An anonymous reader quotes a report from SecurityWeek: Moving to clamp down on the growing scourge of SIM-swapping and port-out fraud, the Federal Communications Commission (FCC) has unveiled new rules mandating telcos to give consumers greater control of their mobile phone accounts. Under the new rules, wireless carriers are required to notify customers of any SIM transfer requests, a measure designed to thwart fraudulent attempts by cybercriminals. The FCC has also revised its customer proprietary network information and local number portability rules, making it more challenging for scammers to access sensitive subscriber information.

The new protective measures (PDF) are meant to address SIM-swapping and port-out attacks widely documented in cybercriminal attacks against businesses and consumers. The attack technique is used to hijack mobile accounts, change and steal passwords, bypass MFA roadblocks and raid bank accounts. Studies have found that major mobile carriers in the US are vulnerable to SIM-swapping with the Federal Bureau of Investigation (FBI) receiving thousands of consumer complaints every year.

One of the world's most active ransomware groups has taken an unusual -- if not unprecedented -- tactic to pressure one of its victims to pay up: reporting the victim to the US Securities and Exchange Commission. From a report: The pressure tactic came to light in a post published on Wednesday on the dark web site run by AlphV, a ransomware crime syndicate that's been in operation for two years. After first claiming to have breached the network of the publicly traded digital lending company MeridianLink, AlphV officials posted a screenshot of a complaint it said it filed with the SEC through the agency's website. Under a recently adopted rule that goes into effect next month, publicly traded companies must file an SEC disclosure within four days of learning of a security incident that had a "material" impact on their business.

"We want to bring to your attention a concerning issue regarding MeridianLink's compliance with the recently adopted cybersecurity incident disclosure rules," AlphV officials wrote in the complaint. "It has come to our attention that MeridianLink, in light of a significant breach compromising customer data and operational information, has failed to file the requisite disclosure under item 1.05 of form 8-K within the stipulated four business days, as mandated by the new SEC rules." The violation category selected in the online report was "Material misstatement or omission in a company's filings or financial statements or a failure to file."

The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that's been tormenting corporate America over the last two years, according to nine cybersecurity responders, digital crime experts and victims. Reuters: For more than six months, the FBI has known the identities of at least a dozen members tied to the hacking group responsible for the devastating September break-ins at casino operators MGM Resorts International and Caesars Entertainment, according to four people familiar with the investigation. Industry executives have told Reuters they were baffled by an apparent lack of arrests despite many of the hackers being based in America. "I would love for somebody to explain it to me," said Michael Sentonas, president of CrowdStrike, one of the firms leading the response effort to the hacks.

"For such a small group, they are absolutely causing havoc," Sentonas told Reuters in an interview last month. Sentonas said the hackers were "known" but didn't provide specifics. He did say, "I think there is a failure here." Asked who was responsible for the failure, Sentonas said, "law enforcement." [...] Dubbed by some security professionals as "Scattered Spider," the hacking group has been active since 2021 but it grabbed headlines following a series of intrusions at several high profile American companies.

An anonymous reader writes: Two men who allegedly used 65 Google accounts to bombard Google with fraudulent DMCA takedown notices targeting up to 620,000 URLs, have been named in a Google lawsuit filed in California on Monday. Google says the men weaponized copyright law's notice-and-takedown system to sabotage competitors' trade, while damaging the search engine's business and those of its customers.

A person linked to a scam that tricked an elderly victim into transferring more than $100,000 formally requested the FBI give back his seized cryptocurrency, claiming in a petition to the agency that he is a part-time crypto investor and not doing anything illegal, according to a recently filed court record. From a report: 404 Media also reached the person by email and they largely repeated the same story. The request is an unusual sight, and, to be frank, probably not going to work. In the court record, authorities allege that the frozen funds are linked to a scam of a victim in the U.S. The document says authorities seized just under 18,500 Tether, valued at around $18,500, in July with a federal search warrant.

