Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance 98

Insurance Cryptocurrency Cyber threats Marketing 98

Security Affairs

JUNE 27, 2023

An unnamed Japanese cryptocurrency exchange was the victim of a cyber attack aimed at deploying an Apple macOS backdoor named JokerSpy. Elastic Security Labs researchers provided details about a recently discovered intrusion at an unnamed cryptocurrency exchange, aimed at deploying an Apple macOS backdoor named JokerSpy.

Cryptocurrency 98

Cryptocurrency Spyware Malware Architecture 98

Security Affairs

MARCH 2, 2025

DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host Prospero Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware The GitVenom campaign: cryptocurrency theft using GitHub Silent Killers: (..)

Malware 66

Malware Architecture IoT Ransomware 66

Security Affairs

APRIL 19, 2021

The new variant also implements new features for data-stealing focused on cryptocurrency apps. This behavior allows the malicious code to replace cryptocurrency addresses, and steal credentials for online services (amoCRM, Apple ID, Google, Paypal, SIPMarket, and Yandex) and payment card information from the Apple Store.

Malware 141

Malware Cryptocurrency Architecture Engineering 141

Security Affairs

APRIL 23, 2021

” The malware analyzed by the experts could run on different architectures using Linux-based OS, a circumstance that suggests that the botnet was involved in a wider campaign targeting Linux systems. The botnet is currently involved in cryptocurrency mining activity, it delivers the XMRig Monero (XMR) miner onto the infected machines.

Architecture 139

Architecture Cryptocurrency Malware Technology 139

SecureList

APRIL 25, 2025

The modular architecture of the malware gives attackers virtually unlimited control over the system, enabling them to tailor functionality to specific applications. so loads either a crypto stealer loader (if the application is cryptocurrency-related) or a dropper from the rodata section. Neither payload is encrypted. services class.

Cryptocurrency 83

Cryptocurrency Malware Firmware Accountability 83

Security Affairs

AUGUST 16, 2024

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claim it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. ” concludes the report.

Malware 133

Malware Cryptocurrency Advertising Architecture 133

Security Affairs

OCTOBER 6, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Malware 122

Malware Architecture Cryptocurrency Cyber Attacks 122

SecureWorld News

MAY 21, 2025

Coinbase, the largest cryptocurrency exchange platform in the U.S., In a bold response to a sophisticated insider-led data breach, Coinbase has turned the tables on cybercriminals who recently targeted the organization with ransomware. However, experts caution that bold moves must be accompanied by robust internal security reform.

Ransomware 76

Ransomware Social Engineering Data breaches Cryptocurrency 76

Security Affairs

OCTOBER 7, 2020

Experts noticed that the malware supports multiple CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, it is written in the Go open-source programming language. The botnet targets systems with SSH ports (23 and 2323) exposed online by launching brute-force attacks. ” concludes the post.

Architecture 138

Architecture IoT Malware Advertising 138

SecureList

APRIL 21, 2025

Fake Telegram channels for pirated content and cryptocurrencies. The attackers create Telegram channels with names containing keywords related to cryptocurrencies or pirated content, such as software, movies, etc. When a user searches for such content, the fraudulent channels appear at the top of the search.

Malware 86

Malware Cryptocurrency Software Phishing 86

Security Affairs

FEBRUARY 24, 2020

The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients). The malware is also able to collect system details (OS version and architecture, language, hardware info, enumerate installed apps).

Cybercrime 132

Cybercrime Malware Cryptocurrency Advertising 132

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos.

Architecture 106

Architecture Cryptocurrency Malware Advertising 106

Security Affairs

JULY 24, 2018

Once an open adb port is identified, the malware drops a stage 1 shell script onto the device which, when launched, downloads two additional (stage 2) shell scripts which then download the “next stage binary for several architectures and launch the corresponding one.” Pierluigi Paganini.

Cryptocurrency 70

Cryptocurrency IoT Mobile Advertising 70

The Last Watchdog

JANUARY 4, 2022

Legacy security architectures just don’t fit this massively complex, highly dynamic environment. This enabled the attackers to swiftly install a cryptocurrency botnet, steal credentials and seek out other unpatched vulnerabilities to exploit.

Digital transformation 260

Digital transformation Hacking Architecture Cyber Risk 260

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 59

Cryptocurrency Risk Marketing Architecture 59

Security Affairs

MARCH 30, 2021

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining pool, by he estimated that threat actors mined US$200,000 worth of cryptocurrencies in a two-year period.

Cryptocurrency 106

Cryptocurrency Accountability Architecture Software 106

Security Affairs

NOVEMBER 9, 2021

Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, perform container-to-host escape using well-known techniques, and scan the Internet for exposed ports from other compromised containers. The attack chain starts with the creation of a container on a vulnerable host using an exposed Docker REST API.

Cryptocurrency 120

Cryptocurrency Malware Cybercrime Architecture 120

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. Last week, SentinelOne researchers discovered a decoy documents advertising positions for the popular cryptocurrency exchange Crypto.com. The attackers aimed at stealing credentials for the victims’ wallets.

Malware 106

Malware Cryptocurrency Architecture Advertising 106

NopSec

MARCH 29, 2023

Another day goes by, another latest and greatest security breach affects the cryptocurrency world. With this blog post, I would like to shed light on the components of cryptocurrency infrastructure and how to threat model these various elements. Miners are then rewarded with a certain amount of cryptocurrency to find a valid block.

