This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest users’ private keys. ” reads the report published by Aikido. contained malicious code.
Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies. Though not permanent, this disruption can significantly hinder the attack.
worth of cryptocurrency from one of the companys offline wallets. The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Crypto exchange Bybitwas the victim of a sophisticated attack, and threat actors stole $1.5B
A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerability, tracked as CVE-2024-50603 (CVSS score: 10.0), in the Aviatrix Controller. The flaw impacts Aviatrix Controller pre-7.1.4191 and 7.2.x
Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. This is a covert miner able to mine multiple cryptocurrencies (ETH, ETC, XMR, RTM and others) using various algorithms. The payload was only accessible from Russian IPs, suggesting a targeted attack on Russian users.
Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools. million in revenue.
authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. authorities linked the $308 million cyber heist targeting cryptocurrency company DMM Bitcoin to North Korea-linked threat actors. On June 1st, the Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9
Crooks stole at least $69 million from Singapore-based cryptocurrency platform Phemex in an alleged cyberattack. On Thursday, researchers at the blockchain security firm PeckShield noticed a suspicious ‘outflow of large funds from the cryptocurrency platform. pic.twitter.com/qT71TJHXPJ — PeckShield Inc.
Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.
. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.
The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. ” reads the alert.
reads the report published by Elastic Security Labs. Banshee Stealer can also steal cryptocurrency from different wallets, including Exodus, Electrum, Coinomi, Guarda, Wasabi Wallet, Atomic and Ledger. A list of these extension IDs is provided at the end of the blog post.” concludes the report.
Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2 , and were used to steal PayPal credentials and hijack cryptocurrency transfers.
These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. By simply paying the fee, usually in cryptocurrencies, the customer will receive the sensitive material ready to be exploited.
Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.
A clipper malware is a type of malicious software designed to intercept and manipulate clipboard data, typically for cryptocurrency theft. When a victim copies a cryptocurrency wallet address, the malware replaces it with an attacker-controlled address, redirecting funds to the hacker instead of the intended recipient.
New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. Whether this is more profitable remains to be seen.
Coordination by Eurojust ensured that authorities were able to exchange information and align their investigative efforts.” in cryptocurrency, bringing the total to over 21.2M. . “Eurojust has provided essential support to make judicial cooperation effective since the beginning of the investigation in 2024.
Blockchain: Developed primarily for cryptocurrency applications and maligned for manipulating those markets, blockchain can be a valuable security tool, as its universe of connected nodes is almost impossible to corrupt or destroy. Security Engineer Security engineers build secure systems.
“They discovered the victims all had something else in common: Each had at one point stored their cryptocurrency seed phrase the secret code that lets anyone gain access to your cryptocurrency holdings in the Secure Notes area of their LastPass account prior to the 2022 breaches at the company. ” However.
The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!
Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.
On November 20, a verified Bohemia administrator provided on the dark web forum Dread information about the disruptions affecting the marketplace. The authorities also seized two vehicles and €8 million worth of cryptocurrency. Police expect this figure to rise and have already arrested several Dutch dealers in June.
Threat actors use weak credential brute force to gain access to target systems, then deploy cryptocurrency miners and crimeware with capabilities like data exfiltration, persistence, self-termination, and pivot attacks. West Coast to deploy info stealers and crypto miners. The malware disables remote access to entrench itself further.
Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.”
INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.
Bitdefender researchers reported that the North Korea-linked Lazarus group uses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. The attacker shares a repository with an MVP and a document requiring execution.
Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)
Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. that helped crooks launder cryptocurrency. and Sinbad.io Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on Dec.
During the search, the agents seized cryptocurrencies and various computer equipment. “ At the international level, there has been collaboration with EUROPOL and the Homeland Security Investigations (HSI) of the USA.” The man was arrested in the town of Calpe (Alicante). ” continues the press release.
The Japanese cryptocurrency platform DMM Bitcoin is closing its operations just six months after a $300 million cyber heist. DMM Bitcoin is a cryptocurrency exchange based in Japan, operated by DMM Group, a large Japanese e-commerce and entertainment conglomerate. Bitcoin (BTC), approximately $304 million (48.2
” The attackers, linked to BlueNoroff and past RustBucket campaigns, used fake cryptocurrency news emails and a malicious app disguised as a PDF. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as “Hidden Risk.”
Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.
dll module revealed that the malware supports sophisticated functionalities to steal credentials from browsers, digital wallet data, clipboard content, and system information. “StilachiRAT gathers extensive system information, including OS details, device identifiers, BIOS serial numbers, and camera presence.”
and can execute remote commands through the socketServer function, including executing shell commands and stealing device information (whour). Threat actors used shell commands to search for cryptocurrency wallet keys in document, image, and cryptocurrency-related files, which were then sent to a remote source.
Europol has taken down a massive cryptocurrency fraud ring that scammed over 5,000 people worldwide, laundering around €460 million ($540 million). Law enforcement arrested five members of a criminal network engaged in cryptocurrency investment fraud and performed 5 searches between the Canary Islands and Madrid. France, and Estonia.
Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles. .
CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.
. “PoisonSeed threat actors are targeting enterprise organizations and individuals outside the cryptocurrency industry.They have been phishing CRM and bulk email providers credentials to export email lists and send bulk spam from the accounts. ” reads the report published by Silent Push. ” continues the report.
The Wiz Incident Response team reported that threat actors are exploiting the flaw in attacks in the wild to deploy backdoors and cryptocurrency miners. Threat actors exploit the vulnerability to mine cryptocurrency with XMRig, deploy Sliver backdoors, and likely enumerate cloud permissions for potential data exfiltration.
LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. Several Lottie-Player users reported that their websites began displaying a pop-up, urging visitors to connect their cryptocurrency wallets. of @lottiefiles/lottie-player to npm.
The Raccoon stealer was first spotted in April 2019, it was designed to steal victims credit card data, email credentials, cryptocurrency wallets, and other sensitive data. FBI identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.)
Department of State offers a reward of up to $10 million for information nation-state actors linked to the RedLine infostealer and its alleged author, Russian national Maxim Alexandrovich Rudometov. Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.”
Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. The platform allowed the payment for the illegal goods and services in Bitcoin (BTC) and Monero (XMR) cryptocurrencies.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content