Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website.

Hacking 332

Hacking Social Engineering Phishing Scams 332

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals.

Cybercrime 109

Cybercrime Identity Theft Cryptocurrency Phishing 109

Security Affairs

MARCH 3, 2025

authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, which is a decentralized finance (DeFi) protocol built on Binances BNB Chain.

Cryptocurrency 63

Cryptocurrency Hacking Cyber Attacks Marketing 63

Security Affairs

APRIL 3, 2021

Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. link] pic.twitter.com/zugl7mFK0K — Justin Perdok (@JustinPerdok) April 2, 2021. pic.twitter.com/5twTjuL2vK — Justin Perdok (@JustinPerdok) April 2, 2021.

Cryptocurrency 143

Cryptocurrency Accountability Software Engineering 143

Security Boulevard

FEBRUARY 24, 2021

In mid-February 2021, the Department of Justice shared the content of what had been a sealed indictment charging three North Korean (DPRK) hacking “operatives” with a plethora of cybercrimes, including “cyber heists and extortion schemes, targeting both traditional and cryptocurrencies.” Assistant Attorney General John C.

Cybercrime 136

Cybercrime Hacking Cryptocurrency Ransomware 136

Security Affairs

OCTOBER 30, 2023

A man from Orlando was sentenced to prison for SIM Swapping conspiracy that led to the theft of approximately $1M in cryptocurrency. The man was sentenced for his role in a hacking scheme that led to the theft of approximately $1M worth of cryptocurrency from dozens of victims. ” reads the press release published by DoJ.

Cryptocurrency 134

Cryptocurrency Accountability Hacking Cybercrime 134

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. “Targeting of Cryptocurrency Users and Influencers: Crazy Evil explicitly victimizes the cryptocurrency space with bespoke spearphishing lures.”

Scams 81

Scams Media Cryptocurrency Cybercrime 81

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 139

Cryptocurrency Firmware Malware Threat Detection 139

SecureWorld News

NOVEMBER 22, 2024

The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Security Affairs

NOVEMBER 1, 2021

Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 The following graph shows that the cryptocurrency peaked at a price of $2,861 before dropping to $0 around. ” reported GixModo.

Cryptocurrency 138

Cryptocurrency Scams Cybercrime Advertising 138

Security Affairs

APRIL 3, 2025

” Kidflix, launched in 2021, rapidly became a major CSAM platform, generating huge profits. Unlike other platforms, Kidflix allowed streaming and used cryptocurrency-based payments. Users made payments using cryptocurrencies, which were subsequently converted into tokens. The investigation is ongoing.”

Cryptocurrency 96

Cryptocurrency Cybercrime Hacking Information Security 96

Security Affairs

NOVEMBER 6, 2021

Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations. The company pointed out that the incident was not a protocol hack. Pierluigi Paganini.

Cryptocurrency 141

Cryptocurrency Phishing Hacking Accountability 141

Security Affairs

JULY 19, 2022

FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. Federal Bureau of Investigation (FBI) has warned of crooks creating malicious cryptocurrency-themed apps to steal crypto assets from investors. million from 244 victims between October 4, 2021, and May 13, 2022.

Cryptocurrency 128

Cryptocurrency Mobile Hacking Accountability 128

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. Attorney Erek L.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

CSO Magazine

FEBRUARY 17, 2022

As high-stakes cryptocurrency and blockchain projects proliferate and soar in value, it’s no surprise that malicious actors were enticed to steal $14 billion in cryptocurrency during 2021 alone. The frantic pace of cryptocurrency thefts is continuing into 2022.

Cryptocurrency 101

Cryptocurrency Hacking 101

The Hacker News

JUNE 2, 2021

A top Russian-language underground forum has been running a "contest" for the past month, calling on its community to submit "unorthodox" ways to conduct cryptocurrency attacks.

Cryptocurrency 102

Cryptocurrency Hacking Technology 102

Security Affairs

AUGUST 10, 2021

The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to date. 611 million has reportedly been stolen in one of the largest cryptocurrency hacks. BitGo @renBTCFinance — Poly Network (@PolyNetwork2) August 10, 2021. The attackers.

Hacking 129

Hacking Cryptocurrency Information Security Network Security 129

Krebs on Security

JUNE 27, 2023

Joseph James “PlugwalkJoe” O’Connor , a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter , has been sentenced to five years in a U.S. 02, 2020, pitching O’Connor as a cryptocurrency expert and advisor. I don’t care,” O’Connor told The Times.

Cryptocurrency 277

Cryptocurrency Accountability Mobile Hacking 277

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Colonial Pipeline ( May 2021 ) – The Colonial Pipeline facility in Pelham, Alabama, was hit by a cybersecurity attack in May and its operators were forced to shut down its systems.

Cyber Attacks 140

Cyber Attacks Ransomware Hacking Insurance 140

Krebs on Security

MARCH 7, 2022

This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies. This wealth allowed Conti to do things that regular investors couldn’t — such as moving the price of cryptocurrencies in one direction or the other. “Cryptocurrency article contest!

