Security News

MetaMask warns of new 'Address Poisoning' cryptocurrency scam
2023-01-12 18:29

In a new post by MetaMask, the developers warn of a new scam called 'Address Poisoning' that relies on poisoning the wallet's transaction history with scammer's addresses that are very similar to addresses that a user recently had transactions. The threat actor then sends the targeted sender's address a small amount of cryptocurrency, or even a $0 token transaction, from this new address so that the transaction appears in their wallet's history.

European police takes down call centers behind cryptocurrency scams
2023-01-12 17:25

Multiple call centers across Europe controlled by a criminal organization involved in online investment fraud were taken down this week following a cross-border investigation started in June 2022. Law enforcement from Bulgaria, Cyprus, Germany, and Serbia found that suspects operating out of these call centers tricked victims into investing large amounts of money in fake cryptocurrency schemes, also known as 'Pig Butchering' cryptocurrency scams.

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
2023-01-04 08:32

A new Linux malware developed using the shell script compiler has been observed deploying a cryptocurrency miner on compromised systems. "It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system," AhnLab Security Emergency Response Center said in a report published today.

Cryptocurrency Mining Campaign Hits Linux Users with Go-based CHAOS Malware
2022-12-12 13:51

A cryptocurrency mining attack targeting the Linux operating system also involved the use of an open source remote access trojan (RAT) dubbed CHAOS. The threat, which was spotted by Trend Micro in...

Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks
2022-12-07 09:22

Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. "DEV-0139 joined Telegram groups used to facilitate communication between VIP clients and cryptocurrency exchange platforms and identified their target from among the members," the tech giant said.

SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m
2022-12-06 19:56

As you'll know if ever you've lost a phone, or damaged a SIM card, mobile phone numbers aren't burned into the phone itself, but are programmed into the subscriber identity module chip that you insert into your phone. A crook who can sweet-talk, or bribe, or convince using fake ID, or otherwise browbeat your mobile phone provider into issuing "You" a new SIM card.

Microsoft: Hackers target cryptocurrency firms over Telegram
2022-12-06 18:56

Microsoft says that cryptocurrency investment companies have been targeted by a threat group it tracks as DEV-0139 via Telegram groups used to communicate with the firms' VIP customers. "Microsoft recently investigated an attack where the threat actor, tracked as DEV-0139, took advantage of Telegram chat groups to target cryptocurrency investment companies," the company's Security Threat Intelligence team revealed.

North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
2022-12-05 10:30

The Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver a previously undocumented version of the AppleJeus malware, according to new findings from Volexity. "This activity notably involves a campaign likely targeting cryptocurrency users and organizations with a variant of the AppleJeus malware by way of malicious Microsoft Office documents," researchers Callum Roxan, Paul Rascagneres, and Robert Jan Mora said.

Hackers use new, fake crypto app to breach networks, steal cryptocurrency
2022-12-03 15:12

The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets. A new report by Volexity has identified new, fake crypto programs and AppleJeus activity, with signs of evolution in the malware's infection chain and abilities.

Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network
2022-12-01 09:48

An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.