2016, Cryptocurrency and Information Security

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

Bitfinex hacker, Ilya Lichtenstein , who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. billion in cryptocurrency (roughly 95,000 of the stolen crypto assets) linked to that hack.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

Security Affairs

AUGUST 4, 2023

A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016. The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that took place in 2016. Law enforcement also seized over $3.6

Cryptocurrency

Cryptocurrency Hacking Accountability Banking

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

Security Affairs

APRIL 15, 2021

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016 , were moved on Wednesday to new accounts. billion, and hackers moved $760 million (around 10%).

Cryptocurrency

Cryptocurrency Hacking Accountability Marketing

US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack

Security Affairs

FEBRUARY 8, 2022

billion worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. billion in cryptocurrency linked to that hack. The law enforcement seized $3.6 Law enforcement also seized over $3.6 Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Accountability Marketing

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.” 231 banking malware.

Malware

Malware Cryptocurrency Mobile Firmware

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

Security Affairs

MAY 15, 2025

The Rydox marketplace has been active since February 2016, it facilitated over 7,600 sales of stolen PII, access devices, and cybercrime tools, generating $230,000 since 2016. It offered over 321,000 products to 18,000 users, including names, social security numbers, and hacking tools. Thousands of U.S. victims were affected.

Cybercrime

Cybercrime Identity Theft Hacking Cryptocurrency

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

During the search, the agents seized cryptocurrencies and various computer equipment. ” The International Civil Aviation Organization (ICAO) is investigating a significant data breach that has raised concerns about the security of its systems and employees data. The man was arrested in the town of Calpe (Alicante).

Cybercrime

Cybercrime Government Data breaches Information Security

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Security Affairs

JANUARY 2, 2022

The cyberattacks against the cryptocurrency industry are a profitable business for threat actors, according to the experts, $12.1 billion worth of cryptocurrencies have been stolen in the last decade. “Cryptocurrency crime stands in direct proportion to the size of the cryptocurrency market. Threat actors stole $3.18

Cryptocurrency

Cryptocurrency Scams Marketing Hacking

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. sanctions imposed in 2016 and 1017, and the impact on its economy is dramatic. million in cryptocurrency through this program. trillion won ($1.2 billion (about 2.7

Cryptocurrency

Cryptocurrency Cybercrime Media Government

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. Greek Police arrested the Russian national in 2017, and they accused the man of running the BTC-e Bitcoin exchange to launder billions worth of cryptocurrency.

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Security Affairs

OCTOBER 18, 2020

QQAAZZ attempted to launder tens of millions stolen from victims starting with 2016 by the world’s foremost cybercriminals. “The funds were then transferred to other QQAAZZ-controlled bank accounts and sometimes converted to cryptocurrency using ‘tumbling’ services designed to hide the original source of the funds. .

Malware

Malware Banking Cryptocurrency Cybercrime

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

One of the key significant improvements are support of more software clients (including browser-based cryptocurrency wallets), upgraded credit card (CC) grabber, and additional advanced mechanisms for password storage dump on various platforms to extract credentials and tokens.

Password Management

Password Management Cryptocurrency Passwords Authentication

North Korea-linked APT BlueNoroff focuses on crypto theft

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. Follow me on Twitter: @securityaffairs and Facebook.

Cryptocurrency

Cryptocurrency Banking Malware Hacking

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

Security Affairs

FEBRUARY 14, 2020

Larry Dean Harmon (36), from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin while he was operating a Darknet-based cryptocurrency laundering service between 2014 and 2017. In November 2016, Harmon started a partnership with AlphaBay , the popular black market that was seized by authorities in July 2017.

Advertising

Advertising Cryptocurrency Cybercrime Engineering

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

The malware is an evolution of a Monero cryptocurrency miner that was first spotted by Unit 42 researchers in 2019. In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances).” ” reads the analysis published by Palo Alto Networks.

Malware

Malware Cryptocurrency Firewall Cybercrime

MyKings botnet operators already amassed at least $24 million

Security Affairs

OCTOBER 13, 2021

However, experts pointed out that the botnet uses more than 20 cryptocurrencies in total, for this reason the total financial gains could be greater than $24M. According to the researchers, the Smominru botnet has been active at least since 2016 and at the time of its discovery infected more than 526,000 Windows computers.

Cryptocurrency

Cryptocurrency Encryption Malware Hacking

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

Security Affairs

DECEMBER 17, 2021

Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns , crypto-jacking, cryptocurrency clipping (substituting the original wallet address saved in the clipboard with the attacker’s wallet address during a transaction) and ransomware attacks in the past.

Cryptocurrency

Cryptocurrency Cybercrime Malware Hacking

Yahoo proposes $117.5 million for the settlement of data breach

Security Affairs

APRIL 9, 2019

Yahoo is continuously trying to settle a lawsuit on the massive data breach over the period of 2013 to 2016. million settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history”. She is a small business owner, traveler and investor of cryptocurrencies.

Data breaches

Data breaches Small Business Advertising Cryptocurrency

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

MAY 3, 2024

The Moobot botnet has been active since at least 2016, it also includes other routers and virtual private servers (VPS). The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. ” reported Trend Micro. ” concludes the report.

Phishing

Phishing Cryptocurrency Internet Internet

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Security Affairs

DECEMBER 8, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. French authorities accused Vinnik of defrauding more than 100 people in six French cities between 2016 and 2018. million withdrawn.

Cryptocurrency

Cryptocurrency Hacking Ransomware Cybercrime

U.S. authorities seized cybercrime marketplace Rydox

Security Affairs

DECEMBER 13, 2024

The Rydox marketplace has been active since February 2016, it facilitated over 7,600 sales of stolen PII, access devices, and cybercrime tools, generating $230,000 since 2016. It offered over 321,000 products to 18,000 users, including names, social security numbers, and hacking tools. Thousands of U.S. victims were affected.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Hacking

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

The malware also uses an information-stealing technique, which was first seen in 2016 and related to the “AZORult” malware family. . “The malware uses a few layers of packing as well as a multi-sub-process technique to make research more difficult. ” continues the analysis.

Malware

Malware Advertising Passwords Cryptocurrency

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Security Affairs

JANUARY 8, 2024

The black marketplace has been active since 2014, it was first analyzed by experts at Kaspersky Lab in 2016. In 2016 the service was offering up to 70,000 hacked servers for as little as $6, and with 416 registered sellers in 173 countries, the platform was operating a highly successful global business model.

Cybercrime

Cybercrime Identity Theft Government Hacking

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted

Security Affairs

JULY 7, 2019

This isn’t the first incident suffered by the company, Ubuntu , official Ubuntu forums had been hacked in July 2013, two times in July 2016. In May 2018, an Ubuntu user has spotted a Bytecoin cryptocurrency miner hidden in the source code of an Ubuntu Snap Pack in the Official Ubuntu Snap Store.

Accountability

Accountability Advertising Cryptocurrency Hacking

Microsoft releases open-source tool for checking MikroTik Routers compromise

Security Affairs

MARCH 17, 2022

The news wave of attacks aimed at cryptocurrency firms, most of them located in the U.S. TrickBot is a popular Windows banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features, including powerful password-stealing capabilities.

Malware

Malware DNS Ransomware Passwords

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

The ThreatNeedle malware used in this campaign belongs to a malware family known as Manuscrypt, which belongs to the Lazarus group and has previously been seen attacking cryptocurrency businesses.” ” reads the press release published by Kaspersky.

Malware

Malware Cryptocurrency Password Management Encryption

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, the Sony Pictures hack , the FASTCash ATM attacks against banks, and attacks on multiple cryptocurrency exchanges.

Banking

Banking Malware Advertising Hacking

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. French authorities accused Vinnik of defrauding more than 100 people in six French cities between 2016 and 2018. million withdrawn.

Advertising

Advertising Hacking Cybercrime Cryptocurrency

Security Affairs newsletter Round 400 by Pierluigi Paganini

Security Affairs

JANUARY 1, 2023

Every week the best security articles from Security Affairs free for you in your email box. Personal health information of 42M Americans leaked between 2016 and 2021 Malvertising campaign MasquerAds abuses Google Ads New Linux malware targets WordPress sites by exploiting 30 bugs NETGEAR fixes a severe bug in its routers.

Cyber Attacks

Cyber Attacks Advertising Cryptocurrency Hacking

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) reported that since April, threat actors used the the Phorpiex botnet to send millions of phishing emails as part of a LockBit Black ransomware campaign.

