By Habiba Rashid
A new investigation by cybersecurity researcher Jeremiah Fowler from VPNmentor reveals an elaborate cryptocurrency scam that employs over 300 fake websites to steal funds from unsuspecting victims and lure new investors.
This is a post from HackRead.com Read the original post: Researcher Exposes Cryptocurrency Scam Network of 300 Domains

*   **The new investigation uncovers intricate cryptocurrency scams exploiting victims’ trust.**
*   **Scammers pose as acquaintances, directing victims to professional-looking fake websites with fabricated financial data.**
*   **Victims are enticed with minor withdrawals and encouraged to recruit friends and family into the scheme.**
*   **Withdrawal attempts lead to demands for additional fees, trapping victims in a cycle of payments.**
*   **The investigation exposes a vast network of nearly 300 websites, pointing to an international scam operation.**

In a digital age where financial opportunities and risks coexist, the world of cryptocurrency investment has become a breeding ground for fraudulent activities. As more novice investors enter the crypto market seeking substantial returns, scammers have devised increasingly sophisticated schemes to prey on their aspirations. A recent investigation by Jeremiah Fowler from VPNmentor reveals the intricate workings of these scams. 

The scam begins with social engineering tactics, exploiting victims’ trust by posing as acquaintances who have reaped benefits from the fraudulent investment scheme. Victims are provided with website links, often adorned with professional designs and fabricated graphs, projecting fake deposits and withdrawals. The illusion of legitimacy is bolstered by the inclusion of trust logos from renowned credit cards and payment methods.

Once victims invest, they may receive minor withdrawals and even modest profits, cementing their belief in the scam. The fraudsters escalate the deception by offering multi-tiered membership levels, promising exorbitant returns as high as 20%. Manipulating human psychology, they encourage victims to enlist friends and family, leveraging their established relationships to lure more investors into the scheme.

Reality strikes when victims attempt to withdraw their investments, only to be met with demands for additional fees. These fraudulent fees act as a barrier to prevent victims from accessing their funds, driving them into a nightmarish cycle of further payments. As the investigator’s account reveals, scammers are relentless in their pursuit of more money, resorting to threats and intimidation when victims refuse to comply.

According to the report shared by VPNmentor with Hackrad.com, delving into the digital footprints of these scams, the investigator uncovered a sprawling network of nearly 300 websites. While the domains were often masked by privacy protection, their investigation led to domains registered to individuals in Nigeria and the US, pointing towards an international network of scammers.

Names of hosting and domain registrars where scam domains have been provided services (1) – A victim revealing they have been scammed (2) (Screenshot via: VPNmentor)

As this exposé unravels the intricacies of these scams, it also sheds light on the industry’s need for reform. Hosting providers and domain registrars play a pivotal role in enabling these fraudulent operations to thrive.

While generating substantial revenue, these entities often lack measures to thwart cybercriminals abusing their services. Suggestions for change include the implementation of Know Your Customer (KYC) systems, akin to those used by banks, to validate the identity of domain registrants and deter anonymous registrations.

The lesson for potential investors is clear: meticulous research and scepticism are vital when considering crypto investments. To avoid falling victim to scams, investors must verify the credibility of companies, seek independent advice, and refrain from making hasty decisions under pressure.

By promoting awareness and advocating for industry regulations, stakeholders can contribute to a safer and more secure crypto landscape, sparing countless individuals from the devastating consequences of investment scams.

**RELATED ARTICLES**

1.  13 Domains Linked to DDoS-For-Hire Services Seized
2.  Scammers Netted $7.7 Billion worth of Cryptocurrency in 2021
3.  US Seizes 7 Domains used in Pig Butchering Cryptocurrency Scam
4.  170 fraudulent Android apps scamming cryptocurrency enthusiasts
5.  42,000 phishing domains discovered masquerading as popular brands
6.  Microsoft pwns domains used by hackers for large-scale cyber attacks

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

Researcher Exposes Cryptocurrency Scam Network of 300 Domains

By Habiba Rashid
Revolutionary AI Model Predicts Keystrokes Through Sound: A New Wave of Acoustic Attacks.
This is a post from HackRead.com Read the original post: AI Model Listens to Typing, Potentially Compromising Sensitive Data

1.  **Cornell researchers unveil AI model decoding keyboard inputs from audio signals.**
2.  **New attack predicts keystrokes by analyzing acoustic signatures of different keys.**
3.  **Implications for data security and emergence of acoustic cyberattacks raise concerns.**
4.  **AI model achieves 93% accuracy, setting a new record for audio-based classification systems.**
5.  **Countermeasures like noise introduction can reduce accuracy, limiting widespread malicious use.**

Researchers at Cornell University have unveiled a groundbreaking deep-learning model capable of deciphering keyboard input solely from audio signals. This pioneering advancement, led by Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad, has significant implications for data security and the emergence of acoustic cyberattacks.

