Tag: crypto
-
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets
A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America.The malware, according to a new report published by ThreatFabric, has also adopted improved obfuscation techniques to hinder analysis and detection, and includes the ability to create new contacts in the victim’s…
-
US Sanctions Philippines’ Funnull Technology Over $200M Crypto Scam
The US Department of the Treasury has taken action against Funnull Technology Inc. for enabling massive pig butchering… First seen on hackread.com Jump to article: hackread.com/us-sanctions-philippines-funnull-technology-crypto-scam/
-
Haozi’s PlugPlay Phishing Attack Steals Over $280,000 From Users
Netcraft security researchers have identified a significant resurgence of the Chinese-language Haozi Phishing-as-a-Service (PhaaS) operation, distinguished by its cartoon mouse mascot and frictionless cybercrime toolkit. The group’s cryptocurrency wallet has processed over $280,000, with substantial recent withdrawals, while thousands of their administration panels have been detected across the internet. What makes Haozi particularly dangerous is…
-
Future-proofing your enterprise: the role of crypto-agile PKI in long-term security
Traditional PKI creates bottlenecks that slow digital transformation due to manual processes and limited integration. As organizations adopt cloud, DevOps, and Zero Trust, scalable and automated certificate management becomes essential. Modern PKI should offer automation, policy enforcement, and integration with existing tools to reduce risk and boost agility. Upgrading PKI turns it from a barrier…
-
FBI Warns of Filipino Tech Company Running Sprawling Crypto Scams
The US Treasury said cryptocurrency investment schemes like the ones facilitated by Funnull Technology Inc. have cost Americans billions of dollars annually. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/fbi-warns-tech-company-crypto-scams
-
Hackers Use Gh0st RAT to Hijack Internet Café Systems for Crypto Mining
Hackers have been targeting Internet cafés in South Korea since the second half of 2024, exploiting specialized management software to install malicious tools for cryptocurrency mining. According to a detailed report from AhnLab SEcurity intelligence Center (ASEC), the attackers, active since 2022, are using the notorious Gh0st RAT (Remote Access Trojan) to seize control of…
-
US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major crypto losses through fraud infrastructure. The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Philippines-based company Funnull Technology Inc. and its admin Liu Lizhi for enabling romance scams, causing $200M in U.S. victim losses. A romance scam…
-
FBI Flags Philippines Tech Company Behind Crypto Scam Infrastructure
The FBI provided details of Funnull’s malicious activities, selling infrastructure to criminal groups to facilitate cryptocurrency fraud in the US First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-philippines-crypto-scam/
-
U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator Liu Lizhi for providing infrastructure to conduct romance baiting scams that led to massive cryptocurrency losses.The Treasury accused the Taguig-headquartered company of enabling thousands of websites involved in First seen…
-
Securing Windows 11 and Server 2025: What CISOs should know about the latest updates
Susan Bradley / CSOYou can prevent Recall use by turning off the saving of snapshots and also disabling Click to Do. Alternatively, if you want to enable the service, I recommend setting a list of applications that you want filtered as well as excluding a list of URLs.In addition, you can set policies for Copilot.…
-
Treasury sanctions crypto scam facilitator that allegedly stole $200M from US victims
The Philippines-based company Funnull operated a large cybercrime platform encompassing more than 332,000 domains, the FBI said. First seen on cyberscoop.com Jump to article: cyberscoop.com/funnull-cryptocurrency-scam-sanctions/
-
Crypto heist pilfers over $12M from Cork Protocol
Tags: cryptoFirst seen on scworld.com Jump to article: www.scworld.com/brief/crypto-heist-pilfers-over-12m-from-cork-protocol
-
US government sanctions tech company involved in cyber scams
The Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/29/us-government-sanctions-tech-company-involved-in-cyber-scams/
-
Cryptohack Roundup: $223M Cetus Exploit
Also: Mango Markets Hacker’s Convictions Overturned, Coinbase Lawsuit. This week, $223M Cetus Protocol hack, U.S. judge overturned Mango Markets hacker convictions, class action lawsuit against Coinbase, Cork Protocol’s $12M exploit, fake software sites spread crypto-stealing malware, a violent crypto-linked kidnapping and civil proceedings against the ex-ACX exec. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-223m-cetus-exploit-a-28538
-
Krypto-Börse gehackt, mehr als $ 200 Millionen gestohlen?
