crypto (10)

10889538276?profile=RESIZE_400xSecurity researchers are alerting about an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.  The attackers have been active since October 2022.  The attack was uncovered by investigators on 01 November 2022, with the attackers copying existing popular libraries and injecting a malicious ‘import’ statement into them. The purpose of the injected code is to infect the victim’s machine with a script that runs in the background. The script, which f

10859343060?profile=RESIZE_400xResearchers found buried deep in a 61-page recent report by the U.S. Attorney General, the Biden Administration called for a dramatic expansion in the federal government’s ability to seize and keep cryptocurrency. If enacted, the proposed changes would bolster both criminal forfeiture, which requires a conviction to permanently confiscate property, as well as civil forfeiture, which does not require a conviction or even criminal charges to be filed.  Notably, the report’s release was coupled wit

10599272298?profile=RESIZE_400xCryptocurrency storage is one of the most important things that investors should consider when joining the burgeoning digital asset market.  Most people investing in this space have little to no knowledge of the existing options.  Crypto exchanges currently hold the larger share of investors’ capital despite the associated risks, including hacking and regulatory pressures from oversight authorities. 

There are two types of crypto wallets; custodial and non-custodial. The former is offered by cen

10440901073?profile=RESIZE_400xThe financial sector is a prime target for criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. The high volume of Russian-speaking gangs and the current sanctions against the Russian state makes Russia a major threat to financial institutions today.

The reason that financial institutions are under constant attack is simple: that’s where the money is today.  This is no different than the statement made by the

10115777254?profile=RESIZE_400xA new malware family is targeting Asian cloud service providers and using compromised resources to mine cryptocurrency. The malware, CoinStomp, makes use of Timestomping, Command and Control through reverse shells, removal of target system’s cryptographic policies, and references to a previous cryptojacking campaign, Xanthe.

Cryptojacking is the process of compromising machines and using their resources to mine for cryptocurrencies.  This attack method has grown popular as an alternative to buil

10006159689?profile=RESIZE_400xONUS, the Vietnamese crypto trading platform, recently experienced an attack stemming from the Log4j vulnerability (CVE-2021-44228).[1] ONUS allows users to trade crypto currencies through their app which is available for iOS and Android. The organization has grown significantly in the past 18 months since the app’s launch in March of 2020, with a large portion of users in Vietnam, Nigeria, and the Philippines.[2]

Financial organizations and crypto platforms in particular are juicy targets for a

8989703898?profile=RESIZE_400xA new information stealer is going after cryptocurrency wallets and credentials for applications including NordVPN, Telegram, Discord, and Steam.   Panda Stealer malware uses spam emails and the same hard-to-detect fileless distribution method deployed by a recent Phobos ransomware campaign discovered by investigators.

The attack campaign appears to be primarily targeting users in Australia, Germany, Japan, and the United States.  Panda Stealer was discovered by Trend Micro at the beginning of A

8959863057?profile=RESIZE_400xA coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.

On 29 April 2021, the Institute for Security and Technology's Ransomware Task Force published the framework, which features 48 proposals. It calls for a coordinated, international diplomatic and law enforcement effort to combat t

8532841253?profile=RESIZE_400xA report published today by blockchain investigations firm Chainalysis confirms that cybercrime groups engaging in ransomware attacks don't operate in their own bubbles but often switch ransomware suppliers (RaaS services) in a search for better profits. The report analyzed how Bitcoin funds were transferred from victims to criminal groups, and how the money was divided among different parties involved in the ransomware attack, and how it was eventually laundered.

In today’s world, the ransomwar

Summary Beginning in August of 2017, a new cryptocurrency mining botnet, dubbed Smominru, started propagating via the recently leaked Eternal Blue exploit. Smominru, aka MyKings, is characterized by the targeting of Windows systems using WMI as a file-less persistence mechanism. As of March 2019, Smominru showed no signs of slowing down. Wapack Labs has identified approximately 316K victims connecting to Smominru infrastructure over a period of 6 days. This report provides a high-level overview