Security Affairs

NOVEMBER 21, 2024

Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 110

Cybercrime Identity Theft Cryptocurrency Phishing 110

Security Affairs

NOVEMBER 19, 2021

million worth of cryptocurrency. million worth of cryptocurrency from an American individual. The cryptocurrency has been stolen through a SIM swapping attack that allowed the attackers to bypass 2FA used to protect the wallets containing the funds. This is currently the biggest cryptocurrency theft reported from one person.”

Cryptocurrency 144

Cryptocurrency Accountability Hacking Information Security 144

Security Affairs

APRIL 14, 2025

Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2 , and were used to steal PayPal credentials and hijack cryptocurrency transfers.

Cryptocurrency 102

Cryptocurrency Hacking Accountability Cybercrime 102

Security Affairs

APRIL 3, 2021

Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Perdok told The Record that he has identified at least one account responsible for the creation of hundreds of Pull Requests containing malicious code. Pierluigi Paganini.

Cryptocurrency 144

Cryptocurrency Accountability Software Engineering 144

Security Affairs

SEPTEMBER 20, 2024

The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services. The duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services.

Cryptocurrency 130

Cryptocurrency Hacking Accountability Cybercrime 130

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 139

Cryptocurrency Banking Hacking Accountability 139

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 291

Scams Artificial Intelligence Cryptocurrency Accountability 291

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft. . ” states Microsoft.

Cryptocurrency 133

Cryptocurrency Phishing Accountability VPN 133

Security Affairs

OCTOBER 30, 2023

A man from Orlando was sentenced to prison for SIM Swapping conspiracy that led to the theft of approximately $1M in cryptocurrency. The man was sentenced for his role in a hacking scheme that led to the theft of approximately $1M worth of cryptocurrency from dozens of victims. ” reads the press release published by DoJ.

Cryptocurrency 136

Cryptocurrency Accountability Hacking Cybercrime 136

Security Affairs

MARCH 10, 2025

“Working with dozens of victims, security researchers Nick Bax and Taylor Monahan found that none of the six-figure cyberheist victims appeared to have suffered the sorts of attacks that typically preface a high-dollar crypto theft, such as the compromise of ones email and/or mobile phone accounts, or SIM-swapping attacks.”

Password Management 85

Password Management Cryptocurrency Passwords Data breaches 85

Security Affairs

DECEMBER 2, 2024

INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.

Cryptocurrency 127

Cryptocurrency Phishing Scams Cybercrime 127

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Mail keys are unique credentials that AT&T email users can use to log into their accounts using email apps such as Thunderbird or Outlook , but without having to use their passwords.”

Cryptocurrency 98

Cryptocurrency Accountability Passwords Hacking 98

Security Affairs

NOVEMBER 13, 2020

Threat actors have stolen $2 million worth of Dai cryptocurrency from the cryptocurrency borrowing and lending service Akropolis. Cryptocurrency borrowing and lending service Akropolis disclosed a “flash loan” attack, hackers have stolen roughly $2 million worth of Dai cryptocurrency. Pierluigi Paganini.

Cryptocurrency 129

Cryptocurrency Hacking Accountability Information Security 129

Security Affairs

FEBRUARY 28, 2021

The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. According to the local news site Stuff , a creditor, U.S.

Cryptocurrency 120

Cryptocurrency Hacking Cyber Attacks Accountability 120

Security Affairs

MARCH 24, 2025

They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device. Reporting the incident to IC3.gov

Malware 116

Malware Scams Identity Theft Antivirus 116

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime 139

Cybercrime Social Engineering Accountability Government 139

Security Affairs

APRIL 2, 2025

It can steal accounts, send messages, steal crypto, monitor browsing, intercept SMS, and more. Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “the authors of the new version of Triada are actively monetizing their efforts.

Malware 121

Malware Cryptocurrency Mobile Firmware 121

Security Affairs

OCTOBER 6, 2024

A man from Indiana pleaded guilty to stealing over $37M in cryptocurrency from 571 victims during a 2022 cyberattack. In February 2022, Light participated in a cyber attack on an investment firm in Sioux Falls, South Dakota, stealing over $37,000,000 worth of cryptocurrency from 571 victims.

Cryptocurrency 120

Cryptocurrency Cyber Attacks Hacking Accountability 120

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. ” the company said on X.

Accountability 136

Accountability Hacking Cryptocurrency Cybersecurity 136

Security Affairs

JULY 19, 2022

FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. Federal Bureau of Investigation (FBI) has warned of crooks creating malicious cryptocurrency-themed apps to steal crypto assets from investors. Inform customers whether the financial institution has a mobile application.

