Tag: crypto
-
Banks need stricter controls to prevent romance fraud, says City regulator
FCA cites study showing victims’ ‘red flags’ are often missed and calls for improved monitoring systemsThe City regulator has called on banks and payment firms to bring in stricter controls protecting customers from romance fraud after a study showed a number of missed “red flags” that led to people losing huge sums of money.The review…
-
North Korea’s Famous Chollima APT Uses Trojanized Node.js App to Deploy OtterCookie RAT for Crypto Theft
The post North Korea’s Famous Chollima APT Uses Trojanized Node.js App to Deploy OtterCookie RAT for Crypto Theft appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/north-koreas-famous-chollima-apt-uses-trojanized-node-js-app-to-deploy-ottercookie-rat-for-crypto-theft/
-
North Korean operatives spotted using evasive techniques to steal data and cryptocurrency
Research from Cisco Talos and Google Threat Intelligence Group underscores the extent to which North Korea-aligned attackers attempt to avoid detection. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-attackers-evasive-techniques-malware/
-
NK’s Famous Chollima Use BeaverTail and OtterCookie Malware in Job Scam
North Korea’s Famous Chollima is back, merging BeaverTail and OtterCookie malware to target job seekers. Cisco Talos details the new threat. Keylogging, screen recording, and cryptocurrency wallet theft detected in an attack. First seen on hackread.com Jump to article: hackread.com/nk-famous-chollima-beavertail-ottercookie-malware/
-
NK’s Famous Chollima Use BeaverTail and OtterCookie Malware in Job Scam
North Korea’s Famous Chollima is back, merging BeaverTail and OtterCookie malware to target job seekers. Cisco Talos details the new threat. Keylogging, screen recording, and cryptocurrency wallet theft detected in an attack. First seen on hackread.com Jump to article: hackread.com/nk-famous-chollima-beavertail-ottercookie-malware/
-
North Korean hackers seen using blockchain to hide crypto-stealing malware
Google security researchers said on Thursday that they observed a Pyongyang-backed hacking group, tracked as UNC5342, deploying a method known as EtherHiding, a way of embedding malicious code inside smart contracts on decentralized networks such as Ethereum and BNB Smart Chain. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-using-blockchain-hiding-malware
-
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
Tags: blockchain, crypto, google, group, hacker, hacking, intelligence, korea, malware, north-korea, theft, threatA threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method.The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster…
-
North Korean hackers use EtherHiding to hide malware on the blockchain
North Korean hackers were observed employing the ‘EtherHiding’ tactic to deliver malware, steal cryptocurrency, and perform espionage with stealth and resilience. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-use-etherhiding-to-hide-malware-on-the-blockchain/
-
North Korean hackers use EtherHiding to hide malware on the blockchain
North Korean hackers were observed employing the ‘EtherHiding’ tactic to deliver malware, steal cryptocurrency, and perform espionage with stealth and resilience. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-use-etherhiding-to-hide-malware-on-the-blockchain/
-
Operation Silk Lure: Weaponizing Windows Scheduled Tasks for ValleyRAT Delivery
A targeted cyber-espionage campaign exploiting Windows Scheduled Tasks and DLL side-loading to deploy the sophisticated ValleyRAT backdoor. The operation pivots on tailored spear-phishing emails, weaponized Windows shortcuts, and a persistent task scheduler mechanism, all delivering a multi-stage malware payload designed to harvest sensitive intelligence from Chinese FinTech and cryptocurrency firms. Adversaries behind Operation Silk Lure…
-
Operation Silk Lure: Weaponizing Windows Scheduled Tasks for ValleyRAT Delivery
A targeted cyber-espionage campaign exploiting Windows Scheduled Tasks and DLL side-loading to deploy the sophisticated ValleyRAT backdoor. The operation pivots on tailored spear-phishing emails, weaponized Windows shortcuts, and a persistent task scheduler mechanism, all delivering a multi-stage malware payload designed to harvest sensitive intelligence from Chinese FinTech and cryptocurrency firms. Adversaries behind Operation Silk Lure…
-
Operation Heracles strikes blow against massive network of fraudulent crypto trading sites
In a significant crackdown against online cybercriminals, German authorities have successfully dismantled a network of fraudulent cryptocurrency investment sites that has targeted millions of unsuspecting people across Europe. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/operation-heracles-strikes-blow-massive-network-fraudulent-crypto-trading-sites
-
Operation Heracles strikes blow against massive network of fraudulent crypto trading sites