In a recently published paper titled “A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards,” the Cornell team introduced an Artificial intelligence (AI) model capable of accurately predicting keystrokes by analyzing the unique acoustic signatures produced by different keys on a keyboard.

The technique involves training the model to associate specific audio patterns with corresponding characters, allowing it to virtually ‘listen’ to typing and transcribe it with astonishing accuracy.

Traditional cyberattacks often exploit software vulnerabilities or rely on phishing tactics, but this new wave of attacks leverages the physical characteristics of keyboards, emphasizing the significance of sound as a potential security vulnerability. The implications are far-reaching, as this method could compromise user passwords, conversations, messages, and other sensitive information.

The team’s research indicates that the model achieves an impressive accuracy rate of 93% when trained using Zoom recordings, marking a new record for audio-based classification systems. The process of training the model involves exposing it to multiple instances of each keystroke on a specific keyboard. The researchers utilized a MacBook Pro, pressing each of its 36 keys 25 times to develop a comprehensive dataset for training.

Screenshot (Arxiv)

Despite its remarkable potential, the AI model does come with certain limitations and vulnerabilities. Changing typing styles or utilizing touch typing can significantly reduce the model’s accuracy, dropping it to a range of 40% to 64%. Additionally, countermeasures like introducing noise to the audio signal can obfuscate the keystrokes and diminish the model’s accuracy.

However, the researchers are clear that the model’s effectiveness is dependent on the specific keyboard’s sound profile. This dependence restricts the applicability of the attack to keyboards with similar acoustic characteristics, limiting its scope for widespread malicious use.

As the digital landscape evolves, the arms race between cyberattacks and defence measures continues to escalate. The development of AI-based acoustic side-channel attacks underscores the need for enhanced security measures, including innovative noise-cancellation solutions like NVIDIA’s RTX Broadcast, which can counteract these types of attacks.

For a comprehensive exploration of the Cornell team’s findings and methodologies, readers can refer to the official research paper (PDF) available for further study. As the boundaries of AI and cybersecurity continue to blur, understanding these advancements is crucial for individuals and organizations to stay ahead of potential threats.

**RELATED ARTICLES**

1.  AI-based Model to Predict Extreme Wildfire Danger
2.  Stealing data from air-gapped PC by turning RAM into Wi-Fi Card
3.  Locating malicious drone operators through deep neural networks
4.  Hackers Can Now Steal Data from Air-Gapped PCs via SATA Cables
5.  Malware can extract data from air-gapped PC through power supply

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

AI Model Listens to Typing, Potentially Compromising Sensitive Data

By Waqas
North Korean hackers from OpenCarrot and Lazarus breached NPO Mashinostroyeniya, a major Russian missile developer, for at least five months last year.
This is a post from HackRead.com Read the original post: Elite North Korean Hackers Breach Russian Missile Developer

*   **North Korean hackers breached a major Russian missile developer, NPO Mashinostroyeniya, for at least five months.**
*   **Cyber-espionage teams ScarCruft and Lazarus installed stealthy digital backdoors into NPO Mash’s systems.**
*   **It remains unclear if data was stolen or linked to North Korea’s ballistic missile program developments.**
*   **Experts warn that North Korea targets even its allies to acquire critical technologies.**
*   **The breach exposes vulnerabilities in cybersecurity and raises concerns about sensitive technology transfers.**

It has been uncovered that an elite group of North Korean hackers successfully breached the computer networks of a major Russian missile developer for an extended period last year.

The evidence, reviewed by Reuters and analyzed by security researchers, points to cyber-espionage teams associated with the North Korean government, namely ScarCruft (aka APT37, InkySquid, Reaper, and Ricochet Chollima). The same group was also reported to have used the Dolphin Backdoor against South Korea in December 2022.

The researchers also noted tracks of the infamous North Korean state-backed group, Lazarus, in these attacks. This was identified after researchers noted the presence of OpenCarrot Windows OS backdoor. The backdoor is known to be used by the Lazarus group.

These hackers discreetly installed stealthy backdoors into systems at NPO Mashinostroyeniya, commonly referred to as NPO Mash, a prominent rocket design bureau located in Reutov, on the outskirts of Moscow.

