Connect with us

TechNews

Sophos Investigates Two Active Cyberfraud Operations, Indicating Scammers are Expanding Their Crypto-Romance Cons

SANDRA ANI reporting

Published

on

romance mousetrap to illustrate Sophos Crypto-Romance Cons report
romance mousetrap to illustrate Sophos Crypto-Romance Cons report
  • Scammers Use a Fake Gold Trading Marketplace in One Operation and Have Already Scammed $500,000 in Cryptocurrency in Another
  • Scammers are Moving Beyond Dating Apps and Increasingly Targeting Global Twitter and Text Users

Sophos, a global leader in innovating and delivering cybersecurity as a service, today released details of two expansive, still operational, pig butchering or sha zhu pan rings (elaborate and lengthy financial fraud scams that can cost victims thousands of dollars) that scammers are operating from Asia.

One of the rings, based in Hong Kong, involves a fake gold trading marketplace, while the other, based in Cambodia and with ties to Chinese organized crime, netted the scammers $500,000 in cryptocurrency in just one month.

In both schemes, the scammers targeted Sophos’ principal threat researcher, Sean Gallagher, directly via Twitter and text message, respectively, rather than dating apps, the traditional method used to find and target victims. Part one of a two-part series, “Fool’s Gold: Dissecting a Fake Gold Market Pig Butchering Scam,” released today, focuses on the inner workings of the ring based out of Hong Kong, which demonstrates how these scammers are upping their technical sophistication to lure in and con targets.

“For two years, we’ve been following and reporting on a subset of these pig butchering schemes called CryptoRom. This is a particular flavor of pig butchering that relies on romance-based lures with scammers approaching potential victims on dating apps and then asking them to invest in fraudulent crypto trading apps. But CryptoRom is really just the tip of the iceberg. Since the start of the pandemic, this type of cyberfraud has massively expanded. These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog,” said Sean Gallagher, principal threat researcher, Sophos.

In the first scam Gallagher investigated, he spent three months interacting with one of the scammers after they approached him directly on Twitter.

The scammer posed as a 40-year-old woman from Hong Kong who quickly attempted to move the conversation to WhatsApp.

From there, the scammer tried to convince Gallagher to invest in a fake gold trading marketplace, touting her connections with her “Uncle Martin”—supposedly a former Goldman Sachs analyst. She then directed him to a site that copied the branding of a legitimate Japanese banking company called Mebuki Financial, where the foreign exchange and commodity trading services were to be conducted.

While the social engineering of this scam was less polished than other cases Sophos has investigated, it showed a marked increase in technical sophistication for these types of groups. The scammers used an elaborate combination of highly effective SEO, polished scam pages to “register” new clients on their fake Mebuki website, and a pirated version of a legitimate trading app (MetaTrader 4) with additional malicious code to steal money from their victims. They are also actively updating their operation’s scam infrastructure to avoid being shut down.

“Both scam rings are still operational and will be difficult to shut down. While we marked the domains and IP addresses being used by the attackers in the Hong Kong ring as malicious, their scam operations have already shifted to new domains. They already have a new download infrastructure in place for their pirated version of the MetaTrader app, so, at this point, we’re essentially playing ‘whack-a-mole’.

“Unfortunately, that’s the reality as these operations become broader in scope, targeting more regions and across different platforms. The move from crypto to gold also shows how easily these groups can find a new niche to exploit. That means the best defense is public awareness of these types of scams. People should be wary of any SMS, dating app, or social media direct message from a stranger who strikes up a conversation and then suggests moving it to WhatsApp or Telegram—especially if they make claims about wealth obtained from crypto or other trading,” said Gallagher.

GrassRoots.ng is on a critical mission; to objectively and honestly represent the voice of ‘grassrooters’ in International, Federal, State and Local Government fora; heralding the achievements of political and other leaders and investors alike, without discrimination. This daily, digital news publication platform serves as the leading source of up-to-date information on how people and events reflect on the global community. The pragmatic articles reflect on the life of the community people, covering news/current affairs, business, technology, culture and fashion, entertainment, sports, State, National and International issues that directly impact the locals.

TechNews

IASP Luxembourg: Chinwe Okoli Speaks on Soludo’s Innovation Agenda

By SANDRA ANI

Published

on

SID In IASP Luxembourg
Chinwe Okoli speaking at IASP in Luxembourg

“We want Anambra to be known as a destination for innovation, the next Startup State, home for digital Talents, the home of the smart digital tribe”

Ms Chinwe Okoli, the Special Adviser to the Governor of Anambra State on Innovation and Business Incubation addressed the global innovation ecosystem leaders at the 40th IASP World Conference on Science Parks and Areas of Innovation took place at the European Convention Centre, Luxembourg.

