Tag: crypto
-
Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware
A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-package-hijacked-ai-malware/
-
Threat Actors Use Facebook Ads to Deliver Android Malware
Cybercriminals are increasingly turning their sights from desktop to mobile, exploiting Meta’s advertising platform to distribute a sophisticated Android banking trojan disguised as a free TradingView Premium app. Bitdefender Labs warns that these threat actors have shifted tactics after months of targeting Windows users with fake trading and cryptocurrency ads, now focusing worldwide on smartphone…
-
Cryptohack Roundup: Scammer Posing as UK Police Steals Bitcoin
Also: Taiwan Charges 14 in $41M Fraud; 1,200 Arrested in Cybercrime Bust. This week, a scammer posed as police to steal bitcon, Taiwan charged 14 in a $41M fraud case, U.S. regulators lifted a consent order on Anchorage Digital, U.S. federal prosecutors said writing code alone is not a crime and the U.S. Commodity Futures…
-
Cryptohack Roundup: Scammer Posing as UK Police Steals Bitcon
Also: Taiwan Charges 14 in $41M Fraud; 1,200 Arrested in Cybercrime Bust. This week, a scammer posed as police to steal bitcon, Taiwan charged 14 in a $41M fraud case, U.S. regulators lifted a consent order on Anchorage Digital, U.S. federal prosecutors said writing code alone is not a crime and the U.S. Commodity Futures…
-
U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime’s weapons of mass destruction and ballistic missile programs.”The North Korean regime…
-
Crypto Companies Freeze $47m in Romance Baiting Funds
Tags: cryptoChainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crypto-freeze-47m-romance-baiting/
-
Scammers Steal $1 Million in Crypto Using Fake Delta and AMC Sites
Cybersecurity firm Netcraft has discovered a new task scam cluster that has stolen over $1 million in crypto…. First seen on hackread.com Jump to article: hackread.com/scammers-steal-crypto-using-fake-delta-and-amc-sites/
-
Governments, tech companies meet in Tokyo to share tips on fighting North Korea IT worker scheme
The U.S. State Department said it worked with the Ministries of Foreign Affairs in Japan and South Korea to organize the forum, which had more than 130 attendees from freelance work platforms, payment service providers, cryptocurrency companies, AI firms and more. First seen on therecord.media Jump to article: therecord.media/japan-us-south-korea-forum-north-korea-it-worker-scheme
-
Crypto thief earns additional prison time for assaulting witness
Remy Ra St Felix led a vicious international crime ring First seen on theregister.com Jump to article: www.theregister.com/2025/08/26/crypto_thief_witness_assault/
-
Behind the Coinbase breach: Bribery emerges as enterprise threat
Coinbase’s widely praised incident response: Coinbase’s transparency, firm stance against the ransom, quick remediation, and willingness to compensate its customers earned wide praise from cybersecurity professionals.According to Coinbase’s Martin, the hackers resorted to paying help desk workers in India precisely because the company had built such a robust security program. Bribery, according to Martin, was…
-
Fake CoinMarketCap Journalists Targeting Crypto Executives in Spear-Phishing Campaign
Fake CoinMarketCap journalist profiles used in spear-phishing target crypto execs via Zoom interviews, risking malware, data theft, and… First seen on hackread.com Jump to article: hackread.com/fake-coinmarketcap-journalists-crypto-executives-spear-phishing/
-
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Tags: attack, botnet, crypto, cve, cybercrime, cybersecurity, exploit, iot, malicious, vulnerabilityCybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical First seen on thehackernews.com Jump to…
-
Lumma Operators Deploy Cutting-Edge Evasion Tools to Maintain Stealth and Persistence
Lumma infostealer affiliates’ complex operating framework was revealed by Insikt Group in a ground-breaking report published on August 22, 2025, underscoring their reliance on cutting-edge evasion technologies to support cybercrime operations. The Lumma malware, a prominent malware-as-a-service (MaaS) platform since 2022, facilitates data exfiltration from browsers, cryptocurrency wallets, and system credentials, supported by a decentralized…
-
Interpol bags 1,209 suspects, $97M in cybercrime operation focused on Africa
Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 First seen on theregister.com Jump to article: www.theregister.com/2025/08/22/interpol_serengeti_20/
-