Phishing

Phishing Ransomware Security Awareness Authentication

Admin of the darknet carding platform Skynet Market pleads guilty

Security Affairs

MAY 18, 2023

22, 2016, and Oct. Mihalo earned at least $1 million worth of cryptocurrencies at the time of the sales, including Bitcoin, Ethereum, and Monero. Mihalo is suspected to be the leader of a team that helped him sell this stolen financial information on the darknet. . victims between Feb.

Marketing

Marketing Cryptocurrency Hacking Government

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

The groups are behind several hacking operations that resulted in the theft of hundreds of millions of dollars from financial institutions and cryptocurrency exchanges worldwide and destructive cyber-attacks on infrastructure. Lazarus Group is also considered the threat actors behind the 2018 massive WannaCry attack.

Cyber Attacks

Cyber Attacks Hacking Cryptocurrency Banking

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). ” reads a blog post published by Intezer.

Cryptocurrency

Cryptocurrency Internet Internet Malware

Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers

Security Affairs

MAY 29, 2019

The payloads used in this campaign were droppers used to deliver a cryptocurrency miner to mine TurtleCoin cryptocurrency. The compile time for these files suggests that it had been created in 2016, but most AV engines still not detect them as malicious.

Malware

Malware Cryptocurrency Advertising Telecommunications

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. According to a report published by Kaspersky Lab in January 2020, in the two years the North Korea-linked APT group has continued to target cryptocurrency exchanges evolving its TTPs.

Malware

Malware Software Cryptocurrency Financial Services

Security Affairs newsletter Round 353

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps.

Ransomware

Ransomware Spyware Surveillance Hacking

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

The loader is also designed to gather system information, retrieve a list of installed antivirus solutions, cryptocurrency wallets, banking, and mail apps, and exfiltrate the information to a remote server. ” reads the post published by Zscaler. That’s not all. ” concludes the report.

Banking

Banking Malware Antivirus Phishing

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

In addition to the C2 change, functionality was also added to their LSD malware to exploit ActiveMQ servers vulnerable to CVE-2016-3088.” The group also improved its LSD dropper by adding the malicious code to exploit CVE-2016-3088 in ActiveMQ servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime DNS Malware Advertising

Socks5Systemz proxy service delivered via PrivateLoader and Amadey

Security Affairs

NOVEMBER 6, 2023

The proxy botnet has been active since at least 2016 but has remained under the radar. Threat actors offer traffic-forwarding proxies for malicious activities to subscribers for a price between $1 and $140 per day in cryptocurrency.

Malware

Malware Cryptocurrency Hacking Cybercrime

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

Security Affairs

APRIL 26, 2021

Attackers are exploiting the ProxyLogon flaws in Microsoft Exchange to recruit machines in a cryptocurrency botnet tracked as Prometei. Attackers are exploiting the ProxyLogon flaws in Microsoft Exchange to recruit machines in a cryptocurrency botnet tracked as Prometei.

Malware

Malware Cryptocurrency Retail Insurance

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

The man, along with other individuals of a gang known as “ thedarkoverlord ,” trafficked in stolen social security numbers. Kaye laundered cryptocurrency obtained from the illegal The Real Deal operation through the mixing service Bitmixer.io. government agencies,” said U.S. government agencies [ PDF ].

Government

Government Marketing Hacking Accountability

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Trending Sources

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack

New Triada Trojan comes preinstalled on Android devices

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

North Korea-linked hackers stole $626 million in virtual assets in 2022

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

QQAAZZ crime gang charged for laundering money stolen by malware gangs

New Version of Meduza Stealer Released in Dark Web

North Korea-linked APT BlueNoroff focuses on crypto theft

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

MyKings botnet operators already amassed at least $24 million

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

Yahoo proposes $117.5 million for the settlement of data breach

Russia-linked APT28 and crooks are still using the Moobot botnet

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

U.S. authorities seized cybercrime marketplace Rydox

Crooks use weaponized coronavirus map to deliver malware

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted

Microsoft releases open-source tool for checking MikroTik Routers compromise

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

North Korea-linked APT group BeagleBoyz targets banks

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs newsletter Round 400 by Pierluigi Paganini

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Admin of the darknet carding platform Skynet Market pleads guilty

The US Treasury placed sanctions on North Korea linked APT Groups

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs newsletter Round 353

Grandoreiro banking malware targets Mexico and Spain

Chinese-speaking cybercrime gang Rocke changes tactics

Socks5Systemz proxy service delivered via PrivateLoader and Amadey

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

British hacker arraigned for running The Real Deal dark web marketplace

Stay Connected