Security News

Crypto.com on Thursday said in a roundabout way that an unidentified person stole or attempted to steal as much as $34m in cryptocurrency from customer accounts. In an update on the cyberattack reported earlier this week, the Singapore-based firm said it "Learned that a small number of users had unauthorized crypto withdrawals on their accounts."

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Crypto.com CEO: 400 customer accounts hit.

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts.Crypto.com CEO: 400 customer accounts hit.

A novel modular crypto-wallet stealing malware dubbed 'BHUNT' has been spotted targeting cryptocurrency wallet contents, passwords, and security phrases. The discovery and analysis of the new BHUNT malware come from Bitdefender, who shared their findings with Bleeping Computer before publishing.

Crypto.com, a Singapore-based cryptocurrency exchange, has denied reports that the firm lost nearly $15m in Ethereum in a possible network intrusion over the weekend. According to blockchain biz PeckShield, Crypto.com lost about $14.3m or 4,600 ETH, based on its analysis of public blockchain addresses.

From basic financial pump-and-dump schemes to straight-up nation-state cybertheft, nascent crypto markets, and their investors - often with dubious understanding of how they really work - have become prime targets for crypto scammers. North Korean-backed cybercrime groups, including APT 38/Lazarus Group, have turned their talents and resources exclusively toward ripping off crypto markets, according to a new report from Chainalysis.

The North Korean threat actor group known as 'BlueNoroff' has been spotted targeting cryptocurrency startups with malicious documents and fake MetaMask browser extensions. BlueNoroff uses these real discussions to name laced documents accordingly and send them to the target employee at the right time.

Arbix Finance, an audited and supposedly trustworthy yield farming platform, has been flagged as a 'rugpull,' deleting its site, Twitter, and Telegram channel and transferring $10 million worth of deposited cryptocurrency. Rugpulls, otherwise known as "Exist scams," are when pseudo-anonymous platforms or cryptocurrencies are created twith the ultimate goal of collecting funds for an allegedly legitimate "Service" and then disappear with deposited funds.

ReasonLabs, a leading provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into customer computers in the guise of the latest Spiderman movie. As perhaps the most talked-about movie for some time, Spiderman: No Way Home represents an excellent opportunity for hackers.

Attackers use the Telegram handle "Smokes Night" to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said. Attackers are targeting crypto-wallets of Telegram users with the Echelon infostealer, in an effort aimed at defrauding new or unsuspecting users of a cryptocurrency discussion channel on the messaging platform, researchers have found.