Security News

MetaMask and Phantom are warning of a new 'Demonic' vulnerability that could expose a crypto wallet's secret recovery phrase, allowing attackers to steal NFTs and cryptocurrency stored within it. Anyone who gains access to a wallet's recovery phrase can import the wallet onto their own devices, allowing them to steal all the cryptocurrency and NFTS stored within it.

In a recent report, Confiant notes that the malicious cryptocurrency apps are identical to the real ones but they come with a backdoor that can steal the users' security phrase for accessing the digital assets. Confiant analysts reversed engineer the apps to figure out how SeaFlower authors had planted the backdoors and found similar code in all of them.

A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency. They also observed that there are several design similarities between Clipminer and KryptoCibule - another cryptomining trojan that, a few months before Clipminer hit the scene, was detected and written about by ESET analysts.

Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.

Threat actors are luring potential thieves by spamming login credentials for other people account's on fake crypto trading sites, illustrating once again, that there is no honor among thieves. If the email recipient believes the message was sent to them by mistake and decides to access "Rob Hoffman's" money, they can use the sent credentials to log into the account on Orbitcoin.

Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks. "Cryware are information stealers that collect and exfiltrate data directly from non-custodial cryptocurrency wallets, also known as hot wallets," Berman Enconado and Laurie Kirk of the Microsoft 365 Defender Research Team said in a new report.

Microsoft is warning of a new variant of the srv botnet that's exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers.

On Wednesday, May 11th, The Crown Court at Southwark in London sentenced 21-year-old Karim Hassan to five years in prison for pulling off multiple crypto robberies and making lethal threats to his victims, a source familiar with the specifics of the case has told BleepingComputer. Hassan, a resident of London's Maida Vale district would use Snapchat to anonymously interact with customers looking to exchange their cryptocurrency for cash in person.

On Wednesday, May 11th, The Crown Court at Southwark in London sentenced 21-year-old Karim Hassan to five years in prison for pulling off multiple crypto robberies and making lethal threats to his victims, a source familiar with the specifics of the case has told BleepingComputer. Upon refusing to give his phone to Hassan, Hankin was quickly threatened to "Do something before I stick it in your neck," states the victim's statement.

According to researchers at cyber-intelligence outfit Cyble, the Eternity site's operators also have a channel on Telegram, where they provide videos detailing features and functions of the Windows malware. Once someone decides to purchase of one or more of Eternity's malware components, they have the option to customize the final binary executable for whatever crimes they want to commit.