Reuters’ investigation did not ascertain whether any data was taken during the intrusion or what information might have been accessed. Nonetheless, it is noteworthy that in the months following the breaches, North Korea declared significant advancements in its banned ballistic missile program, raising suspicions about a possible connection to the breach.

Technical data reveals that the intrusion began approximately in late 2021 and persisted until May 2022 when the company’s IT engineers, as per internal communications reviewed by Reuters, detected the hackers’ activities.

Tom Hegel, a security researcher with US cybersecurity firm SentinelOne, who first uncovered the compromise, highlighted the importance of these findings, providing rare insight into clandestine cyber operations that often elude public scrutiny. Hegel’s team stumbled upon the hack when an NPO Mash IT staffer inadvertently leaked the company’s internal communications while attempting to investigate the North Korean attack by uploading evidence to a private cybersecurity research portal.

> With a high level of confidence, we attribute this intrusion to threat actors independently associated with North Korea. Based on our assessment, this incident stands as a compelling illustration of North Korea’s proactive measures to covertly advance their missile development objectives, as evidenced by their direct compromise of a Russian Defense-Industrial Base (DIB) organization.
> 
> Tom Hegel – SentinelOne

Two independent computer security experts, Nicholas Weaver and Matt Tait, verified the exposed email content’s authenticity by cross-referencing cryptographic signatures with a set of keys controlled by NPO Mash. SentinelOne expressed confidence that North Korea was responsible for the hack, as the cyberspies reused previously known malware and malicious infrastructure utilized in other intrusions.

The information potentially accessed by North Korean hackers includes details about NPO Mash’s hypersonic missile, “Zircon,” which Russian President Vladimir Putin had praised as a promising product capable of reaching speeds around nine times that of sound.

However, missile expert Markus Schiller, who has researched foreign aid to North Korea’s missile program, downplayed the immediate impact of obtaining plans for the Zircon. Schiller asserted that merely possessing drawings wouldn’t be sufficient to replicate the missile’s capabilities, as the process involves more complexities than what appears on paper.

Nevertheless, NPO Mash’s role as a leading Russian missile designer and producer makes it a highly valuable target. As the company’s advancements could have strategic implications, the breach raises concerns about the potential transfer of sensitive missile-related technology to North Korea.

The incident underscores the isolated nation’s willingness to target even its allies, as evidenced by the breach of Russia’s defence technologies. NPO Mashinostroyeniya has played a crucial role in developing hypersonic missiles, satellite technologies, and newer generation ballistic armaments—areas of immense interest to North Korea in its pursuit of an Intercontinental Ballistic Missile (ICBM) capable of striking the mainland United States.

**RELATED ARTICLES**

1.  CIA Wants Russians to Share Secret via its Darknet Site
2.  Russian hacking forums warming up to Chinese hackers
3.  Hackers steal personal data of 1,000 North Korean Defectors

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Elite North Korean Hackers Breach Russian Missile Developer

By ghostadmin
Bram Moolenaar, aged 62, passed away from a medical condition that rapidly progressed over the last few weeks.
This is a post from HackRead.com Read the original post: Bram Moolenaar, Creator of Vim Text Editor for Linux Passes Away

*   **Bram Moolenaar, creator of Vim text editor, passed away on August 3rd, 2023.**
*   **He was 62 years old and succumbed to a rapidly progressing medical condition.**
*   **His family shared the sad news on the Vim-announce Google Group.**
*   **Funeral arrangements were scheduled in The Netherlands in Dutch language.**
*   **The Vim community mourns the loss of the visionary software engineer.**

The technology world is mourning the loss of Bram Moolenaar, the renowned Dutch software engineer, and mastermind behind the popular **Vim text editor** for Linux. Bram Moolenaar passed away on August 3rd, 2023, leaving the Vim community in shock and disbelief.

Bram Moolenaar, aged 62, passed away from a medical condition that rapidly progressed over the last few weeks, according to a **statement** shared by his family on the Vim-announce Google Group. The exact cause of his death remains undisclosed, but the news of his passing has deeply saddened his colleagues, friends, and the Vim community.

Bram Moolenaar (Screenshot from a YouTube video)

The Vim text editor, short for “Vi IMproved,” has been an indispensable tool for developers, programmers, and Linux enthusiasts for decades. Bram’s visionary creation revolutionized the way programmers interact with text, and his dedication to maintaining and developing Vim garnered him immense respect and admiration within the software development community.

