Security News

North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. By impersonating blockchain engineering community members on Discord, the attackers used social engineering techniques to make victims download a malicious ZIP file.

Fully homomorphic encryption - a technique that allows data to be processed encrypted without the need for decryption - shows great promise in addressing the privacy issues associated with blockchain. FHE can enhance data security by allowing computations to be performed on encrypted data, reducing the risks pertaining to data exposure.

The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating the game, trying to infect them with malware. The Sandbox is a blockchain-based open-world multiplayer game with over 350,000 active monthly users, offering them ways to build, own, and monetize interactive content like virtual worlds, items, and experiences.

"With the collapse of bankrupt crypto exchange FTX still sending shivers through the industry and fueling consumer mistrust, an Israeli multi-billion-dollar startup is making its"uncheatable" blockchain transaction technology available for mass adoption in hopes of preventing the next fraud scandal. Netanya-based StarkWare, which is valued at $8 billion, is the developer of a technology that compresses and speeds up blockchain transactions.

India's Telecom Regulatory Authority has announced a fresh crackdown on TXT spam - this time using artificial intelligence, after a previous blockchain-powered effort delivered mixed results. The TRAI's approach to managing spam - or Unsolicited Commercial Communication as it prefers to describe it - saw the regulator create a mandatory register of telemarketers and telecoms service providers, and require them to secure opt-ins from message recipients.

You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.

Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week. The defendants' move to press sanctions against Google was denied.

Researchers have disclosed details about a now-patched critical flaw in the Move virtual machine that powers the Aptos blockchain network. The vulnerability "Can cause Aptos nodes to crash and cause denial of service," Singapore-based Numen Cyber Labs said in a technical write-up published earlier this month.

The decentralized music platform Audius was hacked over the weekend, with threat actors stealing over 18 million AUDIO tokens worth approximately $6 million. Audius is a decentralized streaming platform hosted on the Ethereum blockchain where artists can earn AUDIO tokens by sharing their music, and users can earn tokens by curating and listening to content.

A report commissioned by the Pentagon concluded that the blockchain is not decentralized, is vulnerable to attacks and is running outdated software. The report, "Are Blockchains Decentralized, Unintended Centralities in Distributed Ledgers", uncovered that a subset of participants can "Exert excessive and centralized control over the entire blockchain system."