Tag: crypto
-
Malicious NuGet Packages Pose as Nethereum, Steal Crypto Wallet Keys
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting cryptocurrency developers through the NuGet package registry. The malicious packages, which exfiltrate sensitive wallet data including private keys and mnemonics, highlight a critical vulnerability in package registry security practices. The attack centers on a package named Netherеum.All, which appears identical to the legitimate…
-
Ransomware recovery perils: 40% of paying victims still lose their data
Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, updateAdditional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
-
Ransomware recovery perils: 40% of paying victims still lose their data
Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, updateAdditional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
-
US Crypto Bust Offers Hope in Battle Against Cybercrime Syndicates
A $14 billion seizure by US investigators presents a warning for cybercriminals’ reliance on bitcoin but is still a positive development for the cryptocurrency industry. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/us-crypto-bust-hope-battle-against-cybercrime-syndicates
-
Surge in UK savings lost to investment scams, with fake crypto thought to top the list
Banking industry data shows £629m was stolen in six months from fraud that included gold, wine and property The amount of money lost to investment scams by UK consumers has leapt 55% in a year as cryptocurrency fraudsters intensify their efforts to cheat people out of their savings, data shows.Official UK banking industry data shows…
-
Trump pardons former Binance CEO after guilty plea in letting cybercrime proceeds flow through platform
Changpeng Zhao had been unfairly targeted in the Biden administration’s investigations of the cryptocurrency industry, the White House said in confirming that President Donald Trump had pardoned the former Binance CEO. First seen on therecord.media Jump to article: therecord.media/changpeng-zhao-former-binance-ceo-pardoned-donald-trump
-
Cryptohack Roundup: Trump Pardons Changpeng Zhao
Also: Astra Nova RVV Token Plummets, Canada Fines Cryptomus $126M. This week, U.S. President Donald Trump pardoned Changpeng Zhao, Astra Nova RVV token plummeted, an investor lost $3M in a wallet breach linked to Huione Group, Canada fined Cryptomus, a U.K. regulator sued HTX over illegal crypto promotions and hacked LuBian wallets moved $1.8B in…
-
ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More
Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target.This week’s ThreatsDay highlights show exactly how those weak points are being…
-
WazirX to Resume Exchange Operations After 15-Month Hiatus Following Cyberattack
WazirX, one of India’s popular cryptocurrency exchanges, is set to restart its operations on October 24, nearly 15 months after a cyberattack forced the platform to halt all activities. The decision to resume trading follows the approval of WazirX’s restructuring plan by Singapore’s High Court. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/wazirx-to-resume-trading-after-cyberattack/
-
WazirX to Resume Exchange Operations After 15-Month Hiatus Following Cyberattack
WazirX, one of India’s popular cryptocurrency exchanges, is set to restart its operations on October 24, nearly 15 months after a cyberattack forced the platform to halt all activities. The decision to resume trading follows the approval of WazirX’s restructuring plan by Singapore’s High Court. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/wazirx-to-resume-trading-after-cyberattack/
-
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims’ cryptocurrency wallet keys.The package, Netherеum.All, has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and First seen on…
-
Self-propagating worm found in marketplaces for Visual Studio Code extensions
Tags: access, application-security, attack, backdoor, backup, best-practice, blockchain, breach, ciso, control, credentials, crime, crypto, cyber, data, data-breach, endpoint, framework, github, gitlab, google, government, identity, incident response, infrastructure, intelligence, least-privilege, login, malicious, malware, marketplace, network, open-source, resilience, risk, sans, security-incident, software, supply-chain, threat, tool, update, wormMarketplaces targeted: The Koi Security report is the latest in a series of warnings that threat actors are increasingly targeting VS Code marketplaces in supply chain attacks. Last week, Koi Security exposed a threat actor dubbed TigerJack spreading malicious extensions. And researchers at Wiz just published research showing the widespread abuse of the OpenVSX and…
-
New Luma Infostealer Malware Steals Browser Data, Cryptocurrency, and Remote Access Accounts
Luma Infostealer, a malware-as-a-service (MaaS) offering, has emerged as a potent threat targeting high-value credentials such as web browser cookies, cryptocurrency wallets, and VPN/RDP account information. Beyond isolated theft, threat actors are employing Luma in the initial infiltration stages of complex campaigns”, ransomware deployment, account hijacking, and internal network compromise. The stolen data fuels identity…
-
White Label Crypto Bank Solutions: Building Digital Banking for the Blockchain Era
The growing demand for crypto-friendly financial services has accelerated the rise of white-label crypto bank solutions. These ready-made… First seen on hackread.com Jump to article: hackread.com/white-label-crypto-bank-solutions-blockchain-era/
-
White Label Crypto Bank Solutions: Building Digital Banking for the Blockchain Era
The growing demand for crypto-friendly financial services has accelerated the rise of white-label crypto bank solutions. These ready-made… First seen on hackread.com Jump to article: hackread.com/white-label-crypto-bank-solutions-blockchain-era/
-
New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions
GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First identified on October 17, 2025, GlassWorm hijacks developer machines via invisible Unicode code, harvests credentials, drains cryptocurrency wallets, and transforms infected systems…
-
New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions
GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First identified on October 17, 2025, GlassWorm hijacks developer machines via invisible Unicode code, harvests credentials, drains cryptocurrency wallets, and transforms infected systems…
-
North Korea’s WaterPlum APT Deploys Node.js OtterCandy RAT for Crypto Theft with Anti-Forensic Module
The post North Korea’s WaterPlum APT Deploys Node.js OtterCandy RAT for Crypto Theft with Anti-Forensic Module appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/north-koreas-waterplum-apt-deploys-node-js-ottercandy-rat-for-crypto-theft-with-anti-forensic-module/
-
Hackers Dox ICE, DHS, DOJ, and FBI Officials
Plus: A secret FBI anti-ransomware task force gets exposed, the mystery of the CIA’s Kryptos sculpture is finally solved, North Koreans busted hiding malware in the Ethereum blockchain, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-hackers-dox-ice-dhs-doj-and-fbi-officials/
-
North Korean Hackers Use Blockchain to Hide Crypto-Stealing Malware
North Korean hackers are using blockchain smart contracts to hide malware and steal cryptocurrency. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-use-blockchain-to-hide-crypto-stealing-malware/
-
North Korean Hackers Use Blockchain to Hide Crypto-Stealing Malware
North Korean hackers are using blockchain smart contracts to hide malware and steal cryptocurrency. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-use-blockchain-to-hide-crypto-stealing-malware/
-
North Korean Hackers Use EtherHiding to Steal Crypto
Google reveals North Korean hackers are using EtherHiding, a blockchain-based technique, to deliver malware and steal cryptocurrency First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nk-hackers-etherhiding-steal-crypto/
-
CISOs face quantum leap in prioritizing quantum resilience
Tags: apple, attack, ciso, cloud, computer, computing, crypto, cybersecurity, data, data-breach, encryption, finance, governance, government, Hardware, healthcare, infrastructure, nist, resilience, risk, service, software, supply-chain, technology, threat, vulnerabilityState of migration: Encryption underpins the security of everything from healthcare records to government data and e-commerce transactions.But just 8.5% of SSH servers currently support quantum-safe encryption.TLS 1.3 adoption, currently at 19%, also trails older, quantum-vulnerable versions, according to a recent study by Forescout.Other experts paint a more optimistic picture of PQC deployment since NIST…
-
CISOs face quantum leap in prioritizing quantum resilience
Tags: apple, attack, ciso, cloud, computer, computing, crypto, cybersecurity, data, data-breach, encryption, finance, governance, government, Hardware, healthcare, infrastructure, nist, resilience, risk, service, software, supply-chain, technology, threat, vulnerabilityState of migration: Encryption underpins the security of everything from healthcare records to government data and e-commerce transactions.But just 8.5% of SSH servers currently support quantum-safe encryption.TLS 1.3 adoption, currently at 19%, also trails older, quantum-vulnerable versions, according to a recent study by Forescout.Other experts paint a more optimistic picture of PQC deployment since NIST…
-
CISOs face quantum leap in prioritizing quantum resilience
Tags: apple, attack, ciso, cloud, computer, computing, crypto, cybersecurity, data, data-breach, encryption, finance, governance, government, Hardware, healthcare, infrastructure, nist, resilience, risk, service, software, supply-chain, technology, threat, vulnerabilityState of migration: Encryption underpins the security of everything from healthcare records to government data and e-commerce transactions.But just 8.5% of SSH servers currently support quantum-safe encryption.TLS 1.3 adoption, currently at 19%, also trails older, quantum-vulnerable versions, according to a recent study by Forescout.Other experts paint a more optimistic picture of PQC deployment since NIST…
-
North Korean Hackers Exploit EtherHiding to Spread Malware and Steal Crypto Assets
Tags: attack, blockchain, crypto, cyber, cybercrime, cybersecurity, exploit, hacker, malicious, malware, north-korea, technology, threatThe cybersecurity landscape has witnessed a significant evolution in attack techniques with North Korean threat actors adopting EtherHiding, a sophisticated method that leverages blockchain technology to distribute malware and facilitate cryptocurrency theft. EtherHiding represents a fundamental shift in how cybercriminals store and deliver malicious payloads by embedding malware code within smart contracts on public blockchains…
-
North Korean Hackers Exploit EtherHiding to Spread Malware and Steal Crypto Assets
Tags: attack, blockchain, crypto, cyber, cybercrime, cybersecurity, exploit, hacker, malicious, malware, north-korea, technology, threatThe cybersecurity landscape has witnessed a significant evolution in attack techniques with North Korean threat actors adopting EtherHiding, a sophisticated method that leverages blockchain technology to distribute malware and facilitate cryptocurrency theft. EtherHiding represents a fundamental shift in how cybercriminals store and deliver malicious payloads by embedding malware code within smart contracts on public blockchains…
-
Banks need stricter controls to prevent romance fraud, says City regulator
FCA cites study showing victims’ ‘red flags’ are often missed and calls for improved monitoring systemsThe City regulator has called on banks and payment firms to bring in stricter controls protecting customers from romance fraud after a study showed a number of missed “red flags” that led to people losing huge sums of money.The review…