Cryptocurrency, Hacking, Information Security and Passwords

Crooks hacked Mandiant X account to push cryptocurrency scam

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Scams

Scams Cryptocurrency Accountability Hacking

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Hackers are breaking into the AT&T email accounts and then using the access they are logging into the victim’s cryptocurrency exchange accounts to drain their crypto funds, TechCrunch reported.

Cryptocurrency

Cryptocurrency Accountability Passwords Hacking

Highly evasive cryptocurrency miner targets macOS

Security Affairs

FEBRUARY 24, 2023

Trojanized versions of legitimate applications are being used to deploy XMRig cryptocurrency miner on macOS systems. Later first generation samples changed to a user Launch Agent, which would not require the conspicuous password prompt. ” reads the analysis published by the experts. ” concludes the report.

Cryptocurrency

Cryptocurrency Malware Software Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords

Passwords Software Firmware Malware

New Windows Meduza Stealer targets tens of crypto wallets and password managers

Security Affairs

JULY 3, 2023

The malware also targets crypto wallet extensions, password managers, and 2FA extensions. The malware also collects a variety of data, including system info, browser info, password manager info, miner related registry info, and installed games info. The malware admin declared that their operations do not involve any ransom activities.

Password Management

Password Management Passwords Malware Antivirus

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Monero Cryptocurrency campaign exploits ProxyLogon flaws

Security Affairs

APRIL 18, 2021

Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners. The miner’s pools.txt file is temporarily written to disk, its analysis allowed the researchers to determine the wallet address and its password, and the name DRUGS assigned to the pool of miners.

Cryptocurrency

Cryptocurrency Passwords Hacking Information Security

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management

Password Management Cryptocurrency Passwords Authentication

U.S. and Australian police arrested Firebird RAT author and operator

Security Affairs

APRIL 14, 2024

The Australian man developed and sold Firebird to customers on a dedicated hacking forum. He is accused of advertising and selling the Hive remote access trojan (RAT) on the “Hack Forums” website. When informed that the target had significant cryptocurrency and project files, Chakhmakhchyan agreed to sell the Hive RAT.

Computers and Electronics

Computers and Electronics Advertising Cryptocurrency Malware

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

” To defend against ransomware campaign like this one, NJCCIC provided the following recommendations: Security Awareness Training : Engage in security awareness training to enhance defense mechanisms and recognize potential signs of malicious communications.

Phishing

Phishing Ransomware Security Awareness Authentication

Google removed 49 Chrome Extensions that were hijacking cryptocurrency wallets

Security Affairs

APRIL 15, 2020

Google has removed 49 new Chrome browser extensions from its official Web Store that hide the code to hijack cryptocurrency wallets. Google has removed 49 new Chrome browser extensions from its official Web Store that contain the code to steal sensitive information and hijack cryptocurrency wallets. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Advertising Phishing Passwords

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. SecurityAffairs – hacking, BitCoin wallet). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Security Affairs

MARCH 15, 2024

“Buyers could search for compromised computer credentials on E-Root, such as usernames and passwords that would allow buyers to access remote computers for purposes of stealing private information or manipulating the contents of the remote computer. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Cryptocurrency Advertising Passwords

Poloniex forces password reset following a data leak

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email!

Passwords

Passwords Cryptocurrency Data breaches Advertising

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Security Affairs

JANUARY 2, 2024

Palo Alto Networks’s Unit 42 first observed the malware in November 2023 reporting that it has been advertised on the hacking forum Hackforums since April 30, 2023. The content of the messages attempted to trick the recipients into opening a password-protected RAR archive. net on 2023-04-30.

Malware

Malware Passwords Cryptocurrency Hacking

Data leak at fintech giant Direct Trading Technologies

Security Affairs

JANUARY 31, 2024

Direct Trading Technologies (DTT) is an international fintech company offering trading platforms for stocks, forex, precious metals, energies, indices, Contracts for Difference (CFDs), and cryptocurrencies. Source: Cybernews Users holding the company’s email addresses, potentially the employees, had their passwords exposed in plaintext.

Technology

Technology Identity Theft Backups Passwords

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. SecurityAffairs – TalkTalk, hacking).

