Security News

Solana blockchain's popular web3.js npm package backdoored to steal keys, funds
2024-12-05 23:13

Damage likely limited to those running bots with private key access Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry,...

Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
2024-08-11 10:01

Cybersecurity researchers have discovered a new malicious package on the Python Package Index repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims' secrets. "The legitimate Solana Python API project is known as 'solana-py' on GitHub, but simply 'solana' on the Python software registry, PyPI," Sonatype researcher Ax Sharma said in a report published last week.

How to Use Python to Build Secure Blockchain Applications
2024-06-27 09:30

Did you know it’s now possible to build blockchain applications, known also as decentralized applications (or “dApps” for short) in native Python? Blockchain development has traditionally required...

Crypto exchange Kraken accuses blockchain security outfit CertiK of extortion
2024-06-20 17:35

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Brothers arrested for $25 million theft in Ethereum blockchain attack
2024-05-15 18:36

The U.S. Department of Justice has indicted two brothers for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a "First-of-its-kind" scheme. "The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of Ethereum users across the globe. And once they put their plan into action, their heist only took 12 seconds to complete," said U.S. Attorney Damian Williams.

Molly White Reviews Blockchain Book
2024-02-13 12:07

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Beyond blockchain: Strategies for seamless digital asset integration
2024-01-23 05:30

How can organizations balance the need for robust digital asset protection with the drive for business innovation and agility? To best integrate digital assets in your business, it's crucial to integrate your digital asset management solution with your IT systems.

Blockchain dev's wallet emptied in "job interview" using npm package
2023-12-28 11:25

A blockchain developer shares his ordeal over the holidays when he was approached on LinkedIn by a "Recruiter" for a web development job. The recruiter in question asked the developer to download npm packages from a GitHub repository, and hours later the developer discovered his MetaMask wallet had been emptied.

NKabuse backdoor harnesses blockchain brawn to hit several architectures
2023-12-15 14:28

Dubbed "NKAbuse" by the researchers, the Go-based backdoor offers criminal attackers a range of possibilities, including being able to DDoS or fling remote access trojans, and leans on NKN for more anonymous yet reliable data exchange. NKN is an open source protocol that lets users perform a peer-to-peer data exchange over a public blockchain - like a cross between a traditional blockchain and the Tor network.

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks
2023-12-15 05:25

A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications...