Tag: crypto
-
NPM Supply Chain Attack: Sophisticated Multi-Chain Cryptocurrency Drainer Infiltrates Popular Packages
A sophisticated npm supply chain attack compromised popular packages First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/npm-supply-chain-attack-sophisticated-multi-chain-cryptocurrency-drainer-infiltrates-popular-packages/
-
Dev snared in crypto phishing net, 18 npm packages compromised
Popular npm packages debug, chalk, and others hijacked in massive supply chain attack First seen on theregister.com Jump to article: www.theregister.com/2025/09/08/dev_falls_for_phishing_email/
-
Lazarus Group Deploys Malware With ClickFix Scam in Fake Job Interviews
North Korea’s Lazarus Group uses the ClickFix scam in fake crypto job interviews to deploy malware, steal data,… First seen on hackread.com Jump to article: hackread.com/lazarus-group-malware-clickfix-scam-fake-job-interview/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean APT37 targeting South Korea Three Lazarus RATs coming for your cheese Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide Android Droppers: The Silent…
-
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers.”The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor,” Socket researcher First…
-
Vorladung wegen Geldwäsche: Wenn Krypto-Opfer plötzlich als Täter gelten
Tags: cryptoOpfer von Kryptobetrug? Hier ist Vorsicht geboten, denn eine Vorladung wegen Geldwäsche (§ 261 StGB) kann selbst Unschuldige treffen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/online-betrug/vorladung-wegen-geldwaesche-wenn-krypto-opfer-ploetzlich-als-taeter-gelten-320412.html
-
DOJ Moves to Seize $848K in Tether Linked to Crypto Confidence Scams
The U.S. Department of Justice has initiated a civil forfeiture action targeting $848,247 in Tether (USDT), suspected to be proceeds from elaborate confidence scams that defrauded victims across several states. The funds, laundered through a complex network of cryptocurrency wallets, are believed to be tied to schemes operating between September 2022 and February 2025. First…
-
DOJ Moves to Seize $848K in Tether Linked to Crypto Confidence Scams
The U.S. Department of Justice has initiated a civil forfeiture action targeting $848,247 in Tether (USDT), suspected to be proceeds from elaborate confidence scams that defrauded victims across several states. The funds, laundered through a complex network of cryptocurrency wallets, are believed to be tied to schemes operating between September 2022 and February 2025. First…
-
New Malware Exploits Windows Character Map to Evade Defender and Mine Crypto
A sophisticated cryptojacking campaign that hijacks Windows’ native Character Map utility (“charmap.exe”) to evade Windows Defender and covertly mine cryptocurrency on compromised machines. First detected in late August 2025, this attack exploits legitimate system binaries to load a custom cryptomining payload directly into memory, thwarting traditional antivirus signatures and curtailing forensic artifacts. Security researchers have…
-
Cryptohack Roundup: El Salvador Splits Bitcoin Reserve
Also: PowerShell-Based Cryptojacking Attack, a Malvertising Campaign. This week, El Salvador split its bitcoin reserve, an Indian court jailed cops for crypto kidnapping, a PowerShell-based cryptojacking attack, a malvertising campaign targeted Android users, a Venus Protocol hack, malware hid in npm packages using smart contracts for evasion and Bunni DEX exploit. First seen on govinfosecurity.com…
-
Malicious npm packages use Ethereum blockchain for malware delivery
Tags: attack, blockchain, crypto, github, infrastructure, malicious, malware, open-source, software, supply-chaincolortoolsv2 and mimelib2 that used Ethereum smart contracts for malware delivery in July. But not much effort was put into making those packages look legitimate and attractive for developers to include in their projects, which is usually the goal of supply chain attacks with rogue npm packages.The colortoolsv2 package, and the mimelib2 one that later…
-
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers
Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems, signaling the trend of threat actors constantly on the lookout for new ways to distribute malware and fly under the radar.”The two npm packages abused…
-
TinyLoader Malware Spreads via Network Shares and Malicious Shortcut Files on Windows
A sophisticated malware operation that combines multiple attack vectors to steal cryptocurrency and deliver additional malicious payloads to Windows systems. A recently discovered TinyLoader malware campaign is actively targeting Windows users through a multi-pronged attack strategy involving network share exploitation, USB propagation, and deceptive shortcut files. The malware, which serves as a delivery mechanism for…
-
Grade School Crypto Videos
This is a short, gentle two-part introduction to basic cryptographic concepts using text-based crypto examples. The videos illustrate encryption, decryption, ciphers, keys, algorithms, code cracking, cryptanalysis, and letter frequency analysis. Full disclosure: I produced these videos over a decade ago. Now they are hosted directly on this web site. The technical details in the videos……
-
Quantum Is Closer Than You Think”, So Why Are You Still Encrypting Like It’s 2015?
Tags: access, ai, business, cloud, communications, compliance, computer, computing, container, crypto, cryptography, data, defense, encryption, endpoint, exploit, government, guide, Hardware, infrastructure, network, nist, privacy, regulation, resilience, risk, risk-assessment, service, software, strategy, technology, threat, tool, update, vulnerabilityQuantum Is Closer Than You Think”, So Why Are You Still Encrypting Like It’s 2015? madhav Tue, 09/02/2025 – 05:43 Not long ago, the idea that quantum computers could one day break today’s strongest encryption felt like science fiction. Today, it’s no longer about if”, but when. While real-world demonstrations of quantum algorithms like Shor’s…
-
Malicious npm Package Masquerades as Popular Email Library
A malicious npm package “nodejs-smtp” has been discovered impersonating nodemailer and injecting code to drain crypto wallets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-npm-package-email-library/
-
Lazarus Hackers Exploit 0-Day to Deploy Three Remote Access Trojans
Over the past two years, Fox-IT and NCC Group have tracked a sophisticated Lazarus subgroup targeting financial and cryptocurrency firms. This actor overlaps with AppleJeus, Citrine Sleet, UNC4736 and Gleaming Pisces campaigns and leverages three distinct remote access trojans (RATs)”, PondRAT, ThemeForestRAT and RemotePE”, to infiltrate and control compromised systems. In a 2024 incident response…
-
Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets
Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems.The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347 First seen…
-
Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks
The post Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/lazarus-subgroup-deploys-three-custom-rats-in-targeted-crypto-attacks/
-
Crooks exploit Meta malvertising to target Android users with Brokewell
Cybercriminals spread Brokewell via fake TradingView Premium ads on Meta, stealing crypto and data with remote control since July 2024. Bitdefender warns threat actors are abusing Meta ads to spread fake TradingView Premium apps for Android, delivering Brokewell malware to steal crypto and data. >>Bitdefender researchers recently uncovered a wave of malicious ads on Facebook…
-
Law Enforcement Operation Seizes Fake ID Platform VerifTools
FBI Seizes Domains; Dutch Police Analyzing Seized Data to Identify Admin and Users. An international law enforcement operation involving the FBI and Dutch police has shuttered VerifTools, a key platform for generating fake identification documents cops have tied to multiple help desk fraud, cryptocurrency theft and other cybercrime cases. First seen on govinfosecurity.com Jump to…
-
Malicious npm Package Impersonates Popular Nodemailer, Puts 3.9M Weekly Downloads at Risk of Crypto Theft
A sophisticated cryptocurrency theft scheme involving a malicious npm package that masquerades as the widely-used Nodemailer email library while secretly hijacking desktop cryptocurrency wallets on Windows systems. Socket’s Threat Research Team identified the malicious package, nodejs-smtp, which impersonates the legitimate Nodemailer library that averages approximately 3.9 million weekly downloads. The fraudulent package employs a clever…
-
Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware
A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-package-hijacked-ai-malware/
-
Threat Actors Use Facebook Ads to Deliver Android Malware
Cybercriminals are increasingly turning their sights from desktop to mobile, exploiting Meta’s advertising platform to distribute a sophisticated Android banking trojan disguised as a free TradingView Premium app. Bitdefender Labs warns that these threat actors have shifted tactics after months of targeting Windows users with fake trading and cryptocurrency ads, now focusing worldwide on smartphone…
-
Cryptohack Roundup: Scammer Posing as UK Police Steals Bitcoin
Also: Taiwan Charges 14 in $41M Fraud; 1,200 Arrested in Cybercrime Bust. This week, a scammer posed as police to steal bitcon, Taiwan charged 14 in a $41M fraud case, U.S. regulators lifted a consent order on Anchorage Digital, U.S. federal prosecutors said writing code alone is not a crime and the U.S. Commodity Futures…
-
Cryptohack Roundup: Scammer Posing as UK Police Steals Bitcon
Also: Taiwan Charges 14 in $41M Fraud; 1,200 Arrested in Cybercrime Bust. This week, a scammer posed as police to steal bitcon, Taiwan charged 14 in a $41M fraud case, U.S. regulators lifted a consent order on Anchorage Digital, U.S. federal prosecutors said writing code alone is not a crime and the U.S. Commodity Futures…
-
U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime’s weapons of mass destruction and ballistic missile programs.”The North Korean regime…
-
Crypto Companies Freeze $47m in Romance Baiting Funds
Tags: cryptoChainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crypto-freeze-47m-romance-baiting/
-
Scammers Steal $1 Million in Crypto Using Fake Delta and AMC Sites
Cybersecurity firm Netcraft has discovered a new task scam cluster that has stolen over $1 million in crypto…. First seen on hackread.com Jump to article: hackread.com/scammers-steal-crypto-using-fake-delta-and-amc-sites/
-
Governments, tech companies meet in Tokyo to share tips on fighting North Korea IT worker scheme
The U.S. State Department said it worked with the Ministries of Foreign Affairs in Japan and South Korea to organize the forum, which had more than 130 attendees from freelance work platforms, payment service providers, cryptocurrency companies, AI firms and more. First seen on therecord.media Jump to article: therecord.media/japan-us-south-korea-forum-north-korea-it-worker-scheme