(PYONGYANG, N.K.) Chainalysis Hacking Report: N.K. hackers stole almost $400m (£291m) worth of digital assets in at least seven attacks on cryptocurrency platforms last year, a report claims #AceNewsDesk report

#AceNewsReport – Jan.16: The attacks mainly targeted investment firms and centralised exchanges: North Korea has routinely denied being involved in hack attacks attributed to them.

#AceDailyNews says according to BBC Business News Report: North Korea hackers stole $400-million of cryptocurrency in 2021, report says from 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” Chainalysis said in a report.

Stock image of hands typing on a laptop keyboard

Blockchain analysis company Chainalysis said it was one of most successful years on record for cyber-criminals in the closed east Asian state.

The hackers used a number of techniques, including phishing lures, code exploits and malware to siphon funds from the organisations’ “hot” wallets and then moved them into North Korea-controlled addresses, the company said.

Cryptocurrency hot wallets are connected to the internet and cryptocurrency network and so are vulnerable to hacking. They are used to send and receive cryptocurrency, and allow users to view how many tokens they have.

Many experts recommend moving large amounts of cryptocurrency not needed day-to-day to “cold” wallets, which are disconnected from the wider internet.

Chainalysis said it is likely that many of last year’s attacks were conducted by the so-called Lazarus Group, a hacking group which the US has applied sanctions against. 

The group is believed to be controlled by North Korea’s primary intelligence bureau, the Reconnaissance General Bureau.

The Lazarus Group has previously been accused of involvement in the “WannaCry” ransomware attacks, the hacking of international banks and customer accounts and cyber-attacks on Sony Pictures in 2014:

“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report on last year’s cyber attacks added.

A United Nations panel that monitors sanctions on North Korea has accused Pyongyang of using stolen funds to support its nuclear and ballistic missile programmes as a way to avoid international sanctions.

Separately, in February last year, the US charged three North Korean computer programmers with a massive hacking spree aimed at stealing more than $1.3bn in money and cryptocurrency.

The cyber attacks affected companies from banks to Hollywood movie studios, the Department of Justice said.

#AceNewsDesk report …………Published: Jan.16: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cryptocurrency, #cyber, #hackers, #north-korea, #pyongyang

(TAMPA, Fla.) Justice Dept Court Report: Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website #AceNewsDesk report

#AceNewsReport – Sept.10: Ivanov-Tolpintsev was taken into custody by Polish authorities in Korczowa, Poland, on October 3, 2020, and extradited to the United States pursuant to the extradition treaty between the United States and the Republic of Poland. Ivanov-Tolpintsev was presented on September 7, 2021, before United States Magistrate Julie S. Sneed, and ordered detained pending trial.

#AceDailyNews reports that in Tampa, Florida – Acting United States Attorney Karin Hoppmann announces the extradition of Glib Oleksandr Ivanov-Tolpintsev (28, Chernivtsi, Ukraine) in connection with charges of conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords.

If convicted on all counts, he faces a maximum penalty of 17 years in federal prison. The indictment also notifies Ivanov-Tolpintsev that the United States intends to forfeit $82,648, which is alleged to be traceable to proceeds of the offenses….

According to the indictment, Ivanov-Tolpintsev controlled a “botnet,” which is a network of computers infected with malware and controlled as a group without the owners’ knowledge.

He used the botnet to conduct brute-force attacks designed to decrypt numerous computer login credentials simultaneously. During the course of the conspiracy, Ivanov-Tolpintsev stated that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week. Ivanov-Tolpintsev then sold these login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers. Once sold on this website, credentials were used to facilitate a wide range of illegal activity, including tax fraud and ransomware attacks.

An indictment is merely a formal charge that a defendant has committed one or more violations of federal criminal law, and every defendant is presumed innocent unless, and until, proven guilty.

The investigation was led by the Tampa Division of the Federal Bureau of Investigation, the Internal Revenue Service—Criminal Investigation’s Tampa Field Office, and Homeland Security Investigations – Tampa Division. Substantial assistance was provided by the Department of Justice’s Office of International Affairs and the Internal Revenue Service—Criminal Investigation Cyber Crimes Unit in Washington, D.C. This investigation also benefited from foreign law enforcement cooperation by the Polish National Police, the Polish Prosecutor’s Office, and the Polish Ministry of Justice. It will be prosecuted by Assistant United States Attorney Carlton C. Gammons.

#AceNewsDesk report ……Published: Sept.10: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cyber, #extradited, #florida, #tampa, #ukraine

(NEW YORK) The Securities and Exchange Commission Report: Have today charged, a Greek national, with perpetrating a fraudulent scheme to sell what he called “insider trading tips” on the Dark Web #AceNewsDesk report

#AceNewsReport – July.13: The Dark Web, which facilitates anonymity by obscuring users’ identities, allows users to purchase and sell illegal products and services, and in this case, insider trading tips.

