Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

October 2, 2024 at 08:39AM Python packages linking to dependencies with cryptocurrency-stealing code were uploaded to PyPI, targeting cryptocurrency wallets. This poses a security threat to users. (45 words) Based on the meeting notes, it appears that there are concerns about Python packages on PyPI containing cryptocurrency-stealing code. These packages pose a potential threat, particularly … Read more

Lost Crypto Wallet? New Firm Promises Ethical, Transparent and Inexpensive Recovery

March 21, 2024 at 04:24PM Praefortis, a new company founded in 2024, aims to ethically recover lost or forgotten crypto wallet passwords, offering a lower fee structure than other alternatives. It was formed by experts Jim Carden and Wesley Brandi, who combine digital forensics and coding expertise in their password recovery method. The company emphasizes … Read more

Beware: Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials

February 6, 2024 at 10:10AM Threat actors are using fake Facebook job ads to distribute a new Windows-based stealer malware, Ov3r_Stealer, designed to steal credentials and crypto wallets. The campaign’s end goal remains unknown, but the stolen information may be sold to other threat actors or used to distribute additional payloads, including ransomware. This tactic … Read more

Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks

December 30, 2023 at 04:42AM Cybersecurity researchers are cautioning about a surge in phishing attacks targeting cryptocurrency wallets, utilizing a technique to drain multiple blockchain networks. Notably, a group called Angel Drainer offers a “scam-as-a-service” for a percentage of stolen assets. To combat this, users are advised to use hardware wallets, verify smart contracts, and … Read more

Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges

December 18, 2023 at 09:39AM Developers continue to enhance Rhadamanthys malware, broadening its capabilities and incorporating a plugin system for customization. Deployed through malicious sites, the malware harvests sensitive information from compromised hosts. Check Point’s analysis reveals its evolution into a potent threat, with a new plugin system allowing customized deployment. Similar to Rhadamanthys, AsyncRAT … Read more

Hundreds of thousands of dollars in crypto stolen after Ledger code poisoned

December 15, 2023 at 07:21PM Ledger, a cryptocurrency wallet maker, was targeted by a malicious code inserted into its Connect Kit JavaScript library. The code rerouted funds to a hacker’s wallet, resulting in a loss of over $610,000. Despite security measures, a former employee’s compromised credentials were exploited. Ledger asserts the issue has been addressed, … Read more

Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant

November 8, 2023 at 06:03PM Security researchers have discovered a new variant of the Jupyter information stealer malware, also known as Yellow Cockatoo, Solarmarker, and Polazert. The malware can infiltrate machines and collect sensitive data, including credentials for crypto-wallets and remote access apps. The malware has been observed leveraging PowerShell command modifications and digitally signed … Read more