Tag: crypto
-
Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records
Bitrefill said hackers allegedly tied to North Korea’s Lazarus group accessed around 18,500 purchase records that contained email addresses, crypto payment addresses, and metadata including IP addresses. First seen on therecord.media Jump to article: therecord.media/crypto-platform-accuses-north-korea-hack
-
Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records
Bitrefill said hackers allegedly tied to North Korea’s Lazarus group accessed around 18,500 purchase records that contained email addresses, crypto payment addresses, and metadata including IP addresses. First seen on therecord.media Jump to article: therecord.media/crypto-platform-accuses-north-korea-hack
-
Fake Pudgy World site steals your crypto passwords
The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/fake-pudgy-world-site-steals-your-crypto-passwords/
-
New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit
The new infostealer campaign spreads Vidar 2.0 via fake game cheats on GitHub and Reddit, stealing crypto, login tokens, and files while targeting young gamers ignoring security warnings First seen on hackread.com Jump to article: hackread.com/vidar-2-0-infostealer-fake-game-cheats-github-reddit/
-
FBI Investigates Steam Games Linked to Malware and Crypto Wallet Theft
FBI warns gamers after malware hidden in several Steam games stole browser data and drained cryptocurrency wallets between May 2024 and January 2026. First seen on hackread.com Jump to article: hackread.com/fbi-investigate-steam-games-malware-crypto-theft/
-
Fake-App stiehlt Einmalpasswörter und Krypto-Wallets: So schützt du dich vor dem Google-Betrug
First seen on t3n.de Jump to article: t3n.de/news/fake-app-einmalpasswoerter-google-1732410/
-
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/appsflyer-web-sdk-used-to-spread-crypto-stealer-javascript-code/
-
AppsFlyer Web SDK used to spread crypto stealer JavaScript code
Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/appsflyer-web-sdk-used-to-spread-crypto-stealer-javascript-code/
-
Digitales Vertrauen wird strategisch – wie Keyfactor Unternehmen auf neue Krypto-Realitäten vorbereitet
Digitales Vertrauen ist längst nicht mehr nur ein IT-Feature es ist zu einem wichtigen Bestandteil des Risikomanagements von Unternehmen geworden First seen on infopoint-security.de Jump to article: www.infopoint-security.de/digitales-vertrauen-wird-strategisch-wie-keyfactor-unternehmen-auf-neue-krypto-realitaeten-vorbereitet/a44122/
-
Fake Temu Coin airdrop uses ClickFix trick to install stealthy malware
A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/fake-temu-coin-airdrop-uses-clickfix-trick-to-install-stealthy-malware/
-
New Critical MediaTek Vulnerability Exposes Android Phone PINs to Theft in 45 seconds
A newly discovered hardware vulnerability in the MediaTek Dimensity 7300 chipset is putting millions of Android users at risk. By exploiting this flaw, physical attackers can bypass security layers to steal device PINs, decrypt storage, and extract cryptocurrency seed phrases in just 45 seconds. The vulnerability affects roughly 25% of the global Android market, causing…
-
Sophisticated Surveillance RAT Marketed for Global Buyers
‘Cyber Android RAT’ Can Capture WhatsApp History, Crypto Seed Phrases. Cybercriminals are advertising on criminal hacking online boards an Android remote access Trojan that can steal victims’ WhatsApp conversation history, surveil them in real time and extract cryptocurrency seed phrases for the low price of about $500 a month. First seen on govinfosecurity.com Jump to…
-
Apple patches older iPhones and iPads against Coruna exploits
Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/apple/apple-patches-older-iphones-and-ipads-against-coruna-exploits/
-
North Korean fake IT worker tradecraft exposed
Opportunistic and broadly targeted: These suspect code silos were abused in a variety of illicit projects split between targeting job-seeking programmers and fake IT worker operations.”Based on our visibility, malware operations targeting individual developers seeking employment are most common,” Oliver Smith, senior threat intelligence engineer at GitLab, told CSO. “Threat actors appear to have a…
-
North Korean fake IT worker tradecraft exposed
Opportunistic and broadly targeted: These suspect code silos were abused in a variety of illicit projects split between targeting job-seeking programmers and fake IT worker operations.”Based on our visibility, malware operations targeting individual developers seeking employment are most common,” Oliver Smith, senior threat intelligence engineer at GitLab, told CSO. “Threat actors appear to have a…
-
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud.The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to full-fledged remote administration tools such as SURXRAT.PixRevolution, according to First seen on thehackernews.com Jump to…
-
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud.The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to full-fledged remote administration tools such as SURXRAT.PixRevolution, according to First seen on thehackernews.com Jump to…