"Hello Sir/Ma'am, My name is Vishal Gautam," the request starts. "The funds which you have on hold that is a very big amount of money for me and my family, I request you to please release it from your custody. Thank You & Regards." The message says that Gautam lives in India and as well as investing in cryptocurrency, he is a "full-time Health Insurance" worker. "In the month of July 2023 suddenly my crypto from Binance got disappeared, I don't know how it happened but then I got to know that the FBI has put hold on my assets," the message continues. "I am not into something illegal and never will be, I will not do any such thing that can harm your country or your people in any manner." U.S. authorities, meanwhile, allege that the seized cash is connected to a fraud scheme that targeted a senior citizen in Knoxville, Iowa. In February, this victim opened an email on her iPad that claimed it had been compromised, and that she needed to contact the sender for assistance, according to the court record.

The Nepal government has decided to impose a ban on TikTok. From a report on the local newspaper Kathmandu Post: A Cabinet meeting on Monday took the decision to ban the Chinese-owned app, citing its negative effects on social harmony. However, when the decision will be brought into force is yet to be ascertained. Although freedom of expression is a basic right, a large section of society has criticised TikTok for encouraging a tendency of hate speech, the government said. In the past four years, 1,647 cases of cyber crime have been reported on the video sharing app.

The Cyber Bureau of the Nepal Police, Ministry of Home Affairs, and representatives of TikTok discussed the issue earlier last week. Monday's decision is expected to be enforced following the completion of technical preparations. The latest decision has come within days after the government introduced the 'Directives on the Operation of Social Networking 2023.' As per the new rule, social media platforms operating in Nepal required to set up their offices in the country.

Netflix's annual virtual event "Geeked Week" pre-announces its biggest upcoming shows. This year Netflix released a trailer for its upcoming adaptation of The Three-Body Problem, and for its new live-action Avatar: The Last Airbender series. (And there's also going to be some kind of live-action Stranger Things stage show opening in London in December.)

Variety noted the "explosive" new trailer for Zach Snyder's new "action-packed space opera" Rebel Moon. The film — which will also have a one-week theatrical run in December — takes place in the same universe as Snyder's Army of the Dead. But instead of being set in Las Vegas, "The story centers on a young woman living on the outskirts of a galaxy who must find a group of warriors to save the galaxy from an invasion from a tyrant."

The Verge pulled together a good rundown of all the other announcements — one of which involves Neil Gaiman: Following last year's The Sandman, Netflix is bringing even more beloved Neil Gaiman characters to the small screen. This time it's Dead Boy Detectives — which was originally slated to stream on Max — based on a crime-solving duo who made their debut in a Sandman comic in the '90s. The news was paired with the first trailer for the series, which shows off a pretty fun-looking supernatural whodunit...

Netflix says the new eight-episode series is part of its growing "Sandman universe"... with Gaiman serving as one of the executive producers. [Coming sometime in 2024]
They're also launching several animated series.

• Netflix released a short teaser for Terminator: the Anime Series.

• An animated new take on Ultraman.

• An animated He-Man reboot, Masters of the Universe: Revolution (with Mark Hamill providing the voice of Skeletor).

• An adult animated comedy series based on the card game Exploding Kittens. (The Verge writes that its trailer "features god in the body of a cat and a very confounding garage door" — and that there will also be an accompanying mobile game.)

• Netflix also has a new Chicken Run movie coming in December with its own tie-in game called Eggstraction.

Images and information from social media (and other online sources) are being used by AI to create "create convincing and personalized scam calls, texts and emails," writes the Palm Beach Post, citing a warning from Florida's consumer watchdog agency. In an older version of the scam, a caller would greet "Grandma" or "Grandpa" before saying, "It's me — I know I sound funny because I have a cold," and then make an urgent plea for money to get out of a scrap... Using audio and video clips found online, the con artist can clone the voice of a family member to make the call more compelling...

Listen for clues to a con like incorrect or mispronounced names or unfamiliar terms of endearment. The pressure to act quickly and to keep the call a secret are all timeless hallmarks of a scam, the agency notes. Detailed instructions on how to deliver funds in a form that is hard to recover — wired funds, a gift card or pay app — are also indications of a ripoff in the making.
The consumer watchdog agency suggests this precaution. "Encourage family members to set their social media pages to private."

Thanks to long-time Slashdot reader SonicSpike for sharing the article.

An anonymous reader writes: The U.S. government has indicted alleged members of a criminal group that uses insiders at Walmart and other techniques to commit 'refund fraud' on a massive scale, according to recently unsealed court records. In short, the scam involves someone ordering an item from, say, Amazon -- which in this case says it lost $700,000 -- receiving the item, and then using one of various tricks to get their money back from the retailer. The person is then free to sell the item online, and the criminal group takes a fee.

The indictment as well as 404 Media's own research into refund fraud reveals a professionalized ecosystem of sellers and people providing various services as part of the wide-reaching scam. As well as malicious insiders, refund scammers take advantage of customer service representatives and online retailers' lax refund policies to get expensive items for free. This is not a crime whose only victims are giant retailers, who may garner little sympathy. Delivery drivers, who already have very difficult jobs, are often dinged for misdelivering or failing to deliver a package, which is something these types of scams often rely on.

An anonymous reader quotes a report from 404 Media: Hakan Ayik, an infamous drug trafficker who also popularized the use of certain brands of encrypted phones around the world, was arrested during a series of dramatic raids in Turkey last week. At one point a group of heavily armed Turkish tactical officers in brown and gray camouflage piled outside an apartment and banged on the door repeatedly. They then smashed the door down and moved inside with a riot shield, according to a video tweeted by Turkey's Minister of the Interior. The video then showed a photograph of Ayik, shirtless and on his knees while staring straight ahead, surrounded by multiple officers.

It was a moment that capped off the arrest of Australia's most wanted man, and a sign that Turkey is no longer a safe haven to organized criminals. But it was also something of a closing act on Anom, a brand of encrypted phone that the FBI secretly took over and managed for years after inserting a backdoor into the product, allowing agents to read tens of millions of messages sent across it. Ayik unknowingly helped the FBI gain that piercing insight into organized crime by selling the devices to other criminal associates. Given Ayik's position as a trusted authority on what communications tools drug traffickers should use, one associate even referred to him as the 'encryption king' in an Anom message I've seen. According to the Sydney Morning Herald, Ayik will not be extradited to Australia. Instead, Australian police are encouraging Turkish authorities to investigate and prosecute him as a Turkish citizen.

The city of Washington D.C. is planning to give residents Apple AirTags to help officers track down stolen vehicles. PCMag reports: "Last week, we introduced legislation to address recent crime trends; this week, we are equipping residents with technology that will allow MPD to address these crimes, recover vehicles, and hold people accountable," D.C. Mayor Muriel Bowser said in a statement. "We have had success with similar programs where we make it easier for the community and MPD to work together -- from our Private Security Camera Incentive Program to the wheel lock distribution program -- and we will continue to use all the tools we have, and add new tools, to keep our city safe."

At launch, the AirTags will be available to residents in specific areas of the city that have recently seen the largest increase in vehicle thefts. To obtain the tags, residents will have to attend one of three scheduled distribution events next week where officers will install the device on the resident's cars and help them set up the tracking tag on their mobile devices. The program is currently available for residents who live in Police Service Areas 106, 501, 502, 603, 605, and 606. Check where you live on the MPD's website.

An anonymous reader quotes a report from 404 Media: Spread across four computer monitors arranged in a grid, a blue and green interface shows the location of more than 50 different surveillance cameras. Ordinarily, these cameras and others like them might be disparate, their feeds only available to their respective owners: a business, a government building, a resident and their doorbell camera. But the screens, overlooking a pair of long conference tables, bring them all together at once, allowing law enforcement to tap into cameras owned by different entities around the entire town all at once. This is a demonstration of Fusus, an AI-powered system that is rapidly springing up across small town America and major cities alike. Fusus' product not only funnels live feeds from usually siloed cameras into one central location, but also adds the ability to scan for people wearing certain clothes, carrying a particular bag, or look for a certain vehicle.

404 Media has obtained a cache of internal emails, presentations, memos, photos, and more which provide insight into how Fusus teams up with police departments to sell its surveillance technology. All around the country, city councils are debating whether they want to have a system that qualitatively changes what surveillance cameras mean for a town's residents and public agencies. While many have adopted Fusus, others have pushed back, and refused to have the hardware and software installed in their neighborhoods. In some ways, Fusus is deploying smart camera technology that historically has been used in places like South Africa, where experts warned about it creating an ever present blanket of surveillance. Now, tech with some of the same capabilities is being used across small town America.

