Podcasts
CyberWire Daily
Ep 2260
The CyberWire Daily Podcast 3.7.25
Ep 2260 | 3.7.25

The end of the line for Garantex.

Show Notes
Transcript

Law enforcement shutters Garantex crypto exchange. NTT discloses breach affecting corporate customers. Malvertising campaign hits nearly a million devices. AI’s role in Canada’s next election. Scammers target Singapore’s PM in AI fraud. Botnets exploit critical IP camera vulnerability. In our International Women's Day and Women’s History Month special, join Liz Stokes as she shares the inspiring stories of women shaping the future of cybersecurity. And how did Insider threats turn a glitch into a goldmine?

Today is Friday, March 7th, 2025. I’m Maria Varmazis from N2K’s T-Minus Space Daily podcast in for Dave Bittner. And this is your CyberWire Intel Briefing. Thanks for rounding out the first week of March with us.

Law enforcement shutters Garantex crypto exchange.

The US Secret Service, working with international law enforcement partners, has seized domains used by the Russian cryptocurrency exchange Garantex, which was frequently used by ransomware gangs for money laundering. A Secret Service spokesperson told The Register, "The US Secret Service has seized website domains associated with the administration and operation of Russian cryptocurrency exchange Garantex as part of an ongoing investigation. We are unable to provide additional comments at this time and will release additional information when available."

A notice on the exchange's website states, "The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney's Office for the Eastern District of Virginia under the authority of 18 U.S.C Sections 981 and 982."

Stablecoin operator Tether has also blocked Garantex wallets as a result of EU sanctions levied last week.

NTT discloses breach affecting corporate customers.

Japanese telecom giant NTT Communications Corporation has disclosed a breach that affected nearly 18,000 of its corporate customers, BleepingComputer reports. The breach, which was discovered in February, affected names, contract numbers, phone numbers, email addresses, physical addresses, and service usage information. The hackers gained access to NTT's Order Information Distribution System, which holds information on corporate customers. NTT says some of the information "might have been leaked externally."

Malvertising campaign hits nearly a million devices.

Microsoft says a malvertising campaign impacted nearly one million devices around the world, originating on illegal streaming websites. Malvertising redirectors on these sites sent users to a GitHub repository designed to trick them into installing malware as part of a tech support scam.

Microsoft states, "Once the redirection to GitHub occurred, the malware hosted on GitHub established the initial foothold on the user’s device and functioned as a dropper for additional payload stages and running malicious code. The additional payloads included information stealers to collect system and browser information on the compromised device, of which most were either Lumma stealer or an updated version of Doenerium."

AI’s role in Canada’s next election.

​Canada's Communications Security Establishment (CSE) warns that foreign adversaries and hacktivists are likely to exploit generative artificial intelligence (AI) to influence voters ahead of the next federal election. The agency anticipates the use of AI-generated deepfakes—realistic but fabricated videos and images depicting politicians and officials—to deceive the public and sow discord. These deepfakes can misrepresent events or statements, potentially leading to political polarization. The CSE's report highlights that such AI-driven disinformation campaigns are expected to become more prevalent within the next two years, posing a significant threat to democratic processes. ​

Scammers target Singapore’s PM in AI fraud.

​Singapore's Prime Minister, Lawrence Wong, has alerted the public to the proliferation of deepfake videos misusing his likeness to promote fraudulent services, including cryptocurrency schemes and permanent residency application services. In a Facebook post dated March 7, 2025, PM Wong emphasized that these AI-generated videos are scams and urged citizens to refrain from engaging with such content or sharing personal information. ​

Botnets exploit critical IP camera vulnerability.

The US Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on an actively exploited vulnerability (CVE-2025-1316) affecting Edimax IP cameras. The flaw can lead to remote code execution, and received a CVSS score of 9.3.

SecurityWeek reports that multiple Mirai-based botnets are exploiting the vulnerability. Researchers at Akamai, who discovered the flaw, told SecurityWeek that attackers have been exploiting it since fall of last year.

Akamai’s swift response halts Magecart threat.

​Akamai recently thwarted a Magecart attack targeting a global retailer's e-commerce platform. Magecart groups specialize in injecting malicious scripts into websites to steal customers' payment information during transactions. In this incident, Akamai's security team detected unusual activity and promptly identified the malicious code embedded in the retailer's website. By collaborating closely with the retailer, Akamai facilitated the swift removal of the threat, safeguarding customer data and preserving the retailer's reputation. This case underscores the critical importance of continuous monitoring and rapid response mechanisms in defending against sophisticated web-based threats.

 

Coming up after the break, we celebrate International Women’s Day a bit early as we shine a spotlight on the incredible women in and around our network who are shaping the future of cybersecurity. And stick around for how insider threats turn a glitch into a goldmine. 

Tomorrow is International Women’s Day, and throughout Women’s History Month, we’re celebrating the brilliant women shaping cybersecurity. Join Liz Stokes as we shine a light on their achievements, resilience, and the vital role they play in keeping our digital world secure. Today, we're sharing their voices– our voices! —and the stories of perseverance, success, and the impact they’re making every day.

Thank you to all the incredible women in cybersecurity—and in every field—who are breaking barriers, driving innovation, and leading with strength and resilience. Your contributions make a lasting impact, and the industry is stronger because of you. Keep pushing forward, inspiring others, and shaping the future.

Insider threats turn a glitch into a goldmine.

Two insiders at a StubHub contractor pulled off a digital ticket heist worthy of a Hollywood script—until they got caught. Prosecutors say Tyrone Rose, 20, and Shamara Simmons, 31, working for Sutherland Global Services in Jamaica, exploited a security loophole to intercept nearly 1,000 high-demand tickets, including Taylor Swift’s Eras Tour, raking in $635,000 before the scam fell apart.

Their trick? Sneaking into a restricted StubHub system and rerouting ticket download links to themselves and co-conspirators. The stolen stash wasn’t just Swifties’ golden passes—Ed Sheeran, Adele, NBA games, and the US Open were all on the list. The scheme hit a snag when a key accomplice passed away, leaving a digital trail for investigators to follow.

Now, both suspects face grand larceny, computer tampering, and conspiracy charges, with up to 15 years in prison on the line. A hard lesson in how insider threats can turn a glitch into a goldmine—until the house of cards collapses

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

Be sure to check out this week’s Research Saturday where Dave Bittner sits down with Silas Cutler, Principal Security Researcher at Censys, asking "Will the Real Volt Typhoon Please Stand Up?" That’s Research Saturday, check it out. 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re privileged that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K makes it easy for companies to optimize your biggest investment, your people. We make you smarter about your teams, while making your teams smarter. Learn how at n2k.com.

 

N2K’s senior producer is Alice Carruth. Our CyberWire producer is Liz Stokes. We’re mixed by Tré Hester, with original music and sound design by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and Maria Varmazis, subbing in for Dave Bittner, who should be back on Monday. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.