Hacking

Hacking DNS Cryptocurrency Accountability

Software firm AnyDesk disclosed a security breach

Security Affairs

FEBRUARY 4, 2024

AnyDesk remarked that its systems don’t store private keys, security tokens or passwords that could be exploited by threat actors to target end-user devices. As a security measure, the threat actor sanitized some of the passwords. The threat actor offered 18,317 accounts for $15,000 to be paid in cryptocurrency.”

Software

Software Passwords Ransomware Cryptocurrency

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Security Affairs

JANUARY 2, 2020

Security expert discovered a Google Chrome extension named Shitcoin Wallet that steals passwords and wallet private keys. Harry Denley, director of security at the MyCrypto , discovered that the Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys. Pierluigi Paganini.

Passwords

Passwords Cryptocurrency Advertising Antivirus

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Cybercriminals are interested in hacking your IP address for various reasons. The hacked and stolen IPs are often used for carrying out illegal activities.

Hacking

Hacking VPN Internet Internet

Data of over a million users of the crypto exchange GokuMarket exposed

Security Affairs

DECEMBER 15, 2023

Businesses employ MongoDB to organize and store large swaths of document-oriented information, and in GokuMarket’s case, the details of over a million customers and admin users. GokuMarket, a cryptocurrency exchange, was recently acquired by Canada-based crypto exchange ByteX.

Passwords

Passwords Cryptocurrency Scams Mobile

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M worth of cryptocurrency. Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M worth of cryptocurrency. ” continues the notice.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering

Social Engineering Data breaches Ransomware Cybercrime

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. SecurityAffairs – CVE-2019-11707, hacking). ” reported SecurityWeek. .”

Cryptocurrency

Cryptocurrency Malware Advertising Passwords

Microsoft warns of the rise of cryware targeting hot wallets

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Password and info stealers.

Cryptocurrency

Cryptocurrency Social Engineering Malware Cybercrime

Dovecat crypto-miner is targeting QNAP NAS devices

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. ” reads the security advisory published by the vendor.

Cryptocurrency

Cryptocurrency Firmware Malware Passwords

Threat actors exploit a flaw in Coinbase 2FA to steal user funds

Security Affairs

OCTOBER 2, 2021

According to a data breach notification letter filed with US state attorney general offices, the attackers with the knowledge of their username and password and phone number associated with the account, were able to steal funds bypassing the SMS-based authentication. SecurityAffairs – hacking, cryptocurrency).

Cryptocurrency

Cryptocurrency Data breaches Authentication Accountability

Anonymous offers $52,000 worth of Bitcoin to Russian troops for surrendered tank. Is it fake news?

Security Affairs

MARCH 6, 2022

Soldiers that want to exchange such vehicles for cryptocurrency need to wave a white flag and use the password “million” to accept the offer. SecurityAffairs – hacking, Ukraine). appeared first on Security Affairs. At this time Anonymous has yet to confirm and deny the news, if have any info please contact me.

Cryptocurrency

Cryptocurrency Media Authentication Passwords

Hackers breached four prominent underground cybercrime forums

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. No other information looked to be compromised in the attack.”

Cybercrime

Cybercrime DDOS Hacking Passwords

Malicious packages in the NPM designed for highly-targeted attacks

Security Affairs

AUGUST 4, 2023

60 using the username root and password TestX@!#33. The researchers speculate the packages are part of a highly-targeted attack on developers working in the cryptocurrency sector. “This seems to be another highly-targeted attack on developers involved in the cryptocurrency sphere. . ” concludes the report.

Cryptocurrency

Cryptocurrency Marketing Encryption Passwords

Sophisticated JaskaGO info stealer targets macOS and Windows

Security Affairs

DECEMBER 20, 2023

Writing to the clipboard:a common tactic for stealing cryptocurrency funds. Password encryption keys key4.db db – Stores the master key to decrypt all passwords stored in logins.json. Login information – “Login Data” folder. Executing shell commands. Displaying alert messages. Retrieving running process list.

Malware

Malware Passwords Cryptocurrency Software

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence

Artificial Intelligence Data breaches Scams Insurance

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner. SecurityAffairs – hacking, MrbMiner).

