In this news:
FreeDrain crypto hackers are watching you search for help.
When you think of cybercriminal actors watching you, maybe phishing threats such as Hello Pervert, where the attacker claims to know where you live and has proof to back it up, spring to mind. Or how about the ransomware gang that has been found to install employee monitoring software to watch victims at work? Recent reports even suggested that a quarter of Americans think someone is spying on their smartphone usage. But I’m more concerned with the hackers who watch what you are searching for in order to launch targeted attacks. I wrote about one such attack campaign on March 16, where MassJacker threat actors used people searching for pirated software as a means to get them to download malware. The latest attacks, however, involve crypto hackers exploiting people looking for help with their wallets and striking while they are at their most vulnerable. Here’s what you need to know about the FreeDrain campaign that security experts have warned is operating at an industrial scale.
ForbesWarning — 19 Billion Compromised Passwords Have Been Published OnlineBy Davey Winder
FreeDrain Crypto Hackers Strike On An Industrial Scale
FreeDrain might not have made it onto the list of the world’s most prolific cybercrime actors, but I can’t help but think it’s only a matter of time.
Threat intelligence researchers initiated their investigation on May 12, 2024, following a plea for assistance from an individual who had discovered that 8 BTC, equivalent to approximately $500,000 at the time, had been stolen from their cryptocurrency wallet. Initially, it appeared to be a run-of-the-mill phishing attack, albeit employing a highly ranked search engine result to kickstart the attack. It soon became apparent it was far from the norm. Welcome to the vast and coordinated world of weaponized searches and crypto theft known as FreeDrain.
A joint report by Tom Hegel at SentinelOne’s Sentinel Labs team alongside Kenneth Kinion and Sreekar Madabushi from Valadin, has confirmed that FreeDrain is “an industrial-scale, global cryptocurrency phishing operation that has been stealing digital assets for years.”
.png)
