Tag: crypto
-
North Korean Hackers Deploy Malware Using Weaponized Calendly and Google Meet Links
The North Korean state-sponsored threat actor group, identified as TA444 (also known as BlueNoroff, Sapphire Sleet, and others), has unleashed a sophisticated malware campaign targeting cryptocurrency foundations. This intricate attack, uncovered by Huntress, leverages weaponized Calendly links and deceptive Google Meet invitations to deliver a barrage of malicious payloads, specifically designed for macOS systems. The…
-
Cryptohack Roundup: $100 Million Iranian Cryptocurrency Hack
Also: Gotbit CEO Sentencing, US Authorities Seize $225M Tied to Scams. This week, $100 million Nobitex hack, Gotbit CEO sentenced, support for Roman Storm, Trump’s crypto earnings, North Korea’s Codebase infiltration, Haru Invest CEO acquitted, $225 million scam funds seized and New York disrupted a $1 million scam. First seen on govinfosecurity.com Jump to article:…
-
DOJ moves to seize $225 million in crypto stolen by scammers
A civil forfeiture complaint was filed in U.S. District Court for the District of Columbia this week, where investigators from the FBI and U.S. Secret Service said they used blockchain analysis to trace the funds back to fraud schemes perpetrated by actors in the Philippines. First seen on therecord.media Jump to article: therecord.media/doj-moves-to-seize-225-million-in-stolen-crypto
-
Israel-tied Predatory Sparrow hackers are waging cyberwar on Iran’s financial system
The hacker group has destroyed more than $90 million held at an Iranian crypto exchange. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/06/israel-tied-predatory-sparrow-hackers-are-waging-cyberwar-on-irans-financial-system/
-
US recovers $225 million of crypto stolen in investment scams
The U.S. Department of Justice has seized more than $225 million in cryptocurrency linked to investment fraud and money laundering operations, the largest crypto seizure in the history of the U.S. Secret Service. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/us-recovers-225-million-of-crypto-stolen-in-investment-scams/
-
North Korean Hackers Deploy Python-Based Trojan Targeting Crypto
Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-hackers-python-trojan/
-
DuckDuckGo beefs up scam defense to block fake stores, crypto sites
The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and “scareware” sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/duckduckgo-beefs-up-scam-defense-to-block-fake-stores-crypto-sites/
-
North Korea’s BlueNoroff uses AI deepfakes to push Mac malware in fake Zoom calls
Campaign delivers modular, persistent, Mac-specific malware: Huntress recovered a total of eight distinct malicious binaries, each with specific tasks. The primary implant, ‘Telegram 2’, was written in Nim and embedded itself as a macOS LaunchDaemon to maintain persistence. It acted as a launchpad for the real power tools, including Go-based ‘Root Troy V4’ backdoor and…
-
N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam
North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools. First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-pylangghost-malware-crypo-job-scam/
-
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices.Huntress, which revealed details of the cyber intrusion, said the attack targeted an unnamed cryptocurrency foundation employee, who received…
-
Israeli Hacktivists Steal and Burn $90m+ from Iranian Crypo Biz
Pro-Israel Predatory Sparrow Group steals $90m in crypto from Iranian exchange Nobitex First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/israeli-hacktivists-steal-burn-90m/
-
Cybersecurity takes a big hit in new Trump executive order
Provisions on secure software, quantumresistant crypto, and more are scrapped. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/06/cybersecurity-take-a-big-hit-in-new-trump-executive-order/
-
U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network
The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea.”For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems…
-
New quantum system offers publicly verifiable randomness for secure communications
Tags: blockchain, communications, crypto, cyber, cybersecurity, docker, email, finance, government, Hardware, infrastructure, open-source, software, technology, threat, toolNature and detailed in an accompanying arXiv preprint, CURBy leverages the phenomenon of quantum entanglement, where particles maintain interconnected states regardless of distance, to create fundamentally unpredictable outputs.”From a security perspective, this approach offers something valuable the ability to independently verify that random numbers haven’t been compromised,” noted Narayan Gokhale, vice president at QKS Group.…
-
Over 20 Malicious Google Play Apps Steal Users’ Login Credentials
Tags: android, credentials, crypto, cyber, cybersecurity, google, intelligence, login, malicious, phishingA major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store designed to steal users’ login credentials, specifically targeting cryptocurrency wallet holders. The campaign, identified by Cyble Research and Intelligence Labs (CRIL), reveals a sophisticated phishing operation that has already compromised the…
