Security News
Ransomware is on the rise, and attackers are massing in never-before-seen numbers, lining up to find victims. According to its 2022 predictions, upcoming threats will target an expanding attack surface, meaning that 2022 is "Shaping up to be a banner year for cybercriminals. Attacks will continue to span the entire attack surface, leaving IT teams scrambling to cover every possible avenue of attack."
Infosec must "Reclaim" the word crypto from people who trade in Bitcoins and other digital currencies, according to industry veteran Bruce Schneier - and it seems some Reg readers agree. "I have long been annoyed that the word 'crypto' has been co-opted by the blockchain people, and no longer refers to 'cryptography'," blogged Schneier in a classically brief post on Monday.
I have long been annoyed that the word “crypto” has been co-opted by the blockchain people, and no longer refers to “cryptography.” I’m not the only one.
Security researchers have checked the web's public key infrastructure and have measured a long-known but little-analyzed security threat: hidden root Certificate Authorities. You can be reasonably confident that your bank website is actually your bank website when it presents your browser with an end-user or leaf certificate that's linked through a chain of trust to an intermediate certificate and ultimately the X.509 root certificate of a trusted CA. Each browser relies on a trust store consisting of a hundred or so root certificates that belong to a smaller set of organizations.
A Canadian teenager has been arrested for allegedly stealing $37 million worth of cryptocurrency via a SIM swap scam, making it the largest virtual cash heist affecting a single person yet, according to police. "The joint investigation revealed that some of the stolen cryptocurrency was used to purchase an online username that was considered to be rare in the gaming community," according to a statement from Hamilton Police.
Threat actors are using advertisements in Google Search to promote fake cryptocurrency wallets and DEX platforms to steal user's cryptocurrency. These advertisements promote sites that install fake Phantom and MetaMask wallets used for Solana and Ethereum, and fake decentralized exchange platforms, such as PancakeSwap and Uniswap.
The US Department of Justice has indicted a suspected Twitter hacker known as 'PlugWalkJoe' for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. SIM swap attacks are when threat actors take control of targets' phone numbers by porting them to their own device's SIM card.
Players in the Squid Game cryptocurrency market have been eliminated - at least their investment has - by what cryptocurrency watchers have called a classic "Rug-pull" scam. When SQUID tokens were first released last week, they were valued at a paltry $0.01 but promised entry into a game with the same premise as the Squid Game series from Netflix - players in desperate financial straits compete in a ruthless, deadly series of games for a shot at winning millions.
Decentralized finance biz Cream Finance became further decentralized on Wednesday with the theft of $130m worth of crypto assets from its Ethereum lending protocol. "Our Ethereum C.R.E.A.M. v1 lending markets were exploited and liquidity was removed on October 27, 1354 UTC," the Taiwan-based biz said.
The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source library saw three different versions - 0.7.29, 0.8.0, 1.0.0 - that were published with malicious code on Thursday following a successful takeover of the maintainer's NPM account.