AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/25/2022

U.S. govt seizes domains used in ‘pig butchering’ scams

For the first time, the U.S. Department of Justice seized seven domains that hosted websites linked to “pig butchering” scams, where fraudsters trick victims of romance scams into investing in cryptocurrency via fake investment platforms. The list of domains seized includes simexcbr.com, simexlua.com, simexwim.com, simexarts.com, simexrue.com, simexvtn.com, and simexbiz.com, all of them spoofing the one used by the Singapore International Monetary Exchange (SIMEX). While originating from Asia, pig butchering scams have spread globally after cryptocurrency scammers realized that users of dating apps and social media sites (the “pigs”) make for easy targets after building trust using various social engineering tactics.


Interpol seized $130 million from cybercriminals worldwide

INTERPOL has announced the seizure of $130,000,000 million worth of money and virtual assets linked to various cybercrimes and money laundering operations. The law enforcement operation is codenamed “HAECHI III” and lasted between June 28 and November 23, 2022, allowing INTERPOL to arrest almost a thousand suspects. “In total, the operation resulted in the arrest of 975 individuals and allowed investigators to resolve more than 1,600 cases,” reads Interpol’s announcement. “In addition, almost 2,800 bank and virtual-asset accounts linked to the illicit proceeds of online financial crime were blocked.”


Not-for-profit aims to encourage 1,300 girls into cyber careers

More than 1,000 girls across the UK are to take part in an events day designed to encourage them to consider a cyber security career in the future. CyNam, a not-for-profit collaborative, has partnered with several firms, including Tesco, Raytheon, the Careers Enterprise Company and Sage, to run an event called EmPowerCyber for schoolgirls in Year 8. The aim is to introduce young women to people who work in cyber roles and help them understand more about what a cyber career involves, with the hope that by doing so before they choose their GCSE options, it could set them on a more technical path.


Phone numbers of nearly 500 million WhatsApp users around the globe is up for sale

Hackers have allegedly gotten their hands on phone numbers of about 487 million WhatsApp users belonging to 84 countries. The database was recently put up on sale on a hacking community forum. With a userbase of around 2 billion people, WhatsApp is the biggest messaging platform. This means that the leaked database contains phone numbers of a quarter of all WhatsApp users. Out of the 487 million contacts, over 32 million numbers are from the U.S., 45 million from Egypt, five million from Italy, 29 million from Saudi Arabia, 20 million (each) from France and Turkey, 10 million phone numbers from Russian users, and over 11 million are UK numbers.


Over 1,600 Docker Hub Repositories Were Found to Hide Malware

More than 1,600 publicly available images on Docker Hub were found to hide malicious behavior, including DNS hijackers, cryptocurrency miners, website redirectors, and embedded secrets that can be used as backdoors. Docker images serve as templates for quickly and easily building containers with pre-built code and applications. As a result, those looking to launch new instances frequently use Docker Hub to find an application that can be quickly deployed. According to BleepingComputer, over a thousand malicious uploads pose serious hazards to unaware users who deploy malware-filled pictures on locally hosted or cloud-based containers as a result of threat actors abusing the service. Threat actors have published infected photos with names that make them appear to be well-known and reliable projects in order to deceive consumers into downloading them.

Related Posts