Tag: crypto
-
North Korea’s BlueNoroff uses AI deepfakes to push Mac malware in fake Zoom calls
Campaign delivers modular, persistent, Mac-specific malware: Huntress recovered a total of eight distinct malicious binaries, each with specific tasks. The primary implant, ‘Telegram 2’, was written in Nim and embedded itself as a macOS LaunchDaemon to maintain persistence. It acted as a launchpad for the real power tools, including Go-based ‘Root Troy V4’ backdoor and…
-
DuckDuckGo beefs up scam defense to block fake stores, crypto sites
The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and “scareware” sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/duckduckgo-beefs-up-scam-defense-to-block-fake-stores-crypto-sites/
-
N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam
North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools. First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-pylangghost-malware-crypo-job-scam/
-
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices.Huntress, which revealed details of the cyber intrusion, said the attack targeted an unnamed cryptocurrency foundation employee, who received…
-
Israeli Hacktivists Steal and Burn $90m+ from Iranian Crypo Biz
Pro-Israel Predatory Sparrow Group steals $90m in crypto from Iranian exchange Nobitex First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/israeli-hacktivists-steal-burn-90m/
-
Cybersecurity takes a big hit in new Trump executive order
Provisions on secure software, quantumresistant crypto, and more are scrapped. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/06/cybersecurity-take-a-big-hit-in-new-trump-executive-order/
-
U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network
The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea.”For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems…
-
New quantum system offers publicly verifiable randomness for secure communications
Tags: blockchain, communications, crypto, cyber, cybersecurity, docker, email, finance, government, Hardware, infrastructure, open-source, software, technology, threat, toolNature and detailed in an accompanying arXiv preprint, CURBy leverages the phenomenon of quantum entanglement, where particles maintain interconnected states regardless of distance, to create fundamentally unpredictable outputs.”From a security perspective, this approach offers something valuable the ability to independently verify that random numbers haven’t been compromised,” noted Narayan Gokhale, vice president at QKS Group.…
-
Over 20 Malicious Google Play Apps Steal Users’ Login Credentials
Tags: android, credentials, crypto, cyber, cybersecurity, google, intelligence, login, malicious, phishingA major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store designed to steal users’ login credentials, specifically targeting cryptocurrency wallet holders. The campaign, identified by Cyble Research and Intelligence Labs (CRIL), reveals a sophisticated phishing operation that has already compromised the…
-
Kein Geld zu holen: Kidnapper lassen Krypto-Influencer wegen Pleite wieder frei
Tags: cryptoDie Entführer haben offenbar angenommen, bei einem Krypto-Trader mit 40.000 Abonnenten auf Tiktok sei viel zu holen. Das ist jedoch nicht der Fall gewesen. First seen on golem.de Jump to article: www.golem.de/news/kein-geld-zu-holen-kidnapper-lassen-krypto-influencer-wegen-pleite-wieder-frei-2506-197149.html
-
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan.”Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined the…
-
Huione’s ‘Shutdown’ Fails to Halt Its Laundering Network
Huione-Linked Crypto Activity Continues Despite Takedown Efforts. Huione’s apparent shutdown was cosmetic, not operational. Transaction volumes increase since the crypto laundering network’s announced closure, with services reemerging under new domains and continuing illicit operations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/huiones-shutdown-fails-to-halt-its-laundering-network-a-28696
-
Cryptohack Roundup: Evita Founder Charged in $530M Case
Also: 5 Guilty Pleas in Cambodia-linked $36.9 Million Scam. Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, charges against a crypto firm founder in a $530M sanctions evasion and money laundering case, guilty pleas in a $36.9M scam, an $8.3M exploit of Alex Lab, and Cetus Protocol relaunched after a $223M…
-
The $200,000 Zoom call
A crypto CEO shared his screen. What happened next unraveled his digital life. First seen on therecord.media Jump to article: therecord.media/crypto-scam-zoom-call-click-here
-
5 plead guilty to laundering nearly $37 million stolen through Cambodian cyber scam centers
The scheme is based in Cambodia, where people residing in scam centers contact U.S. victims through phone calls, texts, dating apps and other avenues to promote fake cryptocurrency investments. First seen on therecord.media Jump to article: therecord.media/guilty-pleas-cambodia-cyber-scams
-
Hundreds of Russian devices hit by Rare Werewolf crypto-mining attacks
The campaign has affected hundreds of Russian users, particularly targeting industrial enterprises and engineering schools, with additional victims reported in Belarus and Kazakhstan. First seen on therecord.media Jump to article: therecord.media/russian-devices-hit-by-rare-werewolf-crypto-mining
-
Five plead guilty to laundering $36 million stolen in investment scams
Five men from China, the United States, and Turkey pleaded guilty to their involvement in an international crime ring and laundering nearly $37 million stolen from U.S. victims in cryptocurrency investment scams carried out from Cambodia. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-plead-guilty-to-laundering-36-million-stolen-in-investment-scams/
-
Vulnerability in DanaBot Malware C2 Server Leaks Threat Actor Usernames and Crypto Keys
Tags: breach, control, crypto, cyber, cybersecurity, data, infrastructure, leak, malicious, malware, threat, vulnerabilityA severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys used by malicious operators to manage their campaigns. This breach could provide cybersecurity defenders with…
-
Dumping Entra Connect Sync Credentials
Recently, Microsoft changed the way the Entra Connect Connect Sync agent authenticates to Entra ID. These changes affect attacker tradecraft, as we can no longer export the sync account credentials; however, attackers can still take advantage of an Entra Connect sync account compromise and gain new opportunities that arise from the changes. How It Used To Work…
-
DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam
US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes, per a new DOJ forfeiture complaint. The DOJ filed a civil forfeiture complaint for $7.74M in crypto tied to North Korean fake IT worker schemes linked to the indictment of North Korean Foreign Trade Bank (FTB) representative Sim Hyon Sop.…
-
U.S. Targets $7.7M in Crypto Tied to North Korean IT Worker Scam
On June 5, 2025, the United States Department of Justice (DOJ) filed a verified civil forfeiture complaint in the US District Court for the District of Columbia, seeking to permanently seize over $7.7 million in cryptocurrency, non-fungible tokens (NFTs), and digital assets linked to a sophisticated global laundering operation orchestrated by North Korea. The assets…
-
New Blitz Malware Targets Windows Servers to Deploy Monero Miner
A new Windows-based malware named Blitz has been identified in 2024, with an updated version detected in early 2025. This malware, actively developed and distributed through deceptive game cheats, poses a significant threat by deploying a Monero cryptocurrency miner alongside information-stealing and denial-of-service (DoS) capabilities. Detailed analysis by Palo Alto Networks’ Unit 42 reveals that…
-
Litecoin Security: How to Spot, Avoid, and Recover from Crypto Scams
It seems not a day goes by without news of another crypto scam targeting unsuspecting holders. Those owning… First seen on hackread.com Jump to article: hackread.com/litecoin-security-how-to-spot-recover-crypto-scams/
-
Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP
Extension code uses hardcoded credentials: Guo added that hardcoded credentials, such as API keys, secrets, and tokens, are exposed within popular extensions’ JavaScript, making them accessible to anyone who inspects the extension’s source code. For instance, Avast Online Security and Privacy and AVG Online Security extensions, aimed at browsing privacy and security, both contain hardcoded Google…
-
Over 20 Malicious Crypto Wallet Apps Found on Google Play, CRIL Warns
Cyble Research and Intelligence Labs (CRIL) has recently uncovered a malicious crypto phishing campaign where more than 20 malicious applications on the Google Play Store were designed to target crypto wallet users with phishing schemes. These deceptive apps impersonate well-known wallet platforms and lure users into revealing their sensitive mnemonic phrases, effectively handing over control…
-
Kimsuky Strikes Again Coordinated Attacks Target Facebook, Email, and Telegram
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Facebook, email, and Telegram to infiltrate targets primarily within the defense sector, North Korea-related activists, and cryptocurrency…
-
Over 20 Malicious Apps on Google Play Target Users for Seed Phrases
Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users’ funds at risk. First seen on hackread.com Jump to article: hackread.com/malicious-apps-google-play-users-for-seed-phrases/
-
Over $7.7M in crypto sequestered from North Korean IT worker scam
First seen on scworld.com Jump to article: www.scworld.com/brief/over-7-7m-in-crypto-sequestered-from-north-korean-it-worker-scam
-
Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Tags: access, attack, best-practice, business, cio, ciso, communications, computer, computing, conference, corporate, crypto, cryptography, cyber, cybersecurity, data, defense, email, encryption, finance, government, group, ibm, identity, incident, incident response, infrastructure, jobs, lessons-learned, metric, microsoft, mitre, monitoring, nist, risk, service, strategy, technology, threat, tool, training, update, vulnerability, vulnerability-management, warfareCheck out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO compensation and job satisfaction. Dive into five things that are top of…