Security News

Remember last November, when hackers broke into the network for LastPass-a password database-and stole password vaults with both encrypted and plaintext data for over 25 million users? Well, they're now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet.

TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the videos pretending to be themes based on Elon Musk, Tesla, or SpaceX. Threat actors have created fake cryptocurrency giveaways on social media platforms like Instagram and Twitter for years. These scams pretend to be giveaways from celebrities, cryptocurrency exchanges, and, more commonly, impersonating Elon Musk or SpaceX. The scammers set up hundreds of websites that pretend to be crypto exchanges or giveaway sites that prompt users to register an account to receive free cryptocurrency.

A report from blockchain security firm PeckShield says that the attack drained CoinEx of about $19 million in $ETH, $11 million in $TRON, $6.4 million in Smart Chain Coin, $6 million in Bitcoin , and approximately $295,000 in. A more recent estimation on the CoinEx losses coming from CertiK Alert raises the figure to $53 million, analyzed as seen in this document.

Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account takeovers and financial losses. Check Point researchers have discovered that hackers are exploiting the trusted service of Google Looker Studio to craft cryptocurrency phishing pages.

Anonymous September 6, 2023 7:49 AM. "I can't understand why anyone thinks these technologies are a good idea." Maybe because the people are fed up with the current system that they are willing to undergo the risk rather than to submit to the corrupted system? Maybe they perceive that risk smaller than the risks they have to face from the corrupted system?

The U.S. Federal Bureau of Investigation on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. North Korea is known to blur the lines among cyber warfare, espionage, and financial crime.

The FBI is warning of an increase in scammers pretending to be recovery companies that can help victims of cryptocurrency investment scams recover lost assets. "Representatives of fraudulent businesses claiming to provide cryptocurrency tracing and promising an ability to recover lost funds may contact victims directly on social media or messaging platforms," reads the FBI notice.

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Multiple zero-day vulnerabilities named 'BitForge' in the implementation of widely used cryptographic protocols like GG-18, GG-20, and Lindell 17 affected popular cryptocurrency wallet providers, including Coinbase, ZenGo, Binance, and many more. Today, the analysts publicly disclosed BitForge in the "Small Leaks, Billions Of Dollars: Practical Cryptographic Exploits That Undermine Leading Crypto Wallets" BlackHat presentation, by which time Coinbase and ZenGo have applied fixes to address the problem.

Sophos released new findings on CryptoRom scams—a subset of pig butchering schemes designed to trick users of dating apps into making fake cryptocurrency investments. Since May, Sophos X-Ops has...