Tag: crypto

The state of intrusions: Stolen credentials and perimeter exploits on the rise, as phishing wanes

Apr 29, 2025 11:52 AM

Tags: access, apt, attack, authentication, awareness, backdoor, breach, business, china, cloud, control, corporate, credentials, crypto, cyber, cyberespionage, cybersecurity, data, email, espionage, exploit, extortion, finance, fraud, group, Hardware, incident response, infection, ivanti, jobs, law, lockbit, malicious, malware, mandiant, mfa, middle-east, mobile, network, north-korea, oracle, password, phishing, ransom, ransomware, RedTeam, russia, social-engineering, software, theft, threat, tool, training

Financial gains, data theft, dwell time: Of the intrusions Mandiant investigated in 2024, 35% were financially motivated, with ransomware alone representing 21% of all intrusions, according to the company’s data.Financial gains were realized via data theft for the purpose of extortion, cryptomining, cryptocurrency theft, business email compromise, and cases in which attackers monetized their access…
Cybercriminals Selling Sophisticated HiddenMiner Malware on Dark Web Forums

Apr 28, 2025 8:51 AM

Tags: crypto, cyber, cybercrime, cybersecurity, dark-web, malware, threat

Cybercriminals have begun openly marketing a powerful new variant of the HiddenMiner malware on underground dark web forums, raising alarms within the cybersecurity community. The malware, a heavily modified Monero (XMR) cryptocurrency miner, attracts buyers due to its advanced stealth capabilities and ease of use, even for less technically skilled threat actors. A New Breed…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43

Apr 27, 2025 11:51 AM

Tags: attack, backdoor, botnet, china, crypto, fraud, infrastructure, international, malware, nfc, rust, supply-chain

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation New Rust Botnet >>RustoBot
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Apr 27, 2025 7:51 AM

Tags: attack, cloud, container, crypto, intelligence, microsoft, password, threat, tool

Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year.”The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors,” the Microsoft Threat Intelligence team…
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

Apr 25, 2025 5:50 PM

Tags: crypto, group, hacker, jobs, korea, malware, north-korea, threat

North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process.”In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry”, BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)”, to spread First…
North Korean Hackers Use Fake Crypto Firms in Job Malware Scam

Apr 25, 2025 1:50 PM

Tags: ai, crypto, hacker, jobs, malware, north-korea, scam

Silent Push reveals a complex scheme where North Korean hackers posed as crypto companies, using AI and fake… First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-fake-crypto-firms-job-malware-scam/
Spring Security Vulnerability Exposes Valid Usernames to Attackers

Apr 25, 2025 9:50 AM

Tags: crypto, cve, cyber, data-breach, flaw, login, vulnerability

A newly identified security vulnerability, CVE-2025-22234, has exposed a critical weakness in the widely-used Spring Security framework. According to the HeroDevs report, affecting several versions of the spring-security-crypto package, this flaw makes it possible for attackers to discern valid usernames through observable differences in login response times”, an avenue for so-called “timing attacks.” Spring Security…
Beyond the Inbox: ThreatLabz 2025 Phishing Report Reveals How Phishing Is Evolving in the Age of GenAI

Apr 25, 2025 1:50 AM

Tags: access, ai, attack, authentication, best-practice, captcha, cloud, control, credentials, crypto, cyber, cybercrime, data, defense, detection, dmarc, email, exploit, finance, google, identity, jobs, login, malicious, malware, mfa, phishing, radius, risk, scam, spam, strategy, tactics, technology, theft, threat, tool, vulnerability, zero-day, zero-trust

Gone are the days of mass phishing campaigns. Today’s attackers are leveraging generative AI (GenAI) to deliver hyper-targeted scams, transforming every email, text, or call into a calculated act of manipulation. With flawless lures and tactics designed to outsmart AI defenses, cybercriminals are zeroing in on HR, payroll, and finance teams”, exploiting human vulnerabilities with…
Web3, cryptocurrency sectors targeted by North Korean hackers

