Security News

The US Treasury has sanctioned cryptocurrency mixer Blender for its role in helping North Korea's Lazarus Group launder stolen digital assets. As the name might suggest, cryptocurrency mixing, or tumbling, can obscure the source of some digital money.

The US Securities and Exchange Commission intends to fill an additional 20 positions in a special unit that polices cryptocurrency fraud and other cybercrimes. This brings the newly renamed Crypto Assets and Cyber Unit's total to 50 roles as the SEC hopes to crack down on miscreants trying to profit from growing interest in digital assets and marketplaces.

Intuit is being sued in the US after a security failure at its Mailchimp email marketing business allegedly led to the theft of cryptocurrency from one or more digital wallets. The lawsuit accuses Intuit and Rocket Science Group - a subsidiary that operates Mailchimp - of poor security practices, allowing this alleged heist to take place.

LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. With compromised cloud instances becoming a hotbed for illicit cryptocurrency mining activities, the findings underscore the need to secure containers from potential risks throughout the software supply chain.

The U.S. Department of the Treasury has announced a new package of sanctions targeting parties that facilitate evasion of previous measures imposed on Russia. Among the sanction-bypassing mechanisms identified and blocked, the announcement names corporate entities engaging in large-scale cryptocurrency mining in Russia.

North Korea targeting blockchain, cryptocurrency companies. The advisory describes the recent activities of the Lazarus Group, who specialize in advanced persistent threats and target organizations in the blockchain and cryptocurrency industries.

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a "Flash loan" feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved a $182 million transfer to his own wallet.

Lazarus - also known as APT38, BlueNoroff, and Stardust Chollima - is casting a wide net with this campaign, with targets including cryptocurrency exchanges, decentralized finance protocols, pay-to-earn cryptocurrency video games, and crypto-coin trading companies. The TraderTraitor apps come with a range of names, such as DAFOM, which purports to be a cryptocurrency portfolio app; TokenAIS and CryptAIS, for building AI-based trading portfolios for cryptocurrencies; and Esilet, for live cryptocurrency prices.

A new wave of cryptocurrency systems dubbed De-Fi, short for decentralised finance, has arisen to fill that transactional void. Instead of depositing your funds with a licensed and regulated bank, and then trading with those funds by choosing from a carefully curated list of transaction types, De-Fi systems let you invest your money with them, in return for access to a "Smart contract" system that allows you trade automatically with other users of the system in a way to suit yourself.

CISA, the FBI, and the US Treasury Department warned today that the North Korean Lazarus hacking group is targeting organizations in the cryptocurrency and blockchain industries with trojanized cryptocurrency applications. The attackers use social engineering to trick employees of cryptocurrency companies into downloading and running malicious Windows and macOS cryptocurrency apps.