Security News
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. By using the computing resources of others' servers to mine cryptocurrency, the cybercriminals can profit at the expense of the compromised organizations, whose CPU and GPU performance is degraded by the mining.
As Mandiant found during a follow-up investigation into the incident, the attacker used a wallet drainer dubbed CLINKSINK. This same drainer has been used since December to steal funds and tokens from users of Solana cryptocurrency as part of a large-scale campaign involving at least 35 affiliate IDs linked to a shared drainer-as-a-service. Since the start of the year, a massive wave of account breaches has impacted X users, with verified organizations getting hacked to spread cryptocurrency scams and links to wallet drainers.
A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a...
The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. Hackers are increasingly targeting and compromising verified government and business X accounts with 'gold' and 'grey' checkmarks to add legitimacy to their malicious tweets pushing cryptocurrency scams, phishing sites, and sites dropping crypto drainers.
Those who frequent the space are now bombarded by what appears to be an endless stream of malicious ads. "Im not lying when I say EVERY single ad I am seeing on X is a scam link targeted at crypto to drain peoples wallets," reads a post on X. While attackers have been abusing X's ad platform for some time, the sheer volume of malicious ads has increased rapidly over the past month, causing security researcher MalwareHunterTeam to track them.
The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. CertiK's gold-verified X account was compromised in a social engineering attack by a threat actor using another hacked account described by the company as "Associated with a well-known media."
A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. Bill Lou, co-founder of Nest Wallet, a cryptocurrency wallet startup, has been left feeling "Devastated" after being scammed by what appeared to be a crypto giveaway website to him at the time.
Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password. "We are aware of the incident that impacted the Mandiant X account and are conducting a thorough investigation," a spokesperson told The Register.
Hackers are increasingly targeting verified accounts on X belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams. MalwareHunterTeam has been tracking this type of activity on X lately and reported several notable examples of compromised "Gold" and "Grey" accounts.
Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three...