Security News

Software solutions are rightly considered less secure than hardware ones, so let's focus on two leading crypto hardware wallets: Ledger Nano X and the Trezor Model T. SEE: Cryptocurrency glossary: From Bitcoin and Dogecoin to hot wallets and whales. What is Ledger Nano X? Ledger Nano X is a cryptocurrency hardware wallet built on a custom operating system dubbed BOLOS and developed by Ledger.

The U.S. Department of the Treasury's Office has announced sanctions against the cryptocurrency exchange Garantex, which has been linked to illegal transactions for Hydra Market. The United States is sanctioning the world's largest darknet market for Russian speakers, Hydra, and the virtual currency exchange Garantex.

A Trend Micro research revealed a constant battle for resources among malicious cryptocurrency mining groups. Unlike traditional cybercriminal business models, just a few hours of compromise can result in profits for the criminal.

First, German federal police in coordination with US law enforcement seized Hydra servers and cryptocurrency wallets containing $25 million in Bitcoin, thus shutting down the online souk. Later on Tuesday, the US Justice Department announced criminal charges against one of the alleged Hydra operators and system administrators, 30-year-old Dmitry Olegovich Pavlov of Russia.

Email marketing service Mailchimp on Monday revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks. Although Mailchimp stated it acted quickly to terminate access to the breached employee account, the siphoned credentials were used to access 319 MailChimp accounts and further export the mailing lists pertaining to 102 accounts.

Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks. In an email to BleepingComputer, MailChimp has confirmed that the breach was more significant than just Trezor's account being accessed by threat actors.

Members of the European Parliament from the Committee on Economic and Monetary Affairs and the Committee on Civil Liberties have agreed on adopting draft legislation for more transparent crypto asset transactions. The new rules will cover transactions from private-held cryptocurrency wallets without considering transaction thresholds, which erases any limits for anonymous transactions - previous proposal allowed up to €1000 to be transferred without giving any details about the sender and the recipient.

The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance wallet app to distribute a fully-featured backdoor onto compromised Windows systems. The app, which is equipped with functionalities to save and manage a cryptocurrency wallet, is also designed to trigger the launch of the implant that can take control of the infected host.

Hackers associated with the North Korean government have been distributing a trojanized version of the DeFi Wallet for storing cryptocurrency assets to gain access to the systems of cryptocurrency users and investors. Researchers at cybersecurity company Kaspersky discovered recently a malicious variant of the DeFi Wallet app, which installed the legitimate application along with a backdoor disguised as the executable for the Google Chrome web browser.

A hacker has stolen almost $620 million in Ethereum and USDC tokens from Axie Infinity's Ronin network bridge, making it possibly the largest crypto hack in history. Ronin is an Ethereum sidechain created by Sky Mavis to faciliate transactions for the Axie Infinity game, with the bridge acting as a way to transfer ERC-20 tokens between the Ethereum and Ronin blockchains.