Apr 24, 2025 10:50 PM

Tags: crypto, hacker, north-korea

First seen on scworld.com Jump to article: www.scworld.com/brief/web3-cryptocurrency-sectors-targeted-by-north-korean-hackers
North Korean Hackers Use Russian IP Infrastructure

Apr 24, 2025 10:50 PM

Tags: breach, crypto, hacker, infrastructure, Internet, jobs, north-korea, russia, scam, social-engineering

Void Dokkaebi Campaigns Using Russia for Cryptocurrency Theft. North Korean hackers look north toward Russia for the internet infrastructure behind the many online scams that Pyongyang has built to funnel stolen cash into the rouge nation. Void Dokkaebi hackers participate in the North Korean scam of social engineering IT job seekers. First seen on govinfosecurity.com…
Threat Actors Exploiting Unsecured Kubernetes Clusters for Crypto Mining

Apr 24, 2025 7:50 PM

Tags: crypto, cyber, exploit, intelligence, kubernetes, microsoft, threat

In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic and complex nature of containerized environments poses significant challenges for security teams in detecting runtime anomalies or identifying the source of breaches. Rising Threats in Containerized Environments According to Microsoft’s…
Elusive Comet Attack: Hackers Use Zoom Remote-Control to Steal Crypto

Apr 24, 2025 1:50 PM

Tags: attack, control, crypto, exploit, hacker

Hackers in the Elusive Comet campaign exploit Zoom’s remote-control feature to steal cryptocurrency, and over $100K lost in… First seen on hackread.com Jump to article: hackread.com/elusive-comet-hackers-zoom-remote-control-steal-crypto/
Android Phones Pre-Downloaded With Malware Target User Crypto Wallets

Apr 17, 2025 9:28 PM

Tags: android, crypto, malware, phone, threat

The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users’ wallet addresses with their own. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/android-pre-downloaded-malware-crypto-wallets
Cryptohack Roundup: $7M KiloEx Theft

Apr 17, 2025 8:29 PM

Tags: crypto, exploit, korea, law, scam, theft

Also: A $40M Block Penalty, US SEC Guidance on Crypto Laws. This week, a KiloEx exploit, Block fined $40M, U.S. Securities and Exchange Commission guidance on crypto laws, Senate Democrats slammed NCET disbandment, $4.3M scam disrupted, guilty plea in $3.3M tax evasion and a South Korea ban on crypto apps. First seen on govinfosecurity.com Jump…
Node.js malvertising campaign targets crypto users

Apr 17, 2025 4:28 PM

Tags: attack, crypto, malware, microsoft, threat

Microsoft warns of a malvertising campaign using Node.js to deliver info-stealing malware via fake crypto trading sites like Binance and TradingView. Microsoft has observed Node.js increasingly used in malware campaigns since October 2024, including an ongoing crypto-themed malvertising attack as of April 2025. Threat actors are increasingly using Node.js to deploy malware, shifting from traditional…
Supply-Chain-Angriff: Gefälschtes Python-Paket zielt auf MEXC-Krypto-Börse

Apr 17, 2025 3:28 PM

Tags: crypto, cyberattack, supply-chain

Das schadhafte Paket imitiert die Struktur und Funktionsweise der echten CCXT-Bibliothek, die von vielen Krypto-Tradern und -Entwicklern genutzt wird. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/supply-chain-angriff-gefaelschtes-python-paket-zielt-auf-mexc-krypto-boerse/a40523/
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers

Apr 17, 2025 12:28 PM

Tags: crypto, data, malicious, malware, microsoft, software, theft

Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration.The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like Binance…
Malicious crypto developer-targeted coding challenges spread infostealers

Apr 16, 2025 11:28 PM

Tags: crypto, malicious

First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-crypto-developer-targeted-coding-challenges-spread-infostealers
Hackers Target Investors Through Fraud Networks to Steal Financial Data

