Collecting Cyber-News from over 60 sources

Tag: crypto

North Korea’s UNC1069 Hammers Crypto Firms With AI

Feb 11, 2026 11:58 PM

Tags: ai, crypto, deep-fake, finance, korea, LLM, north-korea, threat

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-koreas-unc1069-hammers-crypto-firms
North Korea’s UNC1069 Hammers Crypto Firms With AI

Feb 11, 2026 11:58 PM

Tags: ai, crypto, deep-fake, finance, korea, LLM, north-korea, threat

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-koreas-unc1069-hammers-crypto-firms
North Korea’s UNC1069 Hammers Crypto Firms With AI

Feb 11, 2026 11:58 PM

Tags: ai, crypto, deep-fake, finance, korea, LLM, north-korea, threat

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-koreas-unc1069-hammers-crypto-firms
North Korean hackers use new macOS malware in crypto-theft attacks

Feb 11, 2026 12:13 AM

Tags: ai, attack, crypto, hacker, macOS, malware, north-korea, theft, windows

North Korean hackers are running tailored campaigns using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the cryptocurrency sector. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-macos-malware-in-crypto-theft-attacks/
Fake Out: 0APT Data-Leak Ransomware Group Branded a Scam

Feb 10, 2026 10:14 PM

Tags: ai, crypto, data, group, leak, ransomware, scam

Bitcoin Joining Fee for Affiliates and No Proven Victims Cited by Researchers. Newcomer ransomware group 0APT is being branded a likely scam operation, not least after a list of over 200 supposed victims turned out to be bogus, if not entirely AI-generated – never mind a 1 bitcoin joining fee for would-be affiliates and outdated…
Krypto-Betrug auf Rekordniveau: Sicherheitsrisiken im digitalen Finanzmarkt

Feb 10, 2026 7:13 PM

Tags: ai, crypto, cyberattack, fraud

Cyberkriminelle agieren höchst professionell und nutzen Automatisierung sowie KI, um Angriffe effizienter und glaubwürdiger zu machen. Sie konnten im Jahr 2025 digitale Vermögenswerte im Wert von geschätzt 17 Milliarden US-Dollar erbeuten First seen on infopoint-security.de Jump to article: www.infopoint-security.de/krypto-betrug-auf-rekordniveau-sicherheitsrisiken-im-digitalen-finanzmarkt/a43653/
ZeroDayRAT spyware grants attackers total access to mobile devices

Feb 10, 2026 6:26 PM

Tags: access, android, banking, cctv, control, crypto, data, mobile, spyware, theft

ZeroDayRAT is a commercial mobile spyware that grants full remote access to Android and iOS devices for spying and data theft. ZeroDayRAT is a newly discovered commercial mobile spyware toolkit that gives attackers full control over Android and iOS devices. It supports live camera access, keylogging, and theft of banking and crypto data. First spotted…
North Korean hackers targeted crypto exec with fake Zoom meeting, ClickFix scam

Feb 10, 2026 5:16 PM

Tags: attack, crypto, hacker, malware, north-korea, scam

The scam involved a ClickFix attack where hackers install malware on a device by having the victim try to resolve fictitious technical issues. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-targeted-crypto-exec-clickfix
Chinese crypto scammer sentenced in absentia to 20 years after fleeing US

Feb 10, 2026 4:15 PM

Tags: china, crypto, law, scam

The Department of Justice said it will “work with our law enforcement partners around the world to ensure that Li is returned to the United States to serve his full sentence.” First seen on therecord.media Jump to article: therecord.media/chinese-crypto-scammer-sentenced-after-fleeing-us
UNC1069 Targets Financial Firms With New Tools and AI-Driven Social Engineering Attacks

Feb 10, 2026 1:13 PM

Tags: ai, attack, crypto, cyber, finance, group, malware, mandiant, north-korea, social-engineering, tactics, threat, tool

North Korean threat actor UNC1069 has escalated attacks against the cryptocurrency and decentralized finance (DeFi) sector using sophisticated AI-powered social engineering tactics and seven distinct malware families, according to a recent Mandiant investigation. The financially motivated group, active since 2018, deployed an unprecedented arsenal of tools, including newly discovered malware dubbed SILENCELIFT, DEEPBREATH, and CHROMEPUSH,…
Navigating MiCA: A Practical Compliance Guide for European CASPs

