- A “cybersecurity incident” has affected popular task management platform TaskRabbit, causing it to temporarily take down the app and its service. Users took to Twitter to vocalize their discontent with the breach, which exposed company information and revealed its private Github. TaskRabbit has stated they will reimburse those financially affected by the incident, which is still under investigation at the time of this post, though Twitter users suspect it’s a phishing attack. Keep up-to-date with the latest developments over on Mashable.
- Check Point researchers revealed that in the two months since its debut, GandCrab ransomware has earned attackers upwards of $600,0000. A seizure of assets earlier this month by Romanian Police and Europol accounted for only a minor setback to the campaign, which has used an agile approach to developing the malware to keep it operational. Learn more about this strain of ransomware on Threatpost.
- Some users of the cryptocurrency exchange Binance recently found themselves the victims of a targeted phishing attack. Scammers utilized the API keys from compromised accounts to make unauthorized trades. According to coverage from Coincentral, “some users saw their bots unwillingly sell their altcoins to buy Viacoin in the throes of the debacle.” The article goes on to reveal that once Binance suspended the trades, crooks could not recover the stolen funds. Instead, Binance donated all the funds in question to charity.
- In a feat of irony, an employee of the Financial Services Information Sharing and Analysis Center (FS-ISAC) fell for a phishing scam that exposed their individual credentials and enabled additional attacks. SC Magazine’s coverage of the incident states the breach allowed “… the threat actor to create an email with a PDF that had a link to a credential harvesting site which was then sent from the initial compromised account to select members, affiliates and employees …” According to FS-ISAC President and CEO Bill Nelson, the simple attack wasn’t targeted, and they plan to accelerate their adoption of multi-factor authentication to curb future attacks.
- Apple has alerted customers to be on the lookout for an App Store scam posing as a subscription notice for YouTube Red. The scam uses a fake billing invoice demanding $144.99 to keep their service or cancel it via a link that leads to a credential-stealing phishing site. More details on the scam can be found on Newsweek.
- Users of the global secure financial messaging service, SWIFT, were targeted with phishing emails containing malware-ridden attachments. Analysts from Comodo Threat Research Lab found that “Once [the malware] has penetrated a user’s system, it modifies the registry, spawns many processes, checks for an antivirus installation and tries to kill its process,” according to coverage in MediaPost. Comodo’s analysts believe the purpose of these phishing attempts is recon for further, more destructive malware attacks.
- A phishing website dubbed klkviral.org stole and published the credentials of over 55,000 users of the popular social platform Snapchat. Although the breach was discovered back in July 2017, the details emerged only recently. The Verge broke the story in February, reporting that “… the attack relied on a link sent to users through a compromised account that, when clicked, opened a website designed to mimic the Snapchat login screen.” Snapchat notified those affected that their passwords had been reset. While 55,000 accounts are only a small portion of Snap’s 187 million active users, the attack shows just how effective phishing websites can be.
Subscribe to the Proofpoint Blog