Security News

Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X. To lure potential victims, the scammer uses a breach on major cryptocurrency exchange platforms. The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea.

The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea. To impersonate the legitimate accounts, the threat actors created new X accounts with similar account names.

NIST, the US National Institute of Standards and Technology, is leading a process to create and standardize new encryption algorithms to replace RSA and ECC. The new algorithms rely on mathematical approaches that are not easily broken by quantum or classical computers. In December of 2022, US President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act which mandates timelines for moving government systems to PQC algorithms.

Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. After picking their targets following initial contact on LinkedIn, the BlueNoroff hackers backdoor their systems by deploying malware hidden in malicious documents pushed via private messages on various social networks.

The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of user funds from the cryptocurrency exchange in a raid on Friday. "We are offering a five percent white hat bounty to the Poloniex hacker," Sun wrote.

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Developed by Microsoft, it's a cloud-based automation service that allows users to automate the creation, deployment, monitoring, and maintenance of resources in Azure.

Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets. Published with the name Ledger Live Web3, the fake application appears to have been present in the Microsoft Store since October 19 but the cryptocurrency theft started being reported just a couple of days ago.

The Australian government is moving towards regulating cryptocurrency, with a focus on those involved in developing and maintaining crypto platforms. Cryptocurrency is known for its vulnerability, with Australia experiencing several incidents, including a AUD$40 million hack on the crypto betting platform, Stake, and the theft of over one million from an Australian Bitcoin bank in 2013.

Sam Bankman-Fried, the founder and former CEO of crypto exchange FTX and trading firm Alameda Research, has been found guilty of seven criminal charges. FTX was once valued at $32 billion, and Bankman-Fried was fêted as a visionary thanks in part to his willingness to spruik his firm, and crypto, to almost anyone willing to put a microphone in front of his face.

State-sponsored threat actors from the Democratic People's Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel...