cryptocurrency, digital currency

Cryptocurrency

‘Clipper’ malware that alters crypto wallet addresses slips into Play Store

By

Google’s Play Store unknowingly hosted a fake cryptocurrency app that actually modifies users’ crypto wallet addresses once they’re copied to the clipboard, researchers are reporting. This Android-based “clipper” malware, as it’s called, secretly changes the wallet address to one hosted by the attackers, allowing them to steal victims’ digital coin transactions, explains ESET researcher Lukas…

California SIM swapping conviction reportedly may be a legal first

By

Prosecutors in California have reportedly won what they believe to be the first-ever conviction for the act of SIM hijacking. Joel Ortiz, a 20-year-old college student from Boston, pleaded guilty in a Santa Clara County courtroom last month to stealing over $5 million in cryptocurrency after taking over the phone numbers of roughly 40 individuals…

Mac and Chrome info stealer and cryptomining malware in the wild

By

Cybercriminals are using a new malware targeting Macs and the Chrome browser designed to steal all the information necessary to break into cryptocurrency exchanges and their victim’s digital wallets. This malware, an offshoot of OSX.DarthMiner, has a wide range of abilities, reported Palo Alto’s Unit 42. These skills include the ability to steal browser cookies…

New Mac malware ‘DarthMiner’ joins the dark side

By

Researchers last week detected a fake Adobe piracy app that infects Mac users with a one-two combination of the EmPyre backdoor/post-exploitation agent and the XMRig cryptominer. The app pretends to be Adobe Zii, a software program that facilitates the cracking and digital piracy of Adobe products, reports Thomas Reed, director of Mac and mobile at Malwarebytes,…

Cryptomining campaign pulls new ‘Linux Rabbit’ malware out of its black hat

By

A two-month Monero cryptomining campaign targeted both Linux-based servers and Internet of Things devices with a newly discovered malware family called “Linux Rabbit,” researchers have reported. The operation occurred in two phases, each of which used a distinct version of Linux Rabbit that shares the same code base as the other iteration, according to a Dec. 6…

github_1439470

Hacker takes over JavaScript library, injects malware to steal Bitcoin

By

An open-source code stored in a popular JavaScript library was poisoned by its latest administrator with a malicious code allowing an attacker to swipe Bitcoin from Bitpay and Copay wallets. The attacker injected a malicious code, called Event-Stream, into a NodeJS package that is used by the Copay and BitPay apps enabling an attacker to…

New cryptominer seeks out root permissions on Linux machines

By

Researchers at antivirus company Dr.Web have discovered a malicious Monero cryptominer specifically designed for Linux machines, with additional functionality that also allows it to operate as a backdoor. Named Linux.BtcMine.174, the trojan is described as a shell script containing over 1,000 lines of code. To receive its malicious commands from the attackers, the malware downloads and runs…

Make-A-Wish website compromised for cryptomining campaign

By

Not even the Make-A-Wish Foundation is off limits for some unscrupulous cybercriminals, as evidenced by a cryptojacking operation that compromised the charitable organization’s international website. Simon Kenin, security researcher at Trustwave, reported in a company blog post today that malicious actors injected a CoinImp browser-based cryptomining script that would harness the processing power of any…

‘DarkGate’ miner, password-stealer could open up world of hurt for Windows users

By

Windows users in Europe have recently been the target of a sophisticated malware campaign that provides attackers with a diverse array of capabilities, including cryptomining, credential stealing, ransomware and remote-access takeovers. Named DarkGate by its developer, the malware is reportedly distributed via Torrent files disguised as popular entertainment offerings — including the Spanish basketball dramedy…

Bitcoin scammers impersonate Elon Musk, hack Target’s Twitter account

By

Scammers impersonating Elon Musk managed to hack the verified Twitter accounts of Target and several others in a cryptocurrency fraud scheme promising huge Bitcoin giveaways Tuesday morning. Hackers were briefly able to get ahold of the Target Twitter page for about a half hour when they used the big-box retailer’s account to promote “the biggest crypto-giveaway…

Next post in Cryptocurrency