Crypto-stealing malware posing as a meeting app targets Web3 pros

December 6, 2024 at 10:45AM Cybercriminals have launched a campaign named “Meeten,” targeting Web3 professionals via fake video meetings that install crypto-stealing malware on Windows and Macs. The scheme uses sophisticated social engineering tactics to prompt users to download malicious software, compromising sensitive data, including cryptocurrency wallets and personal banking information. ### Meeting Takeaways on … Read more

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks

December 6, 2024 at 06:31AM A 19-year-old California resident, Remington Ogletree, has been charged for his involvement in Scattered Spider cyberattacks, allegedly causing over $4 million in losses. He used social engineering to access networks, steal data, and launch phishing campaigns. Investigators linked him to multiple cybercrimes through various accounts and his own admissions. ### … Read more

North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft

October 24, 2024 at 09:05AM Lazarus APT developed a fraudulent website leveraging a Chrome zero-day vulnerability to install malware and steal cryptocurrency, as reported by SecurityWeek. **Meeting Notes Takeaways:** 1. **Event Overview**: The Lazarus APT (Advanced Persistent Threat) group has developed a deceptive website. 2. **Exploitation Method**: The group exploited a zero-day vulnerability in Chrome … Read more

Prison just got rougher as band of heinously violent cybercrims sentenced to lengthy stints

September 16, 2024 at 08:19AM Cybercriminal Remy Ra St Felix and his gang were sentenced for a string of violent cryptocurrency robberies in the US. St Felix received a 47-year prison term and five years supervised release and was ordered to pay over $524 million in restitution. The gang targeted victims, held them at gunpoint, … Read more

North Korea likely behind takedown of Indian crypto exchange WazirX

July 19, 2024 at 02:07AM Indian crypto exchange WazirX disclosed the loss of over $230 million in virtual assets in a cyber attack attributed to North Korea. The attack exploited a vulnerability to gain control of a multi-signature wallet. WazirX halted crypto withdrawals and initiated recovery efforts. Blockchain analytics firms suspect the stolen assets are … Read more

Japan warns of malicious PyPi packages created by North Korean hackers

February 28, 2024 at 10:08AM JPCERT/CC warns of North Korean hacker group Lazarus uploading four malicious PyPI packages to infect developers with malware. These packages allow access to developer networks, enabling financial fraud and supply chain attacks. The malware, named “Comebacker,” connects to the attacker’s server and executes further Windows malware. Previous attacks by Lazarus … Read more

North Korean hackers now launder stolen crypto via YoMix tumbler

February 16, 2024 at 09:38AM Lazarus, the North Korean hacker collective known for large-scale cryptocurrency heists, has shifted to using YoMix bitcoin mixer for laundering stolen funds. Chainalysis reports a surge in YoMix activity tied to Lazarus, evidencing their adaptability to avoid sanctions on other mixing services. The report also details trends in cryptocurrency laundering … Read more

SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

February 4, 2024 at 08:38PM A SIM-swapping ring indictment may clear Sam Bankman-Fried of a $400 million crypto theft from FTX before its bankruptcy. The Powell gang stole from an unnamed firm, likely FTX, and were caught. Apple patched a pre-release security flaw in its Vision Pro headset. Numerous vulnerabilities in Docker, OCI, and various … Read more

North Korea’s state hackers stole $3 billion in crypto since 2017

December 3, 2023 at 04:11PM North Korean hackers have stolen around $3 billion in cryptocurrency since 2017, targeting exchanges, individuals, and firms. The theft, often led by groups like Kimsuky and Lazarus, funds North Korea’s military and weapons programs. The U.S. Treasury has imposed sanctions on these hacking groups and related entities. Meeting Takeaways: 1. … Read more