SID In IASP Luxembourg
Chinwe Okoli and other world ecosystem leaders at IASP in Luxembourg

The conference with the theme, “𝐌𝐞𝐠𝐚𝐭𝐫𝐞𝐧𝐝𝐬 𝐢𝐧 𝐈𝐧𝐧𝐨𝐯𝐚𝐭𝐢𝐨𝐧 𝐄𝐜𝐨𝐬𝐲𝐬𝐭𝐞𝐦𝐬: 𝐖𝐡𝐚𝐭 𝐚𝐫𝐞 𝐭𝐡𝐞 𝐢𝐦𝐩𝐚𝐜𝐭𝐬 𝐟𝐨𝐫 𝐒𝐓𝐏𝐬 & 𝐀𝐎𝐈𝐬?” was an exceptional gathering of global innovation stakeholders from over 55 countries. The three-day conference presented an opportunity for the best innovation districts, science parks and areas of innovation in the world to connect and exchange best practices.

Solution Innovation District, Anambra State was prominent in the conference as Ms Okoli addressed the conference on the topic: “𝐇𝐚𝐫𝐧𝐞𝐬𝐬𝐢𝐧𝐠 𝐭𝐡𝐞 𝐔𝐧𝐭𝐚𝐩𝐩𝐞𝐝 𝐏𝐨𝐭𝐞𝐧𝐭𝐢𝐚𝐥 𝐨𝐟 𝐀𝐧𝐚𝐦𝐛𝐫𝐚 𝐃𝐢𝐠𝐢𝐭𝐚𝐥 𝐓𝐫𝐢𝐛𝐞: 𝐀 𝐂𝐚𝐬𝐞 𝐟𝐨𝐫 𝐃𝐞𝐯𝐞𝐥𝐨𝐩𝐢𝐧𝐠 𝐂𝐨𝐮𝐧𝐭𝐫𝐢𝐞𝐬.”

She shared the transformative power of the Anambra State Government’s innovation program and highlighted the aspirations of Professor Charles Chukwuma Soludo, the Governor, and efforts in nurturing a robust innovation ecosystem in the State to unlock new opportunities and drive technological progress towards making Anambra the digital and creative capital of Nigeria.

Solution Innovation District (SID) is driven by the Anambra State Government, dedicated to fostering the growth of technology, innovation and entrepreneurship ecosystem.

Ms Okoli restated the commitment of the administration of Governor Soludo towards building the one -of -a kind district in Anambra State, stated the key and ambitious goals of grooming one million Anambra Digital Tribe, startups and digital entrepreneurs and in the end, she called for global partnership.

“Our Mantra in Anambra State is Everything Technology and Technology Everywhere

“At SID, we are activating and developing a dynamic and inclusive ecosystem of the future, Our focus is that in a very short time, Anambra becomes the go-to place for the supply of skills/talents on deep technology -Artificial Intelligence, cybersecurity, robotics, blockchain, Data science, Software Engineering, IoT, Cloud Computing etc.

“Let’s impact the world from the light of the nation, in the biggest country in Africa, let’s do digital magic with the Anambra Digital Tribe”.

SID In IASP Luxembourg (4)
SID In IASP Luxembourg

IASP, the International Association of Science Parks and Areas of Innovation, is the leading association of innovation ecosystems worldwide.

This organization actively unites and empowers a network of managers overseeing areas of innovation, science parks, research parks, innovation districts, knowledge cities, and various other innovation spaces. It’s the driving force behind the exchange of cutting-edge knowledge and best practices, propelling innovation on a global scale.

Continue Reading

TechNews

Sophos Launches Wi-Fi 6 Access Points

Sophos supports shift to hybrid environments with new generation of remotely managed, reports SANDRA ANI

Published

on

Sophos wireless launch -

Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced the Sophos AP6 Series to support the shift to hybrid environments with a new generation of remotely managed Wi-Fi 6 access points.

The new offering adds another component to Sophos’ secure access portfolio, which includes Sophos Firewall and Sophos Switch.

“With cloud-managed Wi-Fi, Sophos is addressing the need for more scalable, remote-managed Wi-Fi solutions that support the increasing number of connected devices and the proliferation of IoT systems,” said Daniel Cole, vice president of product management at Sophos. “This combination of our Sophos AP6 Series and Sophos Switches provides channel partners with a consolidated single vendor access solution strategy, easing the burden and overhead cost of managing multiple disparate systems from different vendors. Many access layer networks are still operating at 1 Gigabit speeds. With the significant performance enhancements in Wi-Fi 6, the industry has a great opportunity to review and modernize the network ecosystem that wireless is deployed into. Sophos’ solution dissolves a common bottleneck at the physical layer and can boost the total network performance of a company’s Wi-Fi infrastructure.”

Sophos AP6 models – including 420E, AP6 840, AP6 840E and the outdoor AP6 420X – have at least one built-in 2.5 Gigabit interface for faster LAN connectivity. 