#AceDailyNews reports that SEC Charges Apostolos Trovias Greek National with ‘Insider Dealing Trading Tips on the Dark Web according to the complaint, filed in the U.S. District Court for the Southern District of New York, from at least December 2016 through early 2021, Trovias—operating under the pseudonym ” TheBull …

TheBull”—engaged in a deceptive scheme to offer and sell so-called “insider trading tips” on Dark Web marketplaces to purchasers whom Trovias offered an unfair advantage for trading securities in the public markets. As alleged in the complaint, Trovias claimed that the information he was selling consisted of order-book data from a securities trading firm that was provided to Trovias by an employee of the firm. Trovias allegedly sold those “tips” through one-off sales, as well as weekly and monthly subscriptions. Trovias allegedly sold over 100 subscriptions to investors via the Dark Web over the course of the scheme. The complaint alleges that, in addition to order-book information, Trovias sold the pre-release earnings reports of publicly traded companies. The complaint further alleges that Trovias acknowledged to federal authorities that this information was “sensitive and more importantly illegal to use or share.”

The SEC’s complaint charges Trovias with violating the antifraud provisions of the federal securities laws. The complaint seeks injunctive relief, disgorgement, prejudgment interest and penalties against Trovias.

“Trovias’s alleged conduct was an attempt to evade detection by operating in obscure online forums,” said Kristina Littman, Chief of the SEC Enforcement Division’s Cyber Unit. “As this case demonstrates, the SEC will continue to target misconduct wherever it occurs and regardless of perpetrators’ efforts to hide their tracks.”

In a parallel action, the U.S. Attorney’s Office for the Southern District of New York today announced criminal charges against Trovias.

The SEC’s investigation was conducted by Jon Daniels and Morgan B. Ward Doran of the Cyber Unit, and supervised by John O. Enright and Ms. Littman. The SEC’s continuing litigation is being conducted by Victor Suthammanont and Mr. Daniels. The Commission appreciates the assistance of the U.S. Attorney’s Office for the Southern District of New York, the Federal Bureau of Investigation, and the Internal Revenue Service.

#AceNewsDesk report ………Published: July.13: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cyber, #dark-web, #greek, #insider-dealing, #new-york, #sec

(CONNECTICUT) Federal Court Report: Convicts a Russian national on Tuesday for operating a “crypting” service used to conceal “Kelihos” malware from antivirus software, including Ransomeware #AceNewsDesk report

#AceNewsReport – June.17: According to court documents and evidence introduced at trial, Oleg Koshkin, 41, formerly of Estonia, operated the websites “Crypt4U.com,” “fud.bz” and others.

The FBI’s New Haven Division investigated the case through its Connecticut Cyber Task Force: Russian National Convicted of Charges Relating to Kelihos Botnet: The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. Koshkin and his co-conspirators claimed that their services could be used for malware such as botnets, remote-access trojans, keyloggers, credential stealers and cryptocurrency miners.

“The defendant designed and operated a service that was an essential tool for some of the world’s most destructive cybercriminals, including ransomware attackers,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “The verdict should serve as a warning to those who provide infrastructure to cybercriminals: the Criminal Division and our law enforcement partners consider you to be just as culpable as the hackers whose crimes you enable — and we will work tirelessly to bring you to justice.”

In particular, Koshkin worked with Peter Levashov, the operator of the Kelihos botnet, to develop a system that would allow Levashov to crypt the Kelihos malware multiple times each day. Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates. Levashov used the Kelihos botnet to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software. At the time it was dismantled by the FBI, the Kelihos botnet was known to include at least 50,000 compromised computers around the world.

“By operating a website that was intended to hide malware from antivirus programs, Koshkin provided a critical service that enabled other cyber criminals to infect thousands of computers around the world,” said Acting U.S. Attorney Leonard C. Boyle for the District of Connecticut. “We will investigate and prosecute the individuals who aid and abet cyber criminals as vigorously as we do the ones who actually hit the ‘send’ button on viruses and other malicious software.”

“Koshkin and his associates knowingly provided crypting services designed to help malicious software bypass anti-virus software,” said Special Agent in Charge David Sundberg of the FBI’s New Haven Division. “The criminal nature of the Crypt4U service was a clear threat to the confidentiality, integrity, and availability of computer systems everywhere. We at the FBI will never stop pursuing those like Koshkin for perpetrating cyber crimes and threats to the public at large.”

Koshkin was arrested in California in September 2019 and has been detained since his arrest. He faces a maximum penalty of 15 years in prison and is scheduled to be sentenced on Sept. 20.

Koshkin’s co-defendant, Pavel Tsurkan, is charged with conspiring to cause damage to 10 or more protected computers, and aiding and abetting Levashov in causing damage to 10 or more protected computers.

Levashov was arrested by the Spanish National Police in April 2017 and extradited to the United States. In September 2018, he pleaded guilty to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of wire fraud, and one count of aggravated identity theft.

Assistant U.S. Attorney Edward Chang of District of Connecticut, and Senior Counsel Ryan K.J. Dickey of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case with assistance from the Criminal Division’s Office of International Affairs. The Estonian Police and Border Guard Board also provided significant assistance.

This case is part of the Department of Justice’s Ransomware and Digital Extortion Task Force, which was created to combat the growing number of ransomware and digital extortion attacks. As part of the Task Force, the Criminal Division, working with the U.S. Attorneys’ Offices, prioritizes the disruption, investigation, and prosecution of ransomware and digital extortion activity by tracking and dismantling the development and deployment of malware, identifying the cybercriminals responsible, and holding those individuals accountable for their crimes. The department, through the Task Force, also strategically targets the ransomware criminal ecosystem as a whole and collaborates with domestic and foreign government agencies as well as private sector partners to combat this significant criminal threat.

#AceNewsDesk report ……Published: Jun.17: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#connecticut, #botnet, #cyber, #malware, #ransomeware, #russian