Tag: crypto
-
Cryptohack Roundup: Samourai Execs, Crypto CEO Sentenced
Also: Obama Twitter Hacker Ordered to Forfeit $5.3 Million. Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Samourai Wallet founders and Oklahoma Crypto CEO sentenced, Obama Twitter hacker ordered to forfeit funds, Chicago crypto ATM CEO charged and White House is reviewing a rule expanding IRS crypto oversight. First seen on…
-
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet.The activity, codenamed ShadowRay 2.0, is an evolution of a prior wave that was observed between September 2023 and March 2024. The attack,…
-
Samourai Wallet crypto mixer’s co-founders sentenced to prison
The pair had pleaded guilty in late July to participating in a conspiracy “to operate a money transmitting business in which they knowingly transmitted criminal proceeds.” First seen on therecord.media Jump to article: therecord.media/samourai-wallet-crypto-mixer-founders-sentenced
-
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used…
-
Crypto mixer founders sent to prison for laundering over $237 million
The founders of the Samourai Wallet (Samourai) cryptocurrency mixing service have been sent to prison for helping criminals launder over $237 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samourai-cryptomixer-founders-sent-to-prison-for-laundering-over-237-million/
-
Wind farm worker sentenced after turning turbines into a secret crypto mine
A technical manager at a Dutch wind farm operator has been sentenced after it was discovered he had secretly installed cryptocurrency mining rigs at two wind farm sites – just as the company was recovering from a ransomware attack. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/wind-farm-worker-sentenced-after-turning-turbines-into-a-secret-crypto-mine
-
International operation traces $55 million crypto trail of digital piracy sites
Thirty investigators from 15 countries took part in the five-day crackdown earlier this month targeting 69 digital piracy sites, including 25 illegal streaming services whose information was referred to cryptocurrency platforms for disruption. First seen on therecord.media Jump to article: therecord.media/international-operation-traces-millions-crypto-streaming-piracy
-
Europol Operation Disrupts $55m in Cryptocurrency For Piracy
Europe-wide Cyber-Patrol Week targeted IP violations, flagging 69 sites and disrupting $55m in crypto services First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/europol-disrupts-cryptocurrency/
-
California man admits to laundering crypto stolen in $230M heist
A 45-year-old from Irvine, California, has pleaded guilty to laundering at least $25 million stolen in a massive $230 million cryptocurrency heist. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/california-man-admits-to-laundering-crypto-stolen-in-230m-heist/
-
Dutch turbine engineer tried to turn wind into crypto, ends up generating community service
Techie wired cryptominers into Nordex’s network while company reeled from cyberattack First seen on theregister.com Jump to article: www.theregister.com/2025/11/18/dutch_wind_farm_crypto/
-
New ShadowRay attacks convert Ray clusters into crypto miners
A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shadowray-attacks-convert-ray-clusters-into-crypto-miners/
-
Bonkers Bitcoin heist: 5-star hotels, cash-filled envelopes, vanishing funds
Bitcoin mining hardware exec falls for sophisticated crypto scam to tune of $200k First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/11/bonkers-bitcoin-heist-5-star-hotels-cash-filled-envelopes-vanishing-funds/
-
Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/malicious-npm-packages-adspect-cloaking-crypto-scam
-
New npm Malware Campaign Redirects Victims to Crypto Sites
A new malware campaign has been observed built on seven npm packages and using cloaking techniques and fake CAPTCHAs, operated by threat actor dino_reborn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-malware-campaign-redirects/
-
Chrome extension ‘Safery’ steals crypto wallet seed phrases
First seen on scworld.com Jump to article: www.scworld.com/brief/chrome-extension-safery-ethereum-wallet-stealing-seed-phrases-poses-major-cybersecurity-threat
-
Chrome extension ‘Safery’ steals crypto wallet seed phrases
First seen on scworld.com Jump to article: www.scworld.com/brief/chrome-extension-safery-ethereum-wallet-stealing-seed-phrases-poses-major-cybersecurity-threat
-
Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages
Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and security researchers to ultimately redirect them to sketchy crypto-themed sites.The malicious npm packages, published by a threat actor named “dino_reborn” between September and November 2025, are…
