Tag: crypto
-
Supply Chain Malware Alert: plainjs Compromises Axios Packages
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/supply-chain-malware-alert-plain-crypto-js-compromises-axios-packages
-
Supply Chain Attacks Surge in March 2026
Tags: access, ai, api, attack, authentication, awareness, cloud, container, control, corporate, credentials, crypto, data-breach, github, group, hacking, identity, infrastructure, Internet, kubernetes, least-privilege, linux, LLM, macOS, malicious, malware, mfa, network, north-korea, open-source, openai, phishing, pypi, software, startup, supply-chain, threat, tool, update, vulnerability, windowsIntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain attacks that occurred including the Axios NPM package compromise, which has been attributed to a North Korean threat actor. In addition, a hacking group known as TeamPCP was able to compromise Trivy (a vulnerability scanner), KICS…
-
North Korealinked hackers drain $285M from Drift in sophisticated attack
Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highly sophisticated attack likely linked to North Korea. Threat actors used durable nonce accounts to pre-sign and delay transactions, while also compromising multisig approvals…
-
Neue SparkCat-Malware in Google Play und App Store
Eine neue Version der SparkCat-Malware verbreitet sich über beliebte Apps in Google Play und im App Store. Sie kann heimlich Fotos auswerten und sensible Daten wie Krypto-Wallet-Zugangsdaten abgreifen. Experten warnen vor gezielten Angriffen auf Nutzer in Asien und weltweit. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-sparkcat-malware
-
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while…
-
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while…
-
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while…
-
Phorpiex Botnet Fuels Ransomware, Sextortion, and Crypto-Theft Attacks
Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid architecture that combines traditional command-and-control (C2) with a peer”‘to”‘peer (P2P) protocol, allowing infected machines to share commands and node lists directly with each…
-
Cryptohack Roundup: Charges in Uranium Finance Case
Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply Case. This week, charges filed in Uranium Finance hack, indictment of Chinese firms in fentanyl supply case, a class action lawsuit against Nvidia, Drift Protocol exploit, KuCoin operational barriers in the United States and a U.K. sanction filed against Xinbi. First seen on govinfosecurity.com Jump to article:…
-
Drift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea
The platform released a post-mortem on Wednesday night explaining that malicious actors gained access to Drift systems through a “novel attack” that involved the “rapid takeover” of the company’s security council administrative powers. First seen on therecord.media Jump to article: therecord.media/drift-crypto-confirms-280-million-stolen-north-korea
-
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023.”Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages under the guise of software registration,” Elastic First seen on thehackernews.com Jump to…
-
Cambodia extradites alleged cyber scam linchpin to China as crackdown intensifies
Li Xiong was the head of Huione Group, whose branded entities at one time included an online banking arm, cryptocurrency exchange and online marketplace which has been referred to as an “Amazon for criminals.” First seen on therecord.media Jump to article: therecord.media/cambodia-extradites-alleged-cyber-scam-linchpin-to-china
-
Google Warns Quantum Computers Could Crack Crypto Sooner Than Expected
Google warns that quantum computers could break crypto sooner than expected, heightening the urgency for post-quantum security across blockchain networks. The post Google Warns Quantum Computers Could Crack Crypto Sooner Than Expected appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-quantum-computing-crypto-security-risk/
-
Maryland Man Charged Over $53m Uranium Finance Crypto Hack
Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/man-charged-uranium-crypto-hack/
-
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Tags: ai, attack, breach, cloud, control, credentials, crypto, github, incident response, linux, LLM, macOS, malicious, malware, monitoring, open-source, openai, powershell, pypi, rat, spam, supply-chain, tool, windowspostinstall hook that would execute a dropper script when it was pulled in by a different package as a dependency.Shortly after midnight UTC on March 31 a new version of the Axios package, axios@1.14.1, was published on npm followed by axios@0.30.4 39 minutes later. Both listed plain-crypto-js@4.2.1 as a dependency in their package.json files, but…