When combined with the Sophos multi-Gigabit switches, which also support 2.5 Gigabit Ethernet, companies can unlock faster speeds across the entire network. With the AP6 420E and 840E devices, which support Wi-Fi 6E, companies can additionally use the 6 GHz band, which is a newer, less congested space, offering high performance for the latest devices. 

Sophos access points can be remotely managed in the cloud-based Sophos Central platform alongside a broader range of solutions than any other vendor.

This enables partners to oversee all customer installations, respond to alerts, and track licenses and upcoming renewal dates via a single, intuitive interface. Additionally, there is an on-premises interface administrators can take advantage of for on-AP settings.

Availability

The Sophos AP6 Series is available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs). 

Continue Reading

TechNews

Sophos Launches Incident Response Retainer

Published

on

​Sophos Uncovers New Connections Between Hive, Royal, and Black Basta Ransomware
  • Sophos Retainer Cuts Red-Tape, Allowing Sophos Incident Responders to Quickly Investigate and Remediate Active Attacks
  • Shorter Attacker Dwell Times Require Faster Response, as Indicated in Sophos’ New Active Adversary Report for Tech Leaders

Sophos, a global leader in innovating and delivering cybersecurity as a service, has announced its new Sophos Incident Response Retainer, which provides organizations with speedy access to Sophos’ industry-first fixed-cost incident response service that includes 45 days of 24/7 Managed Detection and Response (MDR).

The retainer cuts red tape, allowing Sophos incident responders to quickly jump into active cyberattacks to investigate and remediate them. External vulnerability scanning and critical preparedness guidance are also included in the retainer, enabling organizations to proactively improve their existing security resilience by pinpointing and resolving issues that reduce the likelihood of a breach in the first place. 

At a time when attacker dwell time is steadily shortening, as revealed in a new 2023 Active Adversary Report for Tech Leaders that Sophos published today, time to locate and evict adversaries is critical in limiting damage and completely stopping nefarious endgames, such as data breaches and ransomware. The report indicates that median adversary dwell time continued to plummet, from 10 days in 2022 to eight days in the first half of 2023; for ransomware alone, the time between initial access and impact dropped from nine days to just five. Adversaries also preferentially carried out attacks during targets’ night and weekend hours, with only 9.6% of ransomware incidents taking place during the targets’ daytime business hours.

The single most common attack times were Fridays between 11 p.m. and midnight in the targets’ local time zones.

“Incident response retainers help organizations prepare in advance for the fastest response time possible to defend against active cyberattacks. Due to today’s complex and mixed-vendor computing environments, skills shortages, evolving attacker behaviors, and cyber insurance requirements, it’s critical that all organizations have pre-determined incident response plans in place.

Tangible ‘readiness’ is now a key component for cyber resilience,” said Rob Harrison, vice president, product management at Sophos. “Adversaries will often abuse the same weakness in a single system, and it’s not unusual for multiple, different attackers to go after the same target if there’s potential exposure. Sophos’ goal is to immediately stop active attacks and make sure complete remediation is achieved, regardless of how many hours it takes. We are the only security vendor that offers this caliber of retainer services for urgent security incidents.”

“Sixty-five percent of organizations suffered a significant breach event in the last 12 months despite considerable investments in cybersecurity tools, according to IDC ransomware research,” said Chris Kissel, research vice president, security and trust products, IDC. “Dealing with unexpected cyberattacks is time sensitive, stressful and a large financial commitment. The only way to save time, reduce costs and mitigate the impact of a breach is to have an experienced incident response team in place and lined-up ready to go – before attackers strike.”

The Sophos Incident Response Retainer is available in three tiers through Sophos partners worldwide. With Sophos’ unique ability to threat hunt, respond to and remediate attacks within multi-vendor environments, the retainer is available to non-Sophos customers, in addition to customers already using Sophos’ robust portfolio of innovative endpoint, network, email, and other security products, or Sophos MDR Essentials. Endpoint configuration health checks and device audits are also included in the retainer for existing Sophos customers. Organizations that prefer broader services in one package can purchase Sophos MDR Complete, which automatically includes full-scale incident response.

“The Sophos incident response retainer is the perfect tool for partners to help customers take a proactive approach to improving their cyber defenses, and it will enable us to more quickly respond and take necessary immediate action in a worst-case attack scenario when every minute counts,” said Jonny Scott, vendor alliance manager at Phoenix Software. “Sophos Incident Response’s fixed-cost pricing is genius, especially considering how every attack scenario is different and how quickly costs can rack up. The sheer breadth of resources included with the retainer – from scanning for vulnerabilities to patch and prevent breaches, to having a team of experts on standby 24/7 ready to battle head-to-head with adversaries – make it an absolute must have.”

Continue Reading

Trending