Security News

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets
2021-10-13 06:06

A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following public reports of stolen cryptocurrency wallets triggered by free airdropped NFTs. The issues were fixed in less than one hour of responsible disclosure on September 26, 2021.

Revealed: How to steal money from victims' contactless Apple Pay wallets
2021-09-30 23:38

Apple's digital wallet Apple Pay will pay whatever amount is demanded of it, without authorization, if configured for transit mode with a Visa card, and exposed to a hostile contactless reader. Boffins at the University of Birmingham and the University of Surrey in England have managed to find a way to remove the contactless payment limit on iPhones with Apple Pay and Visa cards if "Express Transit" mode has been enabled.

U.S. to sanction crypto exchanges, wallets used by ransomware
2021-09-17 21:49

The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. With ransomware attacks against US interests and infrastructure escalating over the past two years, the White House has increased its efforts to disrupt ransomware operations.

Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets
2021-08-16 20:50

A security researcher helped Valve, the makers of the gaming platform Steam, plug an easy-to-exploit hole that allowed users to add unlimited funds to their digital wallet. Steam Wallet funds are exclusive to the Steam platform and are used to purchase in-game merchandise, subscriptions and Steam-related content.

Mastercard enhances its card program for cryptocurrency wallets and exchanges
2021-07-21 01:00

Mastercard announced it will enhance its card program for cryptocurrency wallets and exchanges, making it simpler for partners to convert cryptocurrency to traditional fiat currency. Working with Evolve Bank & Trust and Paxos Trust Company, the leading blockchain infrastructure and regulated stablecoin issuance platform, and Circle, a global financial technology firm and the principal operator of the USD Coin, a dollar digital currency or stablecoin, Mastercard and its partners will test this new capability to enable more banks and crypto companies to offer a card option to people wanting to spend their digital assets anywhere Mastercard is accepted.

Trust Wallet, MetaMask crypto wallets targeted by new support scam
2021-05-12 16:36

Trust Wallet and MetaMask wallet users are being targeted in ongoing and aggressive Twitter phishing attacks to steal cryptocurrency funds. MetaMask and Trust Wallet are mobile apps that let you create wallets to store, buy, send, and receive cryptocurrency and NFTs. When users launch MetaMask or Trust Wallet apps for the first time, the app prompts them to create a new wallet.

Panda Stealer targets cryptocurrency wallets and VPN credentials via malicious XLS attachment
2021-05-11 17:05

Bad actors put a new twist on an existing piece of malware to steal private keys for cryptocurrency accounts and other account credentials, according to analysis from Trend Micro. Panda Stealer uses a fileless approach and looks for private keys and records of previous transactions from cryptocurrency wallets including Dash, Bytecoin, Litecoin and Ethereum, according to Trend Micro.

Money makes the world go round: Mobile wallets and the future of commerce
2021-05-10 12:00

Diving into a cashless future of transactions via digital wallets that keep consumers safe and reduce paper and waste. Mobile wallets "Store consumers' data in one place, encrypted with one master root key," said Will Graylin, the man behind Samsung Pay and founder of the mobile wallet OV Valet.

Hotbit cryptocurrency exchange down after hackers targeted wallets
2021-04-30 15:32

Cryptocurrency trading platform Hotbit has shut down all services for at least a week after a cyberattack that down several of its services on Thursday evening. Hotbit assured its roughly 2 million registered users from over 210 countries that their cryptocurrency assets were "Safe and secure."

Ryuk ransomware Bitcoin wallets point to $150 million operation
2021-01-07 19:17

Security researchers following the money circuit from Ryuk ransomware victims into the threat actor's pockets estimate that the criminal organization made at least $150 million. Threat intelligence companies Advanced Intelligence and HYAS tracked 61 Bitcoin wallets attributed to the Ryuk malware enterprise and discovered that the cryptocurrency moves from an intermediary to Huobi and Binance exchanges.