Security News

Breaking The SEC today said its Twitter/X account was hijacked to wrongly claim it had approved hotly anticipated Bitcoin ETFs, causing cryptocurrency to spike and then slip in price. In a now-deleted tweet shared in the past hour, the American financial regulator appeared to say: "Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges. The approved Bitcoin ETFs will be subject to ongoing surveillance and compliance measures to ensure continued investor protection."

Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of...

Lazarus Group, the infamous cryptocurrency thieves backed by North Korea, may try to liquidate a stash of stolen Bitcoin worth more than $40 million, according to the FBI. In an alert issued on Tuesday, agents said they tracked the purloined cryptocurrency over the past 24 hours. Most recently, on June 22 Lazarus Group stole $60 million in virtual currency from Alphapo, which processes payments for gambling services.

Ilya Lichtenstein and Heather Morgan on Thursday pleaded guilty to money-laundering charges related to the 2016 theft of some 120,000 Bitcoins from Hong Kong-based Bitfinex. The Feds arrested Lichtenstein, 35, and Morgan, 33, in February 2022 following the US government's tracing of about 95,000 of the stolen BTC - worth about $3.6 billion at the time and $2.8 billion today - to digital wallets controlled by the married couple.

According to General Bytes, the outfit that sold the ATMs and had managed some of them with a cloud service, the attackers used an interface designed to upload videos to instead inject a malicious Java application, and then subverted ATM user privileges. "The entire team has been working around the clock to collect all data regarding the security breach and is continuously working to resolve all cases to help clients back online and continue to operate their ATMs as soon as possible," General Bytes explained in a statement.

Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload videos and run it using 'batm' user privileges," the company said in an advisory published over the weekend.

Leading Bitcoin ATM maker General Bytes disclosed that hackers stole cryptocurrency from the company and its customers using a zero-day vulnerability in its BATM management platform. General Bytes makes Bitcoin ATMs allowing people to purchase or sell over 40 cryptocurrencies.

In August 2022, we wrote how General Bytes had fallen victim to a server-side bug in which remote attackers could trick a customer's ATM server into giving them access to the "Set up a brand new system" configuration pages. In the General Bytes ATM server the unauthorised access path that got the attackers into the "Start from scratch" setup screens didn't neutralise any data on the infiltrated device first.

Pics A Massachusetts man accused of using his job as a city's assistant facilities director to hide a cryptocurrency mining operation in the crawlspace of a school has surrendered himself to authorities on Friday morning after skipping his Thursday arraignment. A judge issued a default warrant for Nadeam Nahas' arrest yesterday on charges of fraudulent use of electricity and vandalizing a school, in relation with the cryptomining operation discovered under Cohasset Middle/High School in December, 2021.

Somewhere between 73 and 81 percent of retail Bitcoin buyers are likely to have lost money on their investment, according to research published Monday by the Bank of International Settlements. The Switzerland-based bank for other central banks wanted to understand why retail investors continue to participate in cryptocurrency exchanges to trade tokens like Bitcoin.