Ransomware 275

Ransomware Cryptocurrency DDOS Scams 275

Security Boulevard

FEBRUARY 3, 2025

DOJ for using borrowed cryptocurrency and exploiting vulnerabilities on the KyberSwap and Indexed Finance DeFi platforms to steal $65 million in digital assets in two schemes between 2021 and 2023. The post Canadian Man Stole $65 Million in Crypto in Two Platform Hacks, DOJ Says appeared first on Security Boulevard.

Hacking 117

Hacking Cryptocurrency Cybersecurity Network Security 117

Security Affairs

JANUARY 2, 2022

The cyberattacks against the cryptocurrency industry are a profitable business for threat actors, according to the experts, $12.1 billion worth of cryptocurrencies have been stolen in the last decade. In 2021 we observed a spike in crypto heists, $4.25 billion worth of cryptos were stolen by cybercriminals in 2021.

Cryptocurrency 117

Cryptocurrency Scams Marketing Hacking 117

Security Affairs

JUNE 22, 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. SecurityAffairs – hacking, botnet).

DNS 145

DNS Internet Internet Malware 145

Security Affairs

OCTOBER 28, 2021

Threat actors have stolen $130 million worth of cryptocurrency assets from the Cream Finance decentralized finance (DeFi) platform. Threat actors have stolen $130 million worth of cryptocurrency assets from the decentralized finance (DeFi) platform. — Cream Finance (@CreamdotFinance) October 27, 2021. increase from 2020.

Cryptocurrency 102

Cryptocurrency Marketing Hacking Financial Services 102

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency 115

Cryptocurrency Malware Advertising System Administration 115

Security Affairs

SEPTEMBER 3, 2021

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

Authentication 133

Authentication Cryptocurrency Hacking Government 133

CyberSecurity Insiders

MARCH 10, 2022

But here’s a news piece that gives details of a ransomware group that paid $6 million in salaries last year and even tried to develop its cryptocurrency. Conti Ransomware group is the hacking group in discussion and is reported to have been led by an individual code named ‘Stern’.

Cryptocurrency 119

Cryptocurrency Ransomware Banking Hacking 119

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency 305

Cryptocurrency Ransomware Retail Government 305

Security Boulevard

DECEMBER 3, 2021

Schadenfreude: This week saw a pair of high-profile cryptocurrency thefts, totalling over $150 million. The post $150M Stolen in ‘Imaginary Money’ Crypto/DeFi Hacks appeared first on Security Boulevard.

Hacking 126

Hacking Cryptocurrency Social Engineering Engineering 126

Security Affairs

AUGUST 11, 2021

The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds. The threat actor behind the hack of the Poly Network cross-chain protocol is now returning the stolen funds. pic.twitter.com/Yzw4oDenjC — Poly Network (@PolyNetwork2) August 10, 2021.

Hacking 108

Hacking Cryptocurrency 108

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. ru , which periodically published hacking tools and exploits for software vulnerabilities. The links have been redacted.

Cryptocurrency 301

Cryptocurrency Cybercrime Retail Government 301

Security Affairs

DECEMBER 6, 2021

Threat actors stole more than $150 million in various cryptocurrencies from the cryptocurrency trading platform BitMart. Cryptocurrency trading platform BitMart has disclosed a security breach, threat actors stole than $150 million in various cryptocurrencies. — Sheldon Xia (@sheldonbitmart) December 6, 2021.

Cryptocurrency 112

Cryptocurrency Hacking Cybercrime Information Security 112

Malwarebytes

AUGUST 26, 2021

In August of 2021, a thief stole about $600 million in cryptocurrencies from The Poly Network. Slightly more than one week later, Japanese cryptocurrency exchange Liquid was hacked and lost $97 million worth of digital coins. They are not available for every cryptocurrency. I wish I knew.

Cryptocurrency 121

Cryptocurrency Banking Hacking Engineering 121

Security Affairs

SEPTEMBER 30, 2021

Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product. ActionRequired patch immediately!

Cryptocurrency 114

Cryptocurrency Authentication Malware Marketing 114

Security Affairs

DECEMBER 17, 2021

Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns , crypto-jacking, cryptocurrency clipping (substituting the original wallet address saved in the clipboard with the attacker’s wallet address during a transaction) and ransomware attacks in the past.

Cryptocurrency 126

Cryptocurrency Cybercrime Malware Hacking 126

Threatpost

APRIL 30, 2021

The developer of the WeSteal cryptocurrency stealer can’t be bothered with fancy talk: they say flat-out that it’s “the leading way to make money in 2021”.

Cryptocurrency 104

Cryptocurrency Malware Hacking 104

Security Affairs

DECEMBER 21, 2024

in cryptocurrency obtained from ransom payments. In January 2021, law enforcement authorities in the U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) million as a result of the offenses charged in the indictment.

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107