Threat Management, Vulnerability Management

Pig-butchering scams examined

Numerous threat actors have been engaging in pig-butchering scams that involve lures of a romantic relationship or friendship in an effort to exfiltrate targets' cash over the past 18 months, according to CyberScoop. Hong Kong-based threat actors were noted by Sophos Senior Researcher Sean Gallagher to have deployed such a scam that lured its targets into downloading a fake version of the Russian trading app MetaTrader 4 that requires personal data and documents for registration. Such an account is then used as a repository for the cash transferred by the target. MetaTrader 4, which has also been used in previous scams, has already been removed from both Apple and Google app stores. Meanwhile, a Cambodia-based Chinese fraud ring also engaged in a similar scam using the TradingView app, which was observed to have collected nearly $500,000 in cryptocurrency in the course of a month. Google, Apple, and other companies have already been informed by Sucuri regarding such attacks.

Related

New Muddled Libra attacks set sights on cloud

Attacks by the Muddled Libra threat operation — also known as UNC3944, Scattered Spider, Scatter Swine, and Starfraud — have been redirected at cloud service providers and software-as-a-service apps as part of efforts to bolster its data extortion efforts, reports The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.