Bram Moolenaar released the first version of Vim in 1991 and has been actively maintaining and developing it ever since. As of August 5th, 2023, the funeral of Bram Moolenaar was scheduled to take place in The Netherlands, with services conducted in the Dutch language. The Vim community worldwide is uniting in remembrance of the man who had a profound impact on their daily work and coding practices.

At the time of his death, Bram Moolenaar was actively managing his **personal website**, showcasing his achievements and successes.

Bram Moolenaar’s passing comes shortly after the cybersecurity community mourned **the death of Kevin Mitnick**, widely known as the “World’s Most Famous Hacker Ever.” Kevin Mitnick’s demise had also shocked the cybersecurity world just a month before, leaving the tech community reeling from the loss of two influential figures in quick succession.

The technology world will forever remember Bram Moolenaar’s contributions and the legacy of Vim. As his funeral takes place and the Vim community gathers to honour his memory, heartfelt tributes continue to pour in from all corners of the globe, reflecting the significant impact he had on developers worldwide.

**RELATED ARTICLES**

1.  John McAfee Died in Spanish Prison
2.  Hacker planning heart implant hack found dead
3.  How to Remove Duplicate Lines in EmEditor (2023)
4.  Hacker Adrian Lamo, who alerted FBI about Chelsea Manning

Bram Moolenaar, Creator of Vim Text Editor for Linux Passes Away

By Habiba Rashid
The UK government has also warned about the looming threat of severe cyber attacks on critical national infrastructure in its recently released National Risk Register 2023.
This is a post from HackRead.com Read the original post: AI Flagged as “Chronic Risk” in UK Government’s Risk Register 2023 Report

1.  **The UK warns of looming cyber-attacks on critical national infrastructure.**
2.  **There is a 5–25% chance of a major cyber attack within the next 2 years.**
3.  **Cyber attacks have become sophisticated and can cause harm the economy.**
4.  **Report finds AI as a “chronic risk” with risks that impact national security.**
5.  **Government plans to convene a global summit to address AI safety.**

The UK government has warned about the looming threat of severe cyber attacks on critical national infrastructure in its recently released National Risk Register 2023. This comprehensive report, which covers both malicious and non-malicious risks, paints a worrisome picture of the nation’s potential cyber threats.

The assessment, based on the government’s internal National Security Risk Assessment, reveals that there is a concerning 5–25% chance of a significant cyber attack on vital infrastructure occurring within the next two years.

The report emphasizes that the risk of cyber attacks has become increasingly sophisticated and can cause substantial harm to various sectors of the economy. Specifically, the report identifies a range of targets that could be vulnerable to cyber attacks. These include gas infrastructure, electricity infrastructure, civil nuclear facilities, fuel supply infrastructure, government institutions, health and social care systems, the transport sector, and telecommunications systems.

Moreover, it highlights potential cyber threats from state actors targeting the UK financial infrastructure, including a retail bank.

The predicted attacks, in most cases, involve the manipulation, theft, or destruction of data critical to the operation of vital systems. For governmental attacks, there’s an additional risk of undermining public trust and interfering with elections.

Furthermore, the report (PDF) introduces a new dimension of concern by flagging artificial intelligence (AI) as a “chronic risk.” It notes that AI poses continuous challenges that can impact the economy, society, and national security.

This edition of the National Risk Register also marks the first time that AI has been featured as a strategic risk for the UK. The government acknowledges the far-reaching implications of AI, including the potential for increased misinformation and a decline in economic competitiveness. Consequently, the government plans to convene a global summit to address AI safety.

Despite the comprehensive nature of the report, some critics have expressed concerns about the lack of detail in evaluating AI risks. Opposition MP Darren Jones criticized the report for only briefly mentioning AI and accused ministers of lacking a concrete plan to address its dangers. Jones suggested establishing an AI sub-committee within the national security council to monitor AI-related risks.

Deputy Prime Minister Oliver Dowden, however, lauded the report as the most comprehensive risk assessment ever published. He emphasized that the insights provided by the assessment will enable the government and its partners to establish robust plans and responses to ensure national safety.

**RELATED ARTICLES**

1.  The Most In-Demand Freelance Skills for 2023
2.  UN: Terrorists can access WMDs via Dark Web
3.  US, China Exposed Most Servers Among 400K Found in 2021
4.  Internet connected cars can be hacked to gridlock major cities
5.  Hackers Use Telegram & Dark Web to Assist Iranian Protestors
6.  US, India and China Most Targeted in DDoS Attacks, StormWall

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

AI Flagged as “Chronic Risk” in UK Government’s Risk Register 2023 Report

By Deeba Ahmed
Threat researchers at ReversingLabs, a software supply chain security and malware analysis platform, have discovered a malicious new PyPI…
This is a post from HackRead.com Read the original post: VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools

1.  **ReversingLabs discovered a malicious PyPI package named VMConnect.**
2.  **The package imitated common Python tools & showed suspicious behavior.**
3.  **The attack started on 28th July with daily appearances of notorious packages.**
4.  **PyPI team swiftly removed the packages, but attackers kept replacing them.**
5.  **Objectives of the attack remain unclear to researchers.**

Threat researchers at ReversingLabs, a software supply chain security and malware analysis platform, have discovered a malicious new PyPI package dubbed VMConnect on the Python Package Index (PyPI) repository.

ReversingLabs’ reverse engineer, Karlo Zanki, wrote in a technical blog post that around 24 malicious Python packages were identified on the PyPI open-source repository. These packages imitated three very common, open-source Python tools, including pyVmomi VMware vSphere bindings’ wrapper module vConnector, databases that allow asyncio support for different databases, and a set of tools used to test Ethereum-based applications called eth-tester.

According to the company, its static analysis engine Titanium Platform identified the suspicious PyPI packages while performing routine scanning. Further probing revealed suspicious behaviour, such as the packages established communication with a C2 server for downloading additional malicious software. However, researchers didn’t observe any commands when this C2 server was live.

Per their analysis, this campaign went active on 28 July 2023 as that is when the first malicious package was published, and packages kept appearing on a daily basis, each being more notorious than the previous ones.

> “Additionally, these malicious packages were promptly removed from PyPI, likely due to internal system detections or external reports. However, the attackers quickly replaced the packages, indicating a well-organized and ongoing campaign.”
> 
> Karlo Zanki

Researchers have observed that campaign operators go to great lengths to make their malicious activities appear genuine. They achieve this by creating GitHub repositories with authentic-looking descriptions and even using legitimate source code. However, they deliberately remove any traces of their malicious behaviour from these repositories to build trust with potential victims.

Interestingly, this campaign managed to evade detection in the source code. Its presence was only discovered when researchers scanned the build process artifacts. This sets it apart from other recently discovered supply chain campaigns like “Brainleeches.”

VMConnect package’s behaviour and description

Suspicious PyPI packages have been found to exhibit deceptive behaviour by fully emulating the functionalities of the modules they imitate. To add to the deceit, these packages link to GitHub projects where their malicious behaviour has been cleverly removed, creating a false sense of trust in the PyPI release package.

The swift action taken by PyPI administrators is commendable, as all the malicious packages, including VMConnect, were swiftly removed from the platform within just three days of their appearance. However, this incident raises serious concerns, as researchers are noticing a growing trend of exploiting open-source modules to distribute malicious code and carry out various types of supply chain attacks.

In the past, the majority of supply chain attacks were targeted at the NPM open-source repository. Surprisingly, the PyPI repository has now become the prime target for such malicious activities. For instance, in January 2023, researchers detected 41 suspicious PyPI packages posing as popular HTTP libraries, and in March, a PyPI package named “termcolour” (after a now-defunct package) with multiple versions of a three-stage downloader was discovered by ReversingLabs.

Despite intensive investigation, researchers have been unable to determine the objectives of this campaign or what happens in its later stages. The purpose behind these attacks, whether it involves stealing sensitive data, conducting surveillance, launching ransomware, or a combination of these, remains unclear.

**RELATED ARTICLES**

1.  Malicious Packages are Swapping Out Your Crypto Addresses
2.  GitHub Abused to Distribute Malicious Packages on PyPI in Image Files
3.  Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys

VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools

By Waqas
Cybercriminals are posing as legitimate NFT developers and employing sophisticated tactics to deceive unsuspecting victims.
This is a post from HackRead.com Read the original post: FBI warns users of NFT theft by malicious developers

**IN SUMMARY:**

1.  **FBI warns of new phishing scam in NFT community by crooks posing as devs.**
2.  **The scam includes fake NFT releases with false urgency & limited supply claims.**
3.  **Phishing websites resembling legit NFT projects stealing victims’ crypto data.**
4.  **Drainer smart contracts transfer cryptocurrency and NFTs to criminals’ wallets.**
5.  **Stolen NFTs laundered through crypto mixers & exchanges to conceal the trail.**

The Federal Bureau of Investigation (FBI) has issued a warning about a concerning rise in financial fraud targeting the active users within the Non-Fungible Token **(NFT)** community. Cybercriminals are posing as legitimate NFT developers and employing sophisticated tactics to deceive unsuspecting victims.