In a significant crackdown against online cybercriminals, German authorities have successfully dismantled a network of fraudulent cryptocurrency investment sites that has targeted millions of unsuspecting people across Europe. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/operation-heracles-strikes-blow-massive-network-fraudulent-crypto-trading-sites
-
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive.Hackers don’t always break systems anymore, they use them. They hide inside…
-
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive.Hackers don’t always break systems anymore, they use them. They hide inside…
-
Panne bei Paypal-Partner: Versehentlich 300 Billionen USD in Krypto-Coins erzeugt
Kleiner Fehler, große Wirkung: Ein Paypal-Partner hat durch einen Fehler fast die dreifache Menge des globalen BIP in PYUSD-Stablecoins generiert. First seen on golem.de Jump to article: www.golem.de/news/panne-bei-paypal-partner-versehentlich-300-billionen-usd-in-krypto-coins-erzeugt-2510-201222.html
-
Thousands Hit by Malicious VS Code Extensions Stealing Source Code
TigerJack’s fake VS Code extensions stole source code, mined crypto, and hijacked developer systems across 17,000 installations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/malicious-vs-code-extension/
-
Thousands Hit by Malicious VS Code Extensions Stealing Source Code
TigerJack’s fake VS Code extensions stole source code, mined crypto, and hijacked developer systems across 17,000 installations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/malicious-vs-code-extension/
-
Thousands Hit by Malicious VS Code Extensions Stealing Source Code
TigerJack’s fake VS Code extensions stole source code, mined crypto, and hijacked developer systems across 17,000 installations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/malicious-vs-code-extension/
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
TigerJack Hackers Target Developer Marketplaces with 11 Malicious VS Code Extensions
Sophisticated Threat Actor Compromises 17,000+ Developers Through Trojan Extensions That Steal Code and Mine Cryptocurrency. Operating since early 2025 under multiple publisher accounts (ab-498, 498, and 498-00), this sophisticated campaign deploys extensions that steal source code, mine cryptocurrency, and establish remote backdoors for complete system control. A newly identified threat actor known as TigerJack has…
-
U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
The U.S. government has seized about $15 billion worth of Bitcoin connected to what prosecutors call one of the largest cryptocurrency fraud and human trafficking operations … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/15/prince-group-crypto-scam-15-billion-in-bitcoin-seized/
-
U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
The U.S. government has seized about $15 billion worth of Bitcoin connected to what prosecutors call one of the largest cryptocurrency fraud and human trafficking operations … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/15/prince-group-crypto-scam-15-billion-in-bitcoin-seized/
-
Officials crack down on Southeast Asia cybercrime networks, seize $15B
The cryptocurrency seizure and sanctions targeting the Prince Group, associates and affiliated businesses mark the most extensive action taken against cybercrime operations in the region to date. First seen on cyberscoop.com Jump to article: cyberscoop.com/southeast-asia-cybercrime-networks-sanctions-seizure/
-
US seizes $15 billion in crypto from ‘pig butchering’ kingpin
The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-seizes-15-billion-in-crypto-from-pig-butchering-kingpin/
-
Hackers Mimic as OpenAI and Sora Services to Steal Login Credentials
Hackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participating in faux “gift” surveys, and even falling victim to cryptocurrency scams. Security researchers note that these deceptive domains are already ensnaring…
-
Astaroth Trojan Uses GitHub Images to Stay Active After Takedowns
Astaroth banking trojan has evolved to use GitHub and steganography for resilient C2, hiding its vital commands in images. Learn how this sophisticated malware employs fileless techniques to steal banking and crypto credentials from users across Latin America. First seen on hackread.com Jump to article: hackread.com/astaroth-trojan-github-images-active-takedowns/
-
The Guardian view on the online scam industry: authorities must not forget that perpetrators are often victims too | Editorial
A lucrative sector is spreading fast as criminal enterprises force abused and trafficked workers to cheat othersA Chinese court last month <a href=”https://www.theguardian.com/world/2025/sep/30/china-court-sentences-11-people-to-death-over-alleged-role-in-family-run-myanmar-scam-operations”>sentenced 11 people to death over their roles in a illegal scam empire along the border with Myanmar. But it won’t end a noxious multibillion-dollar industry that devastates the lives of two sets…