-
BeatBanker Android Trojan Uses Silent Audio Loop to Steal Crypto
BeatBanker Android Trojan spreads via fake Google Play Store pages, using a silent audio loop to stay active while stealing crypto, banking data, and login credentials. First seen on hackread.com Jump to article: hackread.com/beatbanker-android-trojan-silent-audio-loop-crypto/
-
BeatBanker Trojan Spreads via Phishing, Deploys Crypto Miner and RAT on Targeted Devices
BeatBanker is a new Android malware campaign targeting users in Brazil, combining banking fraud, crypto”‘mining, and, in its latest wave, full device takeover via a RAT. It spreads almost entirely through phishing pages that mimic the Google Play Store and trick victims into installing weaponized APKs disguised as legitimate apps and updates. The operation starts…
-
Malvertising: Herbert Grönemeyer und Hasso Plattner werden missbraucht
Aktuell weltweite Kampagne mit russischem cyberkriminellem Hintergrund. 310 koordinierte Kampagnen für digitalen Betrug in 25 Ländern auf sechs Kontinenten. Phishing-Mails mit aggressivem telefonischem Nachsetzen. Fake-Anzeigen als Ausgangspunkt für Anlagenbetrug. Depot-Empfehlungen von Herbert Grönemeyer oder vermeintliche Krypto-Tipps von SAP”‘Gründer Hasso Plattner sind derzeit Teil einer groß angelegten internationalen Betrugskampagne. Dahinter steckt ein global agierendes Netzwerk… First…
-
Fake Gemini AI Chatbot Promotes ‘Google Coin’ in New Crypto Scam
A fake Gemini-style chatbot is pushing a bogus Google Coin presale, using Google branding and scripted AI replies to lure victims into crypto payments. The post Fake Gemini AI Chatbot Promotes ‘Google Coin’ in New Crypto Scam appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fake-google-coin-scam-ai-chatbot-gemini/
-
Depot-Empfehlungen von Herbert Grönemeyer und Hasso Plattners Krypto-Tipps sind Teil globalen Malvertisings
Malvertising erreicht immer größere Dimensionen. Das zeigt eine aktuelle Analyse von 310 koordinierten Malvertisement-Kampagnen der Bitdefender Labs. In 25 Ländern auf sechs Kontinenten und in mehr als fünfzehn Sprachen spielen mindestens zwei bis drei cyberkriminelle Gruppen ihr Betrugsschema über mehr als 26.000 bezahlte Facebook-Anzeigen aus. Russischsprachige Metadaten in den Infrastrukturparametern belegen einen russischen Ursprung. Hinweise…
-
Beim Training: KI-Agent umgeht unerwartet Firewall und schürft Kryptos
Ein Forschungsteam hat mit einem KI-Agenten experimentiert und wurde überrascht. Es gab plötzlich verdächtige Aktivitäten im Netzwerk. First seen on golem.de Jump to article: www.golem.de/news/beim-training-ki-agent-umgeht-unerwartet-firewall-und-schuerft-kryptos-2603-206308.html
-
Devs looking for OpenClaw get served a GhostClaw RAT
From password theft to persistence: The second stage malware, internally referred to as “GhostLoader,” is a large JavaScript bundle implementing both an infostealer and a remote access framework. Once launched, GhostLoader installs itself into a hidden directory disguised as an npm telemetry service and sets up persistence mechanisms which include shell configuration hooks that automatically…
-
Malicious Chrome Extension Targets imToken Wallet Users
A fake Chrome extension impersonating imToken redirects users to phishing pages to steal crypto wallet keys. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/malicious-chrome-extension-targets-imtoken-wallet-users/
-
CleanMyMac Imposter Site Installs SHub Stealer on Macs
A fake CleanMyMac site tricks macOS users into installing SHub Stealer malware that steals credentials and crypto wallets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cleanmymac-imposter-site-installs-shub-stealer-on-macs/
-
Fake CleanMyMac Site Uses ClickFix Trick to Install SHub Stealer on macOS
Researchers warn of a fake CleanMyMac site using a ClickFix attack to install SHub Stealer on macOS and steal passwords and crypto wallets. First seen on hackread.com Jump to article: hackread.com/fake-cleanmymac-site-clickfix-shub-stealer-macos/
-
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency.The activity has been attributed with moderate confidence to the state-sponsored adversary, which is also tracked under the cryptonyms Jade Sleet, PUKCHONG, Slow Pisces, and…
-
Fake CleanMyMac Site Spreads SHub Stealer, Targets Crypto Wallets
Hackers are abusing a fake CleanMyMac download page to infect macOS users with SHub Stealer. This powerful infostealer drains crypto wallets and hijacks sensitive data. Instead of offering a standard installer, the page shows an “advanced” installation step telling users to “Open Terminal and paste the following command,” a pattern known in recent Mac campaigns as…
-
BoryptGrab Malware Abuses GitHub to Steal Browser and Crypto Wallet Data
A new Windows stealer dubbed BoryptGrab is being distributed through a large, ongoing campaign abusing fake GitHub repositories that pose as free tools, game cheats, and popular utilities. The malware focuses on stealing browser data, cryptocurrency wallet information, and system details, while also grabbing screenshots, common files, Telegram data, Discord tokens, and stored passwords. Attackers created more…