Phishing

Group-IB researchers uncovered a large-scale smishing operation known as Error544. The campaign targeted users in 72 countries, abused the names of more than 260 brands, and relied on thousands of phishing domains to steal personal and financial information. In this video, we explain how the scheme worked, what tactics the attackers used, and how users can verify suspicious links before visiting a website.

Scammers were sending phishing SMS messages on a massive scale using so-called SMS blasters — devices that imitate cellular base stations.

These devices forced nearby phones to connect to a less secure network, allowing attackers to bypass telecom operators' protections and send up to 100,000 messages per hour.

A group of suspects has been detained in connection with the case.

Starting October 4, new rules for connecting to public internet networks will take effect in Kazakhstan.

Users will be able to authenticate in one of two ways: by entering a one-time SMS password sent to their phone number or by using a digital signature.

The changes are intended to improve security when using public Wi-Fi networks, which may pose risks to privacy, finances and personal data.

At the same time, questions remain about who will identify and shut down malicious Wi-Fi hotspots designed to steal digital signatures and other user data.

The account of blogger Khakim Mukaram was compromised by scammers and used to distribute a malicious link.

On November 9, 2025, a data security incident occurred at Mixpanel, an analytics service previously used by OpenAI for web analytics.

According to OpenAI, this was not a breach of OpenAI's own systems. Passwords, API keys, payment information, chats, prompts and responses were not exposed.

However, attackers may have obtained account names, email addresses, approximate locations, browser and operating system details, referral sources, as well as user or organization IDs.

The main risk associated with this type of exposure is phishing and more convincing fraudulent messages impersonating trusted services. OpenAI stated that it has stopped using Mixpanel and is notifying affected users.

The Prosecutor General's Office of Kazakhstan has warned users about a potential cyber threat following claims by the hacker group ShinyHunters that it had gained access to data associated with up to 2.5 billion Gmail accounts.

Google, however, states that no mass Gmail data breach occurred and describes the reports of a compromise as false.

In this video, we examine what happened, whom to trust and what security measures users should take, including enabling two-factor authentication, changing reused passwords and avoiding suspicious links.

A data breach occurred at Discord following an attack on a contractor responsible for processing customer support requests.

The attackers may have gained access to support tickets, attached files and certain personal information belonging to users who contacted support.

Users who submitted documents, photographs, account information or other personal data may be at particular risk.

This material explains what information may have been exposed, why two-factor authentication is important and how to review your active sessions for suspicious activity.

A database containing the personal information of millions of Kazakhstanis has appeared online.

Cybersecurity specialists at TSARKA are investigating the situation together with government agencies to determine whether the database originates from a new breach or is a compilation of previously leaked information.

Such databases may be used by scammers impersonating banks, police departments, public service centers or other organizations.

The main risk is social engineering: fraudsters use real personal details to gain trust and then attempt to obtain SMS verification codes, passwords, individual identification numbers (IINs), bank card details or access to online accounts.

Users are advised to check whether their data has been exposed through NomadGuard or eGov Mobile, update passwords, enable two-factor authentication and warn family members, especially elderly relatives.