US indicts two over socially engineered $230M+ crypto heist

September 20, 2024 at 01:34PM Malone Lam, 20, and Jeandiel Serrano, 21, are facing serious charges for allegedly stealing over $230 million in cryptocurrency. The pair is accused of carrying out a scam, using the stolen funds to buy luxury items and travel services. The case, handled by the US Attorney’s Office, FBI, and IRS, … Read more

SpyAgent Android malware steals crypto recovery phrases from images

September 6, 2024 at 11:22AM A new Android malware called SpyAgent utilizes OCR to extract cryptocurrency wallet recovery phrases from images stored on mobile devices. Based on the meeting notes, it seems that a new Android malware called SpyAgent has been identified. This malware uses optical character recognition (OCR) technology to extract cryptocurrency wallet recovery … Read more

North Korean Hackers Targets Job Seekers with Fake FreeConference App

September 4, 2024 at 12:21PM North Korean threat actors have created a malicious campaign called Contagious Interview, using fake job interviews to distribute malware. They have now been using fake video conferencing applications to backdoor developer systems. This activity is attributed to the North Korean threat actor Famous Chollima. The campaign is targeting job seekers … Read more

US convicts crypto-robbing gang leader who kidnapped victims before draining their accounts

June 26, 2024 at 02:52PM Remy St Felix, a 24-year-old leader of an international robbery crew, was convicted in the US for carrying out violent home invasions to steal cryptocurrency tokens. He led the gang in stealing hundreds of millions of dollars’ worth of crypto through kidnappings and terrorizing wealthy victims. St Felix faces a … Read more

Crypto exchange Kraken accuses blockchain security outfit CertiK of extortion

June 20, 2024 at 01:38PM Kraken, a major cryptocurrency exchange, accuses security researchers of exploiting a critical bug to steal millions in digital cash and attempt to extort more from the exchange. The bug allowed users to manipulate their account balance without completing deposits. Kraken labeled the researchers’ actions as extortion and is coordinating with … Read more

Cybercriminals Abuse StackOverflow to Promote Malicious Python Package

May 29, 2024 at 01:51PM Cybersecurity researchers have discovered a malicious Python package, “pytoileur,” in the Python Package Index repository, aiming to enable cryptocurrency theft. The package’s code executes a Base64-encoded payload to retrieve a Windows binary from an external server, establishing persistence and dropping spyware and data-stealing malware. This method signifies an unprecedented abuse … Read more

400K Linux Servers Recruited by Resurrected Ebury Botnet

May 17, 2024 at 12:09PM The Ebury botnet, operating for 15 years, has compromised numerous servers, targeting universities, enterprises, and cryptocurrency traders. It employs tactics to steal credentials, intercept SSH traffic, and pivot towards credit card and cryptocurrency theft. Despite the imprisonment of a key perpetrator, Ebury’s operators remain active and pose ongoing challenges for … Read more

Mandiant Details How Its X Account Was Hacked

January 11, 2024 at 09:21AM Mandiant’s social media account on platform X was hacked, resulting in a cryptocurrency theft campaign generating over $900,000 for cybercriminals. The attack involved promoting a fake website. The company’s investigation revealed a compromised password attack, leading to changes in their security process. Mandiant detailed the ClinkSink campaign and identified numerous … Read more

New Go-Based JaskaGO Malware Targeting Windows and macOS Systems

December 20, 2023 at 04:03AM A new Go-based information stealer malware called JaskaGO poses a cross-platform threat to Windows and Apple macOS systems, equipped with extensive commands from its C&C server. Capable of establishing persistence within the system, it employs multiple tactics for information theft and cryptocurrency theft. Its distribution method and campaign scale remain … Read more

North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report

December 4, 2023 at 10:07AM North Korean state-sponsored hackers reportedly stole over $3 billion in cryptocurrency, according to Recorded Future. SecurityWeek reported on the theft. Clear Takeaway from Meeting Notes: North Korean state-sponsored hackers have been reported to have acquired over $3 billion through cryptocurrency theft, as per findings published by Recorded Future. This significant … Read more