In these fraudulent schemes, criminals either gain unauthorized access to NFT developer social media accounts or create nearly identical accounts to promote new NFT releases. To lure victims, they deploy tactics creating a false sense of urgency, using phrases like “limited supply” and promoting the NFT release as a “surprise” or previously unannounced mint.

Once victims are drawn in, the fraudsters provide links in these announcements, leading to phishing websites that convincingly mimic the appearance of legitimate NFT projects. Unsuspecting victims are then invited to connect their **cryptocurrency wallets** and purchase the NFTs.

Unbeknownst to them, the linked wallets are connected to a drainer smart contract, resulting in the transfer of their cryptocurrency and NFTs into wallets operated by cybercriminals.

According to the FBI’s public service **announcement** To further complicate the investigation and conceal their ill-gotten gains, the stolen NFT contents are typically laundered through a series of cryptocurrency mixers and exchanges. These practices aim to obfuscate the path and final destination of the stolen NFTs, making it challenging to trace and recover the stolen assets.

The FBI is urging victims to promptly report any fraudulent or suspicious activities related to these NFT scams to the FBI Internet Crime Complaint Center at **www.ic3.gov**. In doing so, it is crucial for victims to provide all relevant information, including links, social media accounts, crypto accounts, or domains utilized by scammers. The keyword “NFTHack” should be included in the reports to help law enforcement efficiently handle and investigate the cases.

As the popularity of NFTs continues to grow, criminals are **seizing opportunities** to exploit unsuspecting community members. The FBI’s warning serves as a reminder for NFT enthusiasts to remain vigilant, exercise caution when interacting with unfamiliar accounts, and verify the authenticity of NFT projects before making any transactions.

To combat the rising tide of NFT-related financial fraud, the collaborative effort of the NFT community, platforms, and law enforcement is crucial. By reporting suspicious activities promptly, victims can play an essential role in helping authorities identify and apprehend these criminal actors, thereby safeguarding the integrity of the NFT community and protecting fellow enthusiasts from falling prey to such scams.

**RELATED ARTICLES**

1.  6 of the Best Crypto Bug Bounty Programs
2.  Official website of Banksy hacked for fake NFT scam
3.  Google Ads Malware Wipes NFT Influencer’s Crypto Wallet
4.  Vulnerability Revealed OpenSea NFT Market Users’ Identities
5.  Phishing scam: NFTs Worth $1.7M Stolen from OpenSea Users
6.  Hackers Hijacked Official Ferrari Subdomain to Host NFT Scam

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

FBI warns users of NFT theft by malicious developers

By Waqas
Microsoft Bids Farewell to Standalone Cortana App on Windows 11, Welcomes Windows Copilot.
This is a post from HackRead.com Read the original post: Microsoft Bids Farewell to Cortana App on Windows 11

**IN SUMMARY**

1.  **Microsoft kills Cortana app on Windows 11, suggests other productivity assistants.**
2.  **Cortana’s downfall: No momentum or third-party interest, unlike Alexa and Google Assistant.**
3.  **Meet “Windows Copilot”: Microsoft’s promising AI assistant for productivity and user support.**
4.  **Windows Copilot preview out now, with third-party plugin support coming soon.**
5.  **Microsoft Embracing OpenAI’s GPT-4 to revolutionize user interactions on Windows.**

Microsoft has officially pulled the plug on its standalone Cortana app for **Windows 11**. Users with the app installed on their PCs will now receive a message indicating its deprecation, marking the end of an era for the once-promising voice assistant.

The company had previously **warned** of this development in June, stating that Cortana’s standalone support would cease for both Windows 11 and Windows 10 by the end of 2023.

Introduced on Windows Phone in 2014 and later brought to Windows 10 PCs, Cortana was Microsoft’s answer to voice-activated personal assistants. However, despite its early potential, the Cortana app failed to garner the same level of popularity as competitors like Amazon’s Alexa and Google Assistant. Third-party manufacturers showed little interest in integrating Cortana into their products, leading to its gradual decline over the years.

Fulfilling this vision, Microsoft is now actively embracing OpenAI’s GPT-4 technology with its new line of “**Copilot**” products. These AI-powered tools are designed to provide enhanced productivity and user assistance. Earlier this year, Microsoft introduced its **Bing chatbot** as a solid alternative to ChatGPT, which has been integrated into the company’s Edge browser. This offering was just a taste of what was to come.

