cybersecurity

a female from Ukraine, who has been charged with being involved in two groups that were involved in cyber-attacks in support of Russia. The female suspects of these cases has been identified as Victoria Eduardovna Dubranova. She is thirty three years of age. This female has been requested to move to the United States of America this year, as she has been detained in a foreign country.
These groups are named "CyberArmyofRussia Reborn" and "NoName." These groups usually published on Telegram channels after their attacks, and their aim was to let the world know that these groups were present and powerful. Their most common method of attack was a form of attack called a "Distributed Denial of Service." A Denial of Service attack aims to overload a website with as much traffic as possible, hoping that it will make it malfunction. This form of attack does not involve gaining access to personal information but can cause a website to malfunction for a period of time when it occurs.
According to the court documents, Dubranova also facilitated this by providing equipment as well as tasks that aided these groups. These documents also reveal that she did not participate in the attacks but aided those who carried out the attacks. She also facilitated transactions of digital assets that came from individuals who financed these groups. These groups used these finances to maintain their attack platforms online. Some of these finances were in form of cryptocurrencies, which would make it difficult for normal police investigations.
These groups claimed that they were fighting in order to help Russia. They targeted institutions that would undermine public trust and slow down their work in periods of political turmoil. Thus, for example, they targeted public transport, healthcare pages, and other public services in the US and other friendly states. This would pose a message as well as make it difficult for some individuals to live their lives as usual, even if it was only for a period of time.
Chainalysis, a group that looks at how assets move in the world of cryptocurrencies, also noticed that it has become difficult for attack groups online due to arrests and sanctions. This is because, when those providing support are arrested, it becomes difficult for the group to maintain their systems. Additionally, it will also become difficult for those groups to acquire funds as well as ways of concealing their tools.
The Department of Justice announced that it would continue investigating connections between online crimes and online assets. Furthermore, it has been announced that individuals who support online attack groups from anywhere in the world, but with no direct connections to the United States, will be persecuted. The campaign against attack groups, as seen in the indictment of Dubranova, has not stopped, and it has been shown that the United States will take immediate actions when evidence of attack support has been discovered. #CyberCrime #DoJ #CyberSecurity #CryptoNews

Another alarming case of crypto asset loss has surfaced in the Ethereum ecosystem. A user has lost more than $440,000 in USDC after unknowingly signing a malicious "permit" transaction, which granted the attacker full control over the wallet.

Fraudulent Approval Leads to Wallet Drain
According to the Web3 security platform Scam Sniffer, the victim using wallet address 0x67E8561Ba9d3f4CBe5fEd4C12c95b54f073a0605 approved a transaction that secretly gave the attacker full spending rights. The funds were then sent to two suspicious addresses: 0xbb4…666f682aF and 0x6a3aF6…d8F9a00B.
The attacker leveraged a “permit” signature, a type of off-chain approval allowing token transfers without the owner needing to manually confirm each one. While no immediate funds seem to move during the signing, the attacker can later fill in the transfer amount — in this case, a full $440,358 USDC — and withdraw it without further consent.

Funds Split Across Multiple Addresses
After gaining permission, the attacker used the FiatTokenProxy contract to execute several transferFrom calls. Within minutes, the following amounts were siphoned:
🔹 22,000 USDC to a phishing address

🔹 66,060 USDC to address 0xbb4…

🔹 352,300 USDC to address 0x6a3aF6…
A similar attack occurred on November 7, when another user lost $1.22 million just 30 minutes after signing fraudulent permits.

Phishing Losses Surge – November Sees Record-High Damage
Scam Sniffer reports show that phishing losses in November soared to $7.77 million, marking a 1,137% increase from October’s $3.28 million. Interestingly, the number of victims fell by 42%, with 6,344 compromised addresses in November compared to 10,935 the month before.
Just a week ago, hackers used an "address poisoning" trick to steal $1.1 million in USDT. According to Kyle Soska, CIO at Ramiel Capital, attackers monitored small outgoing transfers from whale wallets and used GPUs to generate nearly identical addresses.
“The attacker sends a very small Tether transaction, which then appears in the victim’s wallet history. Later, the victim mistakenly selects this similar address and sends a large amount,” Soska explained in response to a user on X.

Holiday Shopping Season Flooded With Spoofing Scams
The rise in crypto phishing coincides with a broader surge in holiday-season scams. Cybersecurity firm Darktrace reported a 201% spike in phishing emails impersonating major U.S. retailers during the week leading up to Thanksgiving, compared to the same week in October.
Spoofed emails from Macy's, Walmart, and Target jumped by 54%, with Amazon being the top impersonated brand — accounting for 80% of phishing attempts, more than other consumer names like Apple, Alibaba, or Netflix.
Earlier in November, Kaspersky detected over 146,000 spam emails referencing seasonal discounts, including 2,572 linked to Singles’ Day campaigns. Many reused old templates, posing as Amazon, Walmart, or Alibaba to lure users into fake checkout pages that harvested login credentials and signed harmful approvals.

