Security News

"We want to reassure everyone that this event won't stop our journey. After the security audit of renowned global companies, our operations will continue. We will announce the date of the reopening of the ETERBASE Exchange platform as soon as possible." If you're running Multi-Factor Authentication or Palo Alto's Captive Portal interface, an attacker can exploit a buffer overflow to ultimately gain code execution as root.

Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars.

A previously undocumented malware family called KryptoCibule is mounting a three-pronged cryptocurrency-related attack, while also deploying remote-access trojan functionality to establish backdoors to its victims. Looking at timestamps in the various versions of KryptoCibule that ESET has identified, the malware dates from December 2018, researchers said.

The U.S. government aims to seize control of 280 illegal cryptocurrency accounts it claims were used by North Korean state-sponsored attackers in their efforts to hack cryptocurrency exchanges and funnel hundreds of millions in stolen funds through a Chinese money-laundering network. The U.S. Department of Justice filed a civil forfeiture complaint against North Korea Thursday as part of a broader effort to shut down that it said were state-sponsored cyberattacks on currency exchanges by hackers.

Computer scientists have developed a new artificial intelligence system that may be able to identify malicious codes that hijack supercomputers to mine for cryptocurrency such as Bitcoin and Monero. "Based on recent computer break-ins in Europe and elsewhere, this type of software watchdog will soon be crucial to prevent cryptocurrency miners from hacking into high-performance computing facilities and stealing precious computing resources," said Gopinath Chennupati, a researcher at Los Alamos National Laboratory and co-author of a new paper in the journal IEEE Access.

The nation-state threat operator Lazarus Group is being tied to a recent phishing campaign that targeted admins at a cryptocurrency firm via LinkedIn messages. Researchers say that the recently identified a series of incident that were part of a broader campaign targeting businesses worldwide through LinkedIn messages sent to targets' personal LinkedIn accounts.

Infosec biz F-Secure has uncovered a North Korean phishing campaign that targeted a sysadmin with a fake Linkedin job advert using a General Data Protection Regulation themed lure. The sysadmin worked for a cryptocurrency business, said the threat intel firm, which made him a ripe target for the money-hungry state hackers Lazarus Group, aka APT38, supposedly backed by North Korea.

Mac users are being targeted by trojanized cryptocurrency trading apps, which once downloaded actually drain victims' cryptocurrency wallets, researchers warn. The actors behind the campaign used websites that copy Kattana's legitimate website to convince unwitting cryptocurrency enthusiasts to download the fake apps.

Security researchers at ESET have identified a new campaign targeting Mac users with trojanized cryptocurrency trading apps designed to deliver the GMERA malware. Previous attacks involving this malware family were observed leveraging malicious versions of the trading app Stockfolio, and security researchers also associated the GMERA Trojan with the activities of North Korean hackers.

The Twitter accounts of Bill Gates, Elon Musk, Joe Biden, Apple and Uber have each been hijacked at the same time to push a cryptocurrency scam in an unprecedented breach of Twitter accounts. Twitter locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies Wednesday afternoon in an effort to prevent hackers from perpetrating a massive cryptocurrency scam.