2017, Cryptocurrency and Information Security

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.”

Cryptocurrency

Cryptocurrency Malware Firmware Mobile

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. CVE-2019-11707 is a type confusion vulnerability in Array.pop. ” wrote Wardle.

Cryptocurrency

Cryptocurrency Malware Advertising Hacking

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Security Affairs

NOVEMBER 22, 2022

Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were arrested in Tallinn, Estonia, after being indicted in the US for running a fraudulent cryptocurrency Ponzi scheme that caused more than $575 million in losses. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Banking Marketing Hacking

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

JUNE 5, 2019

A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives.

Cryptocurrency

Cryptocurrency Malware Advertising Hacking

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

US gov sanctions cryptocurrency mixer Blender also used by North Korea-linked Lazarus APT

Security Affairs

MAY 7, 2022

Department of Treasury sanctioned cryptocurrency mixer Blender.io Department of Treasury sanctioned the cryptocurrency mixer Blender.io It has been estimated that Blender has helped transfer more than $500 million worth of Bitcoin since its creation in 2017. national security interests. million in illicit proceeds.

Cryptocurrency

Cryptocurrency Hacking Ransomware Risk

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Security Affairs

JANUARY 2, 2022

The cyberattacks against the cryptocurrency industry are a profitable business for threat actors, according to the experts, $12.1 billion worth of cryptocurrencies have been stolen in the last decade. “Cryptocurrency crime stands in direct proportion to the size of the cryptocurrency market. Threat actors stole $3.18

Cryptocurrency

Cryptocurrency Scams Marketing Hacking

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

Security Affairs

FEBRUARY 14, 2020

An American was charged with money laundering while operating the dark web Helix Bitcoin mixer service between 2014 and 2017. Larry Dean Harmon (36), from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin while he was operating a Darknet-based cryptocurrency laundering service between 2014 and 2017.

Cryptocurrency

Cryptocurrency Advertising Cybercrime Engineering

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

Security Affairs

JUNE 9, 2025

The frozen funds include cryptocurrency, NFTs, and other digital assets. District Court for the District of Columbia alleging that North Korean information technology (IT) workers obtained illegal employment and amassed millions in cryptocurrency for the benefit of the North Korean government, all as a means of evading U.S.

Scams

Scams Identity Theft Cryptocurrency Accountability

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

A Belarusian and Cypriot national linked with the cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison. “According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.”

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” million in cryptocurrency through this program. trillion won ($1.2

Cryptocurrency

Cryptocurrency Cybercrime Media Government

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

Researchers from Kaspersky discovered a sophisticated malware, dubbed StripedFly, that remained under the radar for five years masquerading as a cryptocurrency miner. Further analysis revealed that the malware has been used since at least 2017. The malicious code has a complex modular structure that supports both Linux and Windows.

Malware

Malware Cryptocurrency Ransomware Hacking

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange. reported the Associated Press. In February, the U.S.

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

US DoJ wants the funds stored by North Korea in 280 BTC and ETH

Security Affairs

AUGUST 30, 2020

The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns conducted by North Korea-linked APT groups against two cryptocurrency exchanges. In the second attack, threat actors stole $2.5

Cryptocurrency

Cryptocurrency Hacking Advertising Accountability

US DoJ charges three members of the North Korea-linked Lazarus APT group

Security Affairs

FEBRUARY 17, 2021

billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform.” ransomware in May 2017, and carried out extortion and attempted extortion from 2017 through 2020.

Cryptocurrency

Cryptocurrency Banking Hacking Ransomware

DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

Security Affairs

APRIL 25, 2024

Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer Samourai. Department of Justice (DoJ) has arrested two co-founders of the cryptocurrency mixer Samourai and seized the service. Magistrate Judge in the Western District of Pennsylvania. criminal charges. ” continues the DoJ.

