Heimadal Security

JANUARY 14, 2022

BlueNoroff, a North Korean Advanced Persistent Threat (APT) group, has been observed using malicious documents and bogus MetaMask browser extensions in attacks targeting small and medium-sized cryptocurrency startups. The post Cryptocurrency Startups Targeted by the BlueNoroff Hacking Group appeared first on Heimdal Security Blog.

Cryptocurrency 132

Cryptocurrency Hacking Cybersecurity 132

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

The Hacker News

FEBRUARY 16, 2024

Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines.

Cryptocurrency 138

Cryptocurrency Malware 138

Schneier on Security

NOVEMBER 28, 2022

Devices belonging to females were more likely to be snooped on, and that snooping tended to seek more sensitive data, including both sexually revealing and non-sexual pictures, documents, and financial information. […]. All of the laptops were set up with email and gaming accounts and populated with browser history across several weeks.

Antivirus 357

Antivirus Cryptocurrency Accountability Malware 357

Security Affairs

SEPTEMBER 20, 2024

The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services. The duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services.

Cryptocurrency 130

Cryptocurrency Hacking Accountability Cybercrime 130

Digital Shadows

JUNE 7, 2021

It’s been a pretty big year so far for cryptocurrency. The post Cryptocurrency Attacks to be Aware of in 2021 first appeared on Digital Shadows. After it reached an all-time high in April 2021, new.

Cryptocurrency 138

Cryptocurrency Marketing Cybercrime 138

SecureWorld News

NOVEMBER 22, 2024

The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. Scattered Spider has gained infamy for its high-profile cyberattacks, including the ransomware assault on MGM Casino in 2023 , which caused widespread disruption.

Phishing 107

Phishing Identity Theft Cryptocurrency Cybercrime 107

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. capital).

Malware 328

Malware Cryptocurrency Software Phishing 328

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. Source Computerworld.ch

Cybercrime 113

Cybercrime Cryptocurrency Hacking Internet 113

Security Affairs

NOVEMBER 6, 2021

Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations. ” reads a Preliminary Post Mortem analysis published by the company. “A Pierluigi Paganini.

Cryptocurrency 141

Cryptocurrency Phishing Hacking Accountability 141

Security Affairs

JULY 19, 2022

FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. Federal Bureau of Investigation (FBI) has warned of crooks creating malicious cryptocurrency-themed apps to steal crypto assets from investors. ” reads the alert. ” reads the alert. million. .”

Cryptocurrency 128

Cryptocurrency Mobile Hacking Accountability 128

Krebs on Security

JANUARY 10, 2024

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies. million cyberheist.

Cryptocurrency 335

Cryptocurrency Government Cybercrime Accountability 335

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Security Affairs

DECEMBER 4, 2022

The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. In this campaign, the threat actors used the “bloxholder[.]com”

Cryptocurrency 100

Cryptocurrency Malware Hacking Information Security 100

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency 299

Cryptocurrency Ransomware Retail Government 299

Security Affairs

FEBRUARY 1, 2024

Daniel James Junk (22) of Portland was sentenced to 72 months in federal prison for his role in a scheme that resulted in the theft of millions of dollars of cryptocurrency using a SIM swapping. Once hijacked a SIM, the attacker can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Cryptocurrency 136

Cryptocurrency Computers and Electronics Accountability Scams 136

Security Affairs

JANUARY 15, 2023

An international police operation led by Europol led to the arrest of cryptocurrency scammers targeting users all over the world. “The suspects used advertisements on social networks to lure victims to websites covertly operated by the criminals, which offered seemingly exceptional investment opportunities in cryptocurrencies.”

Cryptocurrency 98

Cryptocurrency Computers and Electronics Advertising Backups 98

The Hacker News

DECEMBER 5, 2022

The Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver a previously undocumented version of the AppleJeus malware, according to new findings from Volexity.

Cryptocurrency 98

Cryptocurrency Malware 98

Security Affairs

APRIL 7, 2025

By simply paying the fee, usually in cryptocurrencies, the customer will receive the sensitive material ready to be exploited. With the help of these documents, even inexperienced operators with limited hacking skills can quickly acquire the necessary expertise to successfully forward counterfeit EDRs.

Cybercrime 110

Cybercrime Social Engineering Accountability Government 110

Security Affairs

DECEMBER 27, 2024

Threat actors used shell commands to search for cryptocurrency wallet keys in document, image, and cryptocurrency-related files, which were then sent to a remote source. The November version communicates via Socket.IO Attackers used commands like ls and cat to examine the target environment.

