Tag: crypto
-
UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit
Tags: cryptoCivil recovery order targets PlugwalkJoe’s illicit gains while he serves US sentence First seen on theregister.com Jump to article: www.theregister.com/2025/11/17/cps_41m_crypto_twitter/
-
Spam flooding npm registry with token stealers still isn’t under control
Tags: access, antivirus, attack, authentication, blockchain, breach, control, credentials, crypto, detection, edr, exploit, finance, firewall, governance, identity, login, malicious, malware, mfa, monitoring, network, open-source, pypi, risk, software, spam, supply-chain, threat, tool, wormCSO that number has now grown to 153,000.And while this payload merely steals tokens, other threat actors are paying attention, said Sonatype CTO Brian Fox.When Sonatype wrote about the campaign just over a year ago, it found a mere 15,000 packages that appeared to come from a single person.With the swollen numbers reported this week,…
-
Worm flooding npm registry with token stealers still isn’t under control
Tags: access, antivirus, attack, authentication, blockchain, breach, control, credentials, crypto, detection, edr, exploit, finance, firewall, governance, identity, login, malicious, malware, mfa, monitoring, network, open-source, pypi, risk, software, supply-chain, threat, tool, wormCSO that number has now grown to 153,000.”It’s unfortunate that the worm isn’t under control yet,” said Sonatype CTO Brian Fox.And while this payload merely steals tokens, other threat actors are paying attention, he predicted.”I’m sure somebody out there in the world is looking at this massively replicating worm and wondering if they can ride…
-
DOJ Continues Crackdown on North Korea’s Cyber Schemes
Justice Department Secures Guilty Pleas, $15M in Civil Forfeiture. Federal prosecutors charged U.S. citizens and foreign nationals for aiding North Korean IT workers in infiltrating U.S. firms, laundering crypto and funneling illicit revenue back to Pyongyang’s weapons program in what the DOJ has described as a major sanctions-evasion scheme. First seen on govinfosecurity.com Jump to…
-
Five plead guilty to helping North Koreans infiltrate US firms
The U.S. Department of Justice announced that five individuals pleaded guilty to aiding North Korea’s illicit revenue generation schemes, including remote IT worker fraud and cryptocurrency theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-plead-guilty-to-helping-north-koreans-infiltrate-us-firms/
-
DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts
Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime. First seen on cyberscoop.com Jump to article: cyberscoop.com/doj-north-korea-it-worker-scheme-cases-crypto-seized/
-
DOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound
A new US law enforcement initiative is aimed at crypto fraudsters targeting Americans”, and now seeks to seize infrastructure it claims is crucial to notorious scam compounds. First seen on wired.com Jump to article: www.wired.com/story/doj-issued-seizure-warrants-to-starlink-over-satellite-internet-systems-used-at-scam-compounds/
-
US announces new strike force targeting Chinese crypto scammers
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-announces-new-strike-force-targeting-chinese-crypto-scammers/
-
US announces new strike force targeting Chinese crypto scammers
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-announces-new-strike-force-targeting-chinese-crypto-scammers/
-
US Strike Force Takes Aim at Southeast Asian Scam Centers
US Attorney Jeanine Pirro Cites Trump Goal in Making Crypto ‘Safe’ for Investors. The U.S. Attorney for the District of Columbia announced the launch of the Scam Center Strike Force, to dismantle criminal networks behind pig butchering scams. The initiative targets sophisticated transnational criminal organizations based in Southeast Asia including Cambodia, Laos and Burma. First…
-
Crypto Exchanges Hacked Again for Over $100 Million
Tags: crypto, cybercrime, cybersecurity, data, exploit, finance, linkedin, service, software, theft, vulnerabilityCybercriminals continue to target the cryptocurrency industry, this time with an exploit that affected the Balancer decentralized finance platform, with total losses exceeding $100 million and involving several exchanges that use the software across multiple chains. Some of the money was recovered, but over $90 million has been converted to Ethereum by the criminals, likely…
-
Chrome extension “Safery” steals Ethereum wallet seed phrases
Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a malicious Chrome extension called “Safery: Ethereum Wallet,” posing as a legitimate crypto wallet but designed to steal users’ seed phrases. The Chrome extension was uploaded to the Chrome Web…
-
Police take down three cybercrime operations in latest round of ‘whackmole’
Authorities from nine countries took down three cybercrime operations, including the Rhadamantys infostealer, which allegedly had access to the crypto wallets of more than 100,000 victims. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/13/police-take-down-three-cybercrime-operations-in-latest-round-of-whack-a-mole/
-
Cryptohack Roundup: ‘Bitcoin Queen’ Sentenced in Fraud Case
Also: Samourai Wallet Founder Sentenced, $128M Balancer Hack Post-Mortem. This week, Bitcoin Queen sentenced, as was Samourai Wallet co-founder Keonne Rodriguez, Balancer hack post-mortem, Coinbase’s 21 million euro fine, mistrial in $25 Million Ethereum exploit case. Spanish authorities detained a crypto influencer and accused the United States of a crypto heist. First seen on govinfosecurity.com…
-
Book Review: The Business of Secrets
The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch (May 24, 2004) From the vantage point of today, it’s surreal reading about the commercial cryptography business in the 1970s. Nobody knew anything. The manufacturers didn’t know whether the cryptography they sold was any good. The customers didn’t know whether the…
-
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users’ seed phrases.The name of the extension is “Safery: Ethereum Wallet,” with the threat actor describing it as a “secure wallet for managing Ethereum cryptocurrency with flexible settings.” It was uploaded to the Chrome Web…
-
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems…
-
Malicious Chrome Extension Grants Full Control Over Ethereum Wallet
Security researchers have uncovered a sophisticated supply chain attack disguised as a legitimate cryptocurrency wallet. Socket’s Threat Research Team discovered a malicious Chrome extension called >>Safery: Ethereum Wallet,
-
Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware
A newly discovered malware campaign is leveraging one of cybercriminals’ most effective lures cryptocurrency to distribute DarkComet RAT. This notorious remote access trojan continues to plague users despite being discontinued by its creator years ago. Security researchers have identified a suspicious executable masquerading as a Bitcoin wallet application, which, when executed, silently deploys the full…
-
U.S. Launches Strike Force to Combat Global Crypto Fraud
The U.S. launched a Strike Force to dismantle global crypto scam networks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/u-s-launches-strike-force-to-combat-global-crypto-fraud/
-
“Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scam
A Chinese woman known as the “Bitcoin Queen” was sentenced in London to 11 years and eight months in jail for laundering Bitcoin from a £5.5 billion ($7.3 billion) cryptocurrency investment scheme. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitcoin-queen-gets-11-years-in-prison-for-73-billion-bitcoin-scam/
-
How GlassWorm wormed its way back into developers’ code, and what it says about open source security
Tags: access, ai, attack, blockchain, ciso, control, credentials, crypto, cybersecurity, data, data-breach, endpoint, exploit, framework, github, google, infrastructure, law, malicious, malware, marketplace, monitoring, open-source, resilience, service, software, supply-chain, threat, tool, update, wormadhamu.history-in-sublime-merge (downloaded 4,000 times)ai-driven-dev.ai-driven-dev (downloaded 3,300 times)yasuyuky.transient-emacs (downloaded 2,400 times)All three GlassWorm extensions are “still literally invisible” in code editors, the researchers note. They are encoded in unprintable Unicode characters that look like blank space to the human eye, but execute as JavaScript.The attackers have posted new transactions to the Solana blockchain that outline updated…
-
How GlassWorm wormed its way back into developers’ code, and what it says about open source security
Tags: access, ai, attack, blockchain, ciso, control, credentials, crypto, cybersecurity, data, data-breach, endpoint, exploit, framework, github, google, infrastructure, law, malicious, malware, marketplace, monitoring, open-source, resilience, service, software, supply-chain, threat, tool, update, wormadhamu.history-in-sublime-merge (downloaded 4,000 times)ai-driven-dev.ai-driven-dev (downloaded 3,300 times)yasuyuky.transient-emacs (downloaded 2,400 times)All three GlassWorm extensions are “still literally invisible” in code editors, the researchers note. They are encoded in unprintable Unicode characters that look like blank space to the human eye, but execute as JavaScript.The attackers have posted new transactions to the Solana blockchain that outline updated…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
New NCA Campaign Warns Men Off Crypto Investment Scams
The UK’s National Crime Agency is warning men under 45 that crypto dreams can soon become a scam nightmare First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nca-campaign-men-crypto-investment/
-
New NCA Campaign Warns Men Off Crypto Investment Scams
The UK’s National Crime Agency is warning men under 45 that crypto dreams can soon become a scam nightmare First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nca-campaign-men-crypto-investment/