Bleepingcomputer.com reports that cybercriminals use traditional phishing techniques to steal Bitcoin, but drive traffic to their phishing sites using legitimately purchased Google AdWords (which were geotargeted in some cases). These ads have URLs that look legitimate if you are not paying attention to the deliberate spelling errors designed to catch people reading too fast. “It is unclear how many users tried to log in on the fake sites, but after tracking down various thefts reported on social media and involving some of the Coinhoarder groups typosquatted domains, Cisco says the group made around $50 million worth of Bitcoin in the past three years.”
Bankinfo Security reports that Director of National Intelligence Dan Coats “warned in written testimony prepared for the Senate Intelligence Committee’s Tuesday hearing. ‘At a minimum, we expect Russia to continue using propaganda, social media, false-flag personas, sympathetic spokespeople, and other means of influence to try to exacerbate social and political fissures in the United States,” said Coats, a former Republican Indiana senator who President Donald Trump appointed last year to serve in the administration’s top intelligence job.’”
The Wall Street Journal reports that, “Equifax said, in a document submitted to the Senate Banking Committee and reviewed by The Wall Street Journal, that cyberthieves accessed records across numerous tables in its systems that included such data as tax identification numbers, email addresses and driver’s license information beyond the license numbers it originally disclosed.”
Related: CFPB Chief Says Equifax Probe Continues – The Wall Street Journal also reported this week that the CFPB will continue it’s investigation into Equifax, despite earlier reports that it had pulled back from the investigation.
Olympic fever is in full swing this week, even for cyber criminals. InfoSecurity Magazine reported, “visitors to the official website of the Winter Olympics were left high and dry over the weekend after a cyber-attack made it unavailable for around 12 hours…Pyeongchang 2018 spokesperson Sung Baik-you confirmed the incident was a cyber-attack and that the cause was known.”