Security News
Cryptocurrency exchange Binance temporarily halted its blockchain network on Thursday in response to a cyberattack that led to the theft of two million BNB tokens, notionally exchangeable for $566 million in fiat currency. The shutdown, requiring the cooperation of 26 validators to close the decentralized system, occurred around 2200 UTC on October 6, as a result of the exploitation of the BSC Token Hub bridge, which connects the BNB Beacon Chain and the BNB Smart Chain so tokens from different blockchains can be exchanged.
Hackers have reportedly stolen 2 million Binance Coins, worth $566 million, from the Binance Bridge.Details are scant at the moment, but the attack appears to have started at 2:30 PM EST today, with the attacker's wallet receiving two transactions [1, 2], each consisting of 1,000,000 BNB. Soon after the hacker began spreading some of the funds across a variety of liquidity pools, attempting to transfer the BNB into other assets.
In a perfect example of there being no honor among thieves, a threat actor named 'Water Labbu' is hacking into cryptocurrency scam sites to inject malicious JavaScript that steals funds from the scammer's victims. In July, the FBI warned of scam 'dApps' that impersonated cryptocurrency liquidity mining services but, in reality, stole a victim's crypto investments.
The North Korean Lazarus hacking group is now using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency. In August 2022, Lazarus was seen targeting IT workers with malicious job offers that impersonated Coinbase and targeted users with Windows malware or macOS malware.
Group-IB has noted a fivefold increase in the number of domains used for crypto giveaway scams that involve fake YouTube streams in the first half of 2022. This Help Net Security video reveals how crypto giveaway scams have evolved into a profitable illicit market segment.
The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto.com.
The IRS has been granted a court order to collect records from a bank the agency said will help it identify US taxpayers who failed to report taxable income from crypto trades. Uncle Sam yesterday said it's specifically going after records from New York-based bank M.Y. Safra, which partnered with SFOX - a cryptocurrency prime broker - to offer the latter's customers access to cash-deposit bank accounts.
Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects appear to have been compromised. The packages in question were published from the npm account of a dYdX staff member and found to contain illicit code that would run info stealers on a system when installed.
A now-patched critical security flaw affecting Atlassian Confluence Server that came to light a few months ago is being actively exploited for illicit cryptocurrency mining on unpatched installations. In one of the infection chains observed by the cybersecurity company, the flaw was leveraged to download and run a shell script on the victim's machine, which, in turn, fetched a second shell script.
The mainstream emergence of cryptocurrency, coupled with its popularity among cybercriminals, has created a potentially dangerous environment for those with significant crypto holdings. In this Help Net Security video, Nick Percoco, Chief Security Officer at Kraken, explains why it's important for crypto holders to think about personal security as an ongoing, holistic process, and offers tips on how to safeguard crypto assets.