Security News

Threat actors are using advertisements in Google Search to promote fake cryptocurrency wallets and DEX platforms to steal user's cryptocurrency. These advertisements promote sites that install fake Phantom and MetaMask wallets used for Solana and Ethereum, and fake decentralized exchange platforms, such as PancakeSwap and Uniswap.

The US Department of Justice has indicted a suspected Twitter hacker known as 'PlugWalkJoe' for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. SIM swap attacks are when threat actors take control of targets' phone numbers by porting them to their own device's SIM card.

Players in the Squid Game cryptocurrency market have been eliminated - at least their investment has - by what cryptocurrency watchers have called a classic "Rug-pull" scam. When SQUID tokens were first released last week, they were valued at a paltry $0.01 but promised entry into a game with the same premise as the Squid Game series from Netflix - players in desperate financial straits compete in a ruthless, deadly series of games for a shot at winning millions.

Decentralized finance biz Cream Finance became further decentralized on Wednesday with the theft of $130m worth of crypto assets from its Ethereum lending protocol. "Our Ethereum C.R.E.A.M. v1 lending markets were exploited and liquidity was removed on October 27, 1354 UTC," the Taiwan-based biz said.

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source library saw three different versions - 0.7.29, 0.8.0, 1.0.0 - that were published with malicious code on Thursday following a successful takeover of the maintainer's NPM account.

Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. Details emerged today about an issue on the OpenSea platform that let hackers hijack user accounts and steal the associated cryptocurrency wallets.

Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. Details emerged today about an issue on the OpenSea platform that let hackers hijack user accounts and steal the associated cryptocurrency wallets.

In a major blunder, cryptocurrency platform Compound accidentally paid out $90 million among its users. Compound is an Ethereum-based money market protocol that enables users to earn interest or borrow assets against collateral.

A US citizen has admitted to helping the Democratic People's Republic of Korea to establish cryptocurrency capabilities and faces up to 20 years jail for his actions. The DoJ alleges Griffith and his co-conspirators "Provided instruction on how the DPRK could use blockchain and cryptocurrency technology to launder money and evade sanctions," and "How blockchain technology such as 'smart contracts' could be used to benefit the DPRK, including in nuclear weapons negotiations with the United States."

A US citizen has admitted to helping the Democratic People's Republic of Korea to establish cryptocurrency capabilities and faces up to 20 years jail for his actions. The Department of Justice on Monday revealed that Virgil Griffith, a US citizen resident in Singapore, hatched plans in 2018 to help an individual in the hermit kingdom mine cryptocurrency.