Share this page!

Maybe Scrolly?
Group-IB Global Profile picture
Twitter logo
Sep 16 5 tweets 6 min read
Crypto giveaway scams continue to soar: Group-IB has noted a fivefold increase in the number of domains used for #crypto giveaway #scams that involve fake #YouTube streams in the first half of 2022: bit.ly/3eWN0eL

#CryptoGiveaway
According to Group-IB, 63% of the new fraudulent domain names were registered with Russian registrars, but the #fake websites are primarily designed to target English and Spanish-speaking #crypto investors in the US and other countries: bit.ly/3eWN0eL
In the first six months of 2022, @CERTGIB identified more than 2,000 domains registered explicitly to be used as #fake promotion websites. This figure increased almost five-fold compared to the second half of 2021 and 53-fold in comparison with H1 2021: bit.ly/3eWN0eL
#Scammers keep up with the latest headlines. One of the names most recently used as bait was Nayib Bukele, 43rd president of El Salvador. In 2021 El Salvador became the first country to adopt #bitcoin as the national currency:
bit.ly/3eWN0eL
The phenomenal growth of fake #crypto giveaways can be explained by a significantly enhanced arsenal and availability of tools for crypto #scammers, even with low technical skills. Want to learn more? Check out our website➡️ bit.ly/3eWN0eL

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Group-IB Global

Group-IB Global Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @GroupIB_GIB

Group-IB Global Profile picture
Sep 16
Hello @Uber! We know breaches suck. Wanted to reach out and support with some interesting information on the #uberhack. If you need any more details, feel free to contact us.

#FightAgainstCybercrime
On September 16, vx-underground posted screenshots with evidence of access to #Uber internal systems, including #SentinelOne, #Slack and #AWS. The screenshots have been attributed to the threat actor teapots2022. Image
During Group-IB’s analysis of the screenshots, interesting artifacts have been found in the recently downloaded files tray. First 2 files are zip archives and have the same format: "LOGID-\d{7} with names LOGID-4952307" and "LOGID-4953756". Image
Read 9 tweets
Group-IB Global Profile picture
Aug 19
About a week ago, @TalosSecurity team shared some insights related to a recent cyber attack on @Cisco. According to Indicators of compromise, mentioned in this article (bit.ly/3K76lFJ), we have known this group of attackers since the beginning of 2022.
Group-IB's researchers has discovered their TTPs in a series of attacks using #CobaltStrike, #Sliver and #Covenant tools. Our internal name of this group is #TridentCrow.
One of the domains that was published by @Cisco (ciscovpn2[.]com) has a self-signed SSL certificate with unique values. According to Group-IB Threat Intelligence database, out of more than 2 billion certificates, only 39 have similar values and mimic well-known IT companies. Image
Read 14 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(