Cybercriminals have been exploiting the aftermath of Hurricane Ian to facilitate personal data exfiltration and Federal Emergency Management Agency fund theft, according to The Record, a news site by cybersecurity firm Recorded Future.
Stealing disaster relief assistance is being discussed by hackers on WhatsApp, noted Cofense Principal Threat Advisor Ronnie Tokazowski, who said that screenshots shared with him by a colleague showed how fraudulent claims could be filed on DisasterAssistance.gov.
Numerous Nigerian groups have been behind such scams, but U.S.-based money mules or accounts are also being used for laundering the funds, Tokazowski added.
Another scam aimed at stealing Hurricane Ian relief funds involving the use of phishing emails has been observed by INKY, with INKY's Bukar Alibe noting that the Small Business Administration and Red Cross have been spoofed in phishing emails.
Threat actors have been launching thousands of credential stealing attacks involving contractor services, said Slashnext CEO Patrick Harr.
Novel Go-based information stealer Aurora has been increasingly added by threat actors in their arsenal, with at least seven active cybercrime groups either leveraging the malware exclusively or alongside other info-stealers Raccoon and Redline, BleepingComputer reports.