Security News

Cybercriminals are now using fake rewards in so-called "Play-to-earn" mobile and online games to steal millions worth of cryptocurrency, according to an FBI warning on Thursday. "Criminals contact victims online and build a relationship with victims over time," the FBI says in a public service announcement issued via the Internet Crime Complaint Center.

Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space-with all existing regulations. The cryptocurrency space has grown over the past decade with very little regulatory oversight.

Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "Uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. Parallax RAT grants attackers remote access to victim machines.

Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. "This malware makes use of the Invisible Internet Project to download malicious components and send mined currency to the attacker's wallet," Jamf researchers Matt Benyo, Ferdous Saljooki, and Jaron Bradley said in a report shared with The Hacker News.

An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components.

Norwegian police agency Økokrim has announced the seizure of 60 million NOK worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack. The development comes more than 10 months after the U.S. Treasury Department implicated the North Korea-backed hacking group for the theft of $620 million from the Ronin cross-chain bridge.

A new attack campaign launched by an unknown threat actor targets the U.S. with two malware families: MortalKombat ransomware and Laplas Clipper. Figure A. Once executed, the loader downloads another ZIP file from a server belonging to the attackers' infrastructure, whose content might be MortalKombat ransomware or Laplas Clipper malware.

Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "Use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer," Trend Micro researchers Aliakbar Zahravi and Peter Girnus said in a report this week.

In a new post by MetaMask, the developers warn of a new scam called 'Address Poisoning' that relies on poisoning the wallet's transaction history with scammer's addresses that are very similar to addresses that a user recently had transactions. The threat actor then sends the targeted sender's address a small amount of cryptocurrency, or even a $0 token transaction, from this new address so that the transaction appears in their wallet's history.

Multiple call centers across Europe controlled by a criminal organization involved in online investment fraud were taken down this week following a cross-border investigation started in June 2022. Law enforcement from Bulgaria, Cyprus, Germany, and Serbia found that suspects operating out of these call centers tricked victims into investing large amounts of money in fake cryptocurrency schemes, also known as 'Pig Butchering' cryptocurrency scams.