Tag: crypto
-
Stolen LastPass backups enable crypto theft through 2025
Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025. The blockchain intelligence firm TRM Labs warns that encrypted vault backups stolen in the 2022 LastPass breach are still being cracked using weak master passwords, enabling crypto theft as late as 2025. In 2022,…
-
Neuer Rekord: So viel Geld erbeuteten Krypto-Hacker 2025
First seen on t3n.de Jump to article: t3n.de/news/rekord-krypto-hacker-2025-1723034/
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Tags: backup, blockchain, breach, crypto, cybercrime, data, data-breach, intelligence, password, russia, theftThe encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs.The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors…
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Tags: backup, blockchain, breach, crypto, cybercrime, data, data-breach, intelligence, password, russia, theftThe encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs.The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors…
-
Cryptohack Roundup: FCA Outlines UK Crypto Rules
Also: Trader Loses $50M in USDT in Address Poisoning Scam. This week, the U.K. FCA mapped a path to U.K. crypto regulation, iComTech promoter sentenced in Ponzi case, the U.S. SEC sought public company bans for former FTX and Alameda executives, a trader lost $50M in USDT in an address poisoning scam and a Brooklyn…
-
SEC Charges Crypto Firms in $14m Investment Scam
The SEC has charged several crypto platforms and investment clubs for defrauding US investors of more than $14m First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sec-charges-crypto-firms/
-
Krypto-Schwarzmarkt auf Telegram: Milliardenhandel verdrängt das Darknet
Krypto-Schwarzmarkt auf Telegram: Milliardenbetrug ersetzt das Darknet. Scammer, Geldwäsche und Menschenhandel im offenen Messenger. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/online-betrug/krypto-schwarzmarkt-auf-telegram-milliardenhandel-verdraengt-das-darknet-324569.html
-
Webrat turns GitHub PoCs into a malware trap
The malicious payload and behavior: Beneath the polished README, the attackers dumped a password-protected ZIP linked in the repository. The archive password was hidden in file names, something easily missable by unsuspecting eyes. Inside, the key components include a decoy DLL, a batch file to launch the malware, and the primary executable (like rasmanesc.exe) capable…
-
SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips
The U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million from retail investors.The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., as well as investment clubs AI Wealth…
-
Hackers stole over $2.7B in crypto in 2025, data shows
2025 was another banner year for crypto hacks and heists, the third year in a row that a new crypto theft record was set. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/23/hackers-stole-over-2-7-billion-in-crypto-in-2025-data-shows/
-
SEC sues crypto firms for defrauding investors out of $14 million
Tags: cryptoSEC lawyers said in a 29-page complaint that the companies ran “investment clubs” on WhatsApp that brought in users from advertisements on social media. First seen on therecord.media Jump to article: therecord.media/sec-sues-crypto-firms-defrauding-investors-14-million
-
SEC Targets Crypto Platforms in Social Media Scam Crackdown
The Securities and Exchange Commission launched an enforcement wave targeting three purported cryptocurrency trading platforms and four investment clubs. The post SEC Targets Crypto Platforms in Social Media Scam Crackdown appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-sec-targets-crypto-platforms/
-
Chinese Crypto Scammers on Telegram Are Fueling the Biggest Darknet Markets Ever
Online black markets once lurked in the shadows of the dark web. Today, they’ve moved onto public platforms like Telegram”, and are racking up historic illicit fortunes. First seen on wired.com Jump to article: www.wired.com/story/expired-tired-wired-chinese-scammer-crypto-markets/
-
Chinese Crypto Scammers on Telegram Are Fueling the Biggest Darknet Markets Ever
Online black markets once lurked in the shadows of the dark web. Today, they’ve moved onto public platforms like Telegram”, and are racking up historic illicit fortunes. First seen on wired.com Jump to article: www.wired.com/story/expired-tired-wired-chinese-scammer-crypto-markets/
-
Stealka Stealer: Fake-Roblox-Mods und Cheats plündern Krypto-Wallets
Stealka Stealer ist eine neue Windows-Malware, die sich als Roblox-Mod oder Cheat tarnt und Browserdaten sowie Krypto-Wallets plündert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/stealka-stealer-fake-roblox-mods-und-cheats-pluendern-krypto-wallets-324529.html
-
Geld futsch: Kryptotransfer von 50 Millionen US-Dollar geht schief
Tags: cryptoEin Krypto-Nutzer wollte 50 Millionen USDT transferieren. Trotz Testtransaktion ist fast alles in der falschen Wallet gelandet – und vermutlich für immer weg. First seen on golem.de Jump to article: www.golem.de/news/geld-futsch-krypto-transfer-von-50-millionen-us-dollar-geht-schief-2512-203511.html
-
Cybersecurity Snapshot: Cyber Pros Emerge as Bold AI Adopters, While AI Changes Data Security Game, CSA Reports Say
Tags: advisory, ai, api, attack, awareness, business, cloud, compliance, control, credit-card, crime, crimes, crypto, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, framework, google, governance, guide, healthcare, injection, intelligence, law, LLM, lockbit, malicious, metric, mitigation, monitoring, network, office, openai, ransom, ransomware, risk, risk-management, service, skills, sql, threat, tool, training, update, vulnerabilityFormerly “AI shy” cyber pros have done a 180 and become AI power users, as AI forces data security changes, the CSA says. Plus, PwC predicts orgs will get serious about responsible AI usage in 2026, while the NCSC states that, no, prompt injection isn’t the new SQL injection. And much more! Key takeaways Cyber…