Rather than selling cameras themselves, Fusus' hardware and software latches onto existing installations, which can include government-owned surveillance cameras as well as privately owned cameras at businesses and homes. It turns dumb cameras into smart ones. "In essence, the Fusus solution puts a brain into every camera connected with the system," one memorandum obtained by 404 Media reads. In addition to integrating with existing surveillance installations, Fusus' hardware, called SmartCORE, can turn cameras into automatic license plate readers (ALPRs). It can reportedly offer facial recognition features, too, although Fusus hasn't provided clear clarification on this matter.

The report says the system has been adopted by numerous police departments across the United States, with approximately 150 jurisdictions using Fusus. Orland Park police have called it a "game-changer." It's also being used internationally, launching in the United Kingdom.

Here's what Beryl Lipton, investigative researcher at the Electronic Frontier Foundation (EFF), had to say about it: "The lack of transparency and community conversation around Fusus exacerbates concerns around police access of the system, AI analysis of video, and analytics involving surveillance and crime data, which can influence officer patrols and priorities. In the absence of clear policies, auditable access logs, and community transparency about the capabilities and costs of Fusus, any community in which this technology is adopted should be concerned about its use and abuse."

Slashdot readers schwit1 and Another Random Kiwi share the breaking news that FTX founder Sam Bankman-Fried has been found guilty of fraud. From the Associated Press: FTX founder Sam Bankman-Fried's spectacular rise and fall in the cryptocurrency industry -- a journey that included his testimony before Congress, a Super Bowl advertisement and dreams of a future run for president -- hit a new bottom Thursday when a New York jury convicted him of fraud in a scheme that cheated customers and investors of at least $10 billion. After the monthlong trial, jurors rejected Bankman-Fried's claim during four days on the witness stand in Manhattan federal court that he never committed fraud or meant to cheat customers before FTX, once the world's second-largest crypto exchange, collapsed into bankruptcy a year ago.

"His crimes caught up to him. His crimes have been exposed," Assistant U.S. Attorney Danielle Sassoon told the jury of the onetime billionaire just before they were read the law by Judge Lewis A. Kaplan and began deliberations. Sassoon said Bankman-Fried turned his customers' accounts into his "personal piggy bank" as up to $14 billion disappeared. [...] U.S. Attorney Damian Williams told reporters after the verdict that Bankman-Fried "perpetrated one of the biggest financial frauds in American history, a multibillion dollar scheme designed to make him the king of crypto." "But here's the thing: The cryptocurrency industry might be new. The players like Sam Bankman-Fried might be new. This kind of fraud, this kind of corruption is as old as time and we have no patience for it," he said.

Thomas Claburn reports via The Register: For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromised the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line. The two Russian nationals, Aleksandr Derebenetc and Kirill Shipulin, were indicted by a grand jury for conspiring to commit computer intrusions, the US Justice Department said on Tuesday. They remain at large. In early October, the two American nationals, Daniel Abayev and Peter Leyman, who were indicted last year, pleaded guilty, each to one count of conspiring to commit computer intrusions.

The scheme represented an attempt to monetize the demand among taxi drivers for lucrative airport fares -- the current flat rate for JFK to Manhattan is $70 plus additional charges. As described in the indictment (PDF), taxi drivers are required to wait in a holding lot at JFK, often for several hours, before being dispatched in the order of their arrival to airport terminals. And because time spent waiting in line is not paid, drivers have a financial incentive to avoid waiting in line. The conspirators allegedly developed a plan to hack the dispatch system around September 2019. The indictment describes several approaches that were tried, "including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connect, and stealing computer tablets connected to the dispatch system."

The government's filing suggests that the group gained and lost access to the dispatch system several times. When they did have access, the alleged conspirators offered to move drivers to the front of the dispatch queue for a $10 fee, and waived the fee for those who found other drivers willing to pay to play. Many drivers took advantage of the service. According to the Justice Department, the group booked 2,463 queue cuts in a single week around December 2019. The scheme allegedly enabled as many as 1,000 trips per day that skipped the queue at JFK. The American conspirators are said to have collected the money from participating drivers and to have sent payments to the alleged Russian conspirators, describing the money transfers as "payment for software development" or "payment for services rendered." The indictment indicates that the Russians received more than $100,000 for their work. If apprehended -- which appears unlikely given current US relations with Russia -- the Russians face charges that carry a maximum sentence of ten years in prison. Abayev and Leyman each face up to five years in prison. They're scheduled to be sentenced early next year.

wiredmikey shares a report from SecurityWeek: In a surprising development on Monday that is spooking the cybersecurity community, the SEC filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks. The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company's October 2018 initial public offering (IPO) and its December 2020 revelation of the infamous supply chain cyberattack dubbed "SUNBURST." [...] The SEC's complaint also points to internal communications among SolarWinds employees, including Brown, in 2019 and 2020, which raised questions about the company's ability to protect its critical assets from cyberattacks.

