Topic: cryptocurrency theft
-
North Korean Hackers Stole $2 Billion in Crypto This Year
North Korean hackers have stolen over $2 billion in cryptocurrency in 2025, primarily through a major breach at Bybit and numerous other attributed attacks, with the actual total likely higher due to unreported incidents. The groups have shifted tactics to focus on social engineering, targeting h...
Read More » -
A Televised Hack and a \$90M Crypto Theft: The New Face of Cyber Retaliation
Iran’s state TV was hijacked mid-broadcast to air anti-regime protests, just hours before hackers stole \$90 million in crypto from the country’s top exchange. The dual attack reflects a rising form of cyberwarfare—blending public disruption with financial sabotage to undermine institutions without ever crossing a border.
Read More » -
Must-Delete Apps on Your Smartphone Right Now
Security researchers found over 20 fake cryptocurrency wallet apps on Google Play, mimicking legitimate ones like SushiSwap and PancakeSwap, designed to steal users' recovery phrases and funds. These malicious apps bypassed security checks by hijacking legitimate developer accounts and used phish...
Read More » -
North Korean Hackers' New EtherHiding Crypto Heist
A North Korean hacking group is using EtherHiding, a blockchain-based method that embeds malware in smart contracts, making the blockchain a resilient command-and-control server for malicious activities. EtherHiding resists traditional cybersecurity measures because it operates on a decentralized...
Read More » -
Beware: Malicious npm Package Impersonates Email Library
A malicious npm package named "nodejs-smtp" impersonates the legitimate nodemailer library, compromising cryptocurrency wallets by altering transaction details to redirect funds to attackers. The package uses Electron-based tools to secretly modify the Atomic Wallet application on Windows, replac...
Read More » -
NPM Supply-Chain Attack Thwarted: Hackers Foiled
A massive supply-chain attack on the NPM ecosystem was quickly neutralized, preventing a catastrophic security incident despite malicious updates reaching 10% of cloud environments. The attack began with a phishing compromise of a maintainer account, allowing tainted updates to widely used packag...
Read More » -
North Korean Hackers Hide Malware on Blockchain
EtherHiding is a technique used by North Korean hackers to hide malware on public blockchains, making it hard for authorities to disrupt their activities. The UNC5342 group targets software developers through fake recruitment offers, infecting Windows, macOS, and Linux systems with a multi-stage ...
Read More » -
Massive Supply-Chain Attack Hits 2B+ Weekly Downloads
A software supply-chain attack compromised nearly two dozen npm packages with two billion weekly downloads, making it one of the most extensive digital infiltrations ever recorded. The breach began when a key maintainer fell for a phishing email, allowing attackers to embed malicious code that hi...
Read More » -
Xubuntu Website Hacked to Distribute Malware
The Xubuntu website was compromised to distribute Windows malware, redirecting users attempting to download the Linux OS to a malicious file instead of legitimate installation media. The malware identified is a clipboard hijacker that targets Windows systems, replacing cryptocurrency wallet addre...
Read More » -
Salesforce, CentreStack Hit by Hackers in Zero-Day Attacks
Major platforms like Salesforce and CentreStack have been compromised by zero-day vulnerabilities, underscoring the need for timely patching and robust security measures. Recent incidents include the Cl0p gang exploiting Oracle E-Business Suite flaws and North Korean hackers stealing over $2 bill...
Read More » -
CoinMarketCap hacked: Fake Web3 popup drained crypto wallets
CoinMarketCap suffered a cyberattack where hackers used deceptive Web3 popups to steal funds from users' crypto wallets by exploiting a vulnerability in a homepage doodle image. The attack, a supply chain breach, originated from an external domain and stole $43,266 from 110 victims before being c...
Read More » -
Android Malware Grants Attackers Remote Hands-On Control
Klopatra is a new Android banking trojan that has infected over 3,000 devices in Europe by posing as a legitimate IPTV/VPN app, granting attackers full remote control to monitor screens and steal financial data. The malware, developed by a Turkish-speaking group, uses overlay attacks, VNC for hid...
Read More » -
Fake macOS Help Sites Spread Shamos Infostealer via ClickFix
Cybercriminals are using deceptive help websites and malicious Google ads to trick macOS users into installing the Shamos infostealer malware via harmful Terminal commands. The malware employs the ClickFix social engineering technique to bypass security, collects sensitive data like credentials a...
Read More »
