hacker
-
Blog
Hacker steals record $1.46 billion from Bybit ETH cold wallet
Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets. “The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the…
Read More » -
Blog
Hacker leaks account data of 12 million Zacks Investment users
Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. Zacks is an American investment research company that provides its customers data-driven insights through a proprietary stock performance assessment tool called ‘Zacks Rank’, to help with making informed financial decisions. In late January, a threat actor published data samples…
Read More » -
Blog
Seashell Blizzard hacker group escalating attacks on critical infrastructure, Microsoft warns
A subgroup of the Russian state-sponsored hacking group, Seashell Blizzard, has been targeting critical infrastructure organizations and governments around the world for years, authorities have warned. The campaign, dubbed ‘BadPilot‘ by Microsoft’s Threat Intelligence Team, saw the group gain access to targets across a number of sensitive sectors, including energy, oil and gas, telecommunications, shipping, and arms manufacturing, as well…
Read More » -
Blog
zkLend loses $9.5M in crypto heist, asks hacker to return 90%
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. zkLend is a decentralized money-market protocol built on Starknet, a Layer 2 scaling solution for Ethereum. It enables users to deposit, borrow, and lend various assets. The attack took place yesterday afternoon, with zkLend warning…
Read More » -
Blog
Hacker pleads guilty to SIM swap attack on US SEC X account
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. This comes after the defendant, 25-year-old Eric Council Jr., first pleaded not guilty to hacking the account and enabling his co-conspirators to make a fake announcement that Bitcoin ETFs were approved. “Today the SEC grants approval to…
Read More » -
Blog
Hacker pleads guilty of taking over SEC’s X account to post fake Bitcoin news
Hacker Eric Council Jr. pleaded guilty Monday to charges of conspiracy to commit aggravated identity theft and access device fraud after he took over the SEC’s X account in January 2024. Once Council gained access to the account, his unnamed co-conspirators posted a doctored image, message, and fake quote by then SEC Chairman Gary Gensler saying Bitcoin Exchange Traded Funds…
Read More » -
Blog
Hacker infects 18,000 “script kiddies” with fake malware builder
A threat actor targeted low-skilled hackers, known as “script kiddies,” with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. Security researchers at CloudSEK report that the malware infected 18,459 devices globally, most located in Russia, the United States, India, Ukraine, and Turkey. “A trojanized version of the XWorm RAT builder…
Read More » -
Blog
HPE investigates breach as hacker claims to steal source code
Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company’s developer environments. The company has told BleepingComputer that it hasn’t found any evidence of a security breach, but it is investigating the threat actor’s claims. “HPE became aware on January 16 of claims being made by a group…
Read More » -
Blog
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State…
Read More » -
Blog
LockBit developer snared in latest blow for infamous hacker group
A ‘key member’ of the LockBit ransomware collective has been charged by US authorities in the latest development of its ongoing quest to shutter the operation. The US Department of Justice (DoJ) issued a notice on 20 December that Rostislav Panev, a dual Israeli-Russian national, was arrested in Israel and pending extradition for being linked to the infamous hacker group.…
Read More »