Malware 87

Malware Cryptocurrency Software Hacking 87

Krebs on Security

OCTOBER 9, 2024

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. ’s son was loaded with cryptocurrency? ” What made the Miami men so convinced R.C.

Cryptocurrency 289

Cryptocurrency Social Engineering Accountability Mobile 289

The Hacker News

NOVEMBER 8, 2022

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like SystemBC and Raccoon Stealer 2.0,

Cryptocurrency 94

Cryptocurrency Malware Phishing 94

Krebs on Security

JULY 21, 2022

“It’s run by a fraud ring of cryptocurrency scammers who mine dating apps and other social media for victims and the scam is becoming alarmingly popular.” Many of these platforms include extensive study materials and tutorials on cryptocurrency investing. com, a scam cryptocurrency platform tied to a pig butchering scheme.

Scams 332

Scams Cryptocurrency Marketing Internet 332

Malwarebytes

JULY 19, 2022

Together with the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), the FBI has released a warning about cybercriminals creating fraudulent cryptocurrency investment apps in order to defraud cryptocurrency investors. Stay safe, everyone!

Cryptocurrency 95

Cryptocurrency Mobile Banking Internet 95

Krebs on Security

AUGUST 7, 2018

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. A WORRIED MOM.

Mobile 248

Mobile Cryptocurrency Computers and Electronics Scams 248

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains.

Accountability 329

Accountability Cryptocurrency Passwords DNS 329

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. The files pose an interview for a fake cryptocurrency role or job opening. This file, which also masquerades as a legitimate word document, is designed to lure unsuspecting victims into executing the loader.

Cryptocurrency 98

Cryptocurrency Malware Media Phishing 98

Security Affairs

FEBRUARY 5, 2025

Bitdefender researchers reported that the North Korea-linked Lazarus group uses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. The attacker shares a repository with an MVP and a document requiring execution.

Cryptocurrency 71

Cryptocurrency Malware Hacking Technology 71

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. Lazarus Group. Second wave.

Cryptocurrency 90

Cryptocurrency Malware Scams Cybercrime 90

Security Affairs

MAY 28, 2023

Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is written in the Go language and targets multiple browsers and cryptocurrency wallets.

Cryptocurrency 98

Cryptocurrency Malware Advertising Phishing 98

Krebs on Security

SEPTEMBER 30, 2024

Also known as “ Assad Faiq” and “ The Godfather ,” Iza is the 30-something founder of a cryptocurrency investment platform called Zort that advertised the ability to make smart trades based on artificial intelligence technology. cryptocurrency holdings online. In December 2022, Troy Woody Jr. attorney general.

Cryptocurrency 313

Cryptocurrency Government Internet Internet 313

Zero Day

MARCH 1, 2021

Updated: The cryptocurrency firm says “forged” documents attempting to undermine the ecosystem as a whole are also circulating.

Cryptocurrency 139

Cryptocurrency 139

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. Holden has long maintained visibility into cryptocurrency transactions made by BriansClub. The links have been redacted.

Cryptocurrency 295

Cryptocurrency Cybercrime Retail Government 295

Schneier on Security

MARCH 17, 2021

Many who buy cryptocurrencies like Bitcoin and Ethereum don’t bother using the ledger to verify their purchase. There’s even illegal pornography and leaked classified documents. Or the slowdown could cause people to jump ship, either by forking Bitcoin or switching to another cryptocurrency without the copyrighted content.

Cryptocurrency 364

Cryptocurrency Media Government Firewall 364

SecureList

AUGUST 10, 2022

In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns ( PowerPepper was later documented in 2020). We discovered it in Q2 2020 as part of an update of the Evilnum modus operandi, and attributed it to DeathStalker.

Cryptocurrency 118

Cryptocurrency Encryption Social Engineering Passwords 118

The Hacker News

JUNE 12, 2024

Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it's an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023. "In

Cryptocurrency 133

Cryptocurrency Cybersecurity 133

Krebs on Security

SEPTEMBER 17, 2020

Charging documents say the seven men are part of a hacking group known variously as “ APT41 ,” “ Barium ,” “ Winnti ,” “ Wicked Panda ,” and “ Wicked Spider.” One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Image: FBI.

Antivirus 363

Antivirus Hacking Software Government 363