-
Cybersecurity Snapshot: Cyber Pros Emerge as Bold AI Adopters, While AI Changes Data Security Game, CSA Reports Say
Tags: advisory, ai, api, attack, awareness, business, cloud, compliance, control, credit-card, crime, crimes, crypto, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, framework, google, governance, guide, healthcare, injection, intelligence, law, LLM, lockbit, malicious, metric, mitigation, monitoring, network, office, openai, ransom, ransomware, risk, risk-management, service, skills, sql, threat, tool, training, update, vulnerabilityFormerly “AI shy” cyber pros have done a 180 and become AI power users, as AI forces data security changes, the CSA says. Plus, PwC predicts orgs will get serious about responsible AI usage in 2026, while the NCSC states that, no, prompt injection isn’t the new SQL injection. And much more! Key takeaways Cyber…
-
The Com: the growing cybercrime network behind recent Pornhub hack
Criminal ecosystem is made up of mostly male native English language speakers aged from 16 to 25Ransomware hacks, data theft, crypto scams and sextortion cover a broad range of cybercrimes carried out by an equally varied list of assailants.But there is also an English-speaking criminal ecosystem carrying out these activities that defies conventional categorisation. Nonetheless,…
-
The Asset Layer of the Web: Tokenization Is Becoming Finance’s New Backend Infrastructure
Crypto’s public image lagged reality. Stablecoins, tokenization, and regulation now power a blockchain backend settling global finance at institutional scale. First seen on hackread.com Jump to article: hackread.com/asset-layer-web-tokenization-backend-infrastructure/
-
North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025
North Korean cybercriminals shattered previous records in 2025, stealing at least $2.02 billion in cryptocurrency through a sophisticated campaign that represents the most successful year ever for state-sponsored digital theft despite fewer confirmed attacks. This unprecedented haul marks a 51% increase year-over-year. It brings the regime’s cumulative cryptocurrency theft to a staggering $6.75 billion, cementing…
-
FBI Disrupts Russian Crypto Laundering Hub Enabling Cybercrime
A 39-year-old Russian national is accused of working with cybercriminals to convert criminal proceeds from cryptocurrency into various cash currencies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-disrupts-russian-crypto/
-
React2Shell is the Log4j moment for front end development
What to look for: In an attack tracked by S-RM, immediately after the threat actor gained access to a targeted company’s network, they ran a hidden PowerShell command, establishing command and control (C2) by downloading a Cobalt Strike PowerShell stager, a tactic regularly used by red teamers, and installing a beacon to allow them to…
-
React2Shell is the Log4j moment for front end development
What to look for: In an attack tracked by S-RM, immediately after the threat actor gained access to a targeted company’s network, they ran a hidden PowerShell command, establishing command and control (C2) by downloading a Cobalt Strike PowerShell stager, a tactic regularly used by red teamers, and installing a beacon to allow them to…
-
NuGet Malware Mimic: .NET Integration Library Steals Crypto Wallets and OAuth Tokens
ReversingLabs (RL) researchers have uncovered a sophisticated malware campaign targeting the .NET developer ecosystem via the NuGet package manager. The campaign, which began in July 2025, involves 14 malicious packages designed to mimic legitimate cryptocurrency libraries. These packages are engineered to steal crypto wallets, redirect funds, and exfiltrate Google Ads OAuth tokens, marking a significant…
-
NuGet Malware Mimic: .NET Integration Library Steals Crypto Wallets and OAuth Tokens
ReversingLabs (RL) researchers have uncovered a sophisticated malware campaign targeting the .NET developer ecosystem via the NuGet package manager. The campaign, which began in July 2025, involves 14 malicious packages designed to mimic legitimate cryptocurrency libraries. These packages are engineered to steal crypto wallets, redirect funds, and exfiltrate Google Ads OAuth tokens, marking a significant…
-
Cryptohack Roundup: Season’s Greetings With SantaStealer
Also: Terra Founder Do Kwon Sentenced to 15 Years in Prison. This week, SantaStealer resurfaced as an infostealer, police took down a crypto platform accused of money laundering, Terra founder Do Kwon sentenced, Bitcoin Rodney faced fraud and money laundering charges. The United Kingdom may regulate crypto by 2027 and Binance warned of fake listing…
-
Cryptohack Roundup: Season’s Greetings With SantaStealer
Also: Terra Founder Do Kwon Sentenced to 15 Years in Prison. This week, SantaStealer resurfaced as an infostealer, police took down a crypto platform accused of money laundering, Terra founder Do Kwon sentenced, Bitcoin Rodney faced fraud and money laundering charges. The United Kingdom may regulate crypto by 2027 and Binance warned of fake listing…
-
FBI Shuts Down Crypto Exchange Linked to Criminal Money Laundering Operations
The United States Attorney’s Office for the Eastern District of Michigan announced a coordinated international enforcement action targeting E-Note, a cryptocurrency exchange allegedly used by transnational cybercriminals to launder money stolen from U.S. healthcare providers and critical infrastructure operators. The operation, conducted with Michigan State Police and international partners, dismantled the online infrastructure supporting the…