Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. “Sorry, change password please.”

Cryptocurrency 137

Cryptocurrency Scams Accountability Hacking 137

Security Affairs

MARCH 4, 2025

Threat actors use weak credential brute force to gain access to target systems, then deploy cryptocurrency miners and crimeware with capabilities like data exfiltration, persistence, self-termination, and pivot attacks. The folder also contains text files listing over 4,000 target IPs and passwords, focusing on ISPs in China and the U.S.

Cryptocurrency 110

Cryptocurrency Malware Passwords Hacking 110

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft.

Cryptocurrency 137

Cryptocurrency Phishing Accountability VPN 137

Security Affairs

APRIL 18, 2021

Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners. The miner’s pools.txt file is temporarily written to disk, its analysis allowed the researchers to determine the wallet address and its password, and the name DRUGS assigned to the pool of miners.

Cryptocurrency 127

Cryptocurrency Passwords Hacking Information Security 127

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords 133

Passwords Software Firmware Malware 133

Security Affairs

JANUARY 10, 2025

The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. Researchers at Elastic Security Labs who first analyzed the malware confirmed it can steal keychain passwords and data from multiple browsers.

Malware 125

Malware Advertising Antivirus Cybercrime 125

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021. Pierluigi Paganini.

Cryptocurrency 120

Cryptocurrency Malware Advertising System Administration 120

Security Affairs

NOVEMBER 3, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 112

Cryptocurrency Hacking Phishing Cyber Attacks 112

Security Affairs

MARCH 18, 2025

Once deployed, StilachiRAT scans configuration data from tens of cryptocurrency wallet extensions to steal digital assets. Additionally, the malware has a dedicated command to steal Google Chrome passwords, highlighting its cyber espionage and system manipulation capabilities.

Malware 116

Malware Cryptocurrency Encryption Passwords 116

Security Affairs

FEBRUARY 24, 2023

Trojanized versions of legitimate applications are being used to deploy XMRig cryptocurrency miner on macOS systems. Later first generation samples changed to a user Launch Agent, which would not require the conspicuous password prompt. ” reads the analysis published by the experts. ” concludes the report.

Cryptocurrency 98

Cryptocurrency Malware Software Passwords 98

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Hackers are breaking into the AT&T email accounts and then using the access they are logging into the victim’s cryptocurrency exchange accounts to drain their crypto funds, TechCrunch reported.

Cryptocurrency 98

Cryptocurrency Accountability Passwords Hacking 98

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. CVE-2019-11707 is a type confusion vulnerability in Array.pop. ” wrote Wardle.

Cryptocurrency 107

Cryptocurrency Malware Advertising Hacking 107

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email!

Passwords 92

Passwords Cryptocurrency Data breaches Advertising 92

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 75

Cryptocurrency Passwords Authentication Accountability 75

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. I have the wallet, @Google hook me up with a quantum computer please.

Cryptocurrency 145

Cryptocurrency Passwords Advertising Hacking 145

Security Affairs

JULY 3, 2023

The malware also targets crypto wallet extensions, password managers, and 2FA extensions. The malware also collects a variety of data, including system info, browser info, password manager info, miner related registry info, and installed games info. The malware admin declared that their operations do not involve any ransom activities.

Password Management 98

Password Management Passwords Malware Marketing 98

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management 144

Password Management Cryptocurrency Passwords Authentication 144

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. Sorry, change password please.”

Accountability 139

Accountability Hacking Cryptocurrency Cybersecurity 139

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. ” reads the security advisory published by the vendor.

Cryptocurrency 128

Cryptocurrency Firmware Malware Passwords 128

Security Affairs

OCTOBER 2, 2021

According to a data breach notification letter filed with US state attorney general offices, the attackers with the knowledge of their username and password and phone number associated with the account, were able to steal funds bypassing the SMS-based authentication. SecurityAffairs – hacking, cryptocurrency). Pierluigi Paganini.

