Security News

Crypto.com describes itself as the world's fastest-growing crypto app with over 10 million users across 90+ countries. The network slowdown kept recurring throughout the week, including today and has led to issues such as massive delays in purchases being reflected in the users' accounts.

Trust Wallet and MetaMask wallet users are being targeted in ongoing and aggressive Twitter phishing attacks to steal cryptocurrency funds. MetaMask and Trust Wallet are mobile apps that let you create wallets to store, buy, send, and receive cryptocurrency and NFTs. When users launch MetaMask or Trust Wallet apps for the first time, the app prompts them to create a new wallet.

Another new information stealer - Panda Stealer - is being spread through a worldwide spam campaign. The researchers found 264 files similar to Panda Stealer on VirusTotal, with some of them being shared by threat actors on Discord.

What do the Bass0matic, blockchain and zero-knowledge proofs have in common? Each term shows up in Jean-Philippe Aumasson's new publication: "Crypto Dictionary: 500 Cryptographic Tidbits for the Curious." Aumasson is the chief security officer and cofounder of Taurus Group, a Swiss fintech company and the author of "Serious Cryptography: A Practical Introduction to Modern Encryption." Aumasson writes in the preface that the dictionary is not meant to be a comprehensive look at cryptography's diverse areas.

Cybercriminals have created a fake Microsoft DirectX 12 download page to distribute malware that steals your cryptocurrency wallets and passwords. First discovered by security researcher Oliver Hough, when the fake DirectX 12 installers are launched, they will quietly download malware from a remote site and execute it.

A kids' game called "Jungle Run" that, until recently, was available in the Apple App store, was secretly a cryptocurrency-funded casino set up to scam people out of money. His latest discovery was that Jungle Run, which was marketed in the App Store as a game for ages 4+, transformed into a crypto-funded casino when he set his VPN to Turkey.

The Cloud Security Alliance has released new Crypto-Asset Exchange Security Guidelines, a set of guidelines and best practices for crypto-asset exchange security. Drafted by CSA's Blockchain/Distributed Ledger Working Group, the document provides readers with a comprehensive set of guidelines for effective exchange security to help educate users, policymakers, and cybersecurity professionals on the pros and cons of further securing cryptocurrency exchanges, including both Decentralized Exchanges and hosted wallets at cloud-based exchanges, OTC desks, and cryptocurrency swap services.

Cracked copies of Microsoft Office and Adobe Photoshop are stealing browser session cookies and Monero cryptocurrency wallets from tightwads who install the pirated software, Bitdefender has warned. As many Reg readers will no doubt be aware, cracked software is a legitimate application that has had its registration or licensing features removed.

Why Apple had to rush out a security update for iDevices. Two cryptographic security holes patched in OpenSSL. How PHP nearly got backdoored by crooks.

Available at millions of global online businesses and continuing to expand over the coming months, PayPal customers with cryptocurrency holdings in the U.S. will be able to choose to check out with crypto seamlessly within PayPal at checkout. "As the use of digital payments and digital currencies accelerates, the introduction of Checkout with Crypto continues our focus on driving mainstream adoption of cryptocurrencies, while continuing to offer PayPal customers choice and flexibility in the ways they can pay using the PayPal wallet," said Dan Schulman, president and CEO, PayPal.