Tag: crypto
-
Xillen Stealer: Advanced Features Bypass AI Detection and Steal Password Manager Data
The Python-based information-stealing tool Xillen Stealer has reached versions 4 and 5, significantly expanding its targeting capabilities and functionality across platforms. Documented initially by Cyfirma in September 2025, this cross-platform infostealer targets sensitive data, including credentials, cryptocurrency wallets, system information, and browser data, while employing sophisticated anti-analysis techniques to evade detection. The latest updates introduce…
-
North Korean Kimsuky and Lazarus Teams Target Critical Sectors with Zero-Day Exploits
Tags: apt, attack, blockchain, crypto, cyber, exploit, finance, framework, group, healthcare, infrastructure, intelligence, korea, lazarus, military, north-korea, threat, zero-dayNorth Korea’s two most formidable APT groups Kimsuky and Lazarus have established a coordinated operational framework that combines intelligence gathering with large-scale cryptocurrency theft. According to a comprehensive Trend Micro analysis, this collaboration poses an unprecedented threat to critical infrastructure worldwide, with attacks targeting the military, financial, blockchain, energy, and healthcare sectors across the United…
-
North Korean Kimsuky and Lazarus Teams Target Critical Sectors with Zero-Day Exploits
Tags: apt, attack, blockchain, crypto, cyber, exploit, finance, framework, group, healthcare, infrastructure, intelligence, korea, lazarus, military, north-korea, threat, zero-dayNorth Korea’s two most formidable APT groups Kimsuky and Lazarus have established a coordinated operational framework that combines intelligence gathering with large-scale cryptocurrency theft. According to a comprehensive Trend Micro analysis, this collaboration poses an unprecedented threat to critical infrastructure worldwide, with attacks targeting the military, financial, blockchain, energy, and healthcare sectors across the United…
-
Samourai Wallet Founders Jailed for $237M Crypto Laundering
The co-founders of Samourai Wallet, a cryptocurrency mixing service that facilitated over $237 million in illegal transactions, have been sentenced to prison following their conviction on money laundering and conspiracy charges. Keonne Rodriguez, 37, the Chief Executive Officer, received a five-year prison sentence on November 6, 2025, while William Lonergan Hill, 67, the Chief Technology…
-
Samourai Wallet Founders Jailed for $237M Crypto Laundering
The co-founders of Samourai Wallet, a cryptocurrency mixing service that facilitated over $237 million in illegal transactions, have been sentenced to prison following their conviction on money laundering and conspiracy charges. Keonne Rodriguez, 37, the Chief Executive Officer, received a five-year prison sentence on November 6, 2025, while William Lonergan Hill, 67, the Chief Technology…
-
Samourai Wallet Founders Jailed for $237M Crypto Laundering
The co-founders of Samourai Wallet, a cryptocurrency mixing service that facilitated over $237 million in illegal transactions, have been sentenced to prison following their conviction on money laundering and conspiracy charges. Keonne Rodriguez, 37, the Chief Executive Officer, received a five-year prison sentence on November 6, 2025, while William Lonergan Hill, 67, the Chief Technology…
-
Cryptohack Roundup: Samourai Execs, Crypto CEO Sentenced
Also: Obama Twitter Hacker Ordered to Forfeit $5.3 Million. Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Samourai Wallet founders and Oklahoma Crypto CEO sentenced, Obama Twitter hacker ordered to forfeit funds, Chicago crypto ATM CEO charged and White House is reviewing a rule expanding IRS crypto oversight. First seen on…
-
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet.The activity, codenamed ShadowRay 2.0, is an evolution of a prior wave that was observed between September 2023 and March 2024. The attack,…
-
Samourai Wallet crypto mixer’s co-founders sentenced to prison
The pair had pleaded guilty in late July to participating in a conspiracy “to operate a money transmitting business in which they knowingly transmitted criminal proceeds.” First seen on therecord.media Jump to article: therecord.media/samourai-wallet-crypto-mixer-founders-sentenced
-
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used…
-
Wind farm worker sentenced after turning turbines into a secret crypto mine
A technical manager at a Dutch wind farm operator has been sentenced after it was discovered he had secretly installed cryptocurrency mining rigs at two wind farm sites – just as the company was recovering from a ransomware attack. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/wind-farm-worker-sentenced-after-turning-turbines-into-a-secret-crypto-mine
-
Crypto mixer founders sent to prison for laundering over $237 million
The founders of the Samourai Wallet (Samourai) cryptocurrency mixing service have been sent to prison for helping criminals launder over $237 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samourai-cryptomixer-founders-sent-to-prison-for-laundering-over-237-million/
