Total Tests:
Blog Filters reset x
By Incident
By Jurisdiction
Show More

Cybersecurity
Compliance

Cybersecurity
Legal Advisory
Learn More

Russian Investigator Detained After Taking 1,000 Bitcoin Bribe From Hackers

Read also: Multiple firms impacted in the widespread MOVEit hacking spree, a hack drains at least $35M in crypto from Atomic Wallet users, and more.


Thursday, June 8, 2023
Views: 8.3k Read Time: 3 min.

Russian Investigator Detained After Taking 1,000 Bitcoin Bribe From Hackers

Russian investigator detained after taking over 1K bitcoin in bribe money from hackers

One of the lead investigators of the Investigative Committee of the Russian Federation (Следственный комитет РФ), the сountry's main federal criminal law enforcement agency, has been arrested for taking a bribe of over 1000 bitcoin (~$24M) from members of the Infraud cybercrime gang for not seizing their assets.

Last January, the Russian Federal Security Service (FSB) arrested four members of the Infraud cartel specializing on financial fraud, as well as an administrator of the UniCC carding forum also wanted by the US authorities in relation to Infraud, which they allege is responsible for more than $530 million in losses.

According to Russian news media outlets, the defendant, Marat Tambiev, was working as the head of the Investigation Department in Moscow’s Tverskoy district. During a probe into corruption-related offences the investigators found the alleged bribe on his laptop in the form of a folder named “Pension” containing a photo of a sheet paper with the data allowing to get access to two Bitcoin wallets holding 932.1 BTC and 100 BTC.

ImmuniWeb can help prevent data breaches and meet regulatory requirements.
Request your free demo now and talk to our experts.

Six scammers arrested for multimillion-dollar BEC fraud

The US Department of Justice has charged six individuals for their involvement in a BEC (business email compromise) scheme that defrauded victims out of nearly $5.8 million.

Between July 2021 through February 2022, the defendants allegedly orchestrated a BEC operation designed to trick victims into sending money to fraudulent bank accounts opened using stolen data. The funds were then transferred to bank accounts held in the defendants’ own names.

A list of victims is said to include a hospital, a labor union, a law firm, a real estate closing company, and a logistics firm.

The defendants were charged with conspiracy to commit wire fraud and money laundering. All of them are facing more than 40 years in prison, if convicted.

Cybersecurity Compliance

Prevent data breaches and meet regulatory requirements

Cybersecurity
Legal Advisory
Learn More

US authorities seize alleged scam crypto recovery website

The Manhattan district attorney office announced it has taken down the website of a fraudulent cryptocurrency recovery company Coin Dispute Network that conned multiple victims across the United States.

Coin Dispute Network offered a tracing and recovery service for stolen digital coins in exchange for a fee.

In reality, the company not only kept the fee but also tricked its customers into giving additional ether tokens by making false promises of asset recovery and generating inaccurate blockchain tracing reports to victims.

Multiple firms impacted in the widespread MOVEit hacking spree

Multiple companies and organizations have come forward to disclose security breaches related to a recent wave of attacks exploiting an SQL injection vulnerability (CVE-2023-34362) in Progress Software’ MOVEit MFT (Managed File Transfer) software used by thousands of companies worldwide.

One of the victims is Zellis, a payroll provider used by hundreds of companies in Britain. What’s more, the Zellis hack led to a series of breaches affecting the company’s customers, including the BBC, British retailer Boots and UK’s flag carrier British Airways. In all three cases the intruders made off with employee personal and financial data.

Other confirmed victims include the government of the Canadian province of Nova Scotia, the University of Rochester, and Irish airline Aer Lingus. In total, more than a hundred organizations are believed to have been hacked in the MOVEit attacks.

The Clop ransomware gang claimed responsibility for the intrusions and said that they have deleted some of the stolen information belonging to governments, the military, and children’s hospitals, but didn’t provide any proof that the data was really destroyed. On June 7, the group posted a notice on their extortion website warning companies impacted in the MOVEit supply-chain attack to contact them before June 14, or have their data leaked.

ImmuniWeb Newsletter

Get exclusive updates and invitations to our events and webinars:


Private and Confidential Your data will stay private and confidential

A hack drains at least $35M in crypto from Atomic Wallet users

Multiple users of multichain crypto wallet Atomic Wallet reported their wallets being compromised, with digital assets being stolen and transaction histories being wiped.

On-chain researchers estimate that at least $35 million of funds has been siphoned from Atomic app users, with the five largest known individual thefts accounting for 17 million in cryptocurrency.

Atomic acknowledged the issue and said that it is investigating reports of the wallets compromise. The company claimed that the hack affected less than 1% of its monthly active users.

According to data from blockchain analytics firm Elliptic, the stolen coins have been moving to Sinbad.io, a crypto mixer previously used by the North Korean hacker group Lazarus to launder more than $100 million in crypto assets.

What’s next:

Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law.
Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential