Growing cybersecurity risks involving cryptocurrencies have prompted the U.S. Securities and Exchange Commission to increase the positions under its Crypto Assets and Cyber Unit by nearly twofold, with the total number of staff members expected to grow from 30 to 50, reports The Verge.
”Crypto markets have exploded in recent years, with retail investors bearing the brunt of abuses in this space. Meanwhile, cyber-related threats continue to pose existential risks to our financial markets and participants. The bolstered Crypto Assets and Cyber Unit will be at the forefront of protecting investors and ensuring fair and orderly markets in the face of these critical challenges," said SEC Division of Enforcement Director Gurbir Grewal. Dozens of cryptocurrency fraud cases have already been brought to the Crypto Assets and Cyber Unit, and more staffing would only enable it to better address cryptocurrency issues, according to SEC Chair Gary Gensler.
"By nearly doubling the size of this key unit, the SEC will be better equipped to police wrongdoing in the crypto markets while continuing to identify disclosure and controls issues with respect to cybersecurity," Gensler said.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.