Tag: cryptocurrency news

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining
News

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Malicious actors are using weakly secured Linux SSH servers as a target to install dictionary attack tools and port scanners in an attempt to take down other weaker servers and use them as part of a network for distributed denial-of-service (DDoS) assaults and cryptocurrency mining. "In a report released on Tuesday, the AhnLab Security Emergency Response Center (ASEC) stated that threat actors have the option to install solely scanners and then sell the compromised IP and account credentials on the dark web." Using a method known as dictionary attack, adversaries attempt to guess a server's SSH credentials by sifting through a list of frequently used username and password combinations. If the brute-force attack is successful, the threat actor will use other software, such as scan...
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam
News

Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam

Four citizens of the United States have been charged with taking part in an illegal conspiracy that used bitcoin investment scams to provide them over $80 million. The defendants are Hailong Zhu, 40, of Naperville, Illinois; Joseph Wong, 32, of Rosemead, California; Justin Walker, 31, of Cypress, California; and Lu Zhang, 36, of Alhambra, California. They are accused of conspiring to commit money laundering, concealing money laundering, and international money laundering. Zhang and Walker were both arrested by the U.S. Department of Justice (DoJ) in relation to the fraudulent operation. The DoJ claimed that the four individuals created bank accounts and shell companies to conduct pig butchering scams and then transferred the illicitly obtained funds read more Four U.S. Nationals Cha...
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers
News

US seizes Sinbad crypto mixer used by North Korean Lazarus hackers

The cryptocurrency mixing service Sinbad has been sanctioned by the U.S. Department of Treasury due to its use by the North Korean hacking group Lazarus as a means of money laundering. A cryptocurrency mixer is a server that lets users deposit cryptocurrency. To help prevent precise tracking, the cryptocurrency is mixed and sent to numerous wallet addresses. After the cryptocurrency is "mixed," the mixing service transfers it to a different wallet address that belongs to the customer, taking a commission from the deposited amount. Today, Sinbad.io (Sinbad) was sanctioned by the Treasury's Office of Foreign Assets Control (OFAC) due to allegations that North Korean hackers read more US seizes Sinbad crypto mixer used by North Korean Lazarus hackers. Get up to date on the lates...
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
News

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

Using Microsoft Azure Automation, cybersecurity experts have created the first completely undetectable cloud-based cryptocurrency miner that doesn't cost anything. The cybersecurity firm SafeBreach announced that it has found three distinct ways to run the miner, one of which can be used on a victim's system covertly. In a report shared with The Hacker News, security researcher Ariel Gamrian stated, "While this research is significant because of its potential impact on cryptocurrency mining, we also believe it has serious implications for other areas, as the techniques could be used to achieve any task that requires code execution on Azure read more Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation. Get up to date on the latest cybersecurity news and en...
LastPass breach linked to theft of $4.4 million in crypto
News

LastPass breach linked to theft of $4.4 million in crypto

Researchers studying cryptocurrency fraud have found that on October 25th, hackers used passphrases and private keys from stolen LastPass databases to steal $4.4 million in cryptocurrency. The information is from Taylor Monahan, a developer for MetaMask, and ZachXBT, who have been monitoring these cryptocurrency thefts. We frequently receive DMs from people who have had their cryptocurrency holdings taken. Additionally, we go out to victims that we find on-chain," ZachXBT said to BleepingComputer. "We ask potential LastPass victims multiple questions and typically have found one commonality between them all being LastPass." In 2022, a LastPass breach resulted in the theft of $4.4 million from over 25 victims by threat actor read more LastPass breach linked to theft of $4.4 million i...
North Korea’s Lazarus Group Launders $900 Million in Cryptocurrency
News

North Korea’s Lazarus Group Launders $900 Million in Cryptocurrency

The Lazarus Group, which has ties to North Korea, has been implicated in the theft of almost $900 million of those revenues between July 2022 and July of this year. As much as $7 billion in bitcoin has been illegally laundered through cross-chain crime. Blockchain analytics company Elliptic stated in a new research released this week that "chain- or asset-hopping typologies are also on the rise" as traditional institutions like mixers continue to be the target of seizures and sanctions scrutiny. Cross-chain crime is the act of moving crypto assets quickly across tokens or blockchains in an effort to conceal their origin. It is a profitable way to cover up crypto thefts read more North Korea's Lazarus Group Launders $900 Million in Cryptocurrency. Stay informed with the best cyber...
TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams
News

TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams

The video-sharing app TikTok is inundated with a wave of fraudulent cryptocurrency giveaways, with almost all of the films professing to be themes based on Elon Musk, Tesla, or SpaceX. On social media sites like Twitter and Instagram, threat actors have been producing bogus cryptocurrency giveaways for years. These con games pose as celebrity freebies, bitcoin trades, or—more frequently—as Elon Musk or SpaceX impersonations. The con artists create a large number of websites that look like cryptocurrency exchanges or offer free cryptocurrency in exchange for user registrations. But as to be expected, these frauds just steal any cryptocurrency that consumers deposit read more TikTok flooded by Elon Musk cryptocurrency giveaway scams. Stay informed with the best cybersecurity news a...
Hackers steal $53 million worth of cryptocurrency from CoinEx
News

Hackers steal $53 million worth of cryptocurrency from CoinEx

A substantial quantity of digital assets that were used to fund the platform's operations were stolen from vast amounts of hot wallets at the major cryptocurrency exchange CoinEX, according to an announcement. The issue happened on September 12 and preliminary investigation findings indicate that cryptocurrencies from Tron, Polygon, and Ethereum were used in the illicit transactions. Since the inquiry has not yet determined the full extent of the losses, CoinEx has not disclosed any information regarding the financial effect sustained. According to a report by the blockchain security company PeckShield, CoinEx lost over $19 million in ETH, $11 million in TRON, $6.4 million in Smart Chain Coin ($BSC), $6 million in Bitcoin (BTC), and roughly $295,000 in (MATIC) as a result of the ...
Google Looker Studio abused in cryptocurrency phishing attacks
News

Google Looker Studio abused in cryptocurrency phishing attacks

Cybercriminals are utilizing Google Looker Studio to develop fake cryptocurrency phishing websites that prey on owners of digital assets and steal their money. Google's Looker Studio (formerly known as Data Studio) is an online data conversion tool for producing reports with clearly understandable components like charts and graphs out of raw data from spreadsheets and other sources. Researchers from Check Point have found that hackers are using the reputable Google Looker Studio tool to create cryptocurrency phishing pages. Due of Looker Studio's legitimacy and high reputation, fraudsters insert the URLs of these pages in phishing emails to get past email security checks read more Google Looker Studio abused in cryptocurrency phishing attacks. Stay informed with the best cybersec...