Security News

Friday Squid Blogging: Squid Game Cryptocurrency Was a Scam
2021-11-05 21:11

The SQUID cryptocurrency peaked at a price of $2,861 before plummeting to $0 around 5:40 a.m. ET., according to the website CoinMarketCap. This kind of theft, commonly called a "Rug pull" by crypto investors, happens when the creators of the crypto quickly cash out their coins for real money, draining the liquidity pool from the exchange.

FBI warns of increased use of cryptocurrency ATMs, QR codes for fraud
2021-11-05 13:55

The Federal Bureau of Investigation warns that victims of various fraud schemes are increasingly asked by criminals to use cryptocurrency ATMs and Quick Response codes, making it harder to recover their financial losses. "The FBI has seen an increase in scammers directing victims to use physical cryptocurrency ATMs and digital QR codes to complete payment transactions," the federal law enforcement agency said.

Friday Squid Blogging: Squid Game Has a Cryptocurrency
2021-10-29 21:09

In what maybe peak hype, Squid Game has its own cryptocurrency. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

“To the moon!” Cryptocurrency hamster Mr Goxx trades online 24/7
2021-10-20 18:07

Sadly, a lot of the cryptocurrency news that we write about on Naked Security involves cybercriminals getting mixed up in things, often with depressing results. Well, we're delighted to bring you much happier news today of a cryptocurrency "Venture" with a lighter side, this time under the "Leadership" of a certain Mr. Goxx.

White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency
2021-10-15 05:59

"Taking action to disrupt the ransomware business model requires concerted efforts to address illicit finance risks posed by all value transfer systems, including virtual assets, the primary instrument criminals use for ransomware payments and subsequent money laundering." As incident after incident of ransomware infection requires payments in cryptocurrency, there is little reason to doubt this is a crytpocurrency crackdown.

Romance scams with a cryptocurrency twist – new research from SophosLabs
2021-10-13 18:01

All those dubious excuses needed by traditional romance scammers to talk you into using wire transfer services to send money, or into buying them gift cards and sending through the redemption codes, are replaced by a sense of structure: there's a genuine app for this investment! The cryptorom scammers will even offer you an app if you have an iPhone, where Apple's "Walled garden" approach of requiring all consumer app downloads to come from the Apple App Store almost certainly persuades many victims that the cryptorom app must indeed have some sort of official authorisation or approval.

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets
2021-10-13 06:06

A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following public reports of stolen cryptocurrency wallets triggered by free airdropped NFTs. The issues were fixed in less than one hour of responsible disclosure on September 26, 2021.

Ukrainian cops cuff two over $150m ransomware gang allegations, seize $1.3m in cryptocurrency
2021-10-04 14:44

Ukrainian police have reportedly arrested two members of a ransomware gang - and while some have fingered REvil, no firm details have been published by cops from multiple countries. A round of speculation was triggered when inter-EU law enforcement body Europol declared this morning that Ukrainian fuzz had arrested "Two prolific ransomware operators known for their extortionate demands," claimed to be up to €70m. One of the two suspects arrested on 28 September, according to the National Police of Ukraine, was a "Hacker".

Ukraine takes down call centers behind cryptocurrency investor scams
2021-09-28 13:25

The Security Service of Ukraine has taken down a network of six call centers in Lviv, used by a ring of scammers to defraud cryptocurrency investors worldwide. Fraudsters behind these illegal call centers used VoIP phone numbers to hide their locations while scamming thousands of foreign investors.

Malicious 'Safepal Wallet' Firefox add-on stole cryptocurrency
2021-09-27 11:21

A malicious Firefox add-on named "Safepal Wallet" scammed users by emptying out their wallets and lived on the Mozilla add-ons site for seven months. Safepal is a cryptocurrency wallet application capable of securely holding more than 10,000 types of assets, including Bitcoin, Ethereum, and Litecoin.