Tag: cryptocurrency

New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
News

New Malware Targets Exposed Docker APIs for Cryptocurrency Mining

Researchers studying cybersecurity have discovered a new malware campaign that aims to send bitcoin miners and other payloads via publicly accessible Docket API endpoints. In a report released last week, cloud analytics platform Datadog stated that among the tools used were a remote access tool with the ability to download and run other dangerous applications as well as a utility to spread the virus via SSH. Tactical similarities between the effort and Spinning YARN, an earlier initiative that targeted incorrectly configured Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services for cryptojacking, have been found during campaign analysis. The threat actors focus on Docker servers that have exposed ports (port number 2375) at the beginning of the assault to launch a ...
Brothers arrested for $25 million theft in Ethereum blockchain attack
News

Brothers arrested for $25 million theft in Ethereum blockchain attack

The U.S. Department of Justice has filed an indictment against two brothers for allegedly engaging in a "first-of-its-kind" plan that involved altering the Ethereum network to steal $25 million worth of cryptocurrency in about 12 seconds. On Tuesday, accusations of wire fraud, conspiracy to commit wire fraud, and money laundering were brought against Anton Peraire-Bueno and James Pepaire-Bueno, who were taken into custody in Boston and New York. Each of them may spend up to 20 years in jail if found guilty on all counts. The New York City Police Department, U.S. Customs and Border Protection, and IRS Criminal Investigation (IRS-CI) Cyber Investigations Unit all provided support to the investigation of their case. The brothers are accused of using their elite training and expertis...
US charges Samourai cryptomixer founders for laundering $100 million
News

US charges Samourai cryptomixer founders for laundering $100 million

The U.S. Department of Justice has charged Keonne Rodriguez and William Lonergan Hill with laundering over $100 million from different criminal businesses via their nearly ten-year-long bitcoin mixer service, Samourai. Criminals processed approximately $2 billion in illicit funds using Samourai's Whirlpool crypto mixer between 2015 and February 2024, according to information contained in a superseding indictment. Apart from providing services for mixing bitcoin, Samourai also provided a service known as "Ricochet," which enabled users to transfer cryptocurrency by executing extraneous and extra transactions in order to evade law enforcement and cryptocurrency exchanges' attempts to trace cash obtained from illicit activities. The two founders are said to have received fees totali...
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
News

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

Via a persistent threat nicknamed GuptiMiner that targets major corporate networks, a new malware campaign has been distributing backdoors and cryptocurrency miners like XMRig by taking advantage of the update mechanism of the eScan antivirus program. The action, according to cybersecurity company Avast, is the product of a threat actor who may have ties to the Kimsuky hacker gang, also known as Black Banshee, Emerald Sleet, and TA427. Kimsuky is a North Korean hacking group. Avast stated that GuptiMiner is a highly sophisticated threat that employs a couple of techniques, including sideloading, extracting payloads from seemingly innocent images, signing its payloads with a custom trusted root anchor certification authority, and making DNS requests to the attacker's DNS servers. ...
New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
News

New Migo Malware Targeting Redis Servers for Cryptocurrency Mining

A new malware campaign has been noticed that aims to mine cryptocurrency on compromised Linux machines by first targeting Redis servers. According to a technical analysis by Cado security researcher Matt Muir, "this particular campaign involves the use of a number of novel system weakening techniques against the data store itself." The virus known as Migo, a Golang ELF program with compile-time obfuscation and persistence on Linux systems, is what makes the cryptojacking assault possible. The campaign was discovered, according to the cloud security provider, after it saw a "unusual series of commands" directed at its Redis honeypots, which are designed to weaken security read more New Migo Malware Targeting Redis Servers for Cryptocurrency Mining. Get up to date on the latest ...
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers
News

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

An continuing malware operation using the recently found Apple macOS backdoor dubbed RustDoor is targeting several cryptocurrency-related businesses. Last week, Bitdefender published the initial description of RustDoor, describing it as a Rust-based malware that could upload and capture files in addition to collecting data about the compromised computers. Disguised as a Visual Studio upgrade, it is delivered. Even while earlier research had identified at least three distinct backdoor variations, the precise beginning dissemination mechanism was still a mystery. However, the Romanian cybersecurity company later informed The Hacker News that the malware was not part of a random distribution campaign, but rather was employed in a targeted attack read more RustDoor macOS Backdoor Tar...
Police seize record 50,000 Bitcoin from now-defunct piracy site
News

Police seize record 50,000 Bitcoin from now-defunct piracy site

Through a voluntary deposit to a state-controlled wallet, the former owner of the pirate website movie2k.to surrendered 50,000 Bitcoin to the authorities in Saxony, eastern Germany. This represents nearly $2.1 billion at the current Bitcoin-USD conversion rate, setting a record for the nation's law enforcement agencies. Between 2008 and 2013, Movie2k was a platform that operated in a legal gray area. It offered links for users to view or download movies and TV series, mostly in English and German read more Police seize record 50000 Bitcoin from now-defunct piracy site. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.
North Korea’s Cyber Heist DPRK Hackers Stole $600 Million in Cryptocurrency in 2023
News

North Korea’s Cyber Heist DPRK Hackers Stole $600 Million in Cryptocurrency in 2023

At least $600 million in bitcoin was stolen in 2023 by threat actors connected to North Korea, commonly known as the Democratic People's Republic of Korea. The DPRK, according to blockchain analytics startup TRM Labs, "was responsible for almost a third of all funds stolen in crypto attacks last year, despite a 30% reduction from the USD 850 million haul in 2022," the company claimed last week. The average damage caused by DPRK-perpetrated hacks was ten times greater than that of non-North Korean hackers. There are hints that by the end of 2023, more cyberattacks aimed at cryptocurrency read more North Korea's Cyber Heist DPRK Hackers Stole $600 Million in Cryptocurrency in 2023. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our ...
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam
News

Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam

Four citizens of the United States have been charged with taking part in an illegal conspiracy that used bitcoin investment scams to provide them over $80 million. The defendants are Hailong Zhu, 40, of Naperville, Illinois; Joseph Wong, 32, of Rosemead, California; Justin Walker, 31, of Cypress, California; and Lu Zhang, 36, of Alhambra, California. They are accused of conspiring to commit money laundering, concealing money laundering, and international money laundering. Zhang and Walker were both arrested by the U.S. Department of Justice (DoJ) in relation to the fraudulent operation. The DoJ claimed that the four individuals created bank accounts and shell companies to conduct pig butchering scams and then transferred the illicitly obtained funds read more Four U.S. Nationals Cha...