This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees.
Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies. Though not permanent, this disruption can significantly hinder the attack.
Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ripple)
A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. The research behind the discovery was released by Security Alliance , which tracked and analyzed the campaign.
worth of cryptocurrency from one of the companys offline wallets. The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). “*Update* It’s now been confirmed that North Korea’s Lazarus Group were behind this hack.”
Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. Unfortunately for Griffin, years ago he used Google Photos to store an image of the secret seed phrase that was protecting his cryptocurrency wallet. Image: Shutterstock, iHaMoo. io ) that mimicked the official Trezor website.
KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. Image: Shutterstock, iHaMoo.
On February 21, 2025, the cryptocurrency world was rocked by the largest crypto heist in history. Increased information sharing between exchanges, security firms, and law enforcement is essential, alongside industry-wide security standards and user education. billion in crypto assets.
We observed these files to contain information about the projects, as well as instructions on how to compile their code. stealer that collects information such as saved credentials, cryptocurrency wallet data and browsing history, packs it into a.7z files, possibly generated using AI tools. Snippets of README.md
government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest.
A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. The Wiz Incident Response team reported that threat actors are exploiting the flaw in attacks in the wild to deploy backdoors and cryptocurrency miners. ” reads the advisory published by Wiz.
Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools. million in revenue.
Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. This is a covert miner able to mine multiple cryptocurrencies (ETH, ETC, XMR, RTM and others) using various algorithms. The payload was only accessible from Russian IPs, suggesting a targeted attack on Russian users.
. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.
Fittingly, Radaris now pimps OneRep as a service when consumers request that their personal information be removed from the data broker’s website. Instead, we doubled down and published all of the supporting evidence that wasn’t included in the original story, leaving little room for doubt about its conclusions.
authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. authorities linked the $308 million cyber heist targeting cryptocurrency company DMM Bitcoin to North Korea-linked threat actors. On June 1st, the Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9
The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.
But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.
Crooks stole at least $69 million from Singapore-based cryptocurrency platform Phemex in an alleged cyberattack. On Thursday, researchers at the blockchain security firm PeckShield noticed a suspicious ‘outflow of large funds from the cryptocurrency platform. pic.twitter.com/qT71TJHXPJ — PeckShield Inc. worth of cryptos.
The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. ” reads the alert.
The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.
prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Internet address was used to operate a Discord account that specified a cryptocurrency wallet when asking another user to send funds.
These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. By simply paying the fee, usually in cryptocurrencies, the customer will receive the sensitive material ready to be exploited.
Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans. ” U.S. ”
Banshee Stealer can also steal cryptocurrency from different wallets, including Exodus, Electrum, Coinomi, Guarda, Wasabi Wallet, Atomic and Ledger. BANSHEE Stealer is macOS-based malware that can collect extensive data from the system, browsers, cryptocurrency wallets, and numerous browser extensions.” concludes the report.
Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2 , and were used to steal PayPal credentials and hijack cryptocurrency transfers.
Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. A $10 million reward was offered for information on Khoroshev through the U.S. reward for information leading to his arrest. State Departments TOC Rewards Program via the FBI tip website. Matveev has a $10M U.S.
Coordination by Eurojust ensured that authorities were able to exchange information and align their investigative efforts.” in cryptocurrency, bringing the total to over 21.2M. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Operation ENDGAME)
The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!
Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.
A clipper malware is a type of malicious software designed to intercept and manipulate clipboard data, typically for cryptocurrency theft. When a victim copies a cryptocurrency wallet address, the malware replaces it with an attacker-controlled address, redirecting funds to the hacker instead of the intended recipient.
authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. Investigators found no evidence of device hacking, supporting the hypothesis that attackers decrypted stolen password manager data to access the victim’s crypto wallet. .”
New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. Whether this is more profitable remains to be seen.
Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. Attorney Erek L.
Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.
On November 20, a verified Bohemia administrator provided on the dark web forum Dread information about the disruptions affecting the marketplace. The authorities also seized two vehicles and €8 million worth of cryptocurrency. Police expect this figure to rise and have already arrested several Dutch dealers in June.
Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. that helped crooks launder cryptocurrency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,crypto-mixing services) and Sinbad.io
The North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. “After receiving the requested information, the criminal shares a repository containing the “minimum viable product” (MVP) of the project. ” concludes the report.
INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.
Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.”
Threat actors use weak credential brute force to gain access to target systems, then deploy cryptocurrency miners and crimeware with capabilities like data exfiltration, persistence, self-termination, and pivot attacks. West Coast to deploy info stealers and crypto miners. The malware disables remote access to entrench itself further.
Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content