crypto (14)

12364604453?profile=RESIZE_400xThe operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023.  The scheme leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers' infrastructure that spoofed Web3 protocols to trick victims into authorizing transactions.  A crypto drainer is a malicious tool or script specially designed to transfer or redirect cryptocurrency from a vict

11004874671?profile=RESIZE_400xAccording to various investigating agencies, thousands are believed to have lost their savings after investing in a cryptocurrency trading app called iEarn Bot   https://www.iearnbot.com.  DO NOT VISIT THIS WEBSITE; IT IS A SCAM.  Experts investigating the company say it could be one of the largest crypto scandals.  Cryptocurrency trading has become popular, with people often promising large rewards over short periods.  But law enforcement agencies warn of many scams and recommend investors cond

10993413653?profile=RESIZE_400xFor crypto investors who have not followed the news of thefts, exchange collapses, new government regulations and are prepared to lose their entire investment, here is some advice to follow.  Hackers demand payment in crypto, participate in scams that lead to crypto theft directly, or target crypto trading companies.  As an individual with funds in crypto, you are likely to encounter attempts of fraudulent investment schemes, giveaways, phishing attacks, and more mischief.

The “hook” of most inv

10970241056?profile=RESIZE_400xUS banks are backing away from crypto companies, concerned by a regulatory crackdown that threatens to sever digital currencies from the real-world financial system.  Banking regulators are raising concerns about banks’ involvement with crypto clients following last year’s blowup of Sam Bankman-Fried’s FTX. The Securities and Exchange Commission is aggressively pursuing the industry’s bigger players in a crackdown that threatens to narrow their reach.  That move has alarmed bankers who don’t wan

10889538276?profile=RESIZE_400xSecurity researchers are alerting about an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.  The attackers have been active since October 2022.  The attack was uncovered by investigators on 01 November 2022, with the attackers copying existing popular libraries and injecting a malicious ‘import’ statement into them. The purpose of the injected code is to infect the victim’s machine with a script that runs in the background. The script, which f

10859343060?profile=RESIZE_400xResearchers found buried deep in a 61-page recent report by the U.S. Attorney General, the Biden Administration called for a dramatic expansion in the federal government’s ability to seize and keep cryptocurrency. If enacted, the proposed changes would bolster both criminal forfeiture, which requires a conviction to permanently confiscate property, as well as civil forfeiture, which does not require a conviction or even criminal charges to be filed.  Notably, the report’s release was coupled wit

10599272298?profile=RESIZE_400xCryptocurrency storage is one of the most important things that investors should consider when joining the burgeoning digital asset market.  Most people investing in this space have little to no knowledge of the existing options.  Crypto exchanges currently hold the larger share of investors’ capital despite the associated risks, including hacking and regulatory pressures from oversight authorities. 

There are two types of crypto wallets; custodial and non-custodial. The former is offered by cen

10440901073?profile=RESIZE_400xThe financial sector is a prime target for criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. The high volume of Russian-speaking gangs and the current sanctions against the Russian state makes Russia a major threat to financial institutions today.

The reason that financial institutions are under constant attack is simple: that’s where the money is today.  This is no different than the statement made by the

10115777254?profile=RESIZE_400xA new malware family is targeting Asian cloud service providers and using compromised resources to mine cryptocurrency. The malware, CoinStomp, makes use of Timestomping, Command and Control through reverse shells, removal of target system’s cryptographic policies, and references to a previous cryptojacking campaign, Xanthe.

Cryptojacking is the process of compromising machines and using their resources to mine for cryptocurrencies.  This attack method has grown popular as an alternative to buil

10006159689?profile=RESIZE_400xONUS, the Vietnamese crypto trading platform, recently experienced an attack stemming from the Log4j vulnerability (CVE-2021-44228).[1] ONUS allows users to trade crypto currencies through their app which is available for iOS and Android. The organization has grown significantly in the past 18 months since the app’s launch in March of 2020, with a large portion of users in Vietnam, Nigeria, and the Philippines.[2]

Financial organizations and crypto platforms in particular are juicy targets for a

8989703898?profile=RESIZE_400xA new information stealer is going after cryptocurrency wallets and credentials for applications including NordVPN, Telegram, Discord, and Steam.   Panda Stealer malware uses spam emails and the same hard-to-detect fileless distribution method deployed by a recent Phobos ransomware campaign discovered by investigators.

The attack campaign appears to be primarily targeting users in Australia, Germany, Japan, and the United States.  Panda Stealer was discovered by Trend Micro at the beginning of A

8959863057?profile=RESIZE_400xA coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.

On 29 April 2021, the Institute for Security and Technology's Ransomware Task Force published the framework, which features 48 proposals. It calls for a coordinated, international diplomatic and law enforcement effort to combat t

8532841253?profile=RESIZE_400xA report published today by blockchain investigations firm Chainalysis confirms that cybercrime groups engaging in ransomware attacks don't operate in their own bubbles but often switch ransomware suppliers (RaaS services) in a search for better profits. The report analyzed how Bitcoin funds were transferred from victims to criminal groups, and how the money was divided among different parties involved in the ransomware attack, and how it was eventually laundered.

In today’s world, the ransomwar

Summary Beginning in August of 2017, a new cryptocurrency mining botnet, dubbed Smominru, started propagating via the recently leaked Eternal Blue exploit. Smominru, aka MyKings, is characterized by the targeting of Windows systems using WMI as a file-less persistence mechanism. As of March 2019, Smominru showed no signs of slowing down. Wapack Labs has identified approximately 316K victims connecting to Smominru infrastructure over a period of 6 days. This report provides a high-level overview