The SF Standard reports that a San Francisco man whose car was stolen in the middle of the night "managed to track down the vehicle using his car insurance app and retrieve the stolen vehicle the following morning within half an hour of noticing it was gone." Harris realized he could track his phone using his app from MetroMile, a San Francisco-based digital pay-per-mile car insurance company that tracks a car's location and charges a rate based on how much it's driven. "I opened the app and found it was in Mission Bay," he said, adding that the person who stole it drove it all night before parking. "I rode my bike down there and picked it up...."

Before picking up his car, Harris didn't consult with the San Francisco Police Department and said officers were confused about why he wanted to report a stolen car that was already back in his possession. He said his driver's side window had been smashed, but there wasn't any other damage, just a mess of marijuana paraphernalia and blunt wraps inside... "If a vehicle owner locates their stolen vehicle prior to the police locating it, we highly recommend that they alert us to the vehicle's location and do not move the car prior to reporting it recovered," Sgt. Kathryn Winters wrote in an email. "Additionally, if they locate the vehicle occupied, they should not approach the vehicle or suspects and should call law enforcement immediately."

There were 274 motor vehicle theft reports in the Western Addition neighborhood, which includes Alamo Square, in the 12 months leading up to Oct. 21 compared with 219 during the same period the previous year, according to police data. Citywide, the problem has also gotten worse in recent years. The number of car thefts has risen from 60 incidents per 10,000 residents in 2019 to 101 incidents this year.

"Illegal dumping is way too common, and often leads to no consequences," writes Slashdot reader Tony Isaac. "In some urban neighborhoods, people dump entire truckloads of waste in ditches along the streets. Maybe authorities have found a way to make a dent in this problem." Houston Chronicle reports: The Texas Game Wardens were recently able to track down and arrest a litterbug allegedly behind an illegal dumping of over 200 pounds of construction materials using a barcode left at the scene of the crime, according to a news release from the Texas Parks and Wildlife Department (TPWD). The pile of trash, which included sheetrock, housing trim, two-by-fours and various plastic items, was reportedly dumped along a bridge and creek on private land instead of being properly disposed of.

However, hidden among the garbage was also a box containing a barcode that would help identify the person behind the heap. A Smith County Game Warden used the barcode to track down the materials to a local store, and ultimately the owner of the credit card that was used for the purchase, TPWD said. The game warden interviewed the home owner who had reportedly just finished remodeling his home. "The homeowner explained that he paid someone familiar to the family who offered to haul off their used material and trash for a minimum fee," Texas Games Wardens said in a statement. "Unfortunately, the suspect kept the money and dumped the trash onto private property."

Working with the game warden, Smith County Sheriff's Office environmental deputies eventually arrested the suspect on charges of felony commercial dumping. At the time of the arrest, the suspect's truck was reportedly found loaded with even more building materials and trash, TPWD said. The state agency did not identify the suspect or disclose when or where they were arrested.

One 80-year-old retired teacher in Los Angeles lost $69,000 in bitcoin to scammers. And 46,000 people lost over $1 billion to crypto scams since 2021 (according to America's Federal Trade Commission).

Now the Los Angeles Times reports California's new moves against scammers using bitcoin ATMs, with a bill one representative says "is about ensuring that people who have been frauded in our communities don't continue to watch our state step aside when we know that these are real problems that are happening." Starting in January, California will limit cryptocurrency ATM transactions to $1,000 per day per person under Senate Bill 401, which Gov. Gavin Newsom signed into law. Some bitcoin ATM machines advertise limits as high as $50,000... Victims of bitcoin ATM scams say limiting the transactions will give people more time to figure out they're being tricked and prevent them from using large amounts of cash to buy cryptocurrency.

