CryptoCurrency
Fake Microsoft Office add-in tools push malware via SourceForge
Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. SourceForge.net is a legitimate software hosting and distribution platform that also supports version control, bug tracking, and dedicated forums/wikis, making it very popular among open-source project communities. Although its open project submission model […]
PoisonSeed phishing campaign behind emails with wallet seed phrases
A large-scale phishing campaign dubbed ‘PoisonSeed’ compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. According to SilentPush, the campaign targets Coinbase and Ledger using compromised accounts at Mailchimp, SendGrid, HubSpot, Mailgun, and Zoho. The researchers link the campaign to recent incidents, such as the case of Troy Hunt’s Mailchimp account compromise […]
North Korean hackers adopt ClickFix attacks to target crypto firms
The notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). This development, reported by Sekoia, is seen as an evolution of the threat actor’s ‘Contagious Interview’ campaign that similarly targets job seekers in the AI and cryptocurrency space. ClickFix […]
New Crocodilus malware steals Android users’ crypto wallet keys
A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. Although Crocodilus is a new banking malware, it features fully developed capabilities to take control of the device, harvest data, and remote control. Researchers at fraud prevention company […]
U.S. seized $8.2 million in crypto linked to ‘Romance Baiting’ scams
The U.S. Department of Justice (DOJ) has seized over $8.2 million worth of USDT (Tether) cryptocurrency that was stolen via ‘romance baiting’ scams. Previously referred to as ‘pig butchering,’ in this type of financial fraud victims are manipulated into making investments on fraudulent websites/apps that showcase massive returns. Convinced they’re making a profit, the victims invest […]
US removes sanctions against Tornado Cash crypto mixer
The U.S. Department of Treasury announced today that it has removed sanctions against Tornado Cash, a cryptocurrency mixer used by North Korean Lazarus hackers to launder hundreds of millions stolen in multiple crypto heists. The Department’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash in August 2022 for helping launder over $7 billion since its creation in […]
Blockchain gaming platform WEMIX hacked to steal $6.1 million
Blockchain gaming platform WEMIX suffered a cyberattack last month, allowing threat actors to steal 8,654,860 WEMIX tokens, valued at approximately $6,100,000 at the time. During a press conference held yesterday, WEMIX’s CEO Kim Seok-Hwan confirmed the incident occurred on February 28, 2025, explaining that the delay in issuing a public announcement wasn’t an attempt to […]
Microsoft: New RAT malware used for crypto theft, reconnaissance
Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, maintain persistence, and extract sensitive data. While the malware (dubbed StilachiRAT) hasn’t yet reached widespread distribution, Microsoft says it decided to publicly share indicators of compromise and mitigation guidance to help network defenders detect this threat and reduce its […]
OKX suspends DEX aggregator after Lazarus hackers try to launder funds
OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. OKX is a leading global cryptocurrency exchange that offers a wide range of trading options, including spot and derivatives trading and decentralized […]
Coinbase phishing email tricks users with fake wallet migration
A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. The emails have a subject of “Migrate to Coinbase Wallet” and state that all customers must transition to self-custodial wallets. The email also provides instructions on how to […]