Apr 16, 2025 6:28 PM

Tags: crypto, cyber, data, exploit, finance, fraud, hacker, network, social-engineering

Hackers have launched sophisticated schemes designed to defraud investors and steal their financial data. Utilizing digital platforms, encrypted messaging apps, and crypto transactions, these criminals exploit the rise of online investment platforms to conduct their fraudulent activities. Fraudulent networks employ social engineering techniques to deceive investors, promising high returns with minimal risk. These schemes typically…
Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Apr 16, 2025 3:28 PM

Tags: android, china, crypto, malware, phone

Cheap Chinese Android phones ship with trojanized WhatsApp and Telegram clones hiding crypto clippers, active since June 2024. Since June 2024, Doctor Web researchers found cheap Android phones preloaded with fake WhatsApp and Telegram apps designed to steal crypto via clipping. These clippers swap copied wallet addresses with the attackers’ own. The campaign targeted low-end…
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users

Apr 16, 2025 10:28 AM

Tags: android, antivirus, china, crypto, finance, malware, phone, russia

Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to…
Social-Media-Konto einer britischen Politikerin gehackt

Apr 16, 2025 7:28 AM

Tags: crypto, scam

Minister’s X account hacked to promote crypto scam First seen on bbc.com Jump to article: www.bbc.com/news/articles/cr5drp0n8zjo
9 Modern Ways You Can Use Bitcoin in 2025

Apr 16, 2025 6:28 AM

Tags: crypto

Cryptocurrency is slowly becoming a regular way to pay for something, with new uses popping up every day. Many people choose Bitcoin, among others, because it’s easy to use, quick, secure, private, and more affordable than traditional methods. 1. Gaming, Virtual Worlds, and Entertainment If you’re into gaming, Bitcoin is already part of the action,…
Best Crypto Tax Software in 2025: A Comprehensive Guide

Apr 16, 2025 5:28 AM

Tags: crypto, guide, law, regulation, software

Keeping up with crypto tax laws in Europe feels like a constant hurdle. Regulations evolve, tax authorities demand… First seen on hackread.com Jump to article: hackread.com/best-crypto-tax-software-in-2025-a-comprehensive-guide/
The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime

Apr 16, 2025 1:28 AM

Tags: crypto, cybercrime, exploit, finance, group, korea, lazarus, north-korea, tactics

The cryptocurrency sector has always been a magnet for cybercriminals, but the TraderTraitor campaign marks a different kind of threat”, one backed by state-sponsored actors with long-term goals and surgical precision. Allegedly linked to North Korea’s Lazarus Group, this campaign wasn’t just about breaking into wallets. It was about exploiting trust, manipulating human behavior, and…
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Apr 15, 2025 5:28 PM

Tags: api, credentials, crypto, cybersecurity, malicious, pypi

Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens.The package, ccxt-mexc-futures, purports to be an extension built on top of a popular Python library named ccxt (short for CryptoCurrency eXchange…
North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers

Apr 15, 2025 4:28 PM

Tags: crypto, exploit, hacker, linkedin, malware, north-korea

Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on LinkedIn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-hackers-linkedin/
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

Apr 15, 2025 1:28 PM

Tags: crypto, group, hacking, korea, malicious, malware, network, north-korea, threat

The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment.The activity has been attributed by Palo Alto Networks Unit 42 to a hacking group it tracks as…
Threat Intel Firm Offers Crypto in Exchange for Dark Web Accounts

Apr 14, 2025 11:33 PM

Tags: crypto, dark-web, threat

Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/threat-intel-firm-crypto-dark-web-accounts
Pre-Installed Malware on Cheap Android Phones Steals Crypto via Fake WhatsApp

Apr 14, 2025 9:33 PM

Tags: android, crypto, malware, phone

Cheap Android phones with preinstalled malware use fake apps like WhatsApp to hijack crypto transactions and steal wallet recovery phrases. First seen on hackread.com Jump to article: hackread.com/pre-installed-malware-cheap-android-phones-crypto-fake-whatsapp/