But crypto ATM operators say the new laws will harm their industry and the small businesses they pay to rent space for the machines. There are more than 3,200 bitcoin ATMs in California, according to Coin ATM Radar, a site that tracks the machines' locations. "This bill fails to adequately address how to crack down on fraud, and instead takes a punitive path focused on a specific technology that will shudder the industry and hurt consumers, while doing nothing to stop bad actors," said Charles Belle, executive director of the Blockchain Advocacy Coalition...

Law enforcement has cracked down on unlicensed crypto ATMs, but it can be tough for consumers to tell how serious the industry is about addressing the concerns. In 2020, a Yorba Linda man pleaded guilty to charges of operating unlicensed bitcoin ATMs and failing to maintain an anti-money-laundering program even though he knew criminals were using the funds. The illegal business, known as Herocoin, allowed people to buy and sell bitcoin in transactions of up to $25,000 and charged a fee of up to 25%.
So there's also provisions in the law against exorbitant fees: The new law also bars bitcoin ATM operators from collecting fees higher than $5 or 15% of the transaction, whichever is greater, starting in 2025. Legislative staff members visited a crypto kiosk in Sacramento and found markups as high as 33% on some digital assets when they compared the prices at which cryptocurrency is bought and sold. Typically, a crypto ATM charges fees between 12% and 25% over the value of the digital asset, according to a legislative analysis...

Another law would by July 2025 require digital financial asset businesses to obtain a license from the California Department of Financial Protection and Innovation.

404 Media (working with Court Watch) reports on a $30 Million cash-for-Bitcoin laundering ring operating in the heart of New York For years, a gang operating in New York allegedly offered a cash-for-Bitcoin service that generated at least $30 million, with men standing on street corners with plastic shopping bags full of money, drive-by pickups, and hundreds of thousands of dollars laid out on tables, according to court records.

The records provide rare insight into an often unseen part of the criminal underworld: how hackers and drug traffickers convert their Bitcoin into cash outside of the online Bitcoin exchanges that ordinary people use. Rather than turning to sites like Coinbase, which often collaborate with and provide records to law enforcement if required, some criminals use underground, in-real-life Bitcoin exchanges like this gang which are allegedly criminal entities in their own right.

In a long spanning investigation by the FBI involving a confidential source and undercover agents, one member of the crew said "that at least some of his clients made money by selling drugs, that his wealthiest clients were hackers, and that he had made approximately $30 million over the prior three years through the exchange of cash for virtual currency," the court records read.
Thanks to user Slash_Account_Dot for sharing the news.

Breached web sites distribute malware to visitors by claiming they need to update their browser. But one group of attackers "have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement," reports security researcher Brian Krebs.

"By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain." [W]hen Cloudflare blocked those accounts the attackers began storing their malicious files as cryptocurrency transactions in the Binance Smart Chain (BSC), a technology designed to run decentralized apps and "smart contracts," or coded agreements that execute actions automatically when certain conditions are met. Nati Tal, head of security at Guardio Labs, the research unit at Tel Aviv-based security firm Guardio, said the malicious scripts stitched into hacked WordPress sites will create a new smart contract on the BSC Blockchain, starting with a unique, attacker-controlled blockchain address and a set of instructions that defines the contract's functions and structure. When that contract is queried by a compromised website, it will return an obfuscated and malicious payload.

"These contracts offer innovative ways to build applications and processes," Tal wrote along with his Guardio colleague Oleg Zaytsev. "Due to the publicly accessible and unchangeable nature of the blockchain, code can be hosted 'on-chain' without the ability for a takedown." Tal said hosting malicious files on the Binance Smart Chain is ideal for attackers because retrieving the malicious contract is a cost-free operation that was originally designed for the purpose of debugging contract execution issues without any real-world impact. "So you get a free, untracked, and robust way to get your data (the malicious payload) without leaving traces," Tal said.

In response to questions from KrebsOnSecurity, the BNB Smart Chain (BSC) said its team is aware of the malware abusing its blockchain, and is actively addressing the issue. The company said all addresses associated with the spread of the malware have been blacklisted, and that its technicians had developed a model to detect future smart contracts that use similar methods to host malicious scripts. "This model is designed to proactively identify and mitigate potential threats before they can cause harm," BNB Smart Chain wrote. "The team is committed to ongoing monitoring of addresses that are involved in spreading malware scripts on the BSC. To enhance their efforts, the tech team is working on linking identified addresses that spread malicious scripts to centralized KYC [Know Your Customer] information, when possible."