cryptocurrency (9)

10664180274?profile=RESIZE_400xThe State of NJ NJCCIC continues to receive reports of stolen cryptocurrency and recently reported on observed tactics that often include the use of social engineering.  The FBI issued a notification this week alerting financial institutions and investors that cybercriminals are creating fraudulent cryptocurrency investment apps to defraud cryptocurrency investors.  The cybercriminals were observed contacting investors and convincing them to download fraudulent cryptocurrency investment mobile a

10599272298?profile=RESIZE_400xCryptocurrency storage is one of the most important things that investors should consider when joining the burgeoning digital asset market.  Most people investing in this space have little to no knowledge of the existing options.  Crypto exchanges currently hold the larger share of investors’ capital despite the associated risks, including hacking and regulatory pressures from oversight authorities. 

There are two types of crypto wallets; custodial and non-custodial. The former is offered by cen

10599094693?profile=RESIZE_400xIt has been reported that cyber criminals are sending out millions of phishing emails a day, using extortion and other schemes to steal Bitcoin and other cryptocurrencies from victims.  The phishing attacks use a variety of techniques to trick people into transferring sums of Bitcoin, including phony requests for charity donations and Business Email Compromise BEC scams.

See:  https://redskyalliance.org/xindustry/what-the-heck-is-bec

According to a report by cybersecurity researchers at Proofpoi

9601651478?profile=RESIZE_400xThe US government is reportedly set to announce new measures, including sanctions to deter cryptocurrency businesses from getting involved in laundering and facilitating ransomware payments.  People familiar with the matter told the Wall Street Journal that the US Treasury Department could enact the new sanctions as early as the week of 20 September 2021. They will reportedly target cryptocurrency exchanges and traders who either knowingly or unwittingly enable cybercrime transactions.  Among ot

9325603291?profile=RESIZE_192XThere appears to be continuing data breach campaign inside the THORChain’s security system. THORChain is a cross-chain DeFi protocol that was hacked last week for the first time and suffered a loss of $8.3 million.  Now it has been hacked again, and this time, attackers allegedly managed to steal $8 million worth of cryptocurrency Ether.

According to THORChain, the decentralized e-commerce exchange has become a victim of a sophisticated attack on its ETH router.  THORChain posted to Twitter to a

8989703898?profile=RESIZE_400xA new information stealer is going after cryptocurrency wallets and credentials for applications including NordVPN, Telegram, Discord, and Steam.   Panda Stealer malware uses spam emails and the same hard-to-detect fileless distribution method deployed by a recent Phobos ransomware campaign discovered by investigators.

The attack campaign appears to be primarily targeting users in Australia, Germany, Japan, and the United States.  Panda Stealer was discovered by Trend Micro at the beginning of A

8959863057?profile=RESIZE_400xA coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.

On 29 April 2021, the Institute for Security and Technology's Ransomware Task Force published the framework, which features 48 proposals. It calls for a coordinated, international diplomatic and law enforcement effort to combat t

7756134874?profile=RESIZE_400xThe Cybersecurity and Infrastructure Security Agency (CISA) and other US agencies have issued a warning about increases in bank e-thefts worldwide organized by a hacking group called "BeagleBoyz."  Researchers believe this group has ties to the North Korean government.  The BeagleBoyz group is a subset of the North Korean-backed hacking collective known as the Lazarus Group or Hidden Cobra.  The report with details of how the BeagleBoyz have made off with an estimated $2 billion in funds and cry

Summary Beginning in August of 2017, a new cryptocurrency mining botnet, dubbed Smominru, started propagating via the recently leaked Eternal Blue exploit. Smominru, aka MyKings, is characterized by the targeting of Windows systems using WMI as a file-less persistence mechanism. As of March 2019, Smominru showed no signs of slowing down. Wapack Labs has identified approximately 316K victims connecting to Smominru infrastructure over a period of 6 days. This report provides a high-level overview