Security News

Plus: SpaceX plans Vietnam investment; Yahoo! Japan content moderation secrets; LG offloads Chinese display factory; and more ASIA IN BRIEF It's not often The Register writes about a...

Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud. Clipper malware,...

The U.S. Department of Justice is recovering $2.3 million worth of cryptocurrency linked to a "Pig butchering" fraud scheme that victimized at least 37 people across the United States. Pig butchering is a social engineering scam where fraudsters contact people on social media and messaging platforms to build trust.

The world's largest cryptocurrency exchange just got a little smaller, with the US Department of Justice announcing Binance and its CEO Changpeng Zhao have both pleaded guilty to a multitude of financial crimes. According to a criminal case [PDF] unsealed Tuesday, Binance failed to register as a money services business in the United States, broke the Bank Secrecy Act by failing to implement and maintain an anti-money laundering program, and violated the International Emergency Economic Powers Act by allowing US users to transact with individuals in sanctioned countries.

Threat actors have been observed serving malicious code by utilizing Binance's Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign,...

Cybercriminals are employing a novel code distribution technique dubbed 'EtherHiding,' which abuses Binance's Smart Chain contracts to hide malicious scripts in the blockchain. The threat actors responsible for this campaign previously used compromised WordPress sites that redirected to Cloudflare Worker hosts for injecting malicious JavaScript into hacked websites, but later pivoted to abusing blockchain systems that provide a far more resilient and evasive distribution channel.

BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100 million in digital assets. According to Binance CEO Changpeng Zhao, the exploit on the cross-chain bridge "Resulted in extra BNB," prompting a temporary suspension of the Binance Smart Chain.

Cryptocurrency exchange Binance temporarily halted its blockchain network on Thursday in response to a cyberattack that led to the theft of two million BNB tokens, notionally exchangeable for $566 million in fiat currency. The shutdown, requiring the cooperation of 26 validators to close the decentralized system, occurred around 2200 UTC on October 6, as a result of the exploitation of the BSC Token Hub bridge, which connects the BNB Beacon Chain and the BNB Smart Chain so tokens from different blockchains can be exchanged.

Hackers have reportedly stolen 2 million Binance Coins, worth $566 million, from the Binance Bridge.Details are scant at the moment, but the attack appears to have started at 2:30 PM EST today, with the attacker's wallet receiving two transactions [1, 2], each consisting of 1,000,000 BNB. Soon after the hacker began spreading some of the funds across a variety of liquidity pools, attempting to transfer the BNB into other assets.

A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories. Binance mystery boxes are sets of random non-fungible token items that people buy, hoping they'll receive a unique or rare item at a bargain price.