Tag: crypto
-
Malicious NPM packages target PayPal users
Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. Fortinet researchers discovered multiple malicious NPM packages that are used to target PayPal users. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2, and were used to steal PayPal credentials and hijack cryptocurrency transfers. >>Using PayPal-related…
-
Krypto-Miner, Zero-Day-Malware und Linux-basierte Bedrohungen legen laut WatchguardSecurity-Report weiter zu
Gerade hat Watchguard Technologies den Internet-Security-Report für das vierte Quartal 2024 veröffentlicht. Die Zunahme von netzwerkbasierter Malware um 94 Prozent im Vergleich zum Vorquartal ist dabei gewiss eine der eindrucksvollsten Beobachtungen. Dies geht einher mit einem generellen Anstieg des Malware-Volumens, wozu nicht zuletzt sechs Prozent mehr Erkennungen durch die Gateway-Antivirus (GAV)-Funktionalität und die um 74…
-
Malicious NPM Packages Target Cryptocurrency, PayPal Users
Threat actors are publishing malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. The post Malicious NPM Packages Target Cryptocurrency, PayPal Users appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/malicious-npm-packages-target-cryptocurrency-paypal-users/
-
Slow Pisces Group Targets Developers Using Coding Challenges Laced with Python Malware
A North Korean state-sponsored threat group known as >>Slow Pisces
-
The Most Dangerous Hackers You’ve Never Heard Of
From crypto kingpins to sophisticated scammers, these are the lesser-known hacking groups that should be on your radar. First seen on wired.com Jump to article: www.wired.com/story/most-dangerous-hackers-youve-never-heard-of/
-
TraderTraitor: The Kings of the Crypto Heist
Allegedly responsible for the theft of $1.5 billion in cryptocurrency from a single exchange, North Korea’s TraderTraitor is one of the most sophisticated cybercrime groups in the world. First seen on wired.com Jump to article: www.wired.com/story/tradertraitor-north-korea-crypto-theft/
-
Why security culture is crypto’s strongest asset
In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/11/norah-beers-grayscale-crypto-asset-management/
-
npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers
ReversingLabs reveals a malicious npm package targeting Atomic and Exodus wallets, silently hijacking crypto transfers via software patching. First seen on hackread.com Jump to article: hackread.com/npm-malware-atomic-exodus-wallets-hijack-crypto/
-
Cryptohack Roundup: US Disbands Cryptocurrency Legal Team
Also: PoisonSeed Phishing Campaign, FTX Clients Face Reimbursement Hurdle. This week, Trump administration disbanded a Justice Department crypto unit, the U.S. Securities and Exchange Commission will review crypto guidance, Usual pledged up to $16M in bug bounties, a PoisonSeed phishing campaign, FTX repayment plan troubles and a Coinbase 2FA error. First seen on govinfosecurity.com Jump…
-
Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses
Threat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries to execute malicious code in what’s seen as a sneakier attempt to stage a software supply chain attack.The newly discovered package, named pdf-to-office, masquerades as a utility for converting PDF files to…
-
Top 16 OffSec, pen-testing, and ethical hacking certifications
Tags: access, android, antivirus, application-security, attack, authentication, blockchain, bug-bounty, business, cisco, cloud, computing, credentials, crypto, cryptography, cyber, cybersecurity, data, defense, detection, encryption, exploit, guide, hacker, hacking, incident response, injection, iot, jobs, kali, linux, malware, microsoft, mitigation, mobile, network, penetration-testing, RedTeam, remote-code-execution, reverse-engineering, risk, risk-assessment, sap, skills, sql, technology, threat, tool, training, update, vulnerability, windowsExperiential learning Offensive security can’t be fully mastered through lectures alone. Candidates need hands-on training in lab environments to develop practical skills. Ideally, certification exams should include a practical assessment, such as developing an exploit to compromise a system.Because individuals learn OffSec techniques, such as penetration testing, in different ways, the most effective certifications offer…
-
The SQL Server Crypto Detour
Tags: access, api, backup, credentials, crypto, cryptography, data, encryption, jobs, microsoft, password, service, sql, tool, update, vulnerability, windowsAs part of my role as Service Architect here at SpecterOps, one of the things I’m tasked with is exploring all kinds of technologies to help those on assessments with advancing their engagement. Not long after starting this new role, I was approached with an interesting problem. A SQL Server database backup for a ManageEngine’s…
-
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.”One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a First seen on…
-
Malicious VS Code Extensions with Millions of Installs Put Developers at Risk
A sophisticated cryptomining campaign has been uncovered, targeting developers through malicious Visual Studio Code (VS Code) extensions. These extensions, masquerading as legitimate tools, have collectively accumulated over one million installations, exposing the scale of the attack. Researchers at ExtensionTotal detected the operation, which deploys a multi-stage payload to mine cryptocurrency in the background while delivering…
-
Massive PoisonSeed phishing campaign seeks extensive crypto theft
First seen on scworld.com Jump to article: www.scworld.com/brief/massive-poisonseed-phishing-campaign-seeks-extensive-crypto-theft
-
Six arrested for AI-powered investment scams that stole $20 million
Spain’s police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/six-arrested-for-ai-powered-investment-scams-that-stole-20-million/
-
King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors
A Florida man, linked to the notorious Scattered Spider hacking gang, has pleaded guilty to charges related to cryptocurrency thefts which have netted hundreds of thousands of dollars. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/king-bob-pleads-guilty-to-scattered-spider-linked-cryptocurrency-thefts-from-investors
-
PoisonSeed targets Mailchimp, Mailgun, and Zoho to phish high-value accounts
Activities align with CryptoChameleon: While many threat researchers have linked PoisonSeed actors to Scattered Spider, Silent Push believes the alignment is more accurate with the CryptoChameleon advanced phishing kit from 2024.The mailchimp-sso[.]com domain, which is the basis of the association made with Scattered Spider, was registered on Porkbun from the previous attack up until March…
-
CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign
‘PoisonSeed’ phishing campaign targets CRM and bulk email providers to distribute “crypto seed phrase” messages. The post CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/crm-bulk-email-providers-targeted-in-crypto-phishing-campaign/
-
PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets
A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets. Silent Push researchers warn of a malicious PoisonSeed campaign that uses stolen CRM and bulk email provider credentials to send crypto seed phrase spam. Victims are tricked into importing compromised seed phrases into…
-
Lazarus Adds New Malicious npm Using Hexadecimal String Encoding to Evade Detection Systems
North Korean state-sponsored threat actors associated with the Lazarus Group have intensified their Contagious Interview campaign by deploying novel malicious npm packages leveraging hexadecimal string encoding to bypass detection mechanisms. These packages deliver BeaverTail infostealers and remote access trojan (RAT) loaders, targeting developers to exfiltrate credentials, financial data, and cryptocurrency wallets. SecurityScorecard researchers identified 11…
-
Malicious Python Packages Target Popular Cryptocurrency Library to Steal Sensitive Data
In a recent development, the ReversingLabs research team has uncovered a sophisticated software supply chain attack targeting developers of cryptocurrency applications. The attack involved the creation of two malicious Python packages, bitcoinlibdbfix and bitcoinlib-dev, which were uploaded to the Python Package Index (PyPI) with the intent to exfiltrate sensitive database files. Fake Fix for Bitcoinlib…
-
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets.”Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack,” Silent Push said in an First…
-
PoisonSeed Campaign: Uncovering a Web of Cryptocurrency and Email Provider Attacks
Silent Push Threat Analysts have uncovered a sophisticated campaign targeting enterprise organizations, VIP individuals, and cryptocurrency holders, dubbed >>PoisonSeed.>crypto seed phrase
-
PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack
A sophisticated phishing campaign, dubbed >>PoisonSeed,
-
PoisonSeed phishing campaign behind emails with wallet seed phrases
A large-scale phishing campaign dubbed ‘PoisonSeed’ compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/poisonseed-phishing-campaign-behind-emails-with-wallet-seed-phrases/
-
Top Crypto Wallets of 2025: Balancing Security and Convenience
Crypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too. First seen on hackread.com Jump to article: hackread.com/crypto-wallets-2025-balancing-security-convenience/
-
Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise
The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/tj-actions-supply-chain-attack/
-
Cryptocurrency heist spoils peak in Q1, report finds
Tags: cryptoFirst seen on scworld.com Jump to article: www.scworld.com/brief/cryptocurrency-heist-spoils-peak-in-q1-report-finds
-
Cryptohack Roundup: Q1 Sees Record Hacks
Also: SEC Drops Kraken, Consensys and Cumberland DRW Lawsuits. This week, hack stats, Hamas crypto funds seizure, conclusion of Kraken, Consensys and Cumberland DRW lawsuits, Kentucky dropped its Coinbase suit, Trump pardoned BitMex co-founders, Lazarus’s new tactics, and Crocodilus malware’s crypto targets. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-q1-sees-record-hacks-a-27916