Penetration Testing

APRIL 8, 2025

For many developers, SourceForge has long been a cornerstone of open-source collaboration a trusted hub to host and distribute software. But for cybercriminals, it has recently become a platform to stage deception.

Cryptocurrency 83

Cryptocurrency Malware Software Cybersecurity 83

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. 13, with an attack on cryptocurrency trading platform liquid.com. Employ the principle of least privilege and implement software restriction policies or other controls; monitor authorized user accesses and usage.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Tech Republic Security

MAY 27, 2022

Cryptocurrency exchanges allow the transfer of crypto between buyers and sellers. The post Best cryptocurrency exchanges of 2022 appeared first on TechRepublic. Learn about the top crypto exchange options.

Cryptocurrency 209

Cryptocurrency Software 209

Security Affairs

DECEMBER 25, 2024

authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. authorities linked the $308 million cyber heist targeting cryptocurrency company DMM Bitcoin to North Korea-linked threat actors. On June 1st, the Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9

Cryptocurrency 123

Cryptocurrency Social Engineering Hacking Cybercrime 123

The Hacker News

APRIL 8, 2025

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.

Cryptocurrency 113

Cryptocurrency Software Malware 113

Krebs on Security

DECEMBER 4, 2024

Russia’s interior ministry last week issued a statement saying a 32-year-old hacker had been charged with violating domestic laws against the creation and use of malicious software. The announcement didn’t name the accused, but the Russian state news agency RIA Novosti cited anonymous sources saying the man detained is Matveev.

Cybercrime 230

Cybercrime Ransomware Cryptocurrency Government 230

Security Affairs

NOVEMBER 15, 2024

. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 106

Cryptocurrency Hacking Government Accountability 106

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Cryptocurrency 348

Cryptocurrency Computers and Electronics Antivirus Identity Theft 348

Security Affairs

APRIL 2, 2025

Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.”

Malware 122

Malware Cryptocurrency Mobile Firmware 122

CyberSecurity Insiders

AUGUST 11, 2021

Hackers have stolen more than $600m cryptocurrency through a vulnerability in the systems of Blockchain site Poly Network. The post Over $600m cryptocurrency stolen in Cyber Attack appeared first on Cybersecurity Insiders. Poly Network offers an interoperability protocol that helps connect different blockchain networks.

Cryptocurrency 144

Cryptocurrency Cyber Attacks Software Cybersecurity 144

Krebs on Security

JANUARY 8, 2022

KG is a German multinational software company best known for their Avira Free Security (a.k.a. For example, it doesn’t specify how much NortonLifeLock gets out of the deal (NortonLifeLock keeps 15 percent of any cryptocurrency mined by Norton Crypto). Avira Crypto. Founded in 2006, Avira Operations GmbH & Co.

Antivirus 362

Antivirus Cryptocurrency Identity Theft Software 362

Malwarebytes

MARCH 18, 2025

We were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. One of the common lures is a cracked software version of the popular trading platform TradingView.

Cryptocurrency 116

Cryptocurrency Malware Scams Antivirus 116

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 323

Malware Cryptocurrency Software Phishing 323

The Hacker News

OCTOBER 3, 2024

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software.

Cryptocurrency 137

Cryptocurrency Malware Software 137

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings. Image: CISA.

Cryptocurrency 326

Cryptocurrency Financial Services Banking Government 326

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 360

Cryptocurrency Passwords Encryption Accountability 360

Schneier on Security

NOVEMBER 16, 2023

Examples included: Azure Active Directory API Keys GitHub OAuth App Keys Database credentials for providers such as MongoDB, MySQL, and PostgreSQL Dropbox Key Auth0 Keys SSH Credentials Coinbase Credentials Twilio Master Credentials.

Authentication 332

Authentication Cryptocurrency Accountability Software 332

Krebs on Security

AUGUST 25, 2021

In a lawsuit filed in Colorado, Schober said the sudden disappearance of his funds in January 2018 prompted him to spend more than $10,000 hiring experts in the field of tracing cryptocurrency transactions. universities). When Schober went to move approximately 16.4 A copy of the May 2021 complaint is here (PDF). .

Cryptocurrency 361

Cryptocurrency Malware Mobile Accountability 361

The Hacker News

JUNE 19, 2024

A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft.

Scams 136

Scams Software Cryptocurrency Media 136

Penetration Testing

JULY 18, 2024

Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated cyberattack campaign targeting cryptocurrency users.

Cryptocurrency 104

Cryptocurrency Malware Phishing Software 104

eSecurity Planet

OCTOBER 22, 2024

ClickFix campaigns represent a new wave of phishing tactics that emerged in May 2024, aimed at exploiting users of popular software applications. These messages can range from vague prompts to elaborate narratives about connectivity issues or software failures. What Are ClickFix Campaigns?

Scams 123

Scams Malware Phishing Social Engineering 123

The Hacker News

MARCH 13, 2025

Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk.

Cryptocurrency 103

Cryptocurrency Malware Software 103

The Last Watchdog

JUNE 9, 2021

Data leaks and data theft are part and parcel of digital commerce, even more so in the era of agile software development. based software security vendor specializing in API data protection. And in today’s environment of open, decentralized software development, there are countless paths to vast orchards of ripe fruit.

Data breaches 203

Data breaches Software Hacking Mobile 203

Security Affairs

MARCH 24, 2025

They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. The FBI Denver Field Office advises staying cautious online, being aware of potential risks, and keeping antivirus software updated to scan files before opening them. The FBI urges reporting to IC3.gov.

Malware 117

Malware Scams Identity Theft Antivirus 117

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Malware infection. cmd.exe /c “mkdir %public%MM >%temp%TMPF522.tmp

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Krebs on Security

APRIL 4, 2024

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. co showing the site did indeed swap out any cryptocurrency addresses. However, testing shows tornote[.]io

Phishing 269

Phishing Cryptocurrency DDOS Internet 269

Security Affairs

NOVEMBER 15, 2024

Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 117

Encryption Password Management Cryptocurrency Social Engineering 117

Malwarebytes

APRIL 26, 2022

Rogue Google ads caused no end of misery for cryptocurrency enthusiasts, costing them roughly $4.31 This is an astonishing slice of cryptocurrency cash to lose for the sake of clicking on something in a search engine. The post Rogue ads phishing for cryptocurrency: Are you secure? Bad ads are at it again.

Cryptocurrency 132

Cryptocurrency Phishing Engineering Mobile 132

Security Affairs

DECEMBER 27, 2024

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers.

Malware 89

Malware Cryptocurrency Software Hacking 89

Malwarebytes

FEBRUARY 19, 2025

Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts. The next Mac malware Malware is malicious software, and just like legitimate software, malware has to be developed for specific operating systems. They are wildly adaptable.

Malware 127

Malware Software Passwords Cryptocurrency 127

Schneier on Security

NOVEMBER 28, 2022

In one, the researcher explained they had installed antivirus software and performed a disk cleanup to “remove multiple viruses on the device.” The researchers added documents, both sexually revealing and non-sexual pictures, and a cryptocurrency wallet with credentials. The laptops were freshly imaged Windows 10 laptops.

Antivirus 359

Antivirus Cryptocurrency Accountability Malware 359

Security Boulevard

APRIL 3, 2025

When it comes to the frequency and sophistication of software supply chain attacks, few industries can compare with the cryptocurrency industry.

Cryptocurrency 59

Cryptocurrency Software 59

Security Affairs

APRIL 17, 2025

attacks, threat actors use malvertising to lure users to fake sites offering malicious installers disguised as legitimate software. Then the DLL launches a decoy by opening an msedge_proxy window that displays a legitimate cryptocurrency trading website. Though less common today, Node.js-based In April Node.js

Social Engineering 116

Social Engineering Malware Cryptocurrency Engineering 116

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords 130

Passwords Software Firmware Malware 130

SecureList

APRIL 21, 2025

Fake CAPTCHA distribution vectors Fake CAPTCHA distribution scheme There are two types of resources used to promote fake CAPTCHA pages: Pirated media, adult content, and cracked software sites. Fake Telegram channels for pirated content and cryptocurrencies. mp4 file, legitimate software code, or just random data.

Malware 89

Malware Cryptocurrency Software Phishing 89

SecureList

APRIL 23, 2025

We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software. We found that the malware was running in the memory of a legitimate SyncHost.

Malware 144

Malware Software Encryption Internet 144

Security Affairs

FEBRUARY 4, 2024

Remote desktop software company AnyDesk announced that threat actors compromised its production environment. Remote desktop software company AnyDesk announced on Friday that threat actors had access to its production systems. AnyDesk is a remote desktop software that allows users to connect to a computer or device remotely.

Software 136

Software Passwords Ransomware Cryptocurrency 136