In the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears. Read More
Related Posts
Webwyrm Malware Affects More Than 100,000 Users in 50 Countries
Webwyrm Malware Affects More Than 100,000 Users in 50 Countries
Threat actors are evolving their Tactics, Techniques, and Procedures (TTPs) at an alarming rate.
With technological advancements and increased awareness of cybersecurity measures, they continually adapt to exploit vulnerabilities and enhance their attack success rates.
Webwyrm, a worldwide scam mimicking 1000 plus companies, impacts over 100,000 victims in more than 50 countries, with potential losses exceeding $100 million, resembling the ‘Blue Whale Challenge.’
Document
FREE Demo
Deploy Advanced AI-Powered Email Security Solution
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
Scams’ scale and sophisticated TTPs indicate a skilled and persistent threat group using strong OpSec. CloudSEK shared findings with global law enforcement to take down infrastructure and notify impersonated organizations.
Webwyrm Malware Attack
Victim complaints reveal losses of over $200,000 for one impersonated company, and besides this, the researchers uncovered:-
1000 impersonated organizations
6000 fake domains spanning 12 Autonomous Systems
With losses averaging $100,000 per impersonated company and numerous victims, the scam’s potential collective impact could exceed $100 million, affecting over 100,000 people, highlighting its substantial threat.
Webwyrm scammers target victims on social media, especially WhatsApp, possibly focusing on job seekers by referencing recruitment portals.
They lure victims with fake job offers, requiring cryptocurrency deposits on platforms like KUCOIN or SHAKEPAY for supposed security or returns.
Victims, once onboard, create organization-related accounts and receive 100 USDT. They perform combo tasks initially, earning well, but later get stuck in a loop, depleting their bank accounts in hopeless attempts to complete tasks.
After getting in touch with the referrer or developers, they demand that the victims complete their daily responsibilities or threaten to freeze their accounts while providing a 24-hour money extension.
When victims are shut out, they join a discussion where others brag about their successes in order to support the authenticity of the scam.
Campaign Enablers
Here below, we have mentioned the campaign enablers:-
Understanding Victim Susceptibility Factors
Initial Gains and Trust-Building Withdrawal
Eluding Detection through Infrastructure Rotation
Precise Regional Targeting
Strategic Victim Engagement
Mobile-Centric Design and Cryptocurrency Transactions
Keyword Selection
Researchers conducted a thorough investigation to identify the corporate sources affected by impersonation, demonstrating Webwyrm’s global reach and varied impact locations.
Geographic origins (Source – Cloudesk)
Targeted Industries
Here below, we have mentioned all the targeted industries:-
IT Services
Software Development
Mobile App Development
User Experience
Digital Marketing
Web Development
SEO
E-Commerce
Countermeasures
Here below, we have mentioned all the recommended countermeasures:-
Tracing Scammer Origins through Job Portals
Collaborative Action
Rapid Response Teams
Domain Blacklisting
Seize Assets
Educational Campaigns
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.
The post Webwyrm Malware Affects More Than 100,000 Users in 50 Countries appeared first on Cyber Security News.
Cyber Security News
Don’t get snatched. Trends in phishing, cyber insurance claims, and threats to academic institutions. Hacktivism in the hybrid war. Updates on the ICC attack. MGM says its casinos are back.
Don’t get snatched. Trends in phishing, cyber insurance claims, and threats to academic institutions. Hacktivism in the hybrid war. Updates on the ICC attack. MGM says its casinos are back.
CISA and the FBI warn of Snatch ransomware. A look at phishing trends. Ransomware is increasingly cited in cyber insurance claims. Trends in cyber threats to academic institutions. A Russian hacktivist auxiliary disrupts Canadian border control and airport sites. The ICC remains tight-lipped concerning cyberattack. N2K’s Simone Petrella sits down with Chris Krebs at the mWise conference. In today’s Threat Vector segment, David Moulton from Unit 42 takes a peek into the modern threat landscape with Wendi Whitmore, SVP of Uniformity. And MGM Resorts says it’s well on the way to recovery. Read More
The CyberWire
FTC: Amazon trapped millions into hard-to-cancel Prime memberships
FTC: Amazon trapped millions into hard-to-cancel Prime memberships
The Federal Trade Commission (FTC) says Amazon allegedly used dark patterns to trick millions of users into enrolling in its Prime program and trapping them by making it as difficult as possible to cancel the automatically-renewing subscriptions. […] Read More
BleepingComputer