Cryptocurrency News, Articles and Updates

Researcher: Microsoft Word feature can be exploited to display videos that mine cryptocurrency

Malicious actors can abuse Microsoft Word's Online Video feature to deliver videos that secretly exhaust their viewers' computer processing power in order to mine cryptocurrencies, according to Israeli cybersecurity firm Votiro.

Cryptominer campaign leveraging Oracle bug spreads worldwide via multiple infection tactics

A malicious campaign that's been exploiting a vulnerability in Oracle's WebLogic application servers in order to install a Monero cryptominer on victims' machines has reportedly used at least four different infection chain tactics to spread the threat worldwide, across virtually all industry sectors.

Cryptocurrency mining crimeblotter, TrickBot, Coinhoard and Apache CouchDB vulnerabilities

The amount of illegal cryptocurrency mining that is now taking place makes keeping track a difficult proposition, but here is a quick roundup of what was has been spotted over the last few days.

Stinging Telegram: Attackers exploit zero-day flaw in app to fool users into malicious downloads

Attackers were found exploiting a zero-day vulnerability in the Telegram messenger app to make the names and extensions of malicious files appear more legitimate, in hopes that users who received these files would be more willing to open them.

Crypto exchange BitGrail and token developer Nano at odds over alleged coin theft

Italian cryptocurrency exchange BitGrail is feuding with the developers of Nano virtual tokens, with both sides pointing fingers after BitGrail issued an announcement claiming a malicious actor stole 17 million Nano coins from the exchange.

Adversary breaches Tennessee hospital's medical records server to install cryptominer

Decatur County General Hospital in Parsons, Tenn., has publicly disclosed that an unauthorized party accessed the server for its electronic medical record system and secretly implanted cryptomining malware.

Litecoin emerges as popular Bitcoin alternative among dark web underground community

An analysis of 150 of popular dark web message boards, marketplaces and illegal services has revealed that underground vendors have been gravitating toward Litecoin cryptocurrency as a viable alternative to Bitcoin when conducting transactions.

MacUpdate hacked, cryptocurrency miner apps installed

A cybercriminal managed to infiltrate the Mac app download site MacUpdate and install maliciously- copies of the Firefox, OnyX, and Deeper applications that actually were cryptocurrency miners.

Monero miner Smominru using EternalBlue to spread

The new Monero miner Smominru is active in the wild using the EternalBlue exploit to spread, according to a new report.

Cryptominers and malspam up while zero days and ransomware decline

Malicious actors kept busy late last year adding new weapons to their arsenal while placing others on the backburner as they attempted to profit from new honey holes like cryptocurrency mining and boosting the amount of old favorites like malspam.

Report: Coincheck cyberthieves attempting to move, sell off NEM cryptocurrency

The developers of NEM cryptocurrency claim they have traced $533 million in digital coins stolen from hacked crypto exchange Coincheck to an anonymous account whose owners are trying to move the money around, according to Reuters.

Spartanburg, S.C., library system hit with ransomware attack

The Spartanburg, S.C., Public Library system was shut down after it was hit with a ransomware attack.

Millions of machines download XMRig cryptominer after users click on devious links

A newly discovered malicious URL redirection campaign that infects users with the XMRig Monero cryptocurrency miner has already victimized users between 15 and 30 million times, researchers have reported.

North Korea-linked trojan switches targets from banks to cryptocurrency enthusiasts

Originally used by reputed North Korean hackers to attack the global banking sector, the Ratankba downloader trojan has been repurposed into a PowerShell-based variant that appears to be targeting small, non-financial organizations and individuals with an interest in cryptocurrency, an analysis shows.

Crooks fabricate SpriteCoin cryptocurrency as lure to download ransomware

Heard of the hot new cryptocurrency SpriteCoin? No? That's because it's a fictional fairy tale cooked up by cybercrooks as a ruse to infect wannabe investors with a particularly devilish ransomware program.

Hacking initial coin offerings leading to the loss of millions in cryptocurrency

Initial coin offerings (ICO) are losing about 10 percent of all ICO funds generated to cyberattack due to poor security as malicious actors take advantage of the absence of a centralized authority, blockchain transaction irreversibility and information chaos that presides over this sector.

A minor twist on inserting cryptocurrency miners detailed

The 32-bit to 64-bit injection is not a new technique, but one developed back in 2009 and nicknamed Heaven's Gate.

North Korea blamed for yet another cryptocurrency-focused phishing campaign

In other cryptocurrency news, attackers were discovered exploiting a recently patched Oracle flaw in order to secretly deploy a Monero cryptominer in organizations' WebLogic application servers.

Malicious websites can steal from vulnerable Electrum cryptocurrency wallets

The popular Bitcoin client Electrum has developed a patch for a critical vulnerability that allows malicious websites to steal from digital wallets that are not password-protected.

Report: Expect more website ads to contain hidden cryptominers

In addition to hiding cryptocurrency miners in the coding of websites, malicious actors may also increasingly conceal them within advertisements appearing on these sites, according to a new report from CoinDesk, citing the Israeli adtech firm Spotad.

Free software downloads infecting users with NiceHash cryptominer, warns researchers

Adversaries are using the lure of free online software downloads to infect unknowing victims with a customized version of cryptocurrency mining software from the NiceHash marketplace.

Digmine cryptocurrency botnet spreading through Facebook Messenger

Facebook Messenger is the launching pad for a new Monero-cryptocurrency mining bot called Digmine that so far is hitting only a small sampling of nations around the world.

VenusLocker ransomware extortionists switch m.o., pursue Monero cryptomining

The same threat group that was responsible for extorting victims with VenusLocker ransomware last year has now shifted its attention to cryptocurrency mining, according to new research.

Hex-Men Trio using compromised SQL servers to conduct mining, DDoS attacks

A trio of campaigns, jointly known as the Hex-Men Trio, that are going after SQL Servers has been identified by Guardicore Labs.

More evidence emerges of North Korea targeting cryptocurrency industry

Several new reports have surfaced detailing North Korean state interest in targeting and attacking cryptocurrency exchanges as a means of enriching itself.

DDoS attack paralyzes Bitfinex

After an SEC warning about the risks associated with cryptocurrency, Bitfinex came under heavy fire from a reported DDoS attack.

WordPress hit with keylogger, 5,400 sites infected

The cryptomining malware being pushed from cloudflare.solutions has seemingly added keylogger functionality to its mix with PublicWWW reporting that more than 5,400 Wordpress sites are now infected.