Although Windows Copilot does not support voice interactions like traditional voice assistants, it is expected to outperform the Cortana app in terms of utility and relevance. Unlike Cortana, which often defaulted to displaying search results when unable to comprehend user queries, Windows Copilot takes a different approach to provide more accurate and insightful assistance.

Microsoft’s plans for Windows Copilot **are ambitious**, and the company is working on enhancing the assistant further with the forthcoming support for third-party plugins. By collaborating with OpenAI on an open standard for plugins, Microsoft aims to create an ecosystem that encourages developers to build skills and integrations for Windows Copilot, thereby avoiding the dearth of third-party support that plagued Cortana.

With the demise of the standalone Cortana app, Microsoft takes a **significant step forward in its AI strategy**, positioning itself to reclaim lost ground in the voice assistant market. As Windows Copilot continues to evolve and gain traction, Microsoft believes it will redefine the user experience on Windows and pave the way for a more productive, efficient, and AI-driven computing future.

While the curtain falls on the Cortana app, the stage is now set for Windows Copilot to shine and demonstrate Microsoft’s commitment to leveraging AI to enrich its products and services.

**RELATED ARTICLES**

1.  Microsoft patent reveals chatbot to talk to dead people
2.  6 Best Ways to Make a Collaborative PowerPoint Presentation
3.  Microsoft’s Windows File Recovery tool recovers your lost data
4.  Microsoft’s new tool detects & reports pedos from online chats
5.  AI-Powered Tools Spark Creativity and Help You Create Designs

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Microsoft Bids Farewell to Cortana App on Windows 11

By Waqas
The guilty couple goes by the names of Ilya Lichtenstein and Heather Morgan.
This is a post from HackRead.com Read the original post: NY Couple Pleads Guilty to $4.5B Bitcoin Theft in Bitfinex Hack

**IN SUMMARY**

1.  **NY couple who stole $3.6B BTC from 2016 Bitfinex crypto hack pleads guilty.**
2.  **Lichtenstein used hacking tools to access Bitfinex and move 119K Bitcoin.**
3.  **The couple used false identities and crypto mixing to launder stolen funds.**
4.  **Morgan faces up to 5 years; Lichtenstein up to 20 years in prison.**
5.  **The case serves as a landmark in cryptocurrency cybercrime prosecution.**

A New York-based couple, Ilya Lichtenstein and Heather Morgan pleaded guilty to their involvement in the infamous **Bitfinex cryptocurrency hack of 2016**.

The hack had resulted in the theft of a staggering amount of funds, and after years of investigation, the US Department of Justice (DoJ) achieved its largest-ever finance bust, seizing $3.6 billion worth of Bitcoin connected to the illicit activity.

According to **court records**, Ilya Lichtenstein, the mastermind behind the cyber attack, confessed to using a sophisticated array of hacking tools and techniques to breach the security defences of the Bitfinex exchange.

Once inside, he proceeded to carry out 2,000 unauthorized transactions, transferring a total of 119,754 bitcoins to his controlled wallets. To cover his tracks, Lichtenstein meticulously erased access credentials, logs, and any other digital evidence that could potentially lead to his identity.

Heather Morgan, Lichtenstein’s wife, was an active accomplice in the money laundering operation. The couple employed deceptive practices, setting up false identities on the darknet and various cryptocurrency exchanges to move and launder the stolen funds.

The couple, **arrested in February of last year**, employed crypto mixing services to obfuscate the origin of the bitcoins, making it exceptionally challenging for law enforcement to trace the illicitly obtained coins.

Furthermore, the couple created legitimate-looking businesses in the United States to conceal their nefarious activities. Morgan even went as far as promoting her ventures on social media, **including TikTok**, where she boasted about establishing a multimillion-dollar business without external funding.

Additionally, they allegedly utilized the stolen funds to purchase physical gold coins, which Morgan then buried in an attempt to further hide the money’s origins.

As a result of the criminal actions of Ilya Lichtenstein and Heather Morgan, they now face serious consequences. Lichtenstein pleaded guilty to the conspiracy to commit money laundering, which could lead to a maximum prison sentence of up to 20 years.

Meanwhile, according to the DoJ’s **press release**, Morgan admitted to one count of money laundering conspiracy and one count of conspiracy to defraud the United States, with each count carrying a maximum sentence of five years in prison.