Cryptocurrency 143

Cryptocurrency Data breaches Authentication Accountability 143

Security Affairs

AUGUST 23, 2024

The malicious code is written in GoLang, upon mounting the dmg it prompts users to enter their system and MetaMask passwords using the macOS osascript tool. Once the user inputs their credentials, the malware stores them in a directory and uses Chainbreak to dump Keychain passwords. ” reads the report published by Cado Security.

Malware 133

Malware Passwords Cryptocurrency Software 133

Security Affairs

MARCH 2, 2025

DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host Prospero Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware The GitVenom campaign: cryptocurrency theft using GitHub Silent Killers: (..)

Malware 66

Malware Architecture IoT Ransomware 66

Security Affairs

JULY 22, 2020

Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements. move laterally across systems while covertly mining for cryptocurrency. . This latest function is typically used to search for Bitcoin cryptocurrency wallets.

Cryptocurrency 125

Cryptocurrency Advertising Passwords Encryption 125

Security Affairs

MARCH 17, 2020

The website was distributing a file named WSHSetup.exe, it is the downloader for both the CoronaVirus Ransomware and the Kpot password-stealer. exe,’ which is the Kpot password-stealing Trojan. One of these files is, ‘file1.exe,’ The second file downloaded by the initial dropper is ‘file2.exe’,

Ransomware 140

Ransomware Advertising Cryptocurrency Passwords 140

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware 111

Malware Cryptocurrency Passwords Internet 111

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Password and info stealers.

Cryptocurrency 112

Cryptocurrency Social Engineering Malware Cybercrime 112

Security Affairs

AUGUST 16, 2024

The malware authors claim it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. Researchers at Elastic Security Labs analyzed the malware and confirmed it can steal keychain passwords and data from multiple browsers.

Malware 133

Malware Cryptocurrency Advertising Architecture 133

Krebs on Security

APRIL 20, 2023

The decrypted icon files revealed the location of the malware’s control server, which was then queried for a third stage of the malware compromise — a password stealing program dubbed ICONICSTEALER. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file.

Malware 329

Malware Software Technology Accountability 329

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner.

Malware 145

Malware Advertising Cryptocurrency Accountability 145

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. We also recommend two-factor authentication and other account security measures for our users as added measures to keep accounts and passwords secure.”

Phishing 140

Phishing Data breaches Cryptocurrency Social Engineering 140

Security Affairs

MAY 21, 2021

CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. CyberNews researchers found that cybercriminals are able to abuse cryptocurrency exchange API keys and steal cryptocurrencies from their victims’ accounts without being granted withdrawal rights.

Cryptocurrency 110

Cryptocurrency Accountability Marketing Passwords 110

Security Affairs

DECEMBER 31, 2021

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The data included usernames, email addresses and plain text passwords.”

Accountability 145

Accountability Malware Data breaches Passwords 145

Security Affairs

APRIL 7, 2025

“In the Florida case, Urban was accused of stealing at least $800,000 in cryptocurrency from five different victims between August 2022 and March 2023.” Prosecutors revealed that Urban and co-conspirators stole victims’ personal info and used SIM swapping to reset crypto account passwords and drain funds.

Cybercrime 70

Cybercrime Identity Theft Social Engineering Hacking 70

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions.

Cryptocurrency 125

Cryptocurrency Banking Malware Hacking 125

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST.

DNS 145

DNS Malware Internet Internet 145

Security Affairs

MARCH 15, 2024

“Buyers could search for compromised computer credentials on E-Root, such as usernames and passwords that would allow buyers to access remote computers for purposes of stealing private information or manipulating the contents of the remote computer. ” reads the press release published by DoJ.

Cybercrime 136

Cybercrime Cryptocurrency Advertising Passwords 136

Security Affairs

JANUARY 25, 2021

“These techniques include numerous modules that exploit implicit trust, weak passwords, and unauthenticated remote code execution (RCE) vulnerabilities in popular applications, including Secure Shell (SSH), IT administration tools, a variety of cloud-based applications, and databases.” Ransomware, data theft).

Cryptocurrency 145

Cryptocurrency Malware DNS Passwords 145