- \n
- Law enforcement dismantled a crypto-scam network.<\/li>\n
- Authorities seized \u20ac25m in bitcoin from Cryptomixer.<\/li>\n
- Android patched two zero-day vulnerabilities.<\/li>\n
- Researchers exposed fake YouTube and TikTok apps stealing data.<\/li>\n<\/ul>\n<\/div>\n
Law enforcement dismantled a crypto-scam network<\/h2>\n
In a sweeping international operation, police uncovered a major fraud network suspected of laundering more than \u20ac700 million, Europol<\/a> said.\u00a0<\/p>\n
According to investigators, on October 27 police carried out the first phase of coordinated raids in Cyprus, Germany and Spain at the request of French and Belgian authorities. Nine people were arrested on charges of laundering proceeds from fraudulent platforms. Authorities seized:<\/p>\n
- \n
- \u20ac800,000 in bank accounts;<\/li>\n
- \u20ac415,000 in cryptocurrency;<\/li>\n
- \u20ac300,000 in cash.<\/li>\n<\/ul>\n
![\"image\"](\"https:\/\/forklog.com\/wp-content\/uploads\/img-23f9c150218f449f-169574703415747-1024x576.png\")
Source: Europol.<\/figcaption><\/figure>\n The second phase took place on November 25-26 and targeted affiliated marketing operations that lured victims using deepfake videos. The scammers posed as major media outlets, celebrities and politicians. Investigative actions were carried out by authorities in Belgium, Bulgaria, Germany and Israel.<\/p>\n
\u20ac25m in bitcoin seized from Cryptomixer<\/h2>\n
Europol, together with authorities in Switzerland and Germany, shut down the Cryptomixer service and seized more than \u20ac25 million in the first cryptocurrency, the agency said<\/a> in a press release.<\/p>\n
During the operation in Zurich, Switzerland, more than 12 TB of data, three servers and the domain cryptomixer.io were confiscated.<\/p>\n
![\"image\"](\"https:\/\/forklog.com\/wp-content\/uploads\/img-923ba38b10e552cf-169575859357359-1024x576.png\")
Source: Europol.<\/figcaption><\/figure>\n According to Europol, Cryptomixer was a hybrid mixer<\/a> with public access. Funds deposited by users were pooled for a long and random period before being distributed to destination addresses.<\/p>\n
Police believe that since its creation in 2016 more than \u20ac1.3 billion in bitcoin flowed through the service. They say Cryptomixer obscured criminal funds for ransomware groups, underground forums and darknet marketplaces.<\/p>\n
Android patches two zero-day vulnerabilities<\/h2>\n
In its latest update, Android patched 107 vulnerabilities in versions 13 through 16, the monthly security bulletin says<\/a>.<\/p>\n
Most were rated high severity; several posed particular risk.\u00a0<\/p>\n
Four critical flaws affect the Android kernel. An attacker exploiting any of them could gain elevated privileges or access to a compromised device.<\/p>\n
Another critical issue affects Android Framework \u2014 the component that allows apps to interact with core system services. In this case an attacker could perform a remote denial-of-service attack that temporarily renders the device unusable.<\/p>\n
According to data<\/a> from the US Cybersecurity and Infrastructure Security Agency, two high-severity vulnerabilities may already have been used in targeted attacks.<\/p>\n
Researchers unmask fake YouTube and TikTok apps stealing data<\/h2>\n
Attackers are disguising a banking trojan for Android as enhanced and \u201c18+\u201d versions of popular apps, including YouTube and TikTok, F6 experts reported<\/a>.<\/p>\n
A network of malicious sites impersonates the brands of popular foreign video-hosting platforms whose access is restricted in Russia. Fake apps with names like TikTok 18+, YouTube Max and YouTube Boost promise \u201cwork with poor internet and view content without ads\u201d.\u00a0\u00a0<\/p>\n
![\"image\"](\"https:\/\/forklog.com\/wp-content\/uploads\/img-64e6ae7be03dc4cf-169573723626150-1024x665.png\")
Source: F6.<\/figcaption><\/figure>\n Hackers also disguise the malware as navigation apps, online maps of police patrol posts and an app for paying fines.<\/p>\n
![\"image\"](\"https:\/\/forklog.com\/wp-content\/uploads\/img-d443c7bb4e40a0ef-169573594884420-1024x547.png\")
Source: F6.<\/figcaption><\/figure>\n According to the specialists, to access pirated content the malware prompts users to download and install a malicious APK. The trojan can read and send SMS, make calls, collect information about contacts and installed apps, obtain network data and start automatically when the device is turned on.<\/p>\n
