Posts

Showing posts from August, 2021

Summer of Scammers: PancakeSwap cryptocurrency thieves

Image
  Cryptocurrency is experiencing a huge boom. With this explosion in popularity, and people getting rich quick, come the cybercriminals looking to exploit this new technology. Unfortunately, while there may be a large amount of money to be made from cryptocurrecny there are very little controls or regulations preventing scams. Unlike other centralised financial services, such as banks, cryptocurrency users are only as protected as their own personal operational security (OPSEC). While there are long guides on OPSEC for cryptocurrency users, many new users are lacking here and do not use a strong password or two-factor authentication (2FA). This makes them sitting ducks for cybercriminals. This blog will detail how users of a relatively new platform, PancakeSwap, are being highly targeted.  In their own words "PancakeSwap is the leading decentralized exchange on Binance Smart Chain, with the highest trading volumes in the market". Despite its comical name, PancakeSwap is no j

The Lazarus Heist: Where Are They Now?

Image
  Introduction The BBC World Service has recently produced The Lazarus Heist podcast (available here ), researched and presented by Geoff White and  Jean H. Lee . This thrilling podcast dives into the intracacies of the elaborate Bangladesh Bank heist attempt to steal $1 billion. As a security researcher that actively tracks the Lazarus group and any mentions of North Korean cyber activity, I found this podcast series was extremely detailed and well researched. There are so many additional info gems that anyone who has researched North Korea will enjoy. I also highly recommend it for any threat intelligence analysts investigating North Korean cyber activity.  The Lazarus Heist podcast also made me want to revisit what I have learned about North Korean advanced persistent threat (APT) groups. In February 2020, I blogged about who the Lazarus group is and what campaigns they are known for (see here ). This was one of my first blogs and I was eager to learn more while researching this in