Security News

FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency
2022-08-29 18:55

The U.S. Federal Bureau of Investigation is warning investors that cybercriminals are increasingly exploiting security vulnerabilities in Decentralized Finance platforms to steal cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the federal law enforcement agency said.

Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer
2022-08-14 07:11

Dutch authorities on Friday announced the arrest of a software developer in Amsterdam who is alleged to be working for Tornado Cash, days after the U.S. sanctioned the decentralized crypto mixing service. Although FIOD didn't reveal the name of the Tornado Cash engineer, The Block identified him as Alexey Pertsev, citing confirmation from his wife.

Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google
2022-08-04 23:45

Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store. The free Phantom Wallet app that Pearlman downloaded early from Google Play was a fake.

Phishing campaign targets Coinbase wallet holders to steal cryptocurrency in real-time
2022-08-04 13:00

In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a multilayered phishing campaign targeting cryptocurrency exchange Coinbase. Attackers are sending out spoofed Coinbase emails to harvest personal credentials and use them to log into users' legitimate accounts in real-time.

Hackers Use Evilnum Malware to Target Cryptocurrency and Commodities Platforms
2022-07-21 12:20

The advanced persistent threat actor tracked as Evilnum is once again exhibiting signs of renewed activity aimed at European financial and investment entities. "Evilnum is a backdoor that can be used for data theft or to load additional payloads," enterprise security firm Proofpoint said in a report shared with The Hacker News.

FBI warns of phony cryptocurrency apps aiming to steal money from investors
2022-07-20 13:31

FBI warns of phony cryptocurrency apps aiming to steal money from investors. The FBI is urging cryptocurrency investors and investment firms to beware of fraudulent cryptocurrency apps that try to steal money from unsuspecting victims.

FBI Warns of Fake Cryptocurrency Apps Stealing Millions from Investors
2022-07-19 03:48

The U.S. Federal Bureau of Investigation has warned of cyber criminals building rogue cryptocurrency-themed apps to defraud investors in the virtual assets space. "The FBI has observed cyber criminals contacting U.S. investors, fraudulently claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cyber criminals have used with increasing success over time to defraud the investors of their cryptocurrency," the agency said [PDF].

Bogus cryptocurrency apps steal millions in mere months
2022-07-18 21:46

Cybercriminals posing as legitimate investment firms and cryptocurrency exchanges have stolen tens of millions of dollars from more than 200 people by convincing them to download mobile apps and deposit cryptocurrency into wallets owned by the perpetrators. According to an alert [PDF] sent out on Monday by the FBI, the cyber-thieves are contacting US investors, fraudulently claiming to be legitimate organizations offering cryptocurrency services and mobile apps.

FBI warns of fake cryptocurrency apps used to defraud investors
2022-07-18 17:36

The FBI has warned today that cybercriminals use fraudulent cryptocurrency investment applications to steal funds from US investors. "The FBI has observed cyber criminals contacting US investors, fraudulently claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cyber criminals have used with increasing success over time to defraud the investors of their cryptocurrency," the FBI said in an alert published Monday.

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
2022-07-11 20:24

GitHub Actions and Azure virtual machines are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. "Attackers can abuse the runners or servers provided by GitHub to run an organization's pipelines and automation by maliciously downloading and installing their own cryptocurrency miners to gain profit easily," Trend Micro researcher Magno Logan said in a report last week.