Tag: crypto
-
Police arrest teenager suspected of hacking NATO and numerous Spanish institutions
Spain’s National Police, in a joint operation with the Civil Guard, has arrested an 18-year-old suspected of being the hacker going by aliases including “Natohub,” and known for hacking the computer services of private companies and Spanish institutions such as the Civil Guard, the Ministry of Defense, the National Mint, and the Ministry of Education,…
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
North Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple’s and Google’s respective app stores to steal victims’ mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,…
-
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams
Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. The post Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fake-deepseek-sites-used-for-credential-phishing-crypto-theft-scams/
-
Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom
In episode 403 of “Smashing Security” we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham’s DMs, Geoff gives a poor grade for PowerSchool’s security, and Carole takes a curious look at QR codes. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-403/
-
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
The North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linkedLazarus groupuses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure…
-
Crypto-stealing apps found in Apple App Store for the first time
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/
-
SparkCat campaign target crypto wallets using OCR to steal recovery phrases
In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using OCR to scan the victim’s gallery for images with recovery phrases to restore access to crypto wallets. In late 2024, Kaspersky discovered a new malicious campaign,…
-
Crypto-stealing iOS, Android malware found on App Store, Google Play
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/crypto-stealing-ios-android-malware-found-on-app-store-google-play-sparkcat-malicious-sdk/
-
Phishing Campaign Hijacks High-Profile X Accounts to Promote Crypto Scams
A new wave of phishing attacks is actively targeting high-profile X (formerly Twitter) accounts, with attackers hijacking accounts First seen on securityonline.info Jump to article: securityonline.info/phishing-campaign-hijacks-high-profile-x-accounts-to-promote-crypto-scams/
-
Numerous malware deployed by crypto-targeting Crazy Evil operation
First seen on scworld.com Jump to article: www.scworld.com/brief/numerous-malware-deployed-by-crypto-targeting-crazy-evil-operation
-
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/
-
US accuses Canadian math prodigy of $65M crypto scheme
Suspect, still at large, said to back concept that ‘code is law’ First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/math_prodigy_crypto_scheme/
-
Canadian National Charged with Stealing $65 Million in Crypto
A Canadian man has been charged with exploiting decentralized finance (DeFi) protocols to steal approximately $65 million from unsuspecting investors. A five-count criminal indictment, unsealed today in a federal court in New York, accuses 22-year-old Andean Medjedovic of targeting vulnerabilities in automated smart contracts used by two prominent DeFi platforms: KyberSwap and Indexed Finance. Alleged…
-
Aim for crypto-agility, prepare for the long haul
Tags: cryptoWhile organizations have long experimented with various facets of digital transformation, the journey toward crypto-agility is one of the most significant technological … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/04/crypto-agility-journey/
-
Canadian Man Stole $65 Million in Crypto in Two Platform Hacks, DOJ Says
A 22-year-old Canadian man is indicted by the U.S. DOJ for using borrowed cryptocurrency and exploiting vulnerabilities on the KyberSwap and Indexed Finance DeFi platforms to steal $65 million in digital assets in two schemes between 2021 and 2023. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/canadian-man-stole-65-million-in-crypto-in-two-platform-hacks-doj-says/
-
1-Click Phishing Campaign Targets High-Profile X Accounts
In an attack vector that’s been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/one-click-phishing-campaign-high-profile-x-accounts
-
Canadian charged in two crypto platform thefts totaling $65 million
Andean Medjedovic, a 22-year-old Canadian, was responsible for stealing tens of millions of dollars’ worth of cryptocurrency from two platforms in 2021 and 2023, according to U.S. prosecutors. First seen on therecord.media Jump to article: therecord.media/indictment-canadian-two-cryptocurrency-platform-hacks
-
Canadian charged with stealing $65 million using DeFI crypto exploits
The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/canadian-charged-with-stealing-65-million-using-defi-crypto-exploits/
-
High-profile X Accounts Targeted in Phishing Campaign
Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/x-accounts-targeted-phishing/
-
Lazarus Group Exploits Trusted Apps for Data Theft via Dropbox
Tags: crypto, cyber, data, espionage, exploit, group, infrastructure, korea, lazarus, north-korea, programming, software, technology, theft, toolIn an alarming development, North Korea’s infamous Lazarus Group has been linked to a global cyber espionage campaign, code-named Operation Phantom Circuit. Beginning in September 2024, this operation exploited trusted software development tools to infiltrate systems worldwide, targeting cryptocurrency and technology developers. The campaign’s advanced obfuscation techniques and infrastructure demonstrate a significant evolution in the…
-
New Phishing Attack Hijacks High-Profile X Accounts to Promote Scam Sites
A new wave of phishing attacks has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter). This campaign, analyzed by SentinelLABS, aims to hijack accounts belonging to prominent individuals and organizations, including U.S. political figures, international journalists, employees of X, and cryptocurrency entities. The compromised accounts are then exploited to promote…
-
Crazy Evil Gang will mit StealC, AMOS und Angel Drainer Malware eure Kryptos klauen
StealC, AMOS & Co: Die Crazy Evil Gang nutzt Malware, um Krypto-Wallets zu leeren. So schützt ihr eure Coins! First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/crazy-evil-gang-will-mit-stealc-amos-und-angel-drainer-malware-eure-kryptos-klauen-309418.html
-
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.”Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy…
-
Crazy Evil Cryptoscam Group Steals Millions from Crypto Enthusiasts
The Insikt Group has uncovered the operations of a prolific Russian-speaking cybercriminal group, named Crazy Evil, which has First seen on securityonline.info Jump to article: securityonline.info/crazy-evil-cryptoscam-group-steals-millions-from-crypto-enthusiasts/
-
Lumma Stealer Found in Fake Crypto Tools and Game Mods on GitHub
McAfee Labs uncovers malicious GitHub repositories distributing Lumma Stealer malware disguised as game hacks and cracked software. Learn… First seen on hackread.com Jump to article: hackread.com/lumma-stealer-github-fake-crypto-tools-game-mods/
-
Hackers Drain Over $85 Million From Crypto Exchange Phemex
Hackers stole more than $85 million in crypto assets from hot wallets at cryptocurrency exchange Phemex. The post Hackers Drain Over $85 Million From Crypto Exchange Phemex appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hackers-drain-over-85-million-from-crypto-exchange-phemex/
-
Brazil bans iris scan company co-founded by Sam Altman from paying citizens for biometric data
Brazil’s National Data Protection Authority (ANPD) is blocking Tools for Humanity, a company co-founded by OpenAI’s Sam Altman, from offering individuals cryptocurrency in return for iris scans intended for an online identity program.]]> First seen on therecord.media Jump to article: therecord.media/brazil-iris-scan-data-privacy-tools-for-humanity
-
Hackers steal $85 million worth of cryptocurrency from Phemex
The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-steal-85-million-worth-of-cryptocurrency-from-phemex/
-
Attackers allegedly stole $69 million from cryptocurrency platform Phemex
Crooks stole at least $69 million from Singapore-based cryptocurrency platform Phemex in an alleged cyberattack. Singapore-based crypto platform Phemex paused operations after a cyberattack that resulted in the theft of $69M. Phemex CEO Federico Variola stated they are restoring withdrawals and temporarily manually reviewing all requests. On Thursday, researchers at the blockchain security firm PeckShield noticed…