Gaming & Streaming Platforms Face Millions of Attacks
Between January and October, Kaspersky blocked over 6.3 million phishing attacks targeting online shops, banks, and payment platforms — with 48.2% aimed specifically at online shoppers.
Gaming platforms were also under siege, with over 18.5 million attacks abusing Discord as a distribution channel for malware disguised as game software. Phishing attempts also targeted Steam, PlayStation, Xbox, Netflix, and Spotify, with hundreds of thousands of incidents logged throughout 2025.
The cybersecurity firm additionally documented over 20 million malware infection attempts masked as "regular software," with Discord alone accounting for 18.5 million detections — over 14x more than last year.

#CryptoScamAlert , #phishingscam , #USDC , #CryptoNews , #CyberSecurity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Qualys' Q3 2025 earnings beat and raised full-year guidance, driven by strong growth in its cloud-based security platform and AI-powered solutions.

Qualys' strong Q3 2025 earnings beat and raised full-year guidance may be a positive signal for investors, reinforcing the company's existing investment narrative. The company reported solid revenue growth, higher profitability, and robust cash flow, driven by strong channel partnerships, federal wins, and adoption of its Enterprise TruRisk Management (ETM) platform and new Agentic AI capabilities.
Qualys (QLYS) Q3 2025 financial highlights:
Revenue: $169.9 million, a 10.4% year-over-year increase, beating the consensus estimate of $166.3 million.
Non-GAAP EPS: $1.86, a 19.2% beat over analyst estimates of $1.56.
Adjusted EBITDA: $82.6 million, representing a 49% margin, up from 45% a year prior.
Free Cash Flow: $89.5 million, with a 53% margin.
Raised 2025 outlook:
Full-Year Revenue Guidance: Raised to a range of $665.8 million to $667.8 million, up from the previous range of $656.0 million to $662.0 million.
Full-Year Non-GAAP EPS Guidance: Increased to a range of $6.93 to $7.00 per share, from the prior range of $6.20 to $6.50.
Investment considerations:
Positive factors: The stronger-than-expected results and raised guidance demonstrate management's confidence and continued momentum in demand for Qualys' platform. The shift towards partner-led sales, adoption of new AI tools, and federal contract wins are positive drivers for future performance.
Negative factors: Competition in the cybersecurity market is intense, and Qualys still faces headwinds from customer budget scrutiny. Its customer acquisition cost payback period remains high, signaling a competitive market.
Changing investment narrative: The strong Q3 performance and outlook may strengthen the bullish case for Qualys, especially considering new institutional investment and easing short interest. However, factors like insider selling and competition mean the investment narrative is not without risk.
Ultimately, the stronger beat and raised outlook reinforce the company's platform story, but investors should weigh these positives against ongoing competitive and budget challenges.

#Qualys #crypto #CyberSecurity #TechStocks #AI

On December 5, 2025, the official website of the meme coin Pepe (pepe.vip) was hacked. Instead of the usual page, users were redirected to a phishing domain that automatically downloaded wallet drainers and keyloggers. According to PeckShield and CertiK, over 1.2 million $PEPE (~$14 million) was drained from the wallets of those who connected through the hacked site within the first 6 hours of the attack.

What is happening with internet access — and why do the usual workarounds no longer work?
🛠 Roskomnadzor has once again adjusted its TSPU 'boxes', which has led to widespread VPN failures across Russia.
This time, even those protocols that were considered practically unkillable have fallen victim.

A new study by the Anthropic Fellows and MATS programs shows that frontier AI models can already find and exploit real-world vulnerabilities in smart contracts, raising the stakes for DeFi security.

Using SCONE-bench, a dataset of 405 exploited contracts, models including GPT-5, Claude Opus 4.5, and Sonnet 4.5 collectively generated $4.6 million in simulated exploits. Importantly, these were attacks on contracts hacked after the models' knowledge cutoffs, showing that the exploits weren't simply regurgitated training data.

Agents didn't merely identify bugs; they generated complete exploit scripts, sequenced transactions, and drained simulated liquidity in ways almost indistinguishable from real attacks on Ethereum and BNB Chain.

Researchers pushed further: could these models find vulnerabilities before anyone exploited them?

Scanning 2,849 fresh BNB Chain contracts, GPT-5 and Sonnet 4.5 uncovered two true zero-days worth $3,694 in simulated profit. One was an exploit through a missing view modifier that enabled the agent to inflate its token balance, while another allowed arbitrary redirection of fee withdrawals. In each case, the AI created executable scripts to monetize the flaws.

Although the nominal dollar amounts are small, the implications are huge: profitable, autonomous exploitation is now possible — and it's affordable. The total cost of the scanning was just $3,476, or about $1.22 per run.

As models become increasingly powerful and less expensive, researchers expect the gap between contract deployment and exploitation to shrink dramatically, especially in DeFi, where pools of capital are public and instantly targetable.

Crucially, the authors warn these capabilities are not limited to crypto: the same reasoning that lets an AI inflate a token balance can apply to traditional software, back-end infrastructure, and any system guarding valuable assets.
The research is less a prediction than a warning: AI models can already carry out operations that only the most elite human attackers could previously perform. For crypto builders, the race is now on for defenses to catch up.
#AI #Cybersecurity #SmartContracts #DeFi #BlockchainSecurity