Security News

Bad actors put a new twist on an existing piece of malware to steal private keys for cryptocurrency accounts and other account credentials, according to analysis from Trend Micro. Panda Stealer uses a fileless approach and looks for private keys and records of previous transactions from cryptocurrency wallets including Dash, Bytecoin, Litecoin and Ethereum, according to Trend Micro.

Diving into a cashless future of transactions via digital wallets that keep consumers safe and reduce paper and waste. Mobile wallets "Store consumers' data in one place, encrypted with one master root key," said Will Graylin, the man behind Samsung Pay and founder of the mobile wallet OV Valet.

Cryptocurrency trading platform Hotbit has shut down all services for at least a week after a cyberattack that down several of its services on Thursday evening. Hotbit assured its roughly 2 million registered users from over 210 countries that their cryptocurrency assets were "Safe and secure."

Security researchers following the money circuit from Ryuk ransomware victims into the threat actor's pockets estimate that the criminal organization made at least $150 million. Threat intelligence companies Advanced Intelligence and HYAS tracked 61 Bitcoin wallets attributed to the Ryuk malware enterprise and discovered that the cryptocurrency moves from an intermediary to Huobi and Binance exchanges.

Security researchers have discovered a new remote access trojan used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. Named ElectroRAT after being discovered in December, the cross-platform RAT malware is written in Golang and it was used as part of a campaign that has been targeting cryptocurrency users since the start of 2020.

A phishing scam is underway that targets Ledger wallet users with fake data breach notifications used to steal cryptocurrency from recipients. Ledger is a hardware cryptocurrency wallet that allows you to store, manage, and sell cryptocurrency.

Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads. Although it is unclear how many MetaMask users fell for the scam, some say they ended up with empty wallets after clicking on a fraudulent search ad being promoted as the MetaMask site.

Google has kicked 49 malicious Chrome browser extensions out of its Web Store that were posing as cryptocurrency wallets in order to drain the contents of bona fide wallets. On Tuesday, Harry Denley, MyCrypto Director of Security, said that malicious browser extensions aren't new, but the targets in this campaign are: they include the cryptocurrency wallets Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey.

Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies. "Essentially, the extensions are phishing for secrets - mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto.

The popular digital wallet application Key Ring recently exposed information belonging to millions of its users, vpnMentor reports. Key Ring is an application that creates a digital wallet on the user's phone and allows them to upload scans and photos of membership and loyalty cards, but many also use it to store copies of IDs, driver's licenses, credit cards, and the like.