Tags: cryptoSui DEX Cetus hit by suspected hack: Over $200M in potential losses First seen on cointelegraph.com Jump to article: cointelegraph.com/news/cetus-dex-sui-exploit-200m-loss
-
More than $12 million stolen from crypto platform Cork Protocol
Decentralized finance platform Cork Protocol paused trading and launched an investigation after millions of dollars’ worth of Ethereum were lost in a “security incident.” First seen on therecord.media Jump to article: therecord.media/cork-protocol-defi-12million-crypto-theft
-
Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands
The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial institutions in Peru before expanding its scope to virtual cards and cryptocurrency wallets. This malware, known for impersonating legitimate Peruvian Android apps, tricks users into granting accessibility permissions, thereby enabling extensive data theft and remote control capabilities. Evolution of a…
-
Dark Partners cybercrime gang fuels large-scale crypto heists
A sprawling network of fake AI, VPN, and crypto software download sites is being used by the “Dark Partner” threat actors to conduct a crypto theft attacks worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dark-partners-cybercrime-gang-fuels-large-scale-crypto-heists/
-
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto
Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot.Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts.”Rather than scanning the internet, the malware retrieves a list of targets…
-
Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware
A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware.The vulnerability in question is CVE-2025-32432, a maximum severity flaw in Craft CMS that was patched in…
-
Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets
Tags: access, antivirus, credentials, crypto, cybercrime, cybersecurity, finance, malicious, rat, softwareCybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan called Venom RAT.The campaign indicates a “clear intent to target individuals for financial gain by compromising their credentials, crypto wallets, and potentially selling access to their systems,” the…
-
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet.The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and rope them into an ever-growing horde of mining bots.Kaspersky said it…
-
Hackers Exploit Craft CMS Vulnerability to Inject Cryptocurrency Miner Malware
Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense in mid-February 2025 and publicly disclosed on April 25, 2025, this flaw carries a maximum CVSS score of 10 due to its unauthenticated nature. Affecting Craft CMS versions from 3.0.0-RC1…
-
AI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report
Tags: ai, api, attack, authentication, awareness, breach, cloud, compliance, computing, control, crypto, cryptography, data, encryption, guide, malicious, malware, mfa, nist, passkey, phishing, privacy, programming, ransomware, regulation, risk, software, strategy, threat, tool, vulnerabilityAI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report madhav Tue, 05/27/2025 – 04:40 The Thales 2025 Data Threat Report reveals a critical inflection point in global cybersecurity. As the threat landscape grows more complex and hostile, the rapid adoption of generative AI is amplifying both opportunity and…
-
Crooks stole over $200 million from crypto exchange Cetus Protocol
Cetus Protocol reported a $223 million crypto theft and is offering to drop legal action if the stolen funds are returned. Last week, threat actors stole about $223 million from decentralized crypto exchange Cetus. The platform was paused during the investigation and later confirmed the cyber heist. The company confirmed that it has successfully paused…
-
SilverRAT Source Code Leaked Online: Here’s What You Need to Know
SilverRAT Source Code leaked on GitHub, exposing powerful malware tools for remote access, password theft, and crypto attacks before removal. First seen on hackread.com Jump to article: hackread.com/silverrat-source-code-leaked-online-you-need-to-know/
-
Hackers Reportedly Selling Over 500 Stolen Crypto Databases on Dark-Web Forums
A hackers has made news by allegedly selling a ZIP archive containing more than 500 compromised databases, which seems to be a serious blow to the cybersecurity of several cryptocurrency companies. This clandestine operation, taking place on dark-web forums, showcases the growing threat landscape within the crypto space where cybercriminals are increasingly targeting valuable digital…