Security News
Ransomware is on the rise, and attackers are massing in never-before-seen numbers, lining up to find victims. According to its 2022 predictions, upcoming threats will target an expanding attack surface, meaning that 2022 is "Shaping up to be a banner year for cybercriminals. Attacks will continue to span the entire attack surface, leaving IT teams scrambling to cover every possible avenue of attack."
Threat actors are using advertisements in Google Search to promote fake cryptocurrency wallets and DEX platforms to steal user's cryptocurrency. These advertisements promote sites that install fake Phantom and MetaMask wallets used for Solana and Ethereum, and fake decentralized exchange platforms, such as PancakeSwap and Uniswap.
Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. Details emerged today about an issue on the OpenSea platform that let hackers hijack user accounts and steal the associated cryptocurrency wallets.
Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. Details emerged today about an issue on the OpenSea platform that let hackers hijack user accounts and steal the associated cryptocurrency wallets.
A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following public reports of stolen cryptocurrency wallets triggered by free airdropped NFTs. The issues were fixed in less than one hour of responsible disclosure on September 26, 2021.
Apple's digital wallet Apple Pay will pay whatever amount is demanded of it, without authorization, if configured for transit mode with a Visa card, and exposed to a hostile contactless reader. Boffins at the University of Birmingham and the University of Surrey in England have managed to find a way to remove the contactless payment limit on iPhones with Apple Pay and Visa cards if "Express Transit" mode has been enabled.
The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. With ransomware attacks against US interests and infrastructure escalating over the past two years, the White House has increased its efforts to disrupt ransomware operations.
A security researcher helped Valve, the makers of the gaming platform Steam, plug an easy-to-exploit hole that allowed users to add unlimited funds to their digital wallet. Steam Wallet funds are exclusive to the Steam platform and are used to purchase in-game merchandise, subscriptions and Steam-related content.
Mastercard announced it will enhance its card program for cryptocurrency wallets and exchanges, making it simpler for partners to convert cryptocurrency to traditional fiat currency. Working with Evolve Bank & Trust and Paxos Trust Company, the leading blockchain infrastructure and regulated stablecoin issuance platform, and Circle, a global financial technology firm and the principal operator of the USD Coin, a dollar digital currency or stablecoin, Mastercard and its partners will test this new capability to enable more banks and crypto companies to offer a card option to people wanting to spend their digital assets anywhere Mastercard is accepted.
Trust Wallet and MetaMask wallet users are being targeted in ongoing and aggressive Twitter phishing attacks to steal cryptocurrency funds. MetaMask and Trust Wallet are mobile apps that let you create wallets to store, buy, send, and receive cryptocurrency and NFTs. When users launch MetaMask or Trust Wallet apps for the first time, the app prompts them to create a new wallet.