Tag: crypto
-
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret.”The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles,” GitLab…
-
Canada dismantles TradeOgre exchange, seizes $40 million in crypto
Tags: cryptoThe Royal Canadian Mounted Police has shut down the TradeOgre cryptocurrency exchange and seized more than $40 million believed to originate from criminal activities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/canada-dismantles-tradeogre-exchange-seizes-40-million-in-crypto/
-
Cryptohack Roundup: US Sanctions Iran Shadow Banking Network
Also: Man Denied Bankruptcy Discharge Over $12.5M Crypto Ponzi Debts. U.S. sanctions Iranian shadow banking network, Texas man denied bankruptcy discharge, Nemo blames $2.6M exploit on developer errors, THORChain founder hacked, Shibarium Bridge hit by $2.4M hack, Denver court rules pastor’s $3.3M project a fraud and NYDFS tells banks to use blockchain analytics. First seen…
-
Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer
Hackers are posing as Empire podcast hosts, tricking crypto influencers and developers with fake interview invites to deliver macOS AMOS Stealer malware. First seen on hackread.com Jump to article: hackread.com/fake-empire-podcast-invites-crypto-macos-amos-stealer/
-
AI made crypto scams far more dangerous
The first half of 2025 saw one of the worst waves of crypto hacks to date, with more than $3.01 billion stolen. AI was a big part of it, making scams easier to run and letting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/18/ai-crypto-scams-dangerous/
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Python-Based “XillenStealer” Campaign Targets Windows Users’ Sensitive Data
A sophisticated Python-based information stealer named XillenStealer has emerged as a significant threat to Windows users, designed to harvest sensitive system data, browser credentials, and cryptocurrency wallet information. XillenStealer operates through a comprehensive builder framework called >>XillenStealer Builder V3.0,
-
Microsoft, Cloudflare disrupt RaccoonO365 credential stealing tool run by Nigerian national
Microsoft found that the group behind RaccoonO365 has been paid at least $100,000 in cryptocurrency from about 100 subscriptions. This is likely only a portion of the money earned from the tool, according to Microsoft. First seen on therecord.media Jump to article: therecord.media/microsoft-cloudflare-disrupt-raccoono365-credential-stealing-tool
-
Krypto, Trump und Musk statt Kultur – Hacker übernehmen Youtube-Kanäle von Arte
First seen on security-insider.de Jump to article: www.security-insider.de/cyberangriff-auf-arte-youtube-kanal-krypto-trump-musk-a-190e0ad0d39fcf36e661900de2aa724c/
-
Größter Supply-Chain-Angriff in der Geschichte von npm
Die Sicherheitsforscher von Check Point Software Technologies arbeiten den großen npm-Diebstahl auf: Am 8. September 2025 erlebte das Javascript-Ökosystem den größten Supply-Chain-Angriff in der Geschichte von npm. Durch eine gezielte Phishing-Kampagne wurde das Konto eines bekannten Maintainers kompromittiert. In der Folge schleusten die Angreifer Malware mit Krypto-Stealer-Funktion in mehr als 18 zentrale npm-Pakete ein. Diese…
-
Why 47-day SSL/TLS certificates can be used as a driver for crypto agility
SSL/TLS certificates are no longer just a technical detail, they’re now a strategic driver of crypto agility. With certificate lifespans shortening to just 47 days by 2029, organizations must adopt automation, certificate visibility, and lifecycle management to stay secure. This shift, alongside the coming impact of quantum computing, forces leadership to treat certificate agility as…
-
Israel announces seizure of $1.5M from crypto wallets tied to Iran
The Israeli government ordered the seizure of 187 wallets it said belong to the IRGC, which have over time received $1.5 billion in crypto, according to a blockchain analysis firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/
-
Israel announces seizure of $1.5 million from crypto wallets tied to Iran
The Israeli government ordered the seizure of 187 wallets it said belong to the IRGC, which have over time received $1.5 billion in crypto, according to a blockchain analysis firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/
-
