Malwarebytes

MARCH 18, 2025

We were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. One of the common lures is a cracked software version of the popular trading platform TradingView. icu , registered about a week ago by someone in Russia.

Cryptocurrency 127

Cryptocurrency Malware Scams Antivirus 127

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 335

Malware Cryptocurrency Software Phishing 335

Krebs on Security

JUNE 15, 2024

One of the more popular SIM-swapping channels on Telegram maintains a frequently updated leaderboard of the most accomplished SIM-swappers, indexed by their supposed conquests in stealing cryptocurrency. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page.

Hacking 346

Hacking Cybercrime Phishing Passwords 346

eSecurity Planet

MAY 27, 2025

The FBI has issued a new warning to US law firms about an ongoing and increasingly aggressive phishing campaign orchestrated by the cybercriminal group Luna Moth. The post FBI Warns Law Firms: Hackers Are Calling Offices in Stealth Phishing Scam appeared first on eSecurity Planet. Enable two-factor authentication across all systems.

Phishing 68

Phishing Scams Antivirus Backups 68

Security Affairs

JUNE 7, 2021

Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian underground forums have launched competitions for hacking cryptocurrency schema and Non-fungible token (NFT). SecurityAffairs – hacking, cryptocurrency hack). Pierluigi Paganini.

Cryptocurrency 144

Cryptocurrency Cybercrime Hacking Technology 144

Security Affairs

NOVEMBER 15, 2024

Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116

CyberSecurity Insiders

NOVEMBER 26, 2021

Google, the business subsidiary of tech giant Alphabet Inc, has released a report saying that the compromised cloud accounts were leading hackers to mine cryptocurrency that could prove as a double threat to customers. The post Compromised cloud accounts leading to Cryptocurrency mining appeared first on Cybersecurity Insiders.

Cryptocurrency 131

Cryptocurrency Accountability Passwords Software 131

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. “These criminals are after your hard-earned money, targeting your bank accounts and cryptocurrency wallets with fake login pages and malware disguised as safe software.” 160 on port 4449.

Antivirus 120

Antivirus Malware Banking Passwords 120

The Last Watchdog

DECEMBER 18, 2024

Dooley Doug Dooley , COO, Data Theorem In 2025, cybersecurity threats will escalate across APIs, cloud setups, supply chains, and cryptocurrency. Supply chain attacks will intensify through poisoned APIs and unchecked software dependencies. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities.

Risk 173

Risk Threat Detection Technology Phishing 173

Penetration Testing

JULY 18, 2024

Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated cyberattack campaign targeting cryptocurrency users.

Cryptocurrency 104

Cryptocurrency Malware Phishing Software 104

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 100

Small Business Cybersecurity Passwords Scams 100

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 363

Phishing VPN Social Engineering Media 363

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms.

Malware 120

Malware Advertising Antivirus Cybercrime 120

Krebs on Security

FEBRUARY 26, 2023

But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. In a filing with the U.S.

Hacking 333

Hacking Social Engineering Phishing Scams 333

Graham Cluley

APRIL 3, 2022

Owners of physical Trezor cryptocurrency wallets should be on their guard after an email was sent out by thieves attempting to dupe them into downloading new software to their devices.

Phishing 145

Phishing Cryptocurrency Hacking Software 145

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 138

Phishing Data breaches Cryptocurrency Social Engineering 138

Security Affairs

NOVEMBER 1, 2024

LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Player software in a supply chain attack. The bogus versions included code that prompted users to connect their cryptocurrency wallets.

Cryptocurrency 107

Cryptocurrency Hacking Accountability Mobile 107

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 133

Scams Phishing Cryptocurrency Accountability 133

Malwarebytes

FEBRUARY 19, 2025

Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts. The next Mac malware Malware is malicious software, and just like legitimate software, malware has to be developed for specific operating systems. They are wildly adaptable.

Malware 135

Malware Software Passwords Cryptocurrency 135

The Hacker News

NOVEMBER 29, 2021

Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation.

Cryptocurrency 106

Cryptocurrency Accountability Phishing Ransomware 106

Malwarebytes

AUGUST 26, 2021

In August of 2021, a thief stole about $600 million in cryptocurrencies from The Poly Network. Slightly more than one week later, Japanese cryptocurrency exchange Liquid was hacked and lost $97 million worth of digital coins. They are not available for every cryptocurrency. We can’t answer the first question for you.

Cryptocurrency 133

Cryptocurrency Banking Hacking Engineering 133

Security Affairs

NOVEMBER 1, 2024

LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Player software in a supply chain attack. The bogus versions included code that prompted users to connect their cryptocurrency wallets.

Cryptocurrency 98

Cryptocurrency Accountability Hacking Mobile 98

IT Security Guru

APRIL 25, 2025

Phishing is a great example of this, with it evolving from simple email scams to more malicious and carefully thought-out attacks. As more people shift to online financial platforms or cryptocurrencies, digital wallets have become a common target for phishing scams.

Scams 44

Scams Phishing Cryptocurrency Cyber threats 44

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials.

Social Engineering 359

Social Engineering Mobile Passwords Cybercrime 359

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 77

Phishing Banking Scams Mobile 77

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Malware infection. cmd.exe /c “mkdir %public%MM >%temp%TMPF522.tmp

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. ” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell.

Antivirus 363

Antivirus Hacking Government Software 363

Cisco Security

SEPTEMBER 28, 2021

What does phishing mean? Ransomware is a special type of harmful software. What’s phishing? The link downloads harmful software, or the attachment infects your device. Phishing is a simple and popular way for hackers trick and hook you. Spear phishing is a special type. Why is there a ‘p’ in phishing?

Phishing 145

Phishing Ransomware Passwords Cryptocurrency 145

SecureList

JUNE 10, 2024

This article examines methods that rely on social engineering, where attackers manipulate the victim into giving away the OTP, and tools that they use to automate the manipulations: so-called OTP bots and administration panels to control phishing kits. The bot accepts payments in cryptocurrency only. What is an OTP bot?

Phishing 145

Phishing Banking Social Engineering Accountability 145

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time. Phishing site with chat support.

Scams 135

Scams Phishing Social Engineering Banking 135

Security Affairs

NOVEMBER 20, 2018

Security experts at F-Secure have recently spotted a small spam campaign aimed at Mac users that use Exodus cryptocurrency wallet. The campaign leverages Exodus-themed phishing messages using an attachment named “Exodus-MacOS-1.64.1-update.zip.” com” website, a cloud-based remote spy software for Mac systems. update.zip.”

Cryptocurrency 103

Cryptocurrency Spyware Advertising Surveillance 103

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency 313

Cryptocurrency Cybercrime Computers and Electronics Scams 313

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 78

Malware Cryptocurrency Encryption Engineering 78

Security Affairs

NOVEMBER 18, 2020

The kill chain starts with phishing messages that use a.docx file that once is opened triggers a template injection attack. bin, researchers also observed the use of a cryptocurrency mining module. . The post Phishing campaign targets LATAM e-commerce users with Chaes Malware appeared first on Security Affairs.

Phishing 133

Phishing Malware Cryptocurrency Information Security 133

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 277

Mobile Cryptocurrency Accountability Passwords 277

SecureList

DECEMBER 16, 2024

The primary purpose of these tools is to render the code undetectable by security software. Verdict: Partially fulfilled Evolution and market dynamics of Bitcoin mixers and cleaning services In 2024, there was no significant increase in the number of services advertising cryptocurrency “cleaning” solutions.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Security Affairs

DECEMBER 8, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence 103

Artificial Intelligence Spyware Hacking Ransomware 103