This gives attackers broad control over the device: they can monitor the victim\u2019s actions, exfiltrate data covertly and act on the user\u2019s behalf. The ultimate goal of these attacks is theft of financial data.<\/p>\n
All domains used in the malicious campaign are currently blocked, though the specialists do not rule out that the attackers could create new ones and continue their activity.<\/p>\n
Hackers arrested in South Korea over selling hacked camera footage to an adult site<\/h2>\n
The National Police Agency of South Korea arrested<\/a> four people suspected of hacking more than 120,000 IP cameras nationwide and selling the stolen videos to an overseas adult website.<\/p>\n
Police are taking action against consumers of the illegally obtained content \u2014 three people have been arrested and face up to three years in prison. Authorities said they are working with foreign agencies to identify the site\u2019s operators and dismantle the platform.<\/p>\n
According to the announcement:<\/p>\n
- \n
- suspect B (unemployed) \u2014 hacked 63,000 IP cameras and produced and sold 545 illegal intimate videos for $23,800 in virtual assets;
suspect C (office worker) \u2014 hacked 70,000 IP cameras with 648 videos ($12,300);<\/li>\n - suspect D (self-employed) \u2014 hacked 15,000 IP cameras and produced illegal content, including materials involving minors;<\/li>\n
- suspect E (office worker) \u2014 hacked 136 IP cameras.<\/li>\n<\/ul>\n
Investigators say content from suspects B and C alone accounted for 62% of all uploads to the site last year.\u00a0<\/p>\n
Another wave of popular app bans in Russia<\/h2>\n
In early December, Roskomnadzor (RKN) blocked several popular apps. The first to be restricted was the gaming platform Roblox, Interfax reported<\/a>.<\/p>\n
The purported reason was material allegedly promoting extremism and terrorism. On December 4 it became known that the audio and video calling app FaceTime<\/a> and the photo- and video-sharing service Snapchat<\/a> were also blocked. In each case the regulator cited their use for unlawful purposes.<\/p>\n
Also on ForkLog:<\/p>\n
- \n
- ZachXBT reported<\/a> the arrest of a suspect in the theft of 4,100 BTC from lender Genesis.<\/li>\n
- In Thailand, authorities seized<\/a> mining equipment worth $8.6 million.<\/li>\n
- ViaBTC explained<\/a> why it restricted access to accounts.<\/li>\n
- AI models managed to \u2018hack\u2019<\/a> smart contracts worth $550.1 million.<\/li>\n
- The darknet platform Huione Pay suspended<\/a> operations.<\/li>\n
- The DeFi project Yearn Finance was hacked<\/a> for $9 million.<\/li>\n<\/ul>\n
What to read this weekend?<\/h2>\n
In a new ForkLog piece, Anatoly Kaplan reflects on the prospect of multiple Bitcoin hard forks as a result of great-power hybrid wars.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"
A roundup of the week\u2019s most consequential cybersecurity news.<\/p>\n","protected":false},"author":1,"featured_media":91905,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Cryptomixer takedown, Russian app bans, Android zero-days, and fake TikTok and YouTube apps.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-91904","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"151","promo_type":"1","layout_type":"1","short_excerpt":"Cryptomixer takedown, Russian app bans, Android zero-days, and fake TikTok and YouTube apps.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/91904","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=91904"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/91904\/revisions"}],"predecessor-version":[{"id":91906,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/91904\/revisions\/91906"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/91905"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=91904"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=91904"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=91904"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- In Thailand, authorities seized<\/a> mining equipment worth $8.6 million.<\/li>\n
- ZachXBT reported<\/a> the arrest of a suspect in the theft of 4,100 BTC from lender Genesis.<\/li>\n
- suspect B (unemployed) \u2014 hacked 63,000 IP cameras and produced and sold 545 illegal intimate videos for $23,800 in virtual assets;