Crypto Crimes and Security Breaches: Key Cybersecurity Events This Week

Here is a translated and uniquely phrased version of your text while preserving its meaning:

We have compiled the most significant cybersecurity news from the past week.

Moroccan police have apprehended 24-year-old Badis Mohamed Badju, who is suspected of orchestrating a series of kidnappings involving cryptocurrency millionaires and their associates in France, as reported by Le Figaro.

Badju is on Interpol’s red notice list. Authorities from several countries have accused him of kidnapping, unlawful detention, violence, extortion, and money laundering as part of an organized crime group.

He is allegedly connected to the abduction of Ledger co-founder David Ballan and his wife, the father of a manager from a Maltese marketing firm, and an attempted kidnapping of the pregnant daughter of crypto entrepreneur Pierre Nois.

According to the police, all of Badju’s attacks were coordinated and financed from Morocco, with a yet-to-be-identified accomplice involved. Investigators believe that the suspects were recruiting teenagers online to carry out these crimes in France.

Cybercriminals are disseminating phishing links masquerading as giveaways of NFTs on the Hedera Hashgraph network. This warning was issued by the FBI.

Victims receive tokens, but the accompanying memo text prompts them to visit a site where they can supposedly claim additional rewards. On this site, victims are asked to input their wallet details and other sensitive information, granting hackers access to their assets.

Such malicious links are also spread through email, social media advertisements, and fake websites.

A data leak of user information from the cryptocurrency exchange Coinbase, which occurred in January, has been linked to the bribery of employees at the international outsourcing firm TaskUS. This contractor provided customer support and moderation services for the trading platform, according to Reuters.

An employee of the Indian TaskUS team was caught attempting to photograph her work computer screen with her phone. She and at least one accomplice transferred user names, blockchain addresses, and emails to criminals for a fee. No passwords, private keys, or funds were compromised.

The exchange «terminated its relationship with the implicated personnel» and strengthened its security measures. In response, TaskUS terminated over 300 staff members from its Indian division.

The cybersecurity police in Zaporizhzhia uncovered a 35-year-old local resident responsible for causing millions of dollars in damages through hidden cryptocurrency mining on international hosting servers.

Investigators allege that the Ukrainian hacked into more than 5,000 organizational accounts and launched virtual machines using the company’s resources. His activities resulted in losses of approximately $4.5 million.

Police seized computer equipment, mobile phones, and bank cards during the search. Cryptocurrency wallets, mining software, and remote control-related tools were found on the devices.

A criminal case has been opened regarding unauthorized interference with information systems. The suspect faces up to 15 years in prison. The investigation is ongoing.

According to Izvestia, Dmitry Pavlov, a 35-year-old administrator of the dark web marketplace Hydra, has made a deal with prosecutors and received a six-year prison sentence. He was found guilty of participating in a criminal organization and aiding the illegal sale of large quantities of drugs.

In exchange, Pavlov provided detailed testimony about how the online «drug cartel» operated, its formation, and its leadership. In late May, he testified as a prosecution witness in the Dzerzhinsk court in Yaroslavl.

Separate proceedings have been initiated against Boris Gubko, a freelance programmer and contractor for Hydra’s head.

A third suspect was detained in April 2024. His name has not been disclosed, but sources from law enforcement informed Izvestia that he held a higher position in the organization’s hierarchy than Pavlov.

The U.S. Attorney’s Office has shut down a major carding website called BidenCash, seizing 145 domains and arresting cryptocurrency assets.

Since its launch in 2022, this illicit marketplace has served over 117,000 customers and facilitated the trade of more than 15 million credit card numbers and personal data. The total criminal revenue is estimated at around $17 million.

The Bank of Russia has notified financial institutions about a new shadow business scheme involving crypto exchanges, online casinos, financial pyramids, and drug dealers. Reports Vedomosti.

Payments are processed from individual drop accounts to corporate accounts registered under so-called technical companies, which are legal entities without actual operations.

The regulator has outlined criteria for suspicious transactions:

Banks are advised to analyze such transfers and, as necessary, limit operations on client accounts where connections to drops or technical companies have been identified.

Meta and Yandex utilized their trackers on the Meta Pixel and Yandex.Metrica sites to deanonymize users, linking temporary web identifiers to permanent IDs in Android applications. This was highlighted by a group of security researchers.

Although Android is supposed to isolate browsers from applications, a vulnerability allows browsers to send a specific identifier to the local port of the device. The application reads it and transmits it to the company’s server. Information can even be collected while in incognito mode.

There are potentially 5.8 million vulnerable sites for Meta and 3 million for Yandex, where the respective scripts are installed.

Both companies have temporarily halted the use of this technology.

Let’s take a closer look at the Pro version of the Tonkeeper wallet and how it aids in protecting funds.