January 17, 2024 at 04:30PM The “Inferno Drainer” phishing campaign siphoned over $80 million in cryptocurrency over a year. Using 100 cryptocurrency brands, the attackers lured victims into authorizing fund siphoning, gaining scale from an innovative “drainer-as-a-service” model. The attackers used brand impersonation and social media lures, and the infrastructure was available to rent. Vigilance … Read more
December 15, 2023 at 08:18AM Ledger, a crypto hardware wallet maker, faced a security breach after former employee fell victim to a phishing attack, leading to theft of $600,000 in virtual assets. Malicious code from the compromised npm account was used to propagate crypto drainer malware to other applications. Ledger has since removed the malicious … Read more
November 16, 2023 at 12:57PM Researchers at Unciphered have discovered a vulnerability in cryptocurrency wallets generated between 2011 and 2015, which allows threat actors to use brute-force methods to recover passwords. The vulnerability is related to an outdated randomization function in BitcoinJS. Millions of wallets with potentially hundreds of millions of dollars are at risk. … Read more
October 28, 2023 at 02:18PM HackerOne, a bug bounty platform, has awarded over $300 million in rewards to ethical hackers since its inception. Thirty hackers have earned over $1 million, with one receiving $4 million for his bug reports. On average, it took organizations 25.5 days to resolve reported bugs this year, a 28% improvement. … Read more