CryptoCurrency
Malicious VSCode extension in Cursor IDE led to $500K crypto theft
A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one case, led to the theft of $500,000 in cryptocurrency from a Russian crypto developer. Cursor AI IDE is an AI-powered development environment based on Microsoft’s Visual Studio Code. It includes support for Open VSX, an alternative […]
Employee gets $920 for credentials used in $140 million bank heist
Hackers stole nearly $140 million from six banks in Brazil by using an employee’s credentials from C&M, a company that offers financial connectivity solutions. The incident reportedly occurred on June 30, after the attackers bribed the employee to give them his account credentials and perform specific actions that would help their operations. Insider threat According to Brazilian media […]
Atomic macOS infostealer adds backdoor for persistent attacks
Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as ‘AMOS’) that comes with a backdoor, to attackers persistent access to compromised systems. The new component allows executing arbitrary remote commands, it survives reboots, and permits maintaining control over infected hosts indefinitely. MacPaw’s cybersecurity division Moonlock analyzed the backdoor in Atomic malware after a […]
Police dismantles investment fraud ring stealing €10 million
The Spanish police have dismantled a large-scale investment fraud operation that caused cumulative damages exceeding $11.8 million (€10 million). During simultaneous raids in Barcelona, Madrid, Mallorca, and Alicante, coordinated by the Mossos d’Esquadra, Civil Guard, and the National Police, 21 individuals were arrested. Along with the arrests, the police agents also confiscated seven luxury vehicles […]
Dozens of fake wallet add-ons flood Firefox store to drain crypto
More than 40 fake extensions in Firefox’s official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data. Some of the extensions pretend to be wallets from Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero, and include malicious code that sends stolen information to attacker-controlled servers. Researchers […]
US disrupts North Korean IT worker “laptop farm” scheme in 16 states
The U.S. Department of Justice (DoJ) announced coordinated law enforcement actions against North Korean government’s fund raising operations using remote IT workers. North Korean workers use stolen or fake identities created with the help of AI tools to get hired by more than 100 companies in the U.S., believing they employed experts from other Asian countries […]
Europol helps disrupt $540 million crypto investment fraud ring
Spanish authorities have arrested five individuals in Madrid and the Canary Islands, suspected of laundering $540 million (€460 million) from illegal cryptocurrency investment schemes and defrauding more than 5,000 victims. The law enforcement operation was supported and coordinated by Europol and investigators from Estonia, France, and the U.S. (Homeland Security Investigations – HSI). The investigation into […]
Trezor’s support platform abused in crypto theft phishing attacks
Trezor is alerting users about a phishing campaign that abuses its automated support system to send deceptive emails from its official platform. The company’s support site allows anyone to open a ticket using any email address and subject line. The system then replies automatically, sending a case number and using the submitted ticket title as […]
Malware on Google Play, App Store stole your photos—and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected devices. When […]
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup
CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors’ crypto. On Friday evening, January 20, CoinMarketCap visitors began seeing Web3 popups asking them to connect their wallets to the site. However, when visitors connected their wallets, a malicious script drained cryptocurrency from […]