Cryptocurrency 129

Cryptocurrency Mobile Hacking Accountability 129

Security Affairs

FEBRUARY 1, 2024

Daniel James Junk (22) of Portland was sentenced to 72 months in federal prison for his role in a scheme that resulted in the theft of millions of dollars of cryptocurrency using a SIM swapping. Once hijacked a SIM, the attacker can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Cryptocurrency 137

Cryptocurrency Computers and Electronics Accountability Scams 137

Security Affairs

DECEMBER 3, 2024

The Japanese cryptocurrency platform DMM Bitcoin is closing its operations just six months after a $300 million cyber heist. DMM Bitcoin is a cryptocurrency exchange based in Japan, operated by DMM Group, a large Japanese e-commerce and entertainment conglomerate. Bitcoin (BTC), approximately $304 million (48.2

Cryptocurrency 63

Cryptocurrency Financial Services Accountability Hacking 63

Security Boulevard

JANUARY 16, 2022

Norton 360, a popular antivirus product, has installed a cryptocurrency mining program on its customers’ computers, some cities in Texas have been hit with a phishing scam designed to get users to pay through fraudulent QR code stickers on public parking meters, and how Facebook is still collecting data about you even if you deactivate […].

Accountability 122

Accountability Antivirus Cryptocurrency Scams 122

Security Affairs

OCTOBER 20, 2021

Once hijacked the channel, attackers either sell it to the highest bidder or employ it in cryptocurrency scam scheme. The researchers identified around 15,000 actor accounts, most of which were created for this campaign. Hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers. Pierluigi Paganini.

Accountability 144

Accountability Malware Phishing Social Engineering 144

Security Affairs

NOVEMBER 6, 2021

Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations. Contacted KuCoin to identify the hackers KuCoin account. Pierluigi Paganini.

Cryptocurrency 141

Cryptocurrency Phishing Hacking Accountability 141

Security Affairs

APRIL 7, 2025

. “PoisonSeed threat actors are targeting enterprise organizations and individuals outside the cryptocurrency industry.They have been phishing CRM and bulk email providers credentials to export email lists and send bulk spam from the accounts. ” reads the report published by Silent Push. ” continues the report.

Scams 73

Scams Cryptocurrency Phishing Cybercrime 73

Security Affairs

MARCH 4, 2025

Threat actors use weak credential brute force to gain access to target systems, then deploy cryptocurrency miners and crimeware with capabilities like data exfiltration, persistence, self-termination, and pivot attacks. West Coast to deploy info stealers and crypto miners. The malware disables remote access to entrench itself further.

Cryptocurrency 104

Cryptocurrency Malware Passwords Hacking 104

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron. of spam and scam.”

CISO 340

CISO Cybercrime Accountability Information Security 340

Security Affairs

NOVEMBER 8, 2021

The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI Internet Crime Complaint Center (IC3) published an alert to warn the public of fraudulent schemes leveraging cryptocurrency ATMs and Quick Response (QR) codes to complete payment transactions.

Cryptocurrency 109

Cryptocurrency Scams Accountability Government 109

Security Affairs

SEPTEMBER 9, 2022

US authorities recovered more than $30 million worth of cryptocurrency stolen by the North Korea-linked Lazarus APT from Axie Infinity. The post $30 Million worth of cryptocurrency stolen by Lazarus from Axie Infinity was recovered appeared first on Security Affairs. ” continues the report. Pierluigi Paganini.

Cryptocurrency 138

Cryptocurrency Spyware Engineering Hacking 138

Security Affairs

JANUARY 10, 2024

Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish fake news on the Bitcoin ETF approval. ” Gensler wrote.

Accountability 129

Accountability Hacking Cryptocurrency Surveillance 129

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles. .

Scams 82

Scams Media Cryptocurrency Cybercrime 82

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The service now includes credentials for 441K accounts stolen by the popular info-stealer. Users have also to change passwords for any account accessed through the infected machine.

Accountability 145

Accountability Malware Data breaches Passwords 145

Security Affairs

JUNE 4, 2020

Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Pierluigi Paganini.

Accountability 127

Accountability Phishing DNS Cryptocurrency 127

Security Affairs

JULY 12, 2022

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. ” states the report published by Trend Micro.

Cryptocurrency 111

Cryptocurrency IoT Software Malware 111

Krebs on Security

OCTOBER 5, 2022

The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches for corporate HR departments and for those managing invite-only LinkedIn groups. Another “swarm” of LinkedIn bot accounts flagged by Taylor’s group.

Accountability 312

Accountability Scams Artificial Intelligence Cryptocurrency 312