‘WhiteCobra’ floods VSCode market with crypto-stealing extensions
A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whitecobra-floods-vscode-market-with-crypto-stealing-extensions/
-
Attorney Generals go after Bitcoin ATMs for supporting Fraud
On 08SEP2025, the District of Columbia’s Attorney General filed a lawsuit against Athena, a “Bitcoin ATM machine” provider with 4100+ BTMs installed. Athena charges as much as a 26% fee when someone deposits cash to buy cryptocurrency. More importantly, the lawsuit claims that 93% of all deposits into Athena “BTMs” in the DC area were…
-
Android-Trojaner RatOn: Automatische Überweisungen an Hacker Krypto-Diebstahl im Doppelpack
Neuer Android-Trojaner RatOn bringt automatische Überweisungen, Krypto-Klau & Fake-Ransomware. ThreatFabric deckt die Kampagne auf. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/android-trojaner-raton-automatische-ueberweisungen-an-hacker-krypto-diebstahl-im-doppelpack-320681.html
-
HybridPetya Crypto-Locker Outsmarts UEFI Secure Boot
Malware Not Yet Deployed in the Wild, Says Eset. New malware dubbed HybridPetya spotted on VirusTotal is adding to steadily growing pile of bootkits, creating more opportunities for hackers to infect desktops before the operating system and antivirus programs load. No telemetry exists showing HybridPetya has been deployed in the wild. First seen on govinfosecurity.com…
-
AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto
Cybersecurity researchers have disclosed details of a new campaign that leverages ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management (RMM) software, to deliver a fleshless loader that drops a remote access trojan (RAT) called AsyncRAT to steal sensitive data from compromised hosts.”The attacker used ScreenConnect to gain remote access, then executed a layered VBScript and…
-
Money Mule Networks Surge 168% Fueling Digital Banking Fraud
BioCatch Says Crime Groups Have Industrialized Operations With Stablecoin Transfers. Organized crime groups have industrialized digital banking fraud operations in the United States, with money mule networks surging 168% in the first half of 2025. Money mules are being recruited at unprecedented scale, and they’re using stablecoins to transfer funds to crypto exchanges. First seen…
-
European crypto platform SwissBorg to reimburse users after $41 million theft
Nearly 200,000 Solana coins were stolen from SwissBorg, or about 2% of its assets, according to the platform’s CEO. The company pledged to pay users back. First seen on therecord.media Jump to article: therecord.media/swissborg-platform-solana-cryptocurrency-stolen
-
More packages poisoned in npm attack, but would-be crypto thieves left pocket change
Miscreants cost victims time rather than money First seen on theregister.com Jump to article: www.theregister.com/2025/09/09/npm_supply_chain_attack/
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Hackers Compromise 18 NPM Packages in Supply Chain Attack
Attacker Socially Engineered Developer With Phishing Email. A hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week. First seen on govinfosecurity.com Jump…
-
Quantum Computing Threat Forces Crypto Revolution in 2025
The world of cybersecurity has spent decades building digital fortresses with mathematical locks that felt unbreakable. Quantum computing is rewriting the rules. The emergence of quantum computing presents a critical threat to classical cryptographic systems. It endangers the security of current digital communication frameworks. Most experts now believe a cryptographically relevant quantum computer will likely…
-
Billion-Download npm Packages Hijacked in Crypto-Stealing Attack
Hackers hijacked 18 npm packages with 2B weekly downloads, planting malware to steal crypto by redirecting wallet transactions. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/npm-packages-hijacked-crypt-stealing/
-
How One Phishing Email Compromised 18 npm Packages and Billions of Installs
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 popular JavaScript packages with over 2.6 billion weekly downloads. By tricking a maintainer into revealing credentials and 2FA codes, attackers injected crypto-stealing malware into widely used libraries. This blog unpacks how it happened, which packages were…