Malware

Malware Cryptocurrency Advertising Accountability

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange

Security Affairs

FEBRUARY 5, 2022

PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. The group also claims to have stolen email and password hashes that can be easily decrypted due to the use of a “weak hash algorithm.” SecurityAffairs – hacking, PayBito).

Ransomware

Ransomware Cryptocurrency Hacking Advertising

MailChimp breached, intruders conducted phishing attacks against crypto customers

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. We also recommend two-factor authentication and other account security measures for our users as added measures to keep accounts and passwords secure.”

Phishing

Phishing Data breaches Cryptocurrency Social Engineering

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Security Affairs

DECEMBER 31, 2021

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The data included usernames, email addresses and plain text passwords.”

Accountability

Accountability Malware Data breaches Passwords

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Security Affairs

SEPTEMBER 16, 2022

The RedLine malware allows operators to steal several pieces of information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. SecurityAffairs – hacking, YouTube). ” concludes the report.

Malware

Malware Cryptocurrency Hacking Passwords

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. Do not provide your mobile number account information over the phone to representatives that request your account password or pin.

Mobile

Mobile Cryptocurrency Authentication Accountability

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The malware uses exploits for known vulnerabilities and password brute-forcing attacks for self-propagation.

Malware

Malware Internet Internet DDOS

Trojanized Super Mario Bros game spreads malware

Security Affairs

JUNE 25, 2023

The researchers pointed out that attackers target gamers because they often use powerful hardware for gaming, which is excellent for mining cryptocurrencies. stream” to carry out cryptocurrency mining activities.” The threat actors bundled a legitimate installer file of super-mario-forever-v702e with the malicious codes.

Malware

Malware Cryptocurrency Passwords Hacking

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware

Malware Cryptocurrency Passwords Internet

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

Security Boulevard

MARCH 17, 2022

The estimated value of greater Decentralized Finance and cryptocurrencies surpassed half a trillion dollars in market capitalization in 2018, and then one trillion for the first time in 2021 ( 1 ). Since then, cryptocurrency values reached new records during the pandemic. Cryptocurrencies Are Established Via Blockchain Security.

Cyber Attacks

Cyber Attacks Cryptocurrency Marketing Software

Bitcoin Miner [oom_reaper] targets QNAP NAS devices

Security Affairs

DECEMBER 7, 2021

Taiwanese vendor QNAP warns customers of ongoing attacks targeting their NAS devices with cryptocurrency miners. Taiwanese vendor QNAP warns customers of threat actors targeting their NAS devices with cryptocurrency miners. Use stronger passwords for your administrator and other user accounts. SecurityAffairs – hacking, IoT).

Cryptocurrency

Cryptocurrency Ransomware Malware Passwords

Crooks hacked Mandiant X account to push cryptocurrency scam

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Webinars

Trending Sources

Highly evasive cryptocurrency miner targets macOS

Webinars

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

New Windows Meduza Stealer targets tens of crypto wallets and password managers

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Monero Cryptocurrency campaign exploits ProxyLogon flaws

New Version of Meduza Stealer Released in Dark Web

U.S. and Australian police arrested Firebird RAT author and operator

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Google removed 49 Chrome Extensions that were hijacking cryptocurrency wallets

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Poloniex forces password reset following a data leak

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Data leak at fintech giant Direct Trading Technologies

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Software firm AnyDesk disclosed a security breach

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

5 Ways to Protect Yourself from IP Address Hacking

Data of over a million users of the crypto exchange GokuMarket exposed

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Microsoft warns of the rise of cryware targeting hot wallets

Dovecat crypto-miner is targeting QNAP NAS devices

Threat actors exploit a flaw in Coinbase 2FA to steal user funds

Anonymous offers $52,000 worth of Bitcoin to Russian troops for surrendered tank. Is it fake news?

Hackers breached four prominent underground cybercrime forums

Malicious packages in the NPM designed for highly-targeted attacks

Sophisticated JaskaGO info stealer targets macOS and Windows

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

New MrbMiner malware infected thousands of MSSQL DBs

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange

MailChimp breached, intruders conducted phishing attacks against crypto customers

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

PurpleFox malware infected at least 2,000 computers in Ukraine

Trojanized Super Mario Bros game spreads malware

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

Bitcoin Miner [oom_reaper] targets QNAP NAS devices

Stay Connected