By Ashwani Mishra, Editor-Technology, 63SATS
Cybercrime is intensifying, with major breaches and new threats surfacing worldwide. A hacker leaked data of 12 million Zacks Investment users, exposing personal details on a dark web forum. Meanwhile, CISA and the FBI issued a security alert, urging developers to eliminate buffer overflow vulnerabilities to prevent cyberattacks.
In a concerning shift, China-linked hackers deployed espionage-grade tools for ransomware attacks, blurring lines between state-sponsored and financial cybercrime. The DeFi sector also took a hit, with zkLend losing $9.5 million in a smart contract exploit. FedEx issued a scam alert as fraudsters impersonate employees to extort money, while the newly discovered Btmob RAT malware is targeting Android users through phishing sites, highlighting the growing mobile security risks.
Hacker Exposes Data of 12 Million Zacks Investment Users
Zacks Investment Research has suffered another breach, exposing sensitive details of 12 million users. A hacker leaked the data on a forum in January 2025, claiming the breach occurred in June 2024.
The stolen records—available for a small cryptocurrency fee—include full names, usernames, email addresses, phone numbers, and physical addresses. Zacks, known for its proprietary stock ranking system, has yet to comment on the incident. The breach underscores the persistent cyber threats targeting financial platforms, raising concerns over data security in the investment sector.
CISA, FBI Warn Against Buffer Overflow Threats, Push for Safer Coding
The US Cybersecurity and Infrastructure Security Agency (CISA) and FBI have issued a security alert urging software developers to eliminate buffer overflow vulnerabilities—one of the most exploited weaknesses by hackers.
Part of the “Secure by Design” initiative, the advisory recommends using memory-safe programming languages like Rust, compiler protections, adversarial testing, and clear transition roadmaps for legacy code. Buffer overflow flaws can lead to data corruption, crashes, and remote code execution, making them prime targets for cyberattacks. The alert emphasizes proactive security measures to reduce systemic risks in modern software development.
China-Linked Hackers Deploy Ransomware in Financially Motivated Attack
Cybercriminal group Emperor Dragonfly, linked to Chinese espionage operations, has been caught using espionage-grade tools for a ransomware attack. The group deployed RA World ransomware against an Asian tech firm, demanding a $2 million ransom. Researchers from Symantec observed this activity in late 2024, noting overlaps between state-sponsored hacking and financially driven cybercrime.
Experts warn that espionage tools being repurposed for ransomware attacks indicate a dangerous shift in cyber tactics. Reports suggest Emperor Dragonfly, also known as Bronze Starlight, previously engaged in similar activities with low-confidence links to the RA Group ransomware family.
zkLend Loses $9.5M in Crypto Heist, Asks Hacker to Return 90%
Decentralized finance platform zkLend has suffered a $9.5 million exploit after hackers manipulated a flaw in its smart contract. Attackers stole 3,600 ETH by exploiting a rounding error in zkLend’s mint() function. The breach, reported on February 13, triggered an immediate security alert. zkLend has since reached out to the hacker, requesting 90% of the stolen funds be returned.
This incident highlights ongoing vulnerabilities in DeFi protocols, where coding flaws in smart contracts remain prime targets for cybercriminals. The platform is currently investigating and working on a remediation plan.
FedEx Issues Fraud Alert as Scammers Impersonate Employees
FedEx is warning consumers about a surge in scams where fraudsters pose as company representatives to extort money. Targeting customers primarily in India, scammers claim parcels contain illegal items and demand immediate payment to avoid legal action. Victims are pressured into transferring funds under the threat of arrest.
FedEx advises users to verify suspicious calls and avoid making payments to unknown parties. With digital fraud on the rise, the company is reinforcing cybersecurity measures and urging the public to remain vigilant against social engineering tactics.
Btmob RAT: New Android Malware Steals Data via Phishing Sites
A newly identified Android malware, Btmob RAT, is spreading through phishing sites, tricking users into installing malicious apps. Discovered by Cyble Research and Intelligence Labs, the malware abuses Android’s Accessibility Service to steal credentials, control devices, and perform unauthorized actions.
Evolving from SpySolr, it shares similarities with Crax RAT and primarily targets users through fake streaming platforms and cryptocurrency sites. Security researchers warn that mobile threats are becoming more sophisticated, urging users to avoid downloading apps from unofficial sources and regularly update their security settings.