Feb 10, 2026 11:13 AM

Tags: compliance, crypto, guide

MiCA creates a single EU crypto rulebook, replacing national regimes with unified licensing, capital, and compliance rules for all CASPs. First seen on hackread.com Jump to article: hackread.com/navigating-mica-compliance-guide-european-casps/
Fugitive behind $73M ‘pig butchering’ scheme gets 20 years in prison

Feb 10, 2026 10:13 AM

Tags: china, crypto, international

A dual Chinese and St. Kitts and Nevis national was sentenced to 20 years in prison in absentia for his role in an international cryptocurrency investment scheme (also known as pig butchering or romance baiting) that defrauded victims of more than $73 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fugitive-behind-73m-pig-butchering-scheme-gets-20-years-in-prison/
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

Feb 9, 2026 2:13 PM

Tags: access, ai, api, control, crowdstrike, crypto, cybersecurity, data, data-breach, email, exploit, gartner, github, governance, injection, macOS, malicious, malware, marketplace, network, risk, security-incident, skills, software, threat, tool, virus, vulnerability

What prompted the response: The scanning initiative follows a series of security incidents documented by multiple firms over the past two weeks. Koi Security’s February 1 audit of all 2,857 ClawHub skills discovered 341 malicious ones in a campaign dubbed “ClawHavoc.”The professional-looking skills for cryptocurrency tools and YouTube utilities contained fake prerequisites that installed keyloggers…
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

Feb 9, 2026 2:13 PM

Tags: access, ai, api, control, crowdstrike, crypto, cybersecurity, data, data-breach, email, exploit, gartner, github, governance, injection, macOS, malicious, malware, marketplace, network, risk, security-incident, skills, software, threat, tool, virus, vulnerability

What prompted the response: The scanning initiative follows a series of security incidents documented by multiple firms over the past two weeks. Koi Security’s February 1 audit of all 2,857 ClawHub skills discovered 341 malicious ones in a campaign dubbed “ClawHavoc.”The professional-looking skills for cryptocurrency tools and YouTube utilities contained fake prerequisites that installed keyloggers…
Malicious packages for dYdX cryptocurrency exchange empties user wallets

Feb 7, 2026 12:14 AM

Tags: crypto, malicious

Incident is at least the third time the exchange has been targeted by thieves. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/02/malicious-packages-for-dydx-cryptocurrency-exchange-empties-user-wallets/
17% of 3rd-Party Add-Ons for OpenClaw Used in Crypto Theft and macOS Malware

Feb 6, 2026 3:14 PM

Tags: ai, crypto, macOS, malware, skills, theft

Bitdefender Labs reveals that 17% of OpenClaw AI skills analyzed in February 2026 are malicious. With over 160,000… First seen on hackread.com Jump to article: hackread.com/openclaw-add-ons-crypto-theft-macos-malware/
Incognito Market admin sentenced to 30 years for running $105 million dark web drug empire

Feb 5, 2026 9:56 PM

Tags: crypto, dark-web, training

He promised “the best security there is” to hundreds of thousands of drug buyers, while quietly making the kind of mistake that guaranteed a 30-year sentence. And maybe training police on cryptocurrency while running a running a vast Tor-hidden drug bazaar wasn’t such a good idea. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/incognito-market-admin-sentenced-30-years-105-million-dark-web-drug-empire
Cryptohack Roundup: Step Finance, CrossCurve Exploits

Feb 5, 2026 6:21 PM

Tags: breach, crypto, data, data-breach, exploit, finance, iran

Also: US Sanctions UK-Registered Exchanges Over Iran Ties. This week, Step Finance and CrossCurve hacks, the United States sanctioned U.K.-registered exchanges over Iran ties, forfeiture finalization of funds linked to Helix, Coinbase data breach, 2025’s illicit crypto flows and a UK regulator banned Coinbase ads. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-step-finance-crosscurve-exploits-a-30685
Common Crypto Scams and How to Protect Your Funds in 2026

Feb 5, 2026 4:14 PM

Tags: crypto, deep-fake, fraud, scam

Crypto scams are surging worldwide, from pig butchering to fake trading platforms and deepfakes, draining victims while fraud teams struggle to keep up. First seen on hackread.com Jump to article: hackread.com/common-crypto-scams-protect-funds-2026/
macOS Users Hit by Python Infostealers Posing as AI Installers