New SHAMOS Malware Targets macOS Through Fake Help Sites to Steal Login Credentials
Tags: credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, group, login, macOS, malware, serviceCybersecurity researchers at CrowdStrike identified and thwarted a sophisticated malware campaign deploying SHAMOS, an advanced variant of the Atomic macOS Stealer (AMOS) malware, orchestrated by the cybercriminal group COOKIE SPIDER. Operating under a malware-as-a-service model, COOKIE SPIDER rents out this information stealer to affiliates who target victims to harvest sensitive data, including login credentials, cryptocurrency…
-
A Scattered Spider member gets 10 years in prison
A 20-year-old Scattered Spider member gets 10 years in prison and $13M restitution for SIM-swapping crypto thefts. Scattered Spider hacker, Noah Michael Urban (20), was sentenced to 10 years in U.S. prison and ordered to pay $13M restitution for SIM-swapping crypto thefts. >>A 20-year-old Palm Coast man linked to a massive cybercriminal gang was sentenced…
-
Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft
A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts.Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of Urban’s…
-
Smashing Security podcast #431: How to mine millions without paying the bill
In episode 431 of the “Smashing Security” podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches, by racking up millions in unpaid cloud bills. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-431/
-
Britain targets Kyrgyz financial institutions, crypto networks aiding Kremlin
The UK has imposed new sanctions on Kyrgyz financial institutions and crypto networks accused of helping Russia evade restrictions. The UK imposed sanctions on Kyrgyz financial institutions and crypto networks accused of aiding Russian sanctions evasion, war funding, and ransomware activities. The U.K. imposed new sanctions on Kyrgyzstan’s Capital Bank and director Kantemir Chalbayev, accused…
-
Britain targets Kyrgyz crypto networks aiding Kremlin with sanctions
The United Kingdom imposed a new tranche of sanctions targeting financial institutions and cryptocurrency networks in Kyrgyzstan that are accused of facilitating Russian sanctions evasion. First seen on therecord.media Jump to article: therecord.media/britain-targets-kyrgyz-crypto
-
TRM Launches Industry-Wide Platform to Fight Crypto Crimes
With Beacon Network, TRM Labs has brought together law enforcement and some of the largest crypto exchanges to fight against crypto crimes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/trm-labs-beacon-network-fight/
-
TRM Launches Industry-Wide Platform to Fight Crypto Crimes
With Beacon Network, TRM Labs has brought together law enforcement and some of the largest crypto exchanges to fight against crypto crimes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/trm-labs-beacon-network-fight/
-
Defending Enterprise Data Against Quantum Encryption Attacks
Tags: attack, computer, crypto, cryptography, cybersecurity, data, encryption, linkedin, risk, technology, threat, toolThe quantum cliff is coming. Q-Day is the point in time when quantum computers become powerful enough to break most data encryption. It is inevitable that legacy algorithms will be undermined and the race is on to proactively migrate to modern tools to protect sensitive data. In our latest episode of Cybersecurity Insights, I sat…
-
AI Website Builder Lovable Abused for Phishing and Malware Scams
Scammers have been spotted abusing AI site builder Lovable to mimic trusted brands, steal credentials, drain crypto wallets,… First seen on hackread.com Jump to article: hackread.com/ai-website-builder-lovable-phishing-malware-scams/
-
Automation Alert Sounds as Certificates Set to Expire Faster
Maximum Validity of Public TLS Certificates Will Drop From 398 Days to Just 47 Days. The future of managing digital certificates is already here – it’s just not evenly distributed yet. With the public TLS certificate validity period set to drop to just 47 days, as well as the need to migrate to quantum-safe encryption,…
-
UK Quietly Drops ‘Think of the Children’ Apple iCloud Crypto Crack Call
ADP E2EE vs. UK: Brits agree to change course, but Tim still shtum. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/uk-apple-adp-tulsi-gabbard-jd-vance-richixbw/
-
UK Quietly Drops ‘Think of the Children’ Apple iCloud Crypto Crack Call
ADP E2EE vs. UK: Brits agree to change course, but Tim still shtum. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/uk-apple-adp-tulsi-gabbard-jd-vance-richixbw/