Cryptocurrency

Cryptocurrency Marketing Mobile Hacking

North Korea-linked APT BlueNoroff focuses on crypto theft

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The researchers are not aware of the compromise of these companies.

Cryptocurrency

Cryptocurrency Banking Hacking Malware

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, DarkGate ) The post DarkGate malware campaign abuses Skype and Teams appeared first on Security Affairs. ” concludes the report.

Malware

Malware Cryptocurrency Accountability Cybercrime

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

The malware is an evolution of a Monero cryptocurrency miner that was first spotted by Unit 42 researchers in 2019. In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances).” ” reads the analysis published by Palo Alto Networks.

Malware

Malware Cryptocurrency Firewall Cybercrime

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

DNS

DNS Cryptocurrency Malware Internet

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States.

Advertising

Advertising Hacking Cybercrime Cryptocurrency

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Koshkin and his co-conspirators claimed that their services could be used for malware such as botnets, remote-access trojans, keyloggers, credential stealers and cryptocurrency miners.” Koshkin was arrested in California in September 2019 , while Tsurkan was arrested in April 2017.

Antivirus

Antivirus Malware Cryptocurrency Software

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. Oracle WebLogic Server CVE-2017-10271 – versions 10.3.6.0.0,

Cryptocurrency

Cryptocurrency Hacking Accountability Software

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Security Affairs

DECEMBER 8, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. The post Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering appeared first on Security Affairs.

Cryptocurrency

Cryptocurrency Hacking Ransomware Cybercrime

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

Now, USCYBERCOM shares five more samples, the older one dated 2017 while the rest has been created in 2018. COPPERHEDGE, aka Manuscrypt , has been employed in attacks on cryptocurrency exchanges. The samples belong to the COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH malware families.

Malware

Malware Advertising Government Cryptocurrency

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox in 2011 and the operation of the illicit cryptocurrency exchange BTC-e.

Hacking

Hacking Cryptocurrency Advertising Banking

Binance says that leaked KYC Data are from third-party vendor.

Security Affairs

AUGUST 26, 2019

The Binance cryptocurrency exchange revealed that leaked users’ KYC data were obtained by hackers from a third-party vendor. In July, the hack of the Binance cryptocurrency exchange made the headlines, hackers stole$41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance. million at the time of the hack). .

Cryptocurrency

Cryptocurrency Hacking Advertising Accountability

Necro Python bot now enhanced with new VMWare, server exploits

Security Affairs

JUNE 4, 2021

Talos experts noticed that a version released on May 18 included Python versions of EternalBlue ( CVE-2017-0144 ) and EternalRomance ( CVE-2017-0147 ) exploits with a Windows download command line as the payload. The bot used a user-mode rootkit to hide the malicious process and malicious registry entries created.

Malware

Malware DDOS Passwords IoT

8220 Gang Cloud Botnet infected 30,000 host globally

Security Affairs

JULY 21, 2022

The gang focuses on infecting cloud hosts to deploy cryptocurrency miners by exploiting known vulnerabilities and conducting brute-force attacks. PwnRig cryptocurrency miner execution. This month, the experts noticed that the number of infected hosts passed from 2000 to around 30,000. ” concludes the report.

Cryptocurrency

Cryptocurrency Malware Hacking Internet

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Malware

Malware Internet Internet DDOS

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

Security Affairs

NOVEMBER 8, 2022

The authorities seized the stolen funds on November 2021, at the time it was the biggest-ever seizure of cryptocurrency. In August 2017, Bitcoin split into two cryptocurrencies, traditional Bitcoin and Bitcoin Cash (“BCH”). The US authorities are seeking to forfeit, collectively, approximately 51,680.32473733 Bitcoin.

Cryptocurrency

Cryptocurrency Hacking Internet Internet

CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 22, 2023

Kinsing actors often exploited the PHPUnit vulnerability ( CVE-2017-9841 ) and it engaged in fully automated attacks as part of mining cryptocurrency. Recently, observers noticed Kinsing actors exploiting vulnerable Openfire servers.

