cybersecurity

a female from Ukraine, who has been charged with being involved in two groups that were involved in cyber-attacks in support of Russia. The female suspects of these cases has been identified as Victoria Eduardovna Dubranova. She is thirty three years of age. This female has been requested to move to the United States of America this year, as she has been detained in a foreign country.
These groups are named "CyberArmyofRussia Reborn" and "NoName." These groups usually published on Telegram channels after their attacks, and their aim was to let the world know that these groups were present and powerful. Their most common method of attack was a form of attack called a "Distributed Denial of Service." A Denial of Service attack aims to overload a website with as much traffic as possible, hoping that it will make it malfunction. This form of attack does not involve gaining access to personal information but can cause a website to malfunction for a period of time when it occurs.
According to the court documents, Dubranova also facilitated this by providing equipment as well as tasks that aided these groups. These documents also reveal that she did not participate in the attacks but aided those who carried out the attacks. She also facilitated transactions of digital assets that came from individuals who financed these groups. These groups used these finances to maintain their attack platforms online. Some of these finances were in form of cryptocurrencies, which would make it difficult for normal police investigations.
These groups claimed that they were fighting in order to help Russia. They targeted institutions that would undermine public trust and slow down their work in periods of political turmoil. Thus, for example, they targeted public transport, healthcare pages, and other public services in the US and other friendly states. This would pose a message as well as make it difficult for some individuals to live their lives as usual, even if it was only for a period of time.
Chainalysis, a group that looks at how assets move in the world of cryptocurrencies, also noticed that it has become difficult for attack groups online due to arrests and sanctions. This is because, when those providing support are arrested, it becomes difficult for the group to maintain their systems. Additionally, it will also become difficult for those groups to acquire funds as well as ways of concealing their tools.
The Department of Justice announced that it would continue investigating connections between online crimes and online assets. Furthermore, it has been announced that individuals who support online attack groups from anywhere in the world, but with no direct connections to the United States, will be persecuted. The campaign against attack groups, as seen in the indictment of Dubranova, has not stopped, and it has been shown that the United States will take immediate actions when evidence of attack support has been discovered. #CyberCrime #DoJ #CyberSecurity #CryptoNews

Another alarming case of crypto asset loss has surfaced in the Ethereum ecosystem. A user has lost more than $440,000 in USDC after unknowingly signing a malicious "permit" transaction, which granted the attacker full control over the wallet.

Fraudulent Approval Leads to Wallet Drain
According to the Web3 security platform Scam Sniffer, the victim using wallet address 0x67E8561Ba9d3f4CBe5fEd4C12c95b54f073a0605 approved a transaction that secretly gave the attacker full spending rights. The funds were then sent to two suspicious addresses: 0xbb4…666f682aF and 0x6a3aF6…d8F9a00B.
The attacker leveraged a “permit” signature, a type of off-chain approval allowing token transfers without the owner needing to manually confirm each one. While no immediate funds seem to move during the signing, the attacker can later fill in the transfer amount — in this case, a full $440,358 USDC — and withdraw it without further consent.

Funds Split Across Multiple Addresses
After gaining permission, the attacker used the FiatTokenProxy contract to execute several transferFrom calls. Within minutes, the following amounts were siphoned:
🔹 22,000 USDC to a phishing address

🔹 66,060 USDC to address 0xbb4…

🔹 352,300 USDC to address 0x6a3aF6…
A similar attack occurred on November 7, when another user lost $1.22 million just 30 minutes after signing fraudulent permits.

Phishing Losses Surge – November Sees Record-High Damage
Scam Sniffer reports show that phishing losses in November soared to $7.77 million, marking a 1,137% increase from October’s $3.28 million. Interestingly, the number of victims fell by 42%, with 6,344 compromised addresses in November compared to 10,935 the month before.
Just a week ago, hackers used an "address poisoning" trick to steal $1.1 million in USDT. According to Kyle Soska, CIO at Ramiel Capital, attackers monitored small outgoing transfers from whale wallets and used GPUs to generate nearly identical addresses.
“The attacker sends a very small Tether transaction, which then appears in the victim’s wallet history. Later, the victim mistakenly selects this similar address and sends a large amount,” Soska explained in response to a user on X.

Holiday Shopping Season Flooded With Spoofing Scams
The rise in crypto phishing coincides with a broader surge in holiday-season scams. Cybersecurity firm Darktrace reported a 201% spike in phishing emails impersonating major U.S. retailers during the week leading up to Thanksgiving, compared to the same week in October.
Spoofed emails from Macy's, Walmart, and Target jumped by 54%, with Amazon being the top impersonated brand — accounting for 80% of phishing attempts, more than other consumer names like Apple, Alibaba, or Netflix.
Earlier in November, Kaspersky detected over 146,000 spam emails referencing seasonal discounts, including 2,572 linked to Singles’ Day campaigns. Many reused old templates, posing as Amazon, Walmart, or Alibaba to lure users into fake checkout pages that harvested login credentials and signed harmful approvals.

Gaming & Streaming Platforms Face Millions of Attacks
Between January and October, Kaspersky blocked over 6.3 million phishing attacks targeting online shops, banks, and payment platforms — with 48.2% aimed specifically at online shoppers.
Gaming platforms were also under siege, with over 18.5 million attacks abusing Discord as a distribution channel for malware disguised as game software. Phishing attempts also targeted Steam, PlayStation, Xbox, Netflix, and Spotify, with hundreds of thousands of incidents logged throughout 2025.
The cybersecurity firm additionally documented over 20 million malware infection attempts masked as "regular software," with Discord alone accounting for 18.5 million detections — over 14x more than last year.

#CryptoScamAlert , #phishingscam , #USDC , #CryptoNews , #CyberSecurity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“