-
International operation traces $55 million crypto trail of digital piracy sites
Thirty investigators from 15 countries took part in the five-day crackdown earlier this month targeting 69 digital piracy sites, including 25 illegal streaming services whose information was referred to cryptocurrency platforms for disruption. First seen on therecord.media Jump to article: therecord.media/international-operation-traces-millions-crypto-streaming-piracy
-
Europol Operation Disrupts $55m in Cryptocurrency For Piracy
Europe-wide Cyber-Patrol Week targeted IP violations, flagging 69 sites and disrupting $55m in crypto services First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/europol-disrupts-cryptocurrency/
-
California man admits to laundering crypto stolen in $230M heist
A 45-year-old from Irvine, California, has pleaded guilty to laundering at least $25 million stolen in a massive $230 million cryptocurrency heist. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/california-man-admits-to-laundering-crypto-stolen-in-230m-heist/
-
Dutch turbine engineer tried to turn wind into crypto, ends up generating community service
Techie wired cryptominers into Nordex’s network while company reeled from cyberattack First seen on theregister.com Jump to article: www.theregister.com/2025/11/18/dutch_wind_farm_crypto/
-
New ShadowRay attacks convert Ray clusters into crypto miners
A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shadowray-attacks-convert-ray-clusters-into-crypto-miners/
-
Bonkers Bitcoin heist: 5-star hotels, cash-filled envelopes, vanishing funds
Bitcoin mining hardware exec falls for sophisticated crypto scam to tune of $200k First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/11/bonkers-bitcoin-heist-5-star-hotels-cash-filled-envelopes-vanishing-funds/
-
Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/malicious-npm-packages-adspect-cloaking-crypto-scam
-
New npm Malware Campaign Redirects Victims to Crypto Sites
A new malware campaign has been observed built on seven npm packages and using cloaking techniques and fake CAPTCHAs, operated by threat actor dino_reborn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-malware-campaign-redirects/
-
Chrome extension ‘Safery’ steals crypto wallet seed phrases
First seen on scworld.com Jump to article: www.scworld.com/brief/chrome-extension-safery-ethereum-wallet-stealing-seed-phrases-poses-major-cybersecurity-threat
-
Chrome extension ‘Safery’ steals crypto wallet seed phrases
First seen on scworld.com Jump to article: www.scworld.com/brief/chrome-extension-safery-ethereum-wallet-stealing-seed-phrases-poses-major-cybersecurity-threat
-
Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages
Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and security researchers to ultimately redirect them to sketchy crypto-themed sites.The malicious npm packages, published by a threat actor named “dino_reborn” between September and November 2025, are…
-
Bitsgap vs HaasOnline: Advanced Features vs Smart Simplicity
Tags: cryptoPower vs Practicality in Crypto Automation First seen on hackread.com Jump to article: hackread.com/bitsgap-vs-haasonline-advanced-features-simplicity/
-
US chips away at North Korean IT worker fraud with guilty pleas, cryptocurrency seizure
Authorities have described Pyongyang’s revenue-generating schemes as threats to U.S. national and economic security. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/doj-north-korea-remote-worker-crackdown/805689/
-
Hackers Weaponize XWiki Flaw to Build and Rent Out Botnet Networks
Tags: attack, botnet, crypto, cve, cyber, cybersecurity, exploit, flaw, hacker, intelligence, malware, network, threat, vulnerabilityCybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency miners, and custom malware toolkits.”‹ The vulnerability, initially detected by VulnCheck’s Canary Intelligence system on October 28, 2025, has rapidly evolved from a single attacker’s exploit into a widespread multi-actor…
-
North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes
Developers remain a high-value target: Researchers highlighted that the campaign specifically targets developers involved in crypto and Web3 projects, using realistic-sounding personas and demo applications (real estate, DeFi, game forks) to lower suspicion. The state-linked actors’ shift from direct payload hosting to abusing legitimate JSON storage services suggests that even benign developer-centric platforms are now…
-
North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes
Developers remain a high-value target: Researchers highlighted that the campaign specifically targets developers involved in crypto and Web3 projects, using realistic-sounding personas and demo applications (real estate, DeFi, game forks) to lower suspicion. The state-linked actors’ shift from direct payload hosting to abusing legitimate JSON storage services suggests that even benign developer-centric platforms are now…