CryptoCurrency
North Korean Lazarus hackers infect hundreds via npm packages
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. The packages, which have been downloaded 330 times, are designed to steal account credentials, deploy backdoors on compromised systems, and extract sensitive cryptocurrency information. The Socket Research Team discovered the campaign, which linked it to previously […]
MassJacker malware uses 778,000 wallets to steal cryptocurrency
A newly discovered clipboard hijacking operation dubbed ‘MassJacker’ uses at least 778,531 cryptocurrency wallet addresses to steal digital assets from compromised computers. According to CyberArk, who discovered the MassJacker campaign, roughly 423 wallets linked to the operation contained $95,300 at the time of the analysis, but historical data suggests more significant transactions. Also, there’s a single […]
US seizes $23 million in crypto linked to LastPass breaches
U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack. Despite the threat actors’ efforts, law enforcement agents traced $23,604,815.09 of the stolen digital assets between June 2024 and […]
US charges Garantex admins with money laundering, sanctions violations
The administrators of the Russian Garantex crypto-exchange have been charged in the United States with facilitating money laundering for criminal organizations and violating sanctions. 46-year-old Lithuanian national and Russian resident Aleksej Besciokov and 40-year-old Russian national and United Arab Emirates resident Aleksandr Mira Serda—who controlled Garantex between 2019 and 2025—are charged with money laundering conspiracy […]
US seizes domain of Garantex crypto exchange used by ransomware gangs
The U.S. Secret Service has seized the domain of the sanctioned Russian cryptocurrency exchange Garantex in collaboration with the Department of Justice’s Criminal Division, the FBI, and Europol. Other law enforcement authorities involved in this action include the Dutch National Police, the German Federal Criminal Police Office, the Frankfurt General Prosecutor’s Office, the Estonian National […]
U.S. recovers $31 million stolen in 2021 Uranium Finance hack
U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, a Binance Smart Chain-based DeFi protocol. Uranium Finance was a decentralized finance (DeFi) protocol built on Binance’s BNB Chain that operated as an automated market maker (AMM) similar to Uniswap. The platform launched in April 2021, but hackers quickly exploited vulnerabilities in […]
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist
FBI has confirmed that North Korean hackers stole $1.5 billion from cryptocurrency exchange Bybit on Friday in the largest crypto heist recorded until now. The FBI also encouraged RPC node operators, exchanges, bridges, DeFi services, blockchain analytics firms, and other cryptocurrency service providers to block transactions originating from addresses used by North Korean hackers to […]
GrassCall malware campaign drains crypto wallets via fake job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious “GrassCall” meeting app that installs information-stealing malware to steal cryptocurrency wallets. Hundreds of people have been impacted by the scam, with some reporting having their wallets drained in the attacks. A Telegram group has been created to discuss […]
Lazarus hacked Bybit via breached Safe{Wallet} developer machine
Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer’s device at the multisig wallet platform Safe{Wallet}. Bybit CEO Ben Zhou shared the conclusions of two investigations by Sygnia and Verichains, which both found that the attack originated from Safe{Wallet}’s infrastructure. “The attack specifically targeted Bybit by injecting malicious […]
Pump.fun X account hacked to promote scam governance token
The immensely popular memecoin generator Pump.fun had its X account hacked to promote a fake “PUMP” token cryptocurrency scam. Pump.fun is a Solana-based cryptocurrency platform that allows users to create and trade memecoins. Launched in January 2024, it has become a quick and easy way for users to launch their own Solana tokens, but it […]