Tag: crypto
-
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw
A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-crypto-trading-skills/
-
Hundreds of Malicious Crypto Trading Addons Found in Moltbot/OpenClaw
A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-crypto-trading-skills/
-
Wrench-Attacks: Kryptodiebe wenden zunehmend körperliche Gewalt an
Anleger aus Europa sind 2025 besonders gefährdet gewesen. Mehr als 40 Prozent der bekannten gewaltsamen Krypto-Diebstähle fanden dort statt. First seen on golem.de Jump to article: www.golem.de/news/wrench-attacks-kryptodiebe-wenden-zunehmend-koerperliche-gewalt-an-2602-204940.html
-
Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets
The post Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/
-
MoltBot Skills exploited to distribute 400+ malware packages in days
Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large malware campaign abusing AI skills for Claude Code and Moltbot users. Between late January and early February 2026, more than 400 malicious skills were published on ClawHub and GitHub, posing as crypto trading tools. OpenClaw…
-
New GlassWorm attack targets macOS via compromised OpenVSX extensions
A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-glassworm-attack-targets-macos-via-compromised-openvsx-extensions/
-
Fast-Growing Chinese Crime Networks Launder 20% of Illicit Crypto: Chainalysis
The influence of Chinese money laundering networks has skyrocketed since 2020, with the operations now moving almost 20% of all illicit cryptocurrency being laundered last year, according to Chainalysis researchers. In 2025, they processed more than $16 billion, or about $44 million a day. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/fast-growing-chinese-crime-networks-launder-20-of-illicit-crypto-chainalysis/
-
NDSS 2025 PropertyGPT
Tags: blockchain, bug-bounty, conference, crypto, guide, Internet, LLM, network, oracle, strategy, tool, vulnerability, zero-daySession 11A: Blockchain Security 2 Authors, Creators & Presenters: Ye Liu (Singapore Management University), Yue Xue (MetaTrust Labs), Daoyuan Wu (The Hong Kong University of Science and Technology), Yuqiang Sun (Nanyang Technological University), Yi Li (Nanyang Technological University), Miaolei Shi (MetaTrust Labs), Yang Liu (Nanyang Technological University) PAPER PropertyGPT: LLM-driven Formal Verification of Smart Contracts…
-
Infostealer im Wandel: Wie JSCEAL gezielt Krypto-Nutzer angreift
Schadsoftware entwickelt sich oft nicht sprunghaft, sondern schrittweise und gerade darin liegt ihre Gefahr. Der Infostealer JSCEAL ist ein aktuelles Beispiel dafür, wie aus einem einfachen Werkzeug eine technisch ausgereifte Malware wird. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/infostealer-jsceal-krypto-nutzer
-
US Seizes $400 Million Linked to Helix Dark Web Crypto Mixer
US authorities take control of over $400 million in crypto, cash, and property tied to Helix, a major darknet bitcoin mixing service used by drug markets. First seen on hackread.com Jump to article: hackread.com/us-seizes-400m-helix-dark-web-crypto-mixer/
-
Jeffrey Epstein Had a ‘Personal Hacker,’ Informant Claims
Plus: AI agent OpenClaw gives cybersecurity experts the willies, China executes 11 scam compound bosses, a $40 million crypto theft has an unexpected alleged culprit, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-jeffrey-epstein-had-a-personal-hacker-informant-claims/
-
Crypto wallets received a record $158 billion in illicit funds last year
Tags: cryptoIllegal cryptocurrency flows hit a record $158 billion in 2025, reversing a three-year trend of declining amounts from $86B in 2021 to $64B in 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crypto-wallets-received-a-record-158-billion-in-illicit-funds-last-year/
-
Cryptohack Roundup: Probe Into Missing Seized Bitcoin
Tags: cryptoAlso: CZ on Trump Pardon, Arrest in Crypto-Linked Drug Case. This week, South Korean prosecutors probed missing seized bitcoin. CZ said a Trump pardon eased his conviction burden. A former Olympian arrested in a crypto-linked drug case. The U.S. SEC dropped litigation against Gemini Earn. Major hacks and a $37 million laundering prison sentence. First…
-
This startup aims to solve crypto’s broken key management problem
Crypto security firm Sodot launches Exchange API Vault to stop API key theft, securing billions in assets while supporting low latency, high frequency trading. First seen on hackread.com Jump to article: hackread.com/startup-solve-crypto-broken-key-management-problem/
-
US Sentences Chinese National for Role in $36.9 Million Crypto Scam
A Chinese national has been sentenced for his role in a massive $36.9 million cryptocurrency scam operated from… First seen on hackread.com Jump to article: hackread.com/us-sentences-chinese-man-crypto-scam/
-
Open Directory Exposure Leaks BYOB Framework Across Windows, Linux, and macOS
An exposed command-and-control server hosting a complete deployment of the BYOB (Build Your Own Botnet) framework, a sophisticated post-exploitation tool targeting Windows, Linux, and macOS systems. The discovery, made through Hunt.io’s AttackCapture tooling, reveals an active campaign that has operated for approximately ten months with multi-platform remote access capabilities and integrated cryptocurrency mining operations. The…
-
Long-running North Korea threat group splits into 3 distinct operations
The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-labyrinth-chollima-splits-crowdstrike/
-
Finanzaufsicht: Bafin rügt schwere Mängel bei Bitpanda
Tags: cryptoDie Finanzaufsicht kritisiert beim Krypto-Broker Bitpanda massive Defizite in der IT-Sicherheit und im Risikomanagement. First seen on golem.de Jump to article: www.golem.de/news/finanzaufsicht-bafin-ruegt-schwere-maengel-bei-bitpanda-2601-204745.html
-
Massives Datenleck bedroht rund 150 Millionen Benutzer
Tags: credentials, credit-card, crypto, cyberattack, data-breach, finance, fraud, login, mail, malware, password, phishing, riskDie offengelegten Zugangsdaten stellen ein erhebliches Sicherheitsrisiko dar.Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor allem Nutzer großer Tech-und Streaming-Anbieter. Aber auch Finanzdienstleistungskonten, Krypto-Wallets oder Handelskonten, Bank- und Kreditkarten-Logins tauchten in den offengelegten Datensätzen auf. Laut Forschungsbericht enthält die Datenbank jedoch nicht nur Benutzernamen und…
-
Chinese money launderers moved more than $16 billion of illicit crypto in 2025, report finds
In 2025, Chinese-language organizations laundered on average $44 million in illicit crypto each day, amounting to $16.1 billion. First seen on therecord.media Jump to article: therecord.media/chinese-money-launderers-moved-more-crypto-2025
-
G_Wagon NPM Package Exploits Users to Steal Browser Credentials with Obfuscated Payload
A highly sophisticated infostealer malware disguised as a legitimate npm UI component library has been targeting developers through the ansi-universal-ui package. The malware, internally identified as >>G_Wagon,<>a lightweight, modular UI component […] The post G_Wagon NPM Package Exploits Users to Steal Browser Credentials with Obfuscated Payload appeared first on GBHackers Security | #1 Globally Trusted…
-
4 Sicherheitsrisiken, die CIOs bei der Nutzung von Krypto-Technologien oft unterschätzen
Krypto-Technologien haben sich vom Nischenexperiment zu einem strategischen Thema entwickelt. Für viele Unternehmen geht es dabei weniger um Spekulation, sondern um Infrastrukturfragen: digitale Identitäten, tokenisierte Prozesse oder neue Zahlungswege. Genau hier entstehen Risiken, die im Managementalltag leicht untergehen. 2026 stehen CIOs und CISOs vor einer paradoxen Situation. Einerseits wächst der Druck, sich mit Krypto-Technologien auseinanderzusetzen….…
-
DPRK’s Konni Targets Blockchain Developers With AI-Generated Backdoor
The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target cryptocurrency holdings, according to researchers. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dprks-konni-targets-blockchain-developers-ai-generated-backdoor
-
Romania probes two suspects over alleged hitmanhire website
Police seized devices and cryptocurrency in multiple raids aimed at an alleged assassins-for-hire platform, Romanian authorities said. First seen on therecord.media Jump to article: therecord.media/romania-assassins-for-hire-website-investigation
-
149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online
Another day, another trove of login credentials in plain text found online. First seen on hackread.com Jump to article: hackread.com/logins-roblox-tiktok-netflix-crypto-wallets-found/
-
Hacker who stole 120,000 bitcoins wants a second chance”, and a security job
Crypto theft was “the worst thing I had ever done.” First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/01/hacker-who-stole-120000-bitcoins-wants-a-second-chance-and-a-security-job/
-
ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories
Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows were enough to open doors without forcing them.What stands out is how little friction attackers now need. Some activity focused on quiet reach and…
-
Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts
A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts.The package, named sympy-dev, mimics SymPy, replicating the latter’s project description verbatim in an attempt to deceive unsuspecting users into thinking that they…
-
North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews
Tags: ai, crypto, finance, intelligence, jobs, middle-east, north-korea, programming, service, softwareAs many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence (AI), cryptocurrency, financial services, IT services, marketing, and software development sectors in Europe, South Asia, the Middle East, and Central America.The new findings First seen…