Feb 5, 2026 4:14 PM

Tags: ai, crypto, google, macOS, microsoft, password, tool

Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces. First seen on hackread.com Jump to article: hackread.com/macos-users-python-infostealers-posing-ai-installers/
macOS Users Hit by Python Infostealers Posing as AI Installers

Feb 5, 2026 4:14 PM

Tags: ai, crypto, google, macOS, microsoft, password, tool

Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces. First seen on hackread.com Jump to article: hackread.com/macos-users-python-infostealers-posing-ai-installers/
From Clawdbot to Moltbot to OpenClaw: Security Experts Detail Critical Vulnerabilities and 6 Immediate Hardening Steps for the Viral AI Agent

Feb 4, 2026 6:13 AM

Tags: access, ai, api, attack, authentication, computer, container, control, crypto, cve, data, data-breach, detection, docker, email, flaw, github, group, Hardware, injection, Internet, leak, login, malicious, malware, open-source, password, privacy, remote-code-execution, risk, scam, skills, software, threat, tool, unauthorized, vulnerability

Moltbot, the viral AI agent, offers immense power but is riddled with critical vulnerabilities, including remote code execution (RCE), exposed control interfaces, and malicious extensions. Read on to understand the vulnerabilities associated with Moltbot and the immediate security practices users must prioritize to mitigate this enormous agentic AI security risk. Key takeaways Moltbot takes an…
Chinese Money Laundering Jargon via Google’s Gemini

Feb 4, 2026 12:13 AM

Tags: breach, cctv, china, country, crime, crypto, data, finance, fraud, google, group, guide, Internet, iphone, jobs, nvidia, organized, phone, qr, risk, scam, service, software, theft

After having a short discussion with Gemini about Chinese Money Laundering, I could tell we weren’t quite connecting on my Mandarin-assistance requests, so I shared an example post from a Telegram “Crime-as-a-Service” group that was part of a Chinese Guarantee Syndicate. For context, these posts were made in the Tudou Guarantee Syndicate’s group dedicated to…
Step Finance says compromised execs’ devices led to $40M crypto theft

Feb 3, 2026 11:14 PM

Tags: crypto, finance, hacker, theft

Step Finance announced that it lost $40 million worth of digital assets after hackers compromised devices belonging to the company’s team of executives. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/step-finance-says-compromised-execs-devices-led-to-40m-crypto-theft/
Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms

Feb 3, 2026 11:14 PM

Tags: attack, cloud, credentials, crypto, cyber, data, macOS, social-engineering, threat

A sharp rise in campaigns targeting macOS users, while attackers also ramp up Python”‘based stealers and abuse trusted platforms like WhatsApp and popular PDF utilities. These attacks focus on harvesting credentials, browser data, cloud keys, and cryptocurrency wallets, then quietly exfiltrating them to attacker”‘controlled infrastructure. On macOS, threat actors increasingly rely on social engineering and…
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw

Feb 3, 2026 8:13 PM

Tags: ai, crypto, malicious, skills

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-crypto-trading-skills/
Hundreds of Malicious Crypto Trading Addons Found in Moltbot/OpenClaw

Feb 3, 2026 6:14 PM

Tags: ai, crypto, malicious, skills

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-crypto-trading-skills/
Wrench-Attacks: Kryptodiebe wenden zunehmend körperliche Gewalt an

Feb 3, 2026 2:13 PM

Tags: attack, crypto

Anleger aus Europa sind 2025 besonders gefährdet gewesen. Mehr als 40 Prozent der bekannten gewaltsamen Krypto-Diebstähle fanden dort statt. First seen on golem.de Jump to article: www.golem.de/news/wrench-attacks-kryptodiebe-wenden-zunehmend-koerperliche-gewalt-an-2602-204940.html
Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets

Feb 3, 2026 5:13 AM

Tags: crypto, korea, north-korea, tactics

The post Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/
MoltBot Skills exploited to distribute 400+ malware packages in days

Feb 3, 2026 12:13 AM

Tags: ai, crypto, exploit, github, malicious, malware, password, skills

Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large malware campaign abusing AI skills for Claude Code and Moltbot users. Between late January and early February 2026, more than 400 malicious skills were published on ClawHub and GitHub, posing as crypto trading tools. OpenClaw…