-
Bitsgap vs HaasOnline: Advanced Features vs Smart Simplicity
Tags: cryptoPower vs Practicality in Crypto Automation First seen on hackread.com Jump to article: hackread.com/bitsgap-vs-haasonline-advanced-features-simplicity/
-
US chips away at North Korean IT worker fraud with guilty pleas, cryptocurrency seizure
Authorities have described Pyongyang’s revenue-generating schemes as threats to U.S. national and economic security. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/doj-north-korea-remote-worker-crackdown/805689/
-
Hackers Weaponize XWiki Flaw to Build and Rent Out Botnet Networks
Tags: attack, botnet, crypto, cve, cyber, cybersecurity, exploit, flaw, hacker, intelligence, malware, network, threat, vulnerabilityCybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency miners, and custom malware toolkits.”‹ The vulnerability, initially detected by VulnCheck’s Canary Intelligence system on October 28, 2025, has rapidly evolved from a single attacker’s exploit into a widespread multi-actor…
-
North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes
Developers remain a high-value target: Researchers highlighted that the campaign specifically targets developers involved in crypto and Web3 projects, using realistic-sounding personas and demo applications (real estate, DeFi, game forks) to lower suspicion. The state-linked actors’ shift from direct payload hosting to abusing legitimate JSON storage services suggests that even benign developer-centric platforms are now…
-
North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes
Developers remain a high-value target: Researchers highlighted that the campaign specifically targets developers involved in crypto and Web3 projects, using realistic-sounding personas and demo applications (real estate, DeFi, game forks) to lower suspicion. The state-linked actors’ shift from direct payload hosting to abusing legitimate JSON storage services suggests that even benign developer-centric platforms are now…
-
UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit
Tags: cryptoCivil recovery order targets PlugwalkJoe’s illicit gains while he serves US sentence First seen on theregister.com Jump to article: www.theregister.com/2025/11/17/cps_41m_crypto_twitter/
-
Spam flooding npm registry with token stealers still isn’t under control
Tags: access, antivirus, attack, authentication, blockchain, breach, control, credentials, crypto, detection, edr, exploit, finance, firewall, governance, identity, login, malicious, malware, mfa, monitoring, network, open-source, pypi, risk, software, spam, supply-chain, threat, tool, wormCSO that number has now grown to 153,000.And while this payload merely steals tokens, other threat actors are paying attention, said Sonatype CTO Brian Fox.When Sonatype wrote about the campaign just over a year ago, it found a mere 15,000 packages that appeared to come from a single person.With the swollen numbers reported this week,…
-
Worm flooding npm registry with token stealers still isn’t under control
Tags: access, antivirus, attack, authentication, blockchain, breach, control, credentials, crypto, detection, edr, exploit, finance, firewall, governance, identity, login, malicious, malware, mfa, monitoring, network, open-source, pypi, risk, software, supply-chain, threat, tool, wormCSO that number has now grown to 153,000.”It’s unfortunate that the worm isn’t under control yet,” said Sonatype CTO Brian Fox.And while this payload merely steals tokens, other threat actors are paying attention, he predicted.”I’m sure somebody out there in the world is looking at this massively replicating worm and wondering if they can ride…
-
DOJ Continues Crackdown on North Korea’s Cyber Schemes
Justice Department Secures Guilty Pleas, $15M in Civil Forfeiture. Federal prosecutors charged U.S. citizens and foreign nationals for aiding North Korean IT workers in infiltrating U.S. firms, laundering crypto and funneling illicit revenue back to Pyongyang’s weapons program in what the DOJ has described as a major sanctions-evasion scheme. First seen on govinfosecurity.com Jump to…
-
Five plead guilty to helping North Koreans infiltrate US firms
The U.S. Department of Justice announced that five individuals pleaded guilty to aiding North Korea’s illicit revenue generation schemes, including remote IT worker fraud and cryptocurrency theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-plead-guilty-to-helping-north-koreans-infiltrate-us-firms/
-
DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts
Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime. First seen on cyberscoop.com Jump to article: cyberscoop.com/doj-north-korea-it-worker-scheme-cases-crypto-seized/