-
Supply chain attack on Axios npm package: Scope, impact, and remediations
Tags: access, api, attack, breach, cloud, control, credentials, crypto, data, data-breach, defense, exploit, incident response, macOS, malicious, malware, open-source, rat, risk, security-incident, software, supply-chain, theft, threat, vulnerability, windowsThe Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft, including the loss of credentials and API keys. Scan your environment now. Key takeaways This incident is a…
-
Crypto industry may be running out of time to prepare for quantum attacks
Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing. In a whitepaper, Google examines risks to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/quantum-computers-cryptocurrency-risks-google-research/
-
US indicts Maryland man for 2021 theft of $54 million from Uranium Finance
U.S. Attorney Jay Clayton said Spalletta “repeatedly hacked smart contracts to steal millions of dollars’ worth of other people’s money for himself, and destroyed a cryptocurrency exchange in the process.” First seen on therecord.media Jump to article: therecord.media/us-indicts-maryland-man-54-million-crypto-theft
-
Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards
US prosecutors have charged a Maryland man in connection with two hacks of the Uranium Finance cryptocurrency exchange that led to losses exceeding $50 million. Jonathan … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/uranium-finance-crypto-hack-man-charged/
-
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT.”The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocurrency trackers, and e-commerce applications, with eleven confirmed delivery domains impersonating First seen on thehackernews.com Jump to article:…
-
Nach zwei Hacks in einem Monat: Kryptodieb kauft von Millionenbeute Pokémon-Karten
Ein Mann soll von der Krypto-Börse Uranium Finance über 50 Millionen US-Dollar gestohlen und dann Unsummen für Sammlerobjekte ausgegeben haben. First seen on golem.de Jump to article: www.golem.de/news/nach-zwei-hacks-in-einem-monat-kryptodieb-kauft-von-millionenbeute-pokemon-karten-2603-207104.html
-
Hacker charged with stealing $53 million from Uranium crypto exchange
U.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto exchange twice and laundering the proceeds through a cryptocurrency mixer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-charged-with-stealing-53-million-from-uranium-crypto-exchange/
-
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency.Versions 1.14.1 and 0.30.4 of Axios have been found to inject “plain-crypto-js” version 4.2.1 as a fake dependency.According to StepSecurity, the two versions were published using the compromised npm credentials…
-
Global Cybercrime Investigations Gain Ground
Stan Duijf of Dutch National Police on Collaborative Law Enforcement. Global law enforcement agencies are shifting tactics to disrupt ransomware earlier in the attack chain. Stan Duijf of the Dutch National Police describes how collaboration, threat intelligence and cryptocurrency seizures are making cybercrime more costly and less effective for criminals. First seen on govinfosecurity.com Jump…
-
24/7 Payments for 24/7 Agents: The Case for Crypto in the Machine Economy
Crypto enables 24/7 payments for AI agents, replacing fiat limits with scalable machine-to-machine transactions and powering the emerging machine economy. First seen on hackread.com Jump to article: hackread.com/payments-agents-crypto-in-the-machine-economy/
-
TeamPCP Uses Fake Ringtone File in Tainted Telnyx SDK to Steal Credentials
Telnyx issues an urgent alert after hackers TeamPCP uploaded malicious versions (4.87.1 4.87.2) of its Python SDK to steal cloud and crypto credentials. First seen on hackread.com Jump to article: hackread.com/teampcp-fake-ringtone-file-tainted-telnyx-sdk-credentials/
-
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-sanction-chinese-crypto/
-
New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords
ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers. First seen on hackread.com Jump to article: hackread.com/ghost-campaign-npm-progress-bars-phish-sudo-passwords/
-
UK sanctions Xinbi marketplace linked to Asian scam centers
The United Kingdom’s Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-sanctions-xinbi-marketplace-linked-to-asian-scam-centers/