Cryptocurrency

Cryptocurrency Hacking Risk Cybersecurity

North Korea-linked TA444 group turns to credential harvesting activity

Security Affairs

JANUARY 25, 2023

According to Proofpoint the group is targeting cryptocurrencies since at least 2017. Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge.

Cryptocurrency

Cryptocurrency Phishing Healthcare Malware

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware.

Malware

Malware Computers and Electronics Encryption Ransomware

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Spyware Advertising Antivirus

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. In 2017, hackers stole some personal information belonging to T-Mobile customers by exploiting a well-known vulnerability.

Mobile

Mobile Data breaches Telecommunications Identity Theft

Smominru Botnet continues to rapidly spread worldwide

Security Affairs

SEPTEMBER 19, 2019

In February 2018, researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities.

Cryptocurrency

Cryptocurrency Advertising Healthcare Hacking

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

The groups are behind several hacking operations that resulted in the theft of hundreds of millions of dollars from financial institutions and cryptocurrency exchanges worldwide and destructive cyber-attacks on infrastructure. Lazarus Group is also considered the threat actors behind the 2018 massive WannaCry attack.

Cyber Attacks

Cyber Attacks Hacking Cryptocurrency Banking

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

The man, along with other individuals of a gang known as “ thedarkoverlord ,” trafficked in stolen social security numbers. Kaye laundered cryptocurrency obtained from the illegal The Real Deal operation through the mixing service Bitmixer.io. ’s National Crime Agency (NCA) in February 2017. government agencies,” said U.S.

Government

Government Marketing Hacking Accountability

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages. .” reads the first part of two reports published by the experts detailing the DevOps implementation behind the botnet.

Advertising

Advertising Cryptocurrency Hacking Internet

U.S. offers up to $5 Million rewards for info on North Korea-linked operations

Security Affairs

APRIL 16, 2020

The list of the cyberattacks publicly attributed to North Korean nation-state actors, includes: The 2014 Sony Pictures hack , The Bangladesh Bank Heist ( $81 million ), The 2017 WannaCry ransomware outbreak, FASTCash ATM attacks, The $250 million theft from cryptocurrency exchanges. ” concludes the advisory.

Cyber threats

Cyber threats Banking Government Advertising

Security Affairs newsletter Round 318

Security Affairs

JUNE 13, 2021

million customers impacted. million customers impacted.

Data breaches

Data breaches Hacking Cryptocurrency Ransomware

New Triada Trojan comes preinstalled on Android devices

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Trending Sources

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

US gov sanctions cryptocurrency mixer Blender also used by North Korea-linked Lazarus APT

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

North Korea-linked hackers stole $626 million in virtual assets in 2022

StripedFly, a complex malware that infected one million devices without being noticed

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

US DoJ wants the funds stored by North Korea in 280 BTC and ETH

US DoJ charges three members of the North Korea-linked Lazarus APT group

DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

North Korea-linked APT BlueNoroff focuses on crypto theft

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

DarkGate malware campaign abuses Skype and Teams

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

USCYBERCOM shares five new North Korea-linked malware samples

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Binance says that leaked KYC Data are from third-party vendor.

Necro Python bot now enhanced with new VMWare, server exploits

8220 Gang Cloud Botnet infected 30,000 host globally

PurpleFox malware infected at least 2,000 computers in Ukraine

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog

North Korea-linked TA444 group turns to credential harvesting activity

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs newsletter Round 261

T-Mobile customers were hit with SIM swapping attacks

Smominru Botnet continues to rapidly spread worldwide

The US Treasury placed sanctions on North Korea linked APT Groups

British hacker arraigned for running The Real Deal dark web marketplace

KashmirBlack, a new botnet in the threat landscape that rapidly grows

U.S. offers up to $5 Million rewards for info on North Korea-linked operations

Security Affairs newsletter Round 318

Stay Connected