Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it's currently responding to "multiple incidents" involving the weaponization of … [Read more...] about Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
Crypto
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Jan 11, 2025Ravie LakshmananFinancial Crime / Cryptocurrency The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the … [Read more...] about DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Crypto scam: seed phrases shared publicly
“I have a question. I have USDT stored in my wallet, and I have the seed phrase. How to transfer my funds to another wallet?” — we found a comment like this under a finance-related video on YouTube. And the seed phrase was revealed in full in the comment. This looked suspicious: even a complete cryptocurrency beginner should know better than to share their seed phrase with the … [Read more...] about Crypto scam: seed phrases shared publicly
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions … [Read more...] about Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Kaspersky uncovers a crypto game created by Lazarus APT
Battle City, colloquially known as “that tank game”, is a symbol of a bygone era. Some 30 years ago, gamers would pop a cartridge into their console, settle in front of a bulky TV, and obliterate waves of enemy tanks until the screen gave out. Today, the world’s a different place, but tank games remain popular. Modern iterations offer gamers not just the thrill of gameplay but … [Read more...] about Kaspersky uncovers a crypto game created by Lazarus APT
North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
A threat actor with ties to the Democratic People's Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware … [Read more...] about North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
Oct 26, 2024Ravie LakshmananCloud Security / Cryptocurrency The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, … [Read more...] about Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation
Oct 12, 2024Ravie LakshmananCryptocurrency / Cybercrime The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau … [Read more...] about FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for … [Read more...] about AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign
Sep 28, 2024Ravie LakshmananCryptocurrency / Mobile Security Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect … [Read more...] about Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign