Dec 30, 2023NewsroomCryptocurrency / Phishing Scam Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a … [Read more...] about Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks
Crypto
Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft
Dec 15, 2023NewsroomCryptocurrency / Malware Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company said in a … [Read more...] about Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft
Vulnerability in crypto wallets created online in the early 2010s
Researchers have discovered several vulnerabilities in the BitcoinJS library that could leave Bitcoin wallets created online a decade ago prone to hacking. The basic issue is that the private keys for these crypto wallets were generated with far greater predictability than the library developers expected. Randstorm vulnerabilities and consequences Let’s start at the beginning. … [Read more...] about Vulnerability in crypto wallets created online in the early 2010s
The most spectacular crypto thefts and how to defend against them
The advantages of cryptocurrencies for owners — lax regulation and lack of government control — are major pluses for cyberthieves too. Because the threats to crypto assets are quite varied, we recommend that you study our overview of how to protect your crypto investments, as well as our tips for owners of hardware cryptowallets. But these posts of ours, detailed as they are, … [Read more...] about The most spectacular crypto thefts and how to defend against them
How DoubleFinger malware steals crypto
Cryptocurrencies are under attack from all sorts of criminal schemes — from mundane Bitcoin mining scams to grandiose cryptocurrency heists worth hundreds of millions of dollars. For cryptocurrency owners, dangers lurk at literally every turn. Just recently we talked about fake cryptowallets — which look and work just like real ones but eventually steal all your money. Now our … [Read more...] about How DoubleFinger malware steals crypto
Hot crypto wallet, cold crypto wallet: what are they, and how are they stolen from?
Hardware wallets are considered to be the most reliable cryptocurrency storage solution of all. A special device that signs all of its owner’s blockchain operations offline looks so much more reliable than online storage or computer apps. After all, we hear news of hacks and bankruptcies of online cryptocurrency exchange platforms nearly every month, while apps are clearly … [Read more...] about Hot crypto wallet, cold crypto wallet: what are they, and how are they stolen from?
Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL
Jan 09, 2023Ravie LakshmananKubernetes / Cryptojacking The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. A second initial access vector technique entails the use of vulnerable images, Sunders Bruskin, security researcher at Microsoft … [Read more...] about Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL
New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team (SIRT), the Golang-based malware has been found targeting a variety of companies … [Read more...] about New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware
A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency," Fortinet FortiGuard Labs … [Read more...] about Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware
Crypto Miners Using Tox P2P Messenger as Command and Control Server
Threat actors have begun to use the Tox peer-to-peer instant messaging service as a command-and-control method, marking a shift from its earlier role as a contact method for ransomware negotiations. The findings from Uptycs, which analyzed an Executable and Linkable Format (ELF) artifact ("72client") that functions as a bot and can run scripts on the compromised host using the … [Read more...] about Crypto Miners Using Tox P2P Messenger as Command and Control Server