.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Our <a href=\"https:\/\/twitter.com\/hashtag\/zLabs?src=hash&#038;ref_src=twsrc%5Etfw\">#zLabs<\/a> team uncovered advanced FakeCall malware using voice phishing (vishing) ? to hijack calls and steal sensitive data. <\/p>\n<p>Don\u2019t let vishing compromise your business. <\/p>\n<p>Learn how Zimperium\u2019s MTD protects your enterprise in real-time: <a href=\"https:\/\/t.co\/CPIBwQ4jiO\">https:\/\/t.co\/CPIBwQ4jiO<\/a> <a href=\"https:\/\/t.co\/X1JMurrzdD\">pic.twitter.com\/X1JMurrzdD<\/a><\/p>\n<p>\u2014 Zimperium (@Zimperium) <a href=\"https:\/\/twitter.com\/Zimperium\/status\/1852046408762663276?ref_src=twsrc%5Etfw\">October 31, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The malware was first noticed in April 2022. By 2023, it had learned to mimic over 20 financial organizations and conducted calls through third-party applications.\u00a0<\/p>\n<p>The current version sets itself as the default call handler and can capture direct audio and video streams from infected devices. It also has enhanced protection against detection.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Germany Shuts Down DDoS Attack Platform Dstat.cc<\/strong><\/h2>\n<p>German law enforcement <a href=\"https:\/\/www.bka.de\/DE\/Presse\/Listenseite_Pressemitteilungen\/2024\/Presse2024\/241031_PM_Festnahme_Cybercrime.html\">seized the infrastructure<\/a> of the DDoS attack review platform Dstat.cc and arrested two suspects aged 19 and 28.\u00a0<\/p>\n<p>According to case materials, various cybercriminal groups, such as the Russian Killnet and Passion, used the site to demonstrate their capabilities. It also hosted reviews and recommendations for conducting various types of attacks.<\/p>\n<p>The alleged administrators of Dstat.cc, according to the investigation, also managed the synthetic drug market Flight RCS. They face up to ten years in prison and fines.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Stolen Credit Card Traders Move to Threads<\/strong><\/h2>\n<p>The social network Threads has seen a surge in advertisements for selling stolen credit cards and user credentials, reports <a href=\"https:\/\/www.theregister.com\/2024\/10\/28\/crims_selling_credit_cards_threads\/\">The Register<\/a>.<\/p>\n<p>Cybersecurity researchers found at least 15 accounts with over 12,000 followers, where financial and personal information is published. <\/p>\n<p>These pages exist for one to two months, yet adequate moderation by Meta is lacking. On the contrary, such activity is encouraged by the social network&#8217;s algorithms and promoted through advertising, experts added.<\/p>\n<p>The messages from perpetrators contain:\u00a0<\/p>\n<ul class=\"wp-block-list\">\n<li>names of cardholders;<\/li>\n<li>full and partial card numbers with expiration dates;<\/li>\n<li>PIN codes and CVV;<\/li>\n<li>bank identification numbers;<\/li>\n<li>names of banks and card issuers;<\/li>\n<li>social security numbers;<\/li>\n<li>IP and physical addresses;<\/li>\n<li>phones and emails;<\/li>\n<li>birth dates;<\/li>\n<li>passwords.<\/li>\n<\/ul>\n<p>Meta representatives stated that they are &#8220;aware of this behavior and continue to take action against accounts and content that violate the platform&#8217;s rules.&#8221;<\/p>\n<p>Also on ForkLog:<\/p>\n<ul class=\"wp-block-list\">\n<li>The US Department of Justice accused the founder of Gotbit of fraud.<\/li>\n<li>Immunefi: The crypto industry lost $55.1 million in October.<\/li>\n<li>1inch commented on the app hack and announced a refund.<\/li>\n<li>Vitalik Buterin discussed the prospects for improving the EVM.<\/li>\n<li>Circle introduced a privacy solution for ERC-20 tokens.<\/li>\n<li>Tether unveiled an AI tool for creating privacy-focused applications.<\/li>\n<li>An expert discovered a &#8220;vampire attack&#8221; on Bitcoin.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\"><strong>Weekend Reading Suggestions<\/strong><\/h2>\n<p>Explore the criminal case of the founder of the Cryptex bitcoin exchange with analysts from &#8220;SHARD&#8221;.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have compiled the most significant cybersecurity news of the week. Infostealers RedLine and META, involved in cryptocurrency theft, have ceased operations. The number of fraudulent groups on Telegram has decreased as they migrate to Threads. The FakeCall trojan has learned to intercept bank calls. Infostealers RedLine and META Cease Operations On October 28, an [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":18271,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-18272","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"11","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/18272","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=18272"}],"version-history":[{"count":0,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/18272\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/18271"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=18272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=18272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=18272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}