Cryptocurrency 52

Cryptocurrency Accountability Malware Architecture 52

Centraleyes

DECEMBER 16, 2024

Zero Trust Architecture (ZTA) Expands The Zero Trust model, which focuses on verifying every person and device attempting to access a system, is gaining ground as a best practice in cybersecurity.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

SecureWorld News

FEBRUARY 24, 2025

Another major concern is the impact on blockchain security and digital trust, as quantum computers may eventually emphasize elliptic curve cryptography (ECC), threatening the integrity of cryptocurrencies, smart contracts, and financial transactions.

Cybersecurity 60

Cybersecurity Encryption Cyber threats Threat Detection 60

SecureList

OCTOBER 4, 2024

In a recent campaign starting in 2022, unknown malicious actors have been trying to mine cryptocurrency on victims’ devices without user consent; they’ve used large amounts of resources for distribution, but what’s more, used multiple unusual vectors for defense evasion and persistence.

Scams 145

Scams Cryptocurrency Malware Software 145

Security Affairs

MARCH 13, 2021

This behavior allows the malicious code to replace cryptocurrency addresses, and steal credentials for online services (amoCRM, Apple ID, Google, Paypal, SIPMarket, and Yandex) and payment card information from the Apple Store. Trend Micro discovered two Xcode projects injected with the XCSSET Mac Malware, one on July 13 and one on July 31.

Malware 124

Malware Adware Architecture Antivirus 124

Adam Shostack

JANUARY 2, 2025

This is not an architectural doc, but an aid to security discussion. If the goal is to steal cryptocurrency, one route is to gain wallet access, via stealing the physical wallet or software access. Must be collaborative : communication is a key Being wrong is great: people get engaged to correct you!

Architecture 130

Architecture Cryptocurrency Software Engineering 130

Security Affairs

SEPTEMBER 8, 2024

Researchers at Fortinet FortiGuard Labs reported that threat actors exploited the recently disclosed OSGeo GeoServer GeoTools flaw ( CVE-2024-36401 ) to deliver various malware families, including cryptocurrency miners, bots, and the SideWalk backdoor. GeoServer is an open-source server that allows users to share and edit geospatial data.

Malware 138

Malware Telecommunications Encryption DDOS 138

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. ” The expert explained that the XMR cryptominer was optimized for Intel x86 (both 32bit or 64bit architecture) and Intel 686 processors. .

IoT 111

IoT Cryptocurrency Malware Advertising 111

Security Affairs

AUGUST 4, 2021

In recent months the number of cyberattacks against misconfigured Kybernetes systems has surged, threat actors mainly used the to illegally mine cryptocurrencies. Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. ” states the guidance.

System Administration 112

System Administration Architecture Firewall Risk 112

Security Affairs

SEPTEMBER 29, 2018

According to experts from Avast, the Torii bot has been active since at least December 2017, it could targets a broad range of architectures, including ARM, MIPS, x86, x64, PowerPC, and SuperH. The Torii IoT botnet stands out for the largest sets of architectures it is able to target. ” reads the analysis published by Avast.

IoT 110

IoT Architecture Advertising DDOS 110

Security Affairs

JUNE 19, 2024

A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target publicly exposed and unsecured Docker API endpoints for initial access.

Internet 139

Internet Internet Malware Architecture 139

CyberSecurity Insiders

JANUARY 26, 2022

Between last year’s high-profile incidents involving ransomware, supply chain attacks, and the exploitation of critical systems vulnerabilities and the new focus on cryptocurrency theft, it’s likely that interest in cybersecurity topics will continue to climb in 2022 and beyond.

Data breaches 84

Data breaches Cybersecurity Cryptocurrency Technology 84

The Last Watchdog

NOVEMBER 4, 2019

Blockchain, also referred to as distributed ledger technology , or DLT, is much more than just the mechanism behind Bitcoin and cryptocurrency speculation mania. However, cryptocurrencies are only one small part of blockchain technology. Difficult tradeoffs must be made and pivotal architectural advances must be achieved.

Technology 179

Technology Cryptocurrency Internet Internet 179

Security Affairs

AUGUST 28, 2023

The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. KmsdBot supports multiple architectures, including as Winx86, Arm64, and mips64, x86_64, and does not stay persistent to avoid detection.

IoT 98

IoT DDOS Architecture Internet 98

SecureWorld News

NOVEMBER 8, 2022

To lower their overhead and boost the appearance of legitimacy, attackers are compromising business networks and devices to host phishing campaigns, malware, or even use their computing power to mine cryptocurrency.". Sadly, most cyberattacks could be prevented by employing basic security hygiene, the report states.

Cyber threats 103

Cyber threats Architecture Passwords Authentication 103

Security Affairs

JUNE 26, 2024

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads.

Ransomware 131

Ransomware Malware Cryptocurrency Passwords 131

Security Affairs

SEPTEMBER 23, 2018

Feedify cloud service architecture compromised by MageCart crime gang. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange. 20% discount. Kindle Edition. Paper Copy. Once again thank you!

Computers and Electronics 86

Computers and Electronics Cryptocurrency Data breaches Advertising 86

Security Affairs

DECEMBER 1, 2022

“The first use of the command is activated to receive information about the CPU architecture. AquaSec researchers believe that threat actors are using the Redigo malware to infect Redis and add them to a botnet used to launch denial-of-service (DDoS) attacks, run cryptocurrency miners, or steal data from the servers.

Malware 145

Malware DDOS Architecture Cryptocurrency 145