Collecting Cyber-News from over 60 sources

Tag: crypto

Millionenverlust: Kryptodieb fällt auf Phishing rein und verliert seine Beute

Apr 3, 2025 12:42 PM

Tags: crypto, phishing

Mehr als 3.000 Ethereum-Token hat er erfolgreich von einer Krypto-Plattform gestohlen. Sein Triumph währte jedoch nicht lange. First seen on golem.de Jump to article: www.golem.de/news/millionenverlust-kryptodieb-faellt-auf-phishing-rein-und-verliert-seine-beute-2504-194979.html
New Malware Targets Magic Enthusiasts to Steal Logins

Apr 2, 2025 8:56 PM

Tags: crypto, cyber, data, login, malware, social-engineering

A newly discovered malware, dubbed Trojan.Arcanum, is targeting enthusiasts of tarot, astrology, and other esoteric practices. Disguised as a legitimate fortune-telling application, this Trojan infiltrates devices to steal sensitive data, manipulate users through social engineering, and even deploy cryptocurrency mining software. The malware is distributed via websites dedicated to mystical practices, masquerading as a harmless…
Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK

Apr 2, 2025 4:56 PM

Tags: crypto, hacker, theft

Hackers stole $1.67bn of cryptocurrencies in the first quarter of 2025, a 303% increase First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/record-crypto-theft-certik-bybit/
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers

Apr 2, 2025 2:55 PM

Tags: attack, botnet, control, crypto, cybersecurity, group, linux, malware, worm

Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials.”Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems,” Elastic Security Labs said in a new analysis First…
Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks

Apr 2, 2025 1:59 PM

Tags: attack, crypto, hacker, jobs, korea, lazarus, malware, north-korea, tactics

North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lazarus-uses-clickfix-tactics-in-fake-cryptocurrency-job-attacks/
New Outlaw Linux Malware Using SSH brute-forcing To Maintain Botnet Activities for long Time

Apr 2, 2025 11:55 AM

Tags: botnet, crypto, cyber, linux, malware, worm

A persistent Linux malware known as >>Outlaw
The urgent reality of machine identity security in 2025

Apr 1, 2025 9:55 PM

Tags: access, ai, api, automation, breach, business, cloud, compliance, computing, credentials, crypto, cyber, encryption, exploit, identity, intelligence, resilience, risk, threat, unauthorized, vulnerability

The growth of machine identities and the associated risks Machine identities are experiencing exponential growth, with 79% of organizations predicting increases over the next year and 16% of those expecting radical growth of 50 to 150%. Cloud-native technologies, microservices, and artificial intelligence (AI) drive this surge because they’re environments where identities are created and discarded…
ClickFix technique leveraged in new crypto-targeted Lazarus attacks

Apr 1, 2025 9:55 PM

Tags: attack, crypto, lazarus

First seen on scworld.com Jump to article: www.scworld.com/brief/clickfix-technique-leveraged-in-new-crypto-targeted-lazarus-attacks
Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Apr 1, 2025 7:55 PM

Tags: access, crypto, data-breach, malware, threat, unauthorized

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners.Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has…
Navigating the Quantum Shift: A Practical Approach to Crypto-Agility with PQC-Enabled PKI

Apr 1, 2025 5:55 PM

Tags: computing, crypto, cryptography, cyber, encryption, threat

The conversation around quantum computing is shifting from theory to reality, especially when it’s centered on security and mounting threats against current encryption algorithms. The UK National Cyber Security Centre’s (NCSC) recent guidance on “PQC Migration Timelines” underscores the urgency for organizations to transition to post-quantum cryptography (PQC). Urgency is being driven by the rising……
Cryptocurrency in 2025: Exploring Bitcoin Growth, AI, and the Next Wave of Tools

Apr 1, 2025 1:55 PM

Tags: ai, crypto, risk, tool

The cryptocurrency world feels like a wild ride full of risks, twists, and big dreams of building wealth…. First seen on hackread.com Jump to article: hackread.com/crypto-in-2025-bitcoin-ai-the-next-wave-of-tools/
7 Wege, Daten (besser) zu verschlüsseln

Apr 1, 2025 11:36 AM

Tags: ai, blockchain, business, crypto, dns, encryption, github, healthcare, infrastructure, nist, office, privacy, software, update

Verschlüsseln Sie Ihre Daten zeitgemäß?Das Konzept der Kryptografie existiert schon ein paar Hundert Jahre, wird aber von findigen Wissenschaftlern und Mathematikern immer weiter vorangetrieben. Im Rahmen dieser Entwicklungsarbeit hat sich gezeigt, dass Algorithmen noch viel mehr können, als nur Daten zu schützen: Sie sind auch in der Lage, komplexe Regeln durchzusetzen und die Zusammenarbeit zu…
DoJ Seizes Over $8M From Sprawling Pig Butchering Scheme

Apr 1, 2025 12:19 AM

Tags: breach, crypto

The department was able to trace the stolen funds to three main cryptocurrency accounts after being routed through a series of other platforms. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/doj-seizes-8m-pig-butchering-scheme
North Korean hackers adopt ClickFix attacks to target crypto firms

Mar 31, 2025 6:20 PM

Tags: attack, crypto, finance, group, hacker, hacking, jobs, lazarus, malware, north-korea, tactics

The notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-adopt-clickfix-attacks-to-target-crypto-firms/
ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers

Mar 31, 2025 6:20 PM

Tags: crypto, group, jobs, lazarus

New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clickfake-interview-campaign/
New Android Malware “TsarBot” Targeting 750 Banking, Finance Crypto Apps

Mar 31, 2025 4:13 PM

Tags: android, attack, banking, credentials, credit-card, crypto, cyber, finance, intelligence, login, malware, threat

A newly identified Android malware, dubbed TsarBot, has emerged as a potent cyber threat targeting over 750 applications across banking, finance, cryptocurrency, and e-commerce sectors. Discovered by Cyble Research and Intelligence Labs (CRIL), this banking Trojan employs sophisticated overlay attacks to steal sensitive user credentials, including banking details, login information, and credit card data. Global…
Inside Daisy Cloud: 30K Stolen Credentials Exposed

Mar 30, 2025 8:13 PM

Tags: breach, cloud, credentials, crypto, cybercrime, data, government, group, service

Veriti research recently analyzed stolen data that was published in a telegram group named “Daisy Cloud” (potentially associated with the RedLine Stealer), exposing the inner workings of a cybercrime marketplace. This group offers thousands of stolen credentials in an ongoing basis across a wide range of services, from crypto exchanges to government portals, at disturbingly……
New Crocodilus malware steals Android users’ crypto wallet keys

Mar 30, 2025 5:13 PM

Tags: android, crypto, malware

A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-crocodilus-malware-steals-android-users-crypto-wallet-keys/
Security Affairs newsletter Round 517 by Pierluigi Paganini INTERNATIONAL EDITION

Mar 30, 2025 5:13 PM

Tags: crypto, email, fraud, international, WeeklyReview

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme Experts warn of the new sophisticate…
FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme

Mar 29, 2025 8:14 PM

Tags: breach, crypto, fraud, office, scam

The U.S. DOJ seized over $8.2 million in USDT stolen through ‘romance baiting’ scams, where victims are tricked into fake investments promising high returns. On February 27, 2025, the U.S. Attorney’s Office in Ohio filed a civil forfeiture complaint for $8.2M in USDT (Tether) linked to a ‘romance baiting’ scam. Fraudsters used anonymous messaging apps…
>>Crocodilus<< A New Malware Targeting Android Devices for Full Takeover

Mar 29, 2025 8:14 PM

Tags: android, banking, control, crypto, cyber, data, finance, malware, mobile, social-engineering, threat

Researchers have uncovered a dangerous new mobile banking Trojan dubbed Crocodilus actively targeting financial institutions and cryptocurrency platforms. The malware employs advanced techniques like remote device control, stealthy overlays, and social engineering to steal sensitive data, marking a significant escalation in mobile threat sophistication. Early campaigns focus on banks in Spain and Turkey, but experts…
Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Mar 29, 2025 7:13 PM

Tags: android, banking, credentials, crypto, exploit, mobile, threat

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. >>Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from…
U.S. seized $8.2 million in crypto linked to ‘Romance Baiting’ scams

Mar 29, 2025 7:13 PM

Tags: breach, crypto, scam

The U.S. Department of Justice (DOJ) has seized over $8.2 million worth of USDT (Tether) cryptocurrency that was stolen via ‘romance baiting’ scams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/cryptocurrency/us-seized-82-million-in-crypto-linked-to-romance-baiting-scams/
4 Tips For Crypto Wallet Security

Mar 29, 2025 10:13 AM

Tags: crypto, exploit, malicious, phishing

Cryptocurrency will be more popular in 2025 than it has ever been and this means that there is a greater need for wallet security. As the crypto sector becomes more profitable and popular, malicious actors will look to exploit investors and steal their funds through methods like phishing schemes, wallet hacks, and so on. Then…
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials

Mar 29, 2025 10:13 AM

Tags: android, banking, control, credentials, crypto, cybersecurity, data, malware, threat

Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that’s primarily designed to target users in Spain and Turkey.”Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remote control, black screen overlays, and advanced data harvesting via accessibility logging,”…
9-Year-Old NPM Crypto Package Hijacked for Information Theft

Mar 29, 2025 5:13 AM

Tags: crypto, theft

Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/9-year-old-npm-crypto-package-hijacked-to-steal-information/
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

Mar 29, 2025 5:13 AM

Tags: api, blockchain, crypto, cybersecurity

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems.”Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest First seen…
DoJ Recovers $5M Lost in BEC Fraud Against Workers’ Union

Mar 27, 2025 10:34 PM

Tags: crypto, email, fraud

The union received a spoofed email that led to the loss of $6.4 million, much of it transferred to other accounts or to a cryptocurrency exchange. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/doj-secures-5m-bec-fraud-workers-union
Abracadabra.Finance loses $13M in crypto heist

Mar 27, 2025 9:37 PM

Tags: crypto

First seen on scworld.com Jump to article: www.scworld.com/brief/abracadabra-finance-loses-13m-in-crypto-heist
Cryptohack Roundup: $13M Abracadabra Hack

Mar 27, 2025 5:34 PM

Tags: ceo, crypto, risk, scam, supply-chain, update

Also: The Treasury Department Lifts Tornado Cash Sanctions. This week, Abracadabra hack, updates on Tornado Cash and Bybit, $7M scam money recovery, man faces prison for stabbing crypto CEO, movie director charged for swindle, Ripple-SEC case wrap-up, Grinex is the new Garantex, Gotbit plea deal, Coinbase in supply chain hack and Binance insider risk threat.…