The magnitude of the funds seized by the DoJ in connection with this case marks a significant achievement in the fight against cybercrime and money laundering in the cryptocurrency space. It serves as a stark warning to those who may attempt to exploit the anonymity and decentralization of digital assets for **illicit purposes**.

The plea hearing has sent ripples through the crypto community, reinforcing the importance of maintaining robust security measures in exchanges and other crypto-related platforms. It also emphasizes the need for increased vigilance and cooperation between industry stakeholders and law enforcement agencies to ensure the safety and integrity of the cryptocurrency ecosystem.

The sentencing of Lichtenstein and Morgan is scheduled for later this year, and it will undoubtedly serve as a landmark case in the intersection of cryptocurrency, hacking, and money laundering law. The outcome will not only impact the lives of the individuals involved but also set a precedent for future cases involving cybercrime in the world of cryptocurrencies.

**RELATED ARTICLES**

1.  Husband – wife among ransomware operators arrested in Ukraine
2.  Gender Diversity in Cybercrime Forums: Women Users on the Rise
3.  Couple sold nuclear warship data hidden in peanut butter sandwich
4.  Couple Arrested For Providing Malware Encryption Service To Crooks

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

NY Couple Pleads Guilty to $4.5B Bitcoin Theft in Bitfinex Hack

By Habiba Rashid
Cybersecurity researcher Sam Curry and his team managed to hack Points.com before malicious threat actors could.
This is a post from HackRead.com Read the original post: Globally Used Points.com Loyalty System Hacked for Good

**IN SUMMARY**

1.  **The flaws in Points.com were reported by InfoSec researcher Sam Curry.**
2.  **Points.com acts as a backend for multiple airline & hotel rewards programs.**
3.  **If hacked, scammers could’ve manipulated the loyalty progs on Points.com.**
4.  **Points.com has fixed the vulnerabilities, posing no current danger.**

In a recent discovery that raises concerns about the security of personal data in loyalty rewards systems, cybersecurity researchers have unveiled a series of security vulnerabilities within points.com, a widely used airline and hotel rewards platform.

The vulnerabilities, which were brought to light by **Sam Curry** and his team, could have potentially compromised the personal information of millions of customers.

Points.com, acting as a backend for numerous airline and hotel rewards programs, also functions as a platform for trading and redeeming loyalty points. The security researchers, including Ian Carroll and Shubham Shah, identified five distinct security flaws over a period of several months that could have allowed unauthorized access to sensitive user data, including names, addresses, emails, phone numbers, and transaction details.

(Image: Sam Curry)

According to Curry’s **blog post**, of particular concern was the possibility that these vulnerabilities could have facilitated the transfer of loyalty points between accounts. Additionally, attackers could have gained access to a global administrator website, thereby gaining the ability to issue points, manage loyalty programs, and execute various administrative actions, according to Sam Curry.

The researchers’ findings included an unauthenticated HTTP path traversal bug, discovered in early March, which could have provided access to an internal API containing over 22 million order records.

This database exposed a plethora of information, ranging from partial credit card numbers to customer authorization tokens. The flaws extended to an authorization bypass in a misconfigured API that could have been exploited to transfer rewards points from users.

The impact of these vulnerabilities was far-reaching, with one of the identified bugs affecting United Airlines. This specific flaw could allow an attacker to generate an authorization token for any user simply by possessing their rewards number and surname. As a result, an attacker could transfer miles to themselves and even authenticate as a member on various MileagePlus-related applications.

Access allowed researchers to gain thousands of dollars worth of points on United Airlines. (Image: Sam Curry)

Curry’s team also discovered weaknesses that impacted other partner businesses. A points.com-hosted Virgin rewards website was found to leak API authentication information, enabling an attacker to manipulate accounts and modify reward program settings.

Additionally, the researchers found a vulnerability involving the “Flask session secret” for the points.com global administration website, granting unauthorized access to crucial administrative functions.

Despite the concerning implications of these vulnerabilities, Curry praised points.com’s swift response to their reports. The platform’s security team promptly addressed each issue within approximately an hour of disclosure. Affected websites were taken offline for remediation before the vulnerabilities were successfully patched.

**More Hacks from Sam Curry**

1.  Automotive Industry Exposed to Have Major API Vulnerabilities
2.  Vulnerability in Chess.com allowed access to 50M user records
3.  Honda & Nissan Cars App Flaws: Hack by Knowing VIN Number
4.  55 Apple vulnerabilities risked iCloud account takeover, data theft

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

Source

HackRead