Security News

The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime. According to the US Treasury, more than 40 per cent of the firm's known transaction history involves illicit entities, and that it handled payments from at least eight ransomware variants.

The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions. By sanctioning crypto exchanges providing ransomware groups with material support, the US hopes to drain their funding and disrupt their operations.

As you can see, the cryptocurrency wallets in question were partially redacted - but as we know, these follow a recognizable pattern and can be uncovered in the public ledger. After determining the full wallet address, we can find this wallet on the blockchain and see what was transferred and when.

This is part one of a two-part series on how hackers stole $2 million in cryptocurrency. There is one strong commonality with all these incidents and attacks: The hackers want the funds in cryptocurrency.

Oh! No! The Windows desktop that got so big it imploded. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

The saga of what has been dubbed the biggest hack in the world of decentralized finance appears to be over as Poly Network recovered more than $610 million in cryptocurrency assets it lost two weeks ago and the hacker received a $500,000 bounty for returning the money. Today, the hacker, referred to as Mr. White Hat, gave Poly Network access to the last tranche of stolen digital assets in their wallet, worth about $141 million.

Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. Liquid is one of the largest cryptocurrency-fiat exchange platforms worldwide.

Kaspersky has been busily tracking cryptocurrency scams since the beginning of 2021, and is now reporting its findings, chief among them that this year's scams are incredibly detailed, putting even computer-savvy individuals at risk. Kaspersky said it has detected more than 1,500 different scams aimed at cryptocurrency investors and miners operating in the first half of 2021.

A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, a reward points application, or a video streaming application, Trend Micro researchers Jaromir Horejsi and Joseph C Chen said in an analysis published last week, attributing the operation to a threat actor it tracks as Water Kappa, which was previously found targeting Japanese online banking users with the Cinobi trojan by leveraging exploits in Internet Explorer browser.

A Rockport, Massachusetts, man has pleaded guilty over his role in a scheme targeting people who had high-value social media accounts or who were believed to have large amounts of cryptocurrency. The man, Declan Harrington, 21, together with co-conspirator Eric Meiggs and others, targeted people who were believed to have significant amounts of cryptocurrency or high-value social media accounts, also referred to as OG accounts, through a method called SIM swapping.