Security News

High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen?
2020-07-16 09:40

The Twittersphere went into overdrive on Wednesday as a bunch of prominent, verified Twitter accounts were hijacked and started promoting a COVID-19 cryptocurrency giveaway scam. The attackers simultaneously compromised Twitter accounts of Bill Gates, Elon Musk, Barack Obama, Jeff Bezos, Joe Biden, Mike Bloomberg, Apple, Uber, as well as those of cryptocurrency exchanges Binance, Coinbase, KuCoin and Gemini, the CoinDesk news site and other top crypto accounts.

Twitter mass hacking: Bill Gates, Elon Musk, Jeff Bezos, Mike Bloomberg, Biden, Obama, more hijacked to peddle Bitcoin scam
2020-07-15 22:21

The Twitter accounts of Microsoft co-founder Bill Gates, Tesla CEO Elon Musk, and other celebrities were briefly taken over on Wednesday, along with the accounts of various cryptocurrency businesses and affiliated executives, to promote a Bitcoin scam. Twitter also silenced verified blue-tick accounts temporarily to prevent more abuse while it got to the bottom of the kerfuffle.

Glupteba – the malware that gets secret messages from the Bitcoin blockchain
2020-06-24 16:50

Our experts have deconstructed a strain of malware called Glupteba that uses just about every cybercrime trick you've heard of, and probably several more besides. The most interesting feature that we learned about in the report is how Glupteba uses the Bitcoin blockchain as a communication channel for receiving updated configuration information.

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com
2020-06-14 04:01

For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn't quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. KrebsOnSecurity has learned that the phishing site Privnotes.com uses some kind of automated script that scours messages for bitcoin addresses, and replaces any bitcoin addresses found with its own bitcoin address.

Bitcoin scammers take YouTube channels for a SpaceX ride
2020-06-11 11:24

Crypto scammers hijacked three YouTube channels to impersonate Elon Musk's SpaceX channel, offering bogus BTC giveaways that earned them nearly USD $150,000 over the course of two days. According to Bleeping Computer and the reports filed in the BitcoinAbuse database, the scammers took over legitimate YouTube accounts and changed the branding to look like that of Elon Musk's rocket company.

Office supplies biz owned by UK council shrugs off ransomware demand for 102 Bitcoin
2020-06-02 17:37

A Brit public sector-owned office supplies company shrugged off a ransomware demand for 102 Bitcoins after a staffer opened a phishing email. A local blogger, publishing the Vox Medway site, claimed the attack froze all CSG services at 01:30 UK time on 2 April.

Typosquatting RubyGems laced with Bitcoin-nabbing malware have been downloaded thousands of times
2020-04-21 09:45

A researcher has uncovered malicious packages in the RubyGems repository, one of which was downloaded more than 2,000 times. The research found over 400 suspect gems including "Atlas-client", which was downloaded 2,100 times by developers likely looking for the legitimate gem named atlas client.

Bitcoin Stealers Hide in 700+ Ruby Developer Libraries
2020-04-20 16:23

A legitimate file may be called "Thisisafile.exe," while a malicious impersonator may call itself "This1safile.exe." Unobservant users could thus download the malicious file by mistake. If developers accidentally downloaded the rogue files instead of the legitimate gems they were looking for, the software packages they built using the libraries would automatically harbor the Bitcoin-stealer, endangering all users of that software.

Travelex Pays $2.3M in Bitcoin to Hackers Who Hijacked Network in January
2020-04-10 12:18

Travelex has paid out $2.3 million in Bitcoin to hackers to regain access to its global network after a malware attack at the new year knocked the global currency exchange offline and crippled its business during the month of January. Travelex said in this case it was experts who advised the company pay those responsible for the New Year's Eve attack, which forced the company to shut down its online services and its mobile app.

Bill Gates’s YouTube ‘Bitcoin giveaway’ is a big fat scam
2020-04-01 13:15

On Monday, a video of former Microsoft CEO Bill Gates could be found playing on multiple YouTube channels that were broadcasting a well-known cryptocurrency Ponzi scam, ZDNet reported. In November 2019, cryptocoin news site Coin Rivet reported that scammers were hopping on YouTube live streams to bilk people by posing as the official foundations and development teams of popular cryptocurrencies.