crypto
-
Blog
Microsoft spots XCSSET macOS malware variant used for crypto theft
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users’ sensitive information, including digital wallets and data from the legitimate Notes app. The malware is typically distributed through infected Xcode projects. It has been around for at least five years and each update represents a milestone in XCSSET’s development. The current improvements are the first ones…
Read More » -
Blog
zkLend loses $9.5M in crypto heist, asks hacker to return 90%
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. zkLend is a decentralized money-market protocol built on Starknet, a Layer 2 scaling solution for Ethereum. It enables users to deposit, borrow, and lend various assets. The attack took place yesterday afternoon, with zkLend warning…
Read More » -
Blog
8 Crypto Scams You Should Watch Out For
While blockchain and cryptocurrency have created many opportunities for the average person, they have also attracted scammers, making the space rife with fraud. Whether you’re already involved or considering entering this space, here are some common crypto scams you should watch out for. 8 Wallet Draining Scams Octus_Photography/Shutterstock.com Wallet drain scams are a serious threat that can wipe out your…
Read More » -
Blog
Google Play, Apple App Store apps caught stealing crypto wallets
Android and iOS apps on the Google Play Store and Apple App Store contain a malicious software development kit (SDK) designed to steal cryptocurrency wallet recovery phrases using optical character recognition (OCR) stealers. The campaign is called “SparkCat” after the name (“Spark”) of one of the malicious SDK components in the infected apps, with developers likely not knowingly participating in the operation.…
Read More » -
Blog
US govt says North Korea stole over $659 million in crypto last year
North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. The announcement also warns that threat groups linked to the Democratic People’s Republic of Korea (DPRK) are still actively targeting blockchain technology industry companies. “As recently as September…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/23587767/acastro_220524_STK428_0003.jpg)
North Korea linked to crypto heists of over $650 million in 2024 alone
Hackers in North Korea stole a total of $659 million in crypto across several heists in 2024, according to a joint statement issued today by the US, Japan, and South Korea. The report specified five such incidents, like the $235 million theft from the Indian crypto exchange WazirX that is being newly attributed to the Lazarus Group. That organization is…
Read More » -
Blog
Pastor who saw crypto project in his “dream” indicted for fraud
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions between 2021 and 2023. The US Department of Justice says the pastor, Francier Obando Pinillo, 51, used his position to recruit investors into a fraudulent cryptocurrency venture called “Solano Fi,” which he told them “came to…
Read More » -
Blog
New Web3 attack exploits transaction simulations to steal crypto
Threat actors are employing a new tactic called “transaction simulation spoofing” to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. The attack, spotted by ScamSniffer, highlights a flaw in transaction simulation mechanisms used in modern Web3 wallets, meant to safeguard users from fraudulent and malicious transactions. How the attack works Transaction simulation is a feature that allows…
Read More » -
Blog
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig). The company discovered the malicious campaign on January 7, 2025, and based on the phishing email’s content, it likely didn’t start much earlier. The attack starts with a phishing email sent…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/25807125/2100335117.jpg)
Do Kwon will be extradited to the US to face charges over Terra’s $40 billion crypto crash
“It was concluded that most of the criteria provided for by law support the extradition request of the competent authorities of the United States of America,” a machine-translated version of Montenegro’s Ministry of Justice’s statement said. It doesn’t say when Montenegro plans on releasing Kwon to the US. As noted by Bloomberg, it’s also unclear whether this decision is final,…
Read More »