Security News

The botnet uses a tactic called crypto clipping, which relies on malware to steal cryptocurrency during a transaction, says Check Point Research. A new botnet variant discovered by cyber threat intelligence provider Check Point Research employs a unique method to steal cryptocurrency from its victims.

If those phrases are present, these same programs will direct Twitter bots under the scammer's control to automatically reply to the tweets as fake support agents with links to scams that steal cryptocurrency wallets. In tests conducted by BleepingComputer, tweets containing the words 'support,' 'help,' or 'assistance' along with the keywords like 'MetaMask,' 'Phantom,' 'Yoroi,' and 'Trust Wallet' will result in almost instantaneous replies from Twitter bots with fake support forms or accounts.

Cryptocurrency trading platform BitMart has disclosed a "Large-scale security breach" that it blamed on a stolen private key, resulting in the theft of more than $150 million in various cryptocurrencies. " Hot wallets, as opposed to their cold counterparts, are connected to the internet and allow cryptocurrency owners to receive and send tokens.

Two weeks ago, after three software audits and three months of live testing, a cryptocurrency startup called MonoX introduced what it described as "The premier bootstrap decentralized exchange, Monoswap". Despite the audits and the testing, MonoX seems to have made an interesting blunder in how it handled balance changes during transactions.

Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets. Deployed via cracked software, the latest attack involves the malware masquerading as KMSPico.

Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. KMSPico is a popular Microsoft Windows and Office product activator that emulates a Windows Key Management Services server to activate licenses fraudulently.

Threat actors are exploiting improperly-secured Google Cloud Platform instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation. "While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation," Google's Cybersecurity Action Team outlined as part of its recent Threat Horizons report published last week.

I have long been annoyed that the word “crypto” has been co-opted by the blockchain people, and no longer refers to “cryptography.” I’m not the only one.

Cybersecurity researchers on Monday took the wraps off a new Android trojan that takes advantage of accessibility features on the devices to siphon credentials from banking and cryptocurrency services in Italy, the U.K., and the U.S. Dubbed "SharkBot" by Cleafy, the malware is designed to strike a total of 27 targets - counting 22 unnamed international banks in Italy and the U.K. as well as five cryptocurrency apps in the U.S. - at least since late October 2021 and is believed to be in its early stages of development, with no overlaps found to that of any known families. "The main goal of SharkBot is to initiate money transfers from the compromised devices via Automatic Transfer Systems technique bypassing multi-factor authentication mechanisms," the researchers said in a report.

China's Central Commission for Discipline Inspection has expelled a communist party member for allowing cryptocurrency mining to happen, corruption, and other infractions. A Saturday announcement by the commission stated that Xiao Yi, formerly a member and vice chairman of the Jiangxi Provincial Political Consultative Conference, was stripped of his post and lost his qualifications as a representative to the 19th National Congress of the Communist Party of China.