Tag: crypto
-
Largest US crypto exchange hit by cyber-attack with costs expected of up to $400m
Hackers paid overseas Coinbase employees for account data; company is offering $20m reward for informationThe biggest cryptocurrency exchange in the US forecast that a cyber-attack that breached account data of a “small subset” of its customers would cost it between $180m and $400m. Coinbase said that price tag would not include the $20m ransom demanded…
-
Sophos X-Ops Analyse: So waschen Cyberkriminelle ihre erbeuteten Krypto-Millionen
Die Erkenntnisse stammen aus einer mehrmonatigen Analyse von Sophos X-Ops. Die Experten haben Bewegungen auf Darknet-Marktplätzen, Blockchain-Transaktionen und öffentliche Unternehmensdaten ausgewertet. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-x-ops-analyse-so-waschen-cyberkriminelle-ihre-erbeuteten-krypto-millionen/a40816/
-
Geldwäsche 2.0: Wie Cyberkriminelle ihre Krypto-Dollar in legale Geschäfte investieren
Früher prahlten Hacker aufmerksamkeitsheischend mit ihren Lamborghinis heute agieren sie sehr viel geschäftsorientierter mit ihren kriminellen Erlösen und eröffnen Start-ups, Restaurants oder Coding-Schulen. Das ist eines der zentralen Ergebnisse einer aktuellen Untersuchung der Cybersecurity-Experten von Sophos X-Ops. Die Analyse zeigt: Cyberkriminelle investieren ihre illegal erworbenen Gewinne gezielt in reale Unternehmen; oftmals mit legaler Fassade, First…
-
FrigidStealer Malware Hits macOS Users via Fake Safari Browser Updates
FrigidStealer malware targets macOS users via fake browser updates, stealing passwords, crypto wallets, and notes using DNS-based data… First seen on hackread.com Jump to article: hackread.com/frigidstealer-malware-macos-fake-safari-browser-update/
-
Coinbase data breach exposes customer info and government IDs
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-discloses-breach-faces-up-to-400-million-in-losses/
-
Coinbase offers $20 million bounty after extortion attempt with stolen data
Cryptocurrency trading platform Coinbase said an attacker tried to extort the company for $20 million over stolen data. “We said no,” Coinbase said, and instead offered that amount as a bounty. First seen on therecord.media Jump to article: therecord.media/coinbase-extortion-attempt-company-offers-20million-reward
-
Coinbase says customers’ personal information stolen in data breach
The crypto exchange giant said the hacker bribed contractors and employees in support roles to steal data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/15/coinbase-says-customers-personal-information-stolen-in-data-breach/
-
Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering
Tags: blockchain, china, crime, crypto, data, data-breach, korea, marketplace, north-korea, scam, technologyA Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee.According to a report published by blockchain analytics firm Elliptic, merchants on the marketplace have been found to peddle technology, personal data, and money laundering…
-
Katz Stealer Malware Hits 78+ Chromium and Gecko-Based Browsers
Newly disclosed information-stealing malware dubbed Katz Stealer has emerged as a significant threat to users of Chromium and Gecko-based browsers, with capabilities to extract sensitive data from over 78 browser variants. Developed in C and Assembly (ASM) for lightweight efficiency, the malware targets credentials, cookies (including version 20+), autofill data, CVV2 codes, OAuth tokens, cryptocurrency…
-
New ‘Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chihuahua-stealer-browser-crypto/
-
Cybercrime & Kryptowährungen Teil 1 – So erkennen IT-Security-Experten Krypto-Risiken rechtzeitig
First seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminalitaet-krypto-boersen-risiken-erkennen-a-ab884215956d0c34c9248509ddf611f3/
-
An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado
Before a crackdown by Telegram, Xinbi Guarantee grew into one of the internet’s biggest markets for Chinese-speaking crypto scammers and money laundering. And all registered to a US address. First seen on wired.com Jump to article: www.wired.com/story/xinbi-guarantee-crypto-scam-hub/
-
New attack can steal cryptocurrency by planting false memories in AI chatbots
Malicious “context manipulation” technique causes bot to send payments to attacker’s wallet. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/ai-agents-that-autonomously-trade-cryptocurrency-arent-ready-for-prime-time/
-
Inferno Drainer ist zurück: Check Point warnt vor neuer Angriffswelle auf Krypto-Wallets
Check Point schützt seine Kunden durch Technologien wie Quantum Gateway, Harmony Endpoint und ThreatCloud AI inklusive Erkennungssignaturen wie Inferno.TC. oder Trojan.UNKNOWN.InfernoDrainer.A. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/inferno-drainer-ist-zurueck-check-point-warnt-vor-neuer-angriffswelle-auf-krypto-wallets/a40781/
-
IAM 2025: Diese 10 Trends entscheiden über Ihre Sicherheitsstrategie
