CYBER NEWS UPDATE #62

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

Cryptocurrency exchange is a popular target, they hold many different cryptocurrencies, and it’s usually less protected than banks and other traditional financial institutions.

British cryptocurrency exchange EXMO is joining other crypto exchanges and has disclosed that unknown attackers withdrew almost 5% of its total assets after compromising its hot wallets.

Hot wallets are Internet-connected wallets and are used by exchanges to temporarily store assets like coins for ongoing transactions and transfers.

In order to provide better protection, there are also cold wallets (also known as offline or hardware wallets) which have no Internet connection and are making it harder for attackers to steal cryptocurrency coins.

EXMO says that it has temporarily suspended all withdrawals after detecting suspicious and large withdrawals.

The crypto exchange also added that all losses incurred by users affected in this incident will be covered and refunded completely by EXMO.

EXMO has reported the incident to the London police and is working with their Cybercrime team to investigate the attack.

The crypto exchange had a nearly $52 million 24-hour trading volume and 27,000 active traders according to EXMO’s website.

If you are trading virtual currencies you already know that one of the biggest risks is that attackers will attack the exchange you are using and steal your currencies.

It is highly important to remember that these stock exchanges might be less secured and are prone to a high volume of cyber attacks of all kinds, from phishing attacks to network attacks, once you sign to such crypto exchanges its also up to you to make sure your data stays safe and secured.



There are many cybersecurity companies that perform regular patrols on the internet, searching different forums, searching hints both in the dark web as well as in the clear net.

In the past, it was very easy to find people who are selling illegal stuff on the internet but in recent years the hackers realized that many of the users who are using the forums in the Darknet are security researchers or law enforcement so forums that used to be public started limiting the access to them to provide access only for users who are able to prove who they are, for example by providing a recommendation from another user.

While ago one of these teams made a routine Dark web monitoring and found threat actors that are selling 200 million+ Records of Chinese Citizens.

The actors are offering for sale data arranged in Excel worksheets with details such as user names, full names, passwords, and more. 

It is unclear what is the source of the data and it might have been stolen from multiple popular Chinese services, such as Weibo and QQ.

The security research team that found this data already monitored the same actor trying to sell 41.8 million records on a Russian-speaking cybercrime forum. this might indicate that the origin of the hackers is from Russia or eastern Europe.

However, we have already seen threat actors from various countries like Iran and China using tools of other countries in order to hide their own identities.

Some of The analysis of the sample data revealed the presence of the QQ number and respective mobile number in an excel sheet, this might allow attackers to perform successful attacks using phishing or vishing attacks.

Vishing attacks are Voice phishing is a form of criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward. 

This type of cyber attack us called “vishing,” a portmanteau of “voice” and “phishing.” 


That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.nucleon.sh for the latest podcasts on cyber intelligence.

댓글 남기기