November 15, 2024 at 06:36AM Ilya Lichtenstein, the Bitfinex hacker who stole and laundered approximately $1 billion in Bitcoin, has been sentenced to five years in prison. **Meeting Notes Takeaways:** 1. **Individual Involved**: Ilya Lichtenstein is identified as the hacker connected to the Bitfinex theft. 2. **Crime Summary**: Lichtenstein stole bitcoin valued at approximately $1 … Read more
November 12, 2024 at 08:39AM North Korean threat actors have begun embedding malware in Flutter applications, targeting macOS devices. This technique includes a deceptive Minesweeper game and variants in Go and Python. Jamf Threat Labs notes this may involve social engineering near cryptocurrency sectors, and suspects links to known hacking sub-groups. Apple’s notarization process is … Read more
November 7, 2024 at 05:17PM North Korean hacker group BlueNoroff is targeting crypto businesses with a new multi-stage macOS malware campaign, dubbed “Hidden Risk.” Utilizing phishing emails about cryptocurrency, the malware employs novel techniques for persistence and evasion, ensuring it remains undetected. This campaign marks an evolution in their tactics over the past year. ### … Read more
November 5, 2024 at 03:34PM The FBI recovered $8 million from a $47 million cryptocurrency scam linked to Shan Hanes, former CEO of Heartland Tri-State Bank, who embezzled funds after being lured into the scheme. Hanes was sentenced to 24 years in prison, and the investigation revealed his abuse of trust in a small community. … Read more
November 1, 2024 at 05:11AM LottieFiles reported a supply chain attack on Lottie-Player, aimed at stealing cryptocurrency. This breach poses risks to cryptocurrency wallets, highlighting vulnerabilities in software supply chains. **Meeting Takeaways:** 1. **Incident Confirmation**: LottieFiles has confirmed a breach involving Lottie-Player. 2. **Nature of the Attack**: The breach is classified as a supply chain … Read more
October 31, 2024 at 04:10PM LottieFiles’ Lotti-Player project was compromised in a supply chain attack, injecting a crypto drainer into websites, potentially costing one victim $723,000 in Bitcoin. Affected versions were quickly replaced with a secure update. Users are advised to upgrade or be cautious of fraudulent wallet connection requests amid ongoing investigations into the … Read more
October 31, 2024 at 08:05AM LottieFiles faced a security breach after a developer account was compromised, leading to malicious code being pushed to users, potentially draining their crypto wallets. The company released a safe version (2.0.8) and assured users that their other services were unaffected. Outside security experts were involved in resolving the incident. **Meeting … Read more
September 19, 2024 at 06:57PM Two suspects, Malone Lam and Jeandiel Serrano, were arrested in Miami for stealing over $230 million in cryptocurrency. They gained unauthorized access to victims’ crypto accounts, laundered the proceeds, and financed lavish lifestyles. Investigators identified a third conspirator known as “Wiz.” The FBI tracked the suspects through their spending and … Read more
September 4, 2024 at 01:12PM The FBI warns of imminent North Korean threat actor attacks targeting organizations with large cryptocurrency assets. These attacks will involve social engineering tactics and may include crypto theft and malware deployment. The actors are adept at impersonating recruiters and headhunters to establish trust and steal funds. Firms are urged to … Read more
July 12, 2024 at 02:34PM Coordinated DNS hijacking attacks impact decentralized finance (DeFi) crypto platforms using Squarespace registrar. Attackers redirect visitors to phishing sites, aiming to drain wallets. Platforms such as Compound Finance, Celer Network, and Pendle warn users and assure fund safety. Attackers exploit a vulnerability stemming from domain migration. Security experts recommend enabling … Read more