-
Kein Geld zu holen: Kidnapper lassen Krypto-Influencer wegen Pleite wieder frei
Tags: cryptoDie Entführer haben offenbar angenommen, bei einem Krypto-Trader mit 40.000 Abonnenten auf Tiktok sei viel zu holen. Das ist jedoch nicht der Fall gewesen. First seen on golem.de Jump to article: www.golem.de/news/kein-geld-zu-holen-kidnapper-lassen-krypto-influencer-wegen-pleite-wieder-frei-2506-197149.html
-
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan.”Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined the…
-
Huione’s ‘Shutdown’ Fails to Halt Its Laundering Network
Huione-Linked Crypto Activity Continues Despite Takedown Efforts. Huione’s apparent shutdown was cosmetic, not operational. Transaction volumes increase since the crypto laundering network’s announced closure, with services reemerging under new domains and continuing illicit operations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/huiones-shutdown-fails-to-halt-its-laundering-network-a-28696
-
Cryptohack Roundup: Evita Founder Charged in $530M Case
Also: 5 Guilty Pleas in Cambodia-linked $36.9 Million Scam. Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, charges against a crypto firm founder in a $530M sanctions evasion and money laundering case, guilty pleas in a $36.9M scam, an $8.3M exploit of Alex Lab, and Cetus Protocol relaunched after a $223M…
-
The $200,000 Zoom call
A crypto CEO shared his screen. What happened next unraveled his digital life. First seen on therecord.media Jump to article: therecord.media/crypto-scam-zoom-call-click-here
-
5 plead guilty to laundering nearly $37 million stolen through Cambodian cyber scam centers
The scheme is based in Cambodia, where people residing in scam centers contact U.S. victims through phone calls, texts, dating apps and other avenues to promote fake cryptocurrency investments. First seen on therecord.media Jump to article: therecord.media/guilty-pleas-cambodia-cyber-scams
-
Hundreds of Russian devices hit by Rare Werewolf crypto-mining attacks
The campaign has affected hundreds of Russian users, particularly targeting industrial enterprises and engineering schools, with additional victims reported in Belarus and Kazakhstan. First seen on therecord.media Jump to article: therecord.media/russian-devices-hit-by-rare-werewolf-crypto-mining
-
Five plead guilty to laundering $36 million stolen in investment scams
Five men from China, the United States, and Turkey pleaded guilty to their involvement in an international crime ring and laundering nearly $37 million stolen from U.S. victims in cryptocurrency investment scams carried out from Cambodia. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-plead-guilty-to-laundering-36-million-stolen-in-investment-scams/
-
Vulnerability in DanaBot Malware C2 Server Leaks Threat Actor Usernames and Crypto Keys
Tags: breach, control, crypto, cyber, cybersecurity, data, infrastructure, leak, malicious, malware, threat, vulnerabilityA severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys used by malicious operators to manage their campaigns. This breach could provide cybersecurity defenders with…
-
Dumping Entra Connect Sync Credentials
Recently, Microsoft changed the way the Entra Connect Connect Sync agent authenticates to Entra ID. These changes affect attacker tradecraft, as we can no longer export the sync account credentials; however, attackers can still take advantage of an Entra Connect sync account compromise and gain new opportunities that arise from the changes. How It Used To Work…
-
DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam
US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes, per a new DOJ forfeiture complaint. The DOJ filed a civil forfeiture complaint for $7.74M in crypto tied to North Korean fake IT worker schemes linked to the indictment of North Korean Foreign Trade Bank (FTB) representative Sim Hyon Sop.…
-
U.S. Targets $7.7M in Crypto Tied to North Korean IT Worker Scam
On June 5, 2025, the United States Department of Justice (DOJ) filed a verified civil forfeiture complaint in the US District Court for the District of Columbia, seeking to permanently seize over $7.7 million in cryptocurrency, non-fungible tokens (NFTs), and digital assets linked to a sophisticated global laundering operation orchestrated by North Korea. The assets…
-
New Blitz Malware Targets Windows Servers to Deploy Monero Miner
A new Windows-based malware named Blitz has been identified in 2024, with an updated version detected in early 2025. This malware, actively developed and distributed through deceptive game cheats, poses a significant threat by deploying a Monero cryptocurrency miner alongside information-stealing and denial-of-service (DoS) capabilities. Detailed analysis by Palo Alto Networks’ Unit 42 reveals that…
-
Litecoin Security: How to Spot, Avoid, and Recover from Crypto Scams
It seems not a day goes by without news of another crypto scam targeting unsuspecting holders. Those owning… First seen on hackread.com Jump to article: hackread.com/litecoin-security-how-to-spot-recover-crypto-scams/