Tag: crypto
-
Monero (XMR) 2025 Prediction: What Is in Store for the Top Privacy Coin?
by
in SecurityNewsMonero (XMR) remains the leading privacy cryptocurrency with its unparalleled anonymity and security in a world increasingly financially… First seen on hackread.com Jump to article: hackread.com/monero-xmr-2025-whats-in-store-for-privacy-coin/
-
British techies to advise on ‘devastating’ UK global crypto power grab
by
in SecurityNewsA hitherto unknown British organisation which even the government may have forgotten about is about to be drawn into a global technical and financial battle, facing threats from Apple to pull out of the UK First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619028/Apple-British-techies-to-advise-on-devastating-UK-global-crypto-power-grab
-
Man Gets 20 Years for $37m Crypto Heist
by
in SecurityNewsA US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-man-20-years-37m-dollars-crypto/
-
Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft
by
in SecurityNewsEvan Light was sentenced to 20 years in federal prison for hacking an investment holdings company and stealing $37 million in cryptocurrency. The post Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/indiana-man-sentenced-to-20-years-in-prison-for-hacking-37-million-crypto-theft/
-
Fake-Jobangebote für Software-Entwickler auf Linkedin
Aktive Kampagne mit Verbindungen zur nordkoreanischen Lazarus-Gruppe (APT 38). Infostealer für Krypto-Wallets als Payload einer vermeintlichen Projekt-Demo. Die Bitdefender Labs beobachten eine aktive Kampagne mit gefälschten Jobangeboten auf Linkedin. Im Rahmen des Bewerbungsverfahrens erhalten die Angreifer über einen Link bösartigen Code für eine Backdoor, einen Infostealer, einen Keylogger und einen Kryptominer. Linkedin ist nicht nur……
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 32
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Malicious packages deepseeek and deepseekai published in Python Package Index Coyote Banking Trojan: A Stealthy Attack via LNK Files The Mac Malware of 2024 Take My Money: OCR Crypto Wallet Thieves on Google Play and App…
-
Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/09/week-in-review-exploited-7-zip-0-day-flaw-crypto-stealing-malware-found-on-app-store-google-play/
-
Novel crypto-targeting SparkCat malware campaign examined
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/novel-crypto-targeting-sparkcat-malware-campaign-examined
-
Mehr Cyberangriffe bei weniger Beute
by
in SecurityNews
Tags: backup, blockchain, crime, crypto, cyberattack, cyersecurity, intelligence, leak, lockbit, ransomware, risk, service, usa -
Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims
by
in SecurityNewsOCR plugin great for extracting crypto-wallet secrets from galleries First seen on theregister.com Jump to article: www.theregister.com/2025/02/07/infected_apps_google_apple_stores/
-
DeepSeek Phishing Sites Pursue User Data, Crypto Wallets
Riding the wave of notoriety from the Chinese company’s R1 AT chatbot, attackers are spinning up lookalike sites for different malicious use cases. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/deepseek-phishing-sites-pursue-user-data-crypto-wallets
-
New Lazarus Group campaign targets cryptocurrency wallets
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-lazarus-group-campaign-targets-cryptocurrency-wallets
-
Still-Lucrative Ransomware’s Profits Plunged 35% Last Year
by
in SecurityNewsCollapse of LockBit and BlackCat/ALPHV Tied to Ongoing Decline in Big-Game Hunting. Ransomware may still be raking in massive cryptocurrency profits for practitioners, but 2024 turned out to be less of a banner year than predicted, with blockchain researchers reporting that the sum total of known ransom payments to ransomware groups in 2024 plummeted by…
-
Police arrest teenager suspected of hacking NATO and numerous Spanish institutions
by
in SecurityNewsSpain’s National Police, in a joint operation with the Civil Guard, has arrested an 18-year-old suspected of being the hacker going by aliases including “Natohub,” and known for hacking the computer services of private companies and Spanish institutions such as the Civil Guard, the Ministry of Defense, the National Mint, and the Ministry of Education,…
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
by
in SecurityNewsNorth Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple’s and Google’s respective app stores to steal victims’ mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,…
-
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams
by
in SecurityNewsResearchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. The post Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fake-deepseek-sites-used-for-credential-phishing-crypto-theft-scams/
-
Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom
by
in SecurityNewsIn episode 403 of “Smashing Security” we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham’s DMs, Geoff gives a poor grade for PowerSchool’s security, and Carole takes a curious look at QR codes. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-403/
-
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
by
in SecurityNewsThe North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linkedLazarus groupuses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure…
-
Crypto-stealing apps found in Apple App Store for the first time
by
in SecurityNewsA new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/
-
SparkCat campaign target crypto wallets using OCR to steal recovery phrases
In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using OCR to scan the victim’s gallery for images with recovery phrases to restore access to crypto wallets. In late 2024, Kaspersky discovered a new malicious campaign,…
-
Crypto-stealing iOS, Android malware found on App Store, Google Play
by
in SecurityNewsA number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/crypto-stealing-ios-android-malware-found-on-app-store-google-play-sparkcat-malicious-sdk/
-
Phishing Campaign Hijacks High-Profile X Accounts to Promote Crypto Scams
by
in SecurityNewsA new wave of phishing attacks is actively targeting high-profile X (formerly Twitter) accounts, with attackers hijacking accounts First seen on securityonline.info Jump to article: securityonline.info/phishing-campaign-hijacks-high-profile-x-accounts-to-promote-crypto-scams/
-
Numerous malware deployed by crypto-targeting Crazy Evil operation
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/numerous-malware-deployed-by-crypto-targeting-crazy-evil-operation
-
Google Play, Apple App Store apps caught stealing crypto wallets
by
in SecurityNewsA new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/
-
US accuses Canadian math prodigy of $65M crypto scheme
by
in SecurityNewsSuspect, still at large, said to back concept that ‘code is law’ First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/math_prodigy_crypto_scheme/
-
Canadian National Charged with Stealing $65 Million in Crypto
by
in SecurityNewsA Canadian man has been charged with exploiting decentralized finance (DeFi) protocols to steal approximately $65 million from unsuspecting investors. A five-count criminal indictment, unsealed today in a federal court in New York, accuses 22-year-old Andean Medjedovic of targeting vulnerabilities in automated smart contracts used by two prominent DeFi platforms: KyberSwap and Indexed Finance. Alleged…
-
Aim for crypto-agility, prepare for the long haul
by
in SecurityNews
Tags: cryptoWhile organizations have long experimented with various facets of digital transformation, the journey toward crypto-agility is one of the most significant technological … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/04/crypto-agility-journey/
-
Canadian Man Stole $65 Million in Crypto in Two Platform Hacks, DOJ Says
by
in SecurityNewsA 22-year-old Canadian man is indicted by the U.S. DOJ for using borrowed cryptocurrency and exploiting vulnerabilities on the KyberSwap and Indexed Finance DeFi platforms to steal $65 million in digital assets in two schemes between 2021 and 2023. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/canadian-man-stole-65-million-in-crypto-in-two-platform-hacks-doj-says/