Cybersecurity trends that marked February 2024
In our February 2024 report, we take a closer look at the cybersecurity trends that marked February 2024 including the rise of American crypto fraud and a Mac malware scheme targeting cryptocurrency enthusiasts.
Data leaks and credentials statistics
Reported leaked credentials | Reported leak sources | FYEO indexed sources | FYEO indexed credentials |
55.9M | 17 | 10 | 719M |
February saw 17 security incidents that resulted in the compromise of more than 55.9M (Million) records. On February 6, 2024, French healthcare payment service providers, Viamedis and Almerys, reported significant data breaches affecting 33 million individuals in the country. The exposed information encompasses names, dates of birth, insurer details, social security numbers, marital status, civil status, and guarantees open to third-party payment. The data protection authority in France (CNIL) has officially confirmed both breaches, underscoring the substantial impact on the affected population. This incident highlights the persistent threat of cyberattacks, emphasizing the crucial role of robust cybersecurity measures in safeguarding personal data.
During the month, FYEO indexed and gathered a total of 719 (Million) leaked credentials from a total of 10 sources that were gathered through open sources and public releases.
In regards to FYEO’s collection statistics it's worth noting that there is in general a large delay in the time in which the hacked data gets published. Therefore the data collected by FYEO is most likely not the same sources that were reported hacked for the month.
Warning: Cryptocurrency Enthusiasts Targeted in Mac Malware Scheme
Cryptocurrency enthusiasts are facing a new threat as hackers exploit calendar meeting links on Calendly to spread malware. In a recent incident, a startup employee, dubbed Doug, was approached on Telegram by an imposter posing as Ian Lee from Signum Capital. The imposter requested a video conference, providing a Calendly link for scheduling. However, clicking the link led Doug to unknowingly install malware on his Mac.
After a failed meeting, Doug realized the potential malware threat and discovered the imposter had deleted the meeting link and related conversation from Telegram. The malware, delivered through an Apple Script, was part of a phishing attack with similarities to schemes reported by cryptocurrency security firm SlowMist involving North Korean state-sponsored hackers. These attackers exploit the "Add Custom Link" feature on Calendly to insert malicious links, initiating phishing attacks.
The malware, linked to the North Korean hacking group BlueNoroff (a subset of Lazarus), targets financial entities, cryptocurrency businesses, and individuals. Despite the prevalence of malware targeting Microsoft Windows, the frequency of information-stealing trojans aimed at macOS users is increasing. Apple's built-in antivirus technology, X-Protect, struggles to keep up as attackers constantly modify malware appearances.
This incident highlights the importance of vigilance for Mac users. The rise in new Mac malware underscores the need for cautious behavior, such as avoiding installations not actively sought and ensuring software is downloaded from legitimate sources. Additionally, users should verify new contacts, especially those initiating unexpected meetings or requests. By following these practices, individuals can protect themselves from falling victim to evolving cyber threats targeting the cryptocurrency community.
Rising Threat: American Crypto Fraud Hits $1.5 Billion in 2023
In 2023, cryptocurrency fraud inflicted a staggering $1.56 billion in losses on U.S. residents, constituting 15% of all fraud-related losses, according to a report by Surfshark. This marked the third consecutive year that crypto losses in the United States exceeded the billion-dollar mark, as per data from the Federal Trade Commission (FTC). Notably, crypto fraud losses have become a focal point for cybercriminals aiming to amass digital assets.
The report highlighted a concerning trend in the escalating per-victim losses over the past few years. In 2021, the average victim lost $18,000 to crypto fraud, and this figure skyrocketed to $28,000 in 2023. With over 55,000 individuals affected, cryptocurrency fraud emerged as the second-highest payment type in monetary losses, trailing only behind bank transfers.
Surfshark's findings revealed that more than half of all fraud losses in 2023 originated from various investment-related scams, totaling a substantial $829 million. Victims of investment fraud experienced an average loss of $34,000 per person. Following closely were romance scams and business imposter scams, costing individuals $179 million and $140 million, respectively.
Despite a plateau in the overall increase of losses from 2022 to 2023, the report warns of the persistent threat posed by cryptocurrency fraud in the coming years. Even if the trend of stalled growth continues into 2024, the substantial scope of losses positions crypto fraud as a significant menace, prompting caution for both current and future crypto holders. The report emphasizes the need for increased awareness and vigilance in the face of evolving tactics employed by cybercriminals in the crypto space.
Sources: