Tag: crypto
-
Vom primitiven Krypto-Diebstahl zum raffinierten KI-basierten Betrug
Malware-Betreiber arbeiten mit verdeckten nordkoreanischen IT-Mitarbeitern zusammen. Ihr Ziel: Recruiter und Programmierer First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/vom-primitiven-krypto-diebstahl-zum-raffinierten-ki-basierten-betrug/
-
Android Malware Mutes Alerts, Drains Crypto Wallets
Android/BankBot-YNRK is currently targeting users in Indonesia by masquerading as legitimate applications. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/android-malware-mutes-alerts-drains-crypto-wallets
-
More than $100 million stolen in exploit of Balancer DeFi protocol
Hackers pilfered millions of dollars worth of cryptocurrency on Monday from the decentralized finance protocol Balancer. First seen on therecord.media Jump to article: therecord.media/crypto-heist-balancer-exploit
-
Hacker steals over $120 million from Balancer DeFi crypto protocol
The Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/cryptocurrency/hacker-steals-over-120-million-from-balancer-defi-crypto-protocol/
-
North Korean Hackers Caught on Video Using AI Filters in Fake Job Interviews
North Korean hackers from the Famous Chollima group used AI deepfakes and stolen identities in fake job interviews to infiltrate crypto and Web3 companies. First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-video-ai-filter-fake-job-interview/
-
North Korean Hackers Caught on Video Using AI Filters in Fake Job Interviews
North Korean hackers from the Famous Chollima group used AI deepfakes and stolen identities in fake job interviews to infiltrate crypto and Web3 companies. First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-video-ai-filter-fake-job-interview/
-
Attackers dig up $11M in Garden Finance crypto exploit
Bitcoin bridge biz offers 10 percent reward to attackers if they play nice First seen on theregister.com Jump to article: www.theregister.com/2025/10/31/attackers_dig_up_11m_in/
-
Cryptohack Roundup: Allegations Involving Melania Memecoins
Also: LastPass Warns of Phishing Campaign, Trump’s New CTFC Head Pick. Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Meteora CEO faced fraud allegations, LastPass warned of a phishing campaign, Trump taps crypto lawyer to lead CFTC, Mt. Gox delayed creditor repayments again and an Indian court blocked…
-
Cryptohack Roundup: Allegations Involving Melania Memecoins
Also: LastPass Warns of Phishing Campaign, Trump’s New CTFC Head Pick. Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Meteora CEO faced fraud allegations, LastPass warned of a phishing campaign, Trump taps crypto lawyer to lead CFTC, Mt. Gox delayed creditor repayments again and an Indian court blocked…
-
Cryptohack Roundup: Allegations Involving Melania Memecoins
Also: LastPass Warns of Phishing Campaign, Trump’s New CTFC Head Pick. Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Meteora CEO faced fraud allegations, LastPass warned of a phishing campaign, Trump taps crypto lawyer to lead CFTC, Mt. Gox delayed creditor repayments again and an Indian court blocked…
-
Hackers Hijack Corporate XWiki Servers for Crypto Mining
Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers. First seen on hackread.com Jump to article: hackread.com/hackers-hijack-xwiki-servers-crypto-mining/
-
Hackers Hijack Corporate XWiki Servers for Crypto Mining
Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers. First seen on hackread.com Jump to article: hackread.com/hackers-hijack-xwiki-servers-crypto-mining/
-
Hackers Hijack Corporate XWiki Servers for Crypto Mining
Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers. First seen on hackread.com Jump to article: hackread.com/hackers-hijack-xwiki-servers-crypto-mining/
-
BlueNoroff Expands Cyberattacks with AI-Driven Campaigns Targeting Executives
BlueNoroff uses AI-driven attacks in GhostCall and GhostHire to target global crypto and tech executives. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/bluenoroff-expands-cyberattacks-with-ai-driven-campaigns-targeting-executives/
-
Cross-Border Crypto Payouts in iGaming Security and Compliance
As online gaming platforms expand across jurisdictions, the use of cryptocurrencies for payouts opens new vistas, and new risk corridors. Winnings flowing across borders via digital assets challenge the conventions of banking systems, yet also force operators and regulators to confront security, regulatory, and compliance gaps. The shift from fiat to crypto is more The…
-
New Atroposia RAT Surfaces on Dark Web
Atroposia is a newly discovered modular RAT that uses encrypted channels and advanced theft capabilities to target credentials and crypto wallets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-atroposia-rat-surfaces-on-dark/
-
XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
Tags: crypto, cve, cyber, cybersecurity, exploit, flaw, malware, remote-code-execution, software, threat, vulnerabilityA critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw, tracked as CVE-2025-24893, represents a serious threat to organizations running unpatched XWiki installations. Cybersecurity researchers at VulnCheck have captured concrete evidence of active exploitation through their canary network. CVE Details…
-
XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
Tags: crypto, cve, cyber, cybersecurity, exploit, flaw, malware, remote-code-execution, software, threat, vulnerabilityA critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw, tracked as CVE-2025-24893, represents a serious threat to organizations running unpatched XWiki installations. Cybersecurity researchers at VulnCheck have captured concrete evidence of active exploitation through their canary network. CVE Details…
-
Notable post-quantum cryptography initiatives paving the way toward Q-Day
Tags: attack, awareness, cisa, cisco, communications, computer, computing, crypto, cryptography, cyber, cybersecurity, data, encryption, finance, framework, google, government, group, guide, ibm, infrastructure, intelligence, Internet, iot, linux, microsoft, mitre, ml, nist, nvidia, open-source, service, side-channel, software, supply-chain, technology, theft, threat, tool, vulnerabilityIndustry heavyweights line up behind PQC: Google”¯Chrome became the first mainstream browser to support hybrid post”‘quantum key exchanges by default late last year.The approach combines classical elliptic-curve encryption, for backwards compatibility, with lattice-based PQC derived from ML-KEM.Other industry giants, including Amazon and IBM, have also begun laying foundations for quantum-safe cryptography. For example, IBM has…
-
Notable post-quantum cryptography initiatives paving the way toward Q-Day
Tags: attack, awareness, cisa, cisco, communications, computer, computing, crypto, cryptography, cyber, cybersecurity, data, encryption, finance, framework, google, government, group, guide, ibm, infrastructure, intelligence, Internet, iot, linux, microsoft, mitre, ml, nist, nvidia, open-source, service, side-channel, software, supply-chain, technology, theft, threat, tool, vulnerabilityIndustry heavyweights line up behind PQC: Google”¯Chrome became the first mainstream browser to support hybrid post”‘quantum key exchanges by default late last year.The approach combines classical elliptic-curve encryption, for backwards compatibility, with lattice-based PQC derived from ML-KEM.Other industry giants, including Amazon and IBM, have also begun laying foundations for quantum-safe cryptography. For example, IBM has…
-
North Korea’s BlueNoroff Expands Scope of Crypto Heists
Two campaigns targeting fintech execs and Web3 developers show the APT going cross-platform in financially motivated campaigns that use fake business collaboration and job recruitment lures. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-korea-bluenoroff-expands-crypto-heists
-
Investment Scams Spread Across Asia With International Reach
A surge in fake investment platforms targeting cryptocurrency and forex markets has been driving a new wave of financial crime in Asia First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/investment-scams-spread-across-asia/
-
New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs
A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert cryptocurrency mining with comprehensive financial data theft. GhostGrab functions as a multifaceted threat that systematically harvests banking credentials, debit card details, personal identification information, and one-time passwords through SMS interception. According to analysis by CYFIRMA,…
-
North Korean Chollima Actors Added BeaverTail and OtterCookie to its Arsenal
Famous Chollima, a DPRK-aligned threat group, has evolved its arsenal, with BeaverTail and OtterCookie increasingly merging functionalities to steal credentials and cryptocurrency via deceptive job offers. A recent campaign involved a trojanized Node.js application distributed through a malicious NPM package, highlighting the group’s adaptation in delivery methods. In the campaign, Famous Chollima notes merged BeaverTail…
-
Hidden in Plain Sight: How we followed one malicious extension to uncover a multi-extension”¦
Hidden in Plain Sight: How we followed one malicious extension to uncover a multi-extension campaign Short read for everyone: we found a malicious Chrome extension that stole login data from a crypto trading site. Tracing the domain it talked to uncovered a second malicious extension. That second extension’s public metadata contained the developer email, which…