Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges. Separately, the U.S.

Cryptocurrency 361

Cryptocurrency Phishing Accountability Cybercrime 361

Schneier on Security

SEPTEMBER 6, 2023

The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 It is now in bankruptcy. I can’t understand why anyone thinks these technologies are a good idea.

Cryptocurrency 332

Cryptocurrency Encryption Technology 332

Schneier on Security

MARCH 3, 2023

Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing regulations. As such, the cryptocurrency space has grown over the past decade with very little regulatory oversight. When regulating cryptocurrencies, the best starting point is history.

Cryptocurrency 288

Cryptocurrency Risk Marketing 288

Security Affairs

FEBRUARY 22, 2025

worth of cryptocurrency from one of the companys offline wallets. The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Crypto exchange Bybitwas the victim of a sophisticated attack, and threat actors stole $1.5B

Cryptocurrency 129

Cryptocurrency Hacking Banking Cybersecurity 129

Schneier on Security

OCTOBER 14, 2024

The researchers are calling the malware Perfctl, the name of a malicious component that surreptitiously mines cryptocurrency. Besides using the machine resources to mine cryptocurrency, Perfctl also turns the machine into a profit-making proxy that paying customers use to relay their Internet traffic.

Malware 268

Malware Cryptocurrency Internet Internet 268

SecureList

FEBRUARY 24, 2025

stealer that collects information such as saved credentials, cryptocurrency wallet data and browsing history, packs it into a.7z com/Dipo17/battle ) and execute them. These components were as follows: A Node.js 7z archive and uploads it to the attackers via Telegram. Notably, the attacker-controlled Bitcoin wallet ( ID: bc1qtxlz2m6r[.]yspzt

Cryptocurrency 117

Cryptocurrency Software Encryption Internet 117

Schneier on Security

JUNE 24, 2022

Earlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are an complete and total disaster, and urging them to regulate the space. Green writes: “I have no problem with the idea of legislators (intelligently) passing laws to regulate cryptocurrency. ” I have yet to see one.

Cryptocurrency 364

Cryptocurrency Technology Scams Government 364

Penetration Testing

NOVEMBER 29, 2024

Cybersecurity researchers at ReversingLabs have uncovered a stealthy supply chain attack targeting cryptocurrency wallets via the PyPI repository.

Cryptocurrency 96

Cryptocurrency Cybersecurity Malware 96

Schneier on Security

SEPTEMBER 13, 2022

The Wall Street Journal is reporting that the FBI has recovered over $30 million in cryptocurrency stolen by North Korean hackers earlier this year. These addresses can be created quickly without them being linked to a cryptocurrency company that could freeze the funds.

Cryptocurrency 243

Cryptocurrency Banking Accountability 243

Schneier on Security

SEPTEMBER 9, 2022

Stewart Baker discusses why the industry-norm responsible disclosure for software vulnerabilities fails for cryptocurrency software. Why can’t the cryptocurrency industry solve the problem the way the software and hardware industries do, by patching and updating security as flaws are found?

Cryptocurrency 246

Cryptocurrency Software Engineering Passwords 246

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. 13, with an attack on cryptocurrency trading platform liquid.com. The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Joseph Steinberg

JUNE 9, 2021

The post How The FBI Seized Bitcoin from Colonial Pipeline Hackers – Does Law Enforcement Have More Control Over Cryptocurrencies Than People Believe? Seizing can also be done through other methods – all of which typically require knowing the private key of the origination address.).

Cryptocurrency 363

Cryptocurrency Artificial Intelligence Government Hacking 363

Schneier on Security

APRIL 4, 2023

News : Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week.

Cryptocurrency 254

Cryptocurrency Hacking Software Cybersecurity 254

Security Affairs

MARCH 10, 2025

Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. This is a covert miner able to mine multiple cryptocurrencies (ETH, ETC, XMR, RTM and others) using various algorithms. The payload was only accessible from Russian IPs, suggesting a targeted attack on Russian users.

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

Krebs on Security

JANUARY 7, 2025

KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. Image: Shutterstock, iHaMoo.

Phishing 333

Phishing Cryptocurrency Accountability Social Engineering 333

Schneier on Security

NOVEMBER 22, 2021

I have long been annoyed that the word “crypto” has been co-opted by the blockchain people, and no longer refers to “cryptography.” ” I’m not the only one.

Cryptocurrency 360

Cryptocurrency 360

Krebs on Security

NOVEMBER 21, 2024

According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees. Those accounts state that the intruders assaulted Tylerb’s mother in the home invasion, and that they threatened to burn him with a blowtorch if he didn’t give up the keys to his cryptocurrency wallets.

Identity Theft 245

Identity Theft Phishing Cryptocurrency Accountability 245

Security Affairs

JANUARY 14, 2025

A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. The Wiz Incident Response team reported that threat actors are exploiting the flaw in attacks in the wild to deploy backdoors and cryptocurrency miners. ” reads the advisory published by Wiz.

