article thumbnail

Disrupting the operations of cryptocurrency mining botnets

Security Affairs

Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies. Though not permanent, this disruption can significantly hinder the attack.

article thumbnail

“Can you try a game I made?” Fake game sites lead to information stealers

Malwarebytes

What the target will actually download and install is in reality an information stealing Trojan. There are also various information stealers being spread through these channels like the Nova Stealer, Ageo Stealer, or the Hexon Stealer. There are several variations going around. IOCs Download sites: dualcorps[.]fr fr leyamor[.]com

Scams 139
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. The research behind the discovery was released by Security Alliance , which tracked and analyzed the campaign.

article thumbnail

How to Lose a Fortune with Just One Bad Click

Krebs on Security

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. Unfortunately for Griffin, years ago he used Google Photos to store an image of the secret seed phrase that was protecting his cryptocurrency wallet. Image: Shutterstock, iHaMoo. io ) that mimicked the official Trezor website.

article thumbnail

The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack

Security Affairs

Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest users’ private keys. ” reads the report published by Aikido. contained malicious code.

article thumbnail

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. 13, with an attack on cryptocurrency trading platform liquid.com. authenticate the phone call before sensitive information can be discussed. 2019 that wasn’t discovered until April 2020.

article thumbnail

The GitVenom campaign: cryptocurrency theft using GitHub

SecureList

We observed these files to contain information about the projects, as well as instructions on how to compile their code. stealer that collects information such as saved credentials, cryptocurrency wallet data and browsing history, packs it into a.7z files, possibly generated using AI tools. Snippets of README.md