Tags: access, ai, api, authentication, best-practice, cio, ciso, cloud, compliance, conference, credentials, crypto, cryptography, detection, dora, framework, governance, iam, identity, iot, kritis, login, mfa, nis-2, resilience, risk, risk-analysis, service, strategy, threat, tool, zero-trustDie Kernaussage der EIC Conference 2025: IAM ist ein ganzheitlicher Architekturansatz und kein Toolset. Identity & Access Management (IAM) ist nicht länger eine Frage der Tool-Auswahl, sondern der Architektur. Diese Kernaussage prägte die European Identity and Cloud Conference 2025, die vom 6. bis 9. Mai in Berlin stattfand. Mit über 1.500 Teilnehmern, 300 Rednern und…
-
Krypto-Betrug: Alte Malware ‘Inferno” lebt im Verborgenen weiter
Trotz gegenteiliger Behauptungen ist ein berüchtigter Krypto-Wallet-Drainer namens Inferno weiterhin aktiv und gefährlicher denn je. Sicherheitsforscher von Check Point Research (CPR) deckten auf, dass die vermeintliche Abschaltung im Jahr 2023 lediglich ein Ablenkungsmanöver war. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/betrug-malware-inferno-lebt-weiter
-
FreeDrain Phishing Scam Drains Crypto Hobbyists’ Wallets
A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/freedrain-phishing-scam-crypto/
-
German Police Shutter “eXch” Money Laundering Service
Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/german-police-shutter-exch-money/
-
German police seized eXch crypto exchange
Germany’s BKA shut down eXch crypto exchange, seizing its infrastructure over money laundering and illegal trading platform charges. On April 30, 2025, Germany’s Federal Criminal Police (BKA) shut down the eXch crypto exchange (eXch.cx), seizing its infrastructure over money laundering and illegal trading allegations. ZIT, BKA, and Dutch FIOD led the operation, expecting the evidence…
-
North Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOS
A North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and FinTech companies globally. Since 2023, their infamous Contagious Interview campaign has utilized malware such as BeaverTail and InvisibleFerret to infiltrate systems. However, in September 2024, WaterPlum introduced a sophisticated new…
-
Germany Shuts Down eXch Over $1.9B Laundering, Seizes Euro34M in Crypto and 8TB of Data
Germany’s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform.The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets…
-
Malicious X ads fuel new cryptocurrency scam
First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-x-ads-fuel-new-cryptocurrency-scam
-
Kurz vor Schließung: Von Bybit-Hackern genutztes Kryptoportal zerschlagen
Tags: cryptoEigentlich sollte der auf Anonymität getrimmte Krypto-Swapping-Dienst eXch zum 1. Mai schließen. Nur einen Tag zuvor hat das BKA noch zugegriffen. First seen on golem.de Jump to article: www.golem.de/news/geldwaesche-polizei-zerschlaegt-von-kriminellen-genutztes-kryptoportal-2505-196055.html
-
German operation shuts down crypto mixer eXch, seizes millions in assets
Infrastructure and digital assets from the cryptocurrency mixer eXch, believed to be involved with the laundering of funds from the ByBit hack, are now in the hands of German authorities. First seen on therecord.media Jump to article: therecord.media/exch-cryptocurrency-mixer-germany-takedown
-
Hackers Weaponizing Facebook Ads to Deploy Multi-Stage Malware Attacks
A persistent and highly sophisticated malvertising campaign on Facebook has been uncovered by Bitdefender Labs, exploiting the trust associated with major cryptocurrency exchanges to distribute multi-stage malware. This ongoing operation, active for several months as of May 2025, leverages advanced evasion techniques, mass brand impersonation, and user-tracking mechanisms to bypass conventional security defenses. By impersonating…
-
Germany takes down eXch cryptocurrency exchange, seizes servers
The Federal police in Germany (BKA) seized the server infrastructure and shut down the ‘eXch’ cryptocurrency exchange platform for alleged money laundering cybercrime proceeds. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-takes-down-exch-cryptocurrency-exchange-seizes-servers/
-
Kurz vor Schließung: Von Kryptodieben genutztes Swapping-Portal zerschlagen
Tags: cryptoEigentlich sollte der auf Anonymität getrimmte Krypto-Swapping-Dienst eXch zum 1. Mai schließen. Nur einen Tag zuvor hat das BKA noch zugegriffen. First seen on golem.de Jump to article: www.golem.de/news/geldwaesche-polizei-zerschlaegt-von-kriminellen-genutztes-kryptoportal-2505-196055.html
-
FreeDrain Phishing Attack Targets Users to Steal Financial Login Credentials
PIVOTcon, joint research by Validin and SentinelLABS has exposed FreeDrain, an industrial-scale cryptocurrency phishing operation that has been stealthily siphoning digital assets for years. This sophisticated campaign leverages search engine optimization (SEO) manipulation, free-tier web services, and intricate redirection techniques to target unsuspecting users of cryptocurrency wallets such as Trezor, MetaMask, and Ledger. Sophisticated Cryptocurrency…