Cryptocurrency 80

Cryptocurrency Hacking Risk Cybercrime 80

Schneier on Security

SEPTEMBER 18, 2023

Remember last November, when hackers broke into the network for LastPass—a password database—and stole password vaults with both encrypted and plaintext data for over 25 million users? Well, they’re now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet.

Cryptocurrency 339

Cryptocurrency Hacking Passwords Encryption 339

Security Affairs

JANUARY 27, 2025

Crooks stole at least $69 million from Singapore-based cryptocurrency platform Phemex in an alleged cyberattack. On Thursday, researchers at the blockchain security firm PeckShield noticed a suspicious ‘outflow of large funds from the cryptocurrency platform. pic.twitter.com/qT71TJHXPJ — PeckShield Inc. worth of cryptos.

Cryptocurrency 72

Cryptocurrency Hacking Cyber Attacks Information Security 72

SecureList

NOVEMBER 6, 2024

Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox” Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD.

Software 121

Software Cryptocurrency Malware DNS 121

Schneier on Security

JULY 26, 2021

This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from. In this light, banning cryptocurrencies like bitcoin is an obvious solution. We suggest an easier alternative: merely disrupt the cryptocurrency markets. The second is a safe way of collecting ransoms: bitcoin.

Ransomware 364

Ransomware Cryptocurrency Banking Accountability 364

Schneier on Security

AUGUST 10, 2023

Cryptographic flaws still matter. Here’s a flaw in the random-number generator used to create private keys. The seed has only 32 bits of entropy. Seems like this flaw is being exploited in the wild.

Cryptocurrency 244

Cryptocurrency 244

Security Affairs

MARCH 15, 2025

A clipper malware is a type of malicious software designed to intercept and manipulate clipboard data, typically for cryptocurrency theft. When a victim copies a cryptocurrency wallet address, the malware replaces it with an attacker-controlled address, redirecting funds to the hacker instead of the intended recipient.

Software 116

Software Cryptocurrency Malware Encryption 116

Krebs on Security

DECEMBER 4, 2024

Daryna Antoniuk at TheRecord reports that a security researcher said on Sunday they had contacted Wazawaka, who confirmed being charged and said he’d paid two fines, had his cryptocurrency confiscated, and is currently out on bail pending trial.

Cybercrime 225

Cybercrime Ransomware Cryptocurrency Government 225

Schneier on Security

SEPTEMBER 10, 2024

According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency.

Cryptocurrency 303

Cryptocurrency 303

Penetration Testing

FEBRUARY 27, 2025

A recent cybersecurity report from Unit 42 has revealed a new wave of North Korean-linked cyberattacks targeting macOS The post North Korean Hackers Deploy RustDoor and Koi Stealer to Target Cryptocurrency Developers on macOS appeared first on Cybersecurity News.

Cryptocurrency 58

Cryptocurrency Cybersecurity Malware 58

Security Affairs

NOVEMBER 15, 2024

. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 105

Cryptocurrency Hacking Government Accountability 105

Schneier on Security

FEBRUARY 10, 2021

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.

Ransomware 359

Ransomware Cryptocurrency 359

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Cryptocurrency 348

Cryptocurrency Computers and Electronics Antivirus Identity Theft 348

The Hacker News

SEPTEMBER 12, 2024

Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud security firm Aqua.

Cryptocurrency 140

Cryptocurrency Malware Cybersecurity 140

Schneier on Security

NOVEMBER 16, 2021

After the mark is convinced, the scammer will have them get cash (sometimes out of investment or retirement accounts), and head to an ATM that sells cryptocurrencies and supports reading QR codes. With wire transfers, you have to fill out a form, and you may give that form to an actual person (who could potentially vibe check you).

Scams 342

Scams Cryptocurrency Banking Internet 342

Krebs on Security

AUGUST 25, 2021

In a lawsuit filed in Colorado, Schober said the sudden disappearance of his funds in January 2018 prompted him to spend more than $10,000 hiring experts in the field of tracing cryptocurrency transactions. universities). When Schober went to move approximately 16.4 When Schober went to move approximately 16.4

Cryptocurrency 360

Cryptocurrency Malware Mobile Accountability 360

The Hacker News

DECEMBER 5, 2024

As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot.

Cryptocurrency 127

Cryptocurrency Banking Spyware 127

Security Boulevard

FEBRUARY 22, 2025

billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market's history. North Korea's notorious Lazarus Group reportedly stole $1.5 It came the same day Coinbase executives said the SEC was dropping its investigation of their company.

Hacking 99

Hacking Cryptocurrency Marketing Data privacy 99

The Hacker News

OCTOBER 3, 2024

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software.

Cryptocurrency 133

Cryptocurrency Malware Software 133

Krebs on Security

NOVEMBER 14, 2024

Hydra trafficked in illegal drugs and financial services, including cryptocurrency tumbling for money laundering, exchange services between cryptocurrency and Russian rubles, and the sale of falsified documents and hacking services. “Hi, how are you?” ” he inquired. “Maybe we can open business?

Retail 248

Retail Advertising Cryptocurrency Marketing 248