We’ve brought together this week’s most important news from the world of cybersecurity.

Report: Phishers are actively attacking cryptocurrency holders

Proofpoint said that with the growing popularity of cryptocurrencies and NFTs, scammers are increasingly targeting this industry.

According to the researchers’ observations, in 2022, attackers regularly tried to gain access to cryptocurrency wallets by sending mails containing infected files or links.

Often, they sent emails from so-called cryptocurrency platforms (like Binance or OpenSea) encouraging victims to enter seed phrases on fake pages.

Emotet, which was “liquidated” by law enforcement, is active again. New module targets Chrome users

Researchers have found that a new Emotet botnet module aims to steal bank card data via the Chrome browser.

Recall that at the beginning of last year, law enforcement officials eliminated Emotet during an international operation, calling it the most dangerous malware in the world. It was later reported that the botnet self-destructed on all infected devices.

IBM announces complete cessation of business in the Russian Federation

IBM, the largest hardware and software manufacturer and supplier, announced that it has completely ceased business in the Russian Federation.

In March, the company announced that its operations in Russia were suspended due to the Russian invasion of Ukraine. Now IBM has announced a “planned end” of business in the country.

Attackers started selling the decryptor on the Roblox gaming platform

Researchers discovered the WannaFriendMe ransomware. It does not require a ransom in cryptocurrency, but offers to purchase a decryption program on the Roblox gaming platform through the Roblox Game Pass store.

WannaFriendMe operators advertise it as Ryuk ransomware, but experts state that it is actually one of the variations of Chaos ransomware. According to Bleeping Computer, ransomware like Chaos not only encrypts data, but in many cases destroys it.

In the vast majority of cases, ransomware operators demand a ransom in cryptocurrencies. ForkLog understands what this means for the industry.

In Russia, they suggested detailing Internet searches and users’ geographic location.

The Ministry of Digital Development of the Russian Federation proposed changing the requirements for operational search activities (SORM) systems installed in communication networks in accordance with the Yarovaya Law.

Russian authorities require SORM to separate and save search traffic over the Internet, user’s geographic location and browser history.

Also on ForkLog:

What to read on the weekend?

One of the most popular and easiest ways to circumvent restrictions and censorship on the network is through VPN services. We explain what a VPN is on several cards and how to choose the right one.