Tag: cryptocurrency
242 articles

OkoBot Malware Targets Crypto Wallets with 20 Payloads
Beware of OkoBot malware, a sneaky threat that's using clever tactics like fake GitHub repositories and ClickFix attacks to steal your cryptocurrency wallet secrets and sensitive data. This malicious framework is armed with over 20 payloads, making it a formidable foe in the world of cybercrime.

OkoBot Malware Targets Crypto Users Worldwide
Meet OkoBot, a sneaky malware framework that's got crypto users worldwide in its crosshairs, with over 20 malicious payloads and implants that can be assembled in different ways to wreak havoc. It spreads through clever tactics like ClickFix attacks and fake GitHub packages masquerading as legitimate software.

Ryuk Ransomware Operative Pleads Guilty in US Court
A major player behind the notorious Ryuk Ransomware gang has taken responsibility for their crimes, with Karen Serobovich Vardanyan, a 34-year-old Armenian national, pleading guilty in a US court to conspiracy and computer fraud. As part of his plea deal, Vardanyan will pay over $1.1m in restitution for his role in the massive cyberattack that netted over $15m in bitcoin payments.

Bulgarian Money Launderer Accused of Stealing Seized Crypto
Rossen G. Iossifov, already serving 121 months for a money laundering scheme, now faces new charges for allegedly trying to steal $290,000 in government-seized cryptocurrency while behind bars. He and his co-conspirators are accused of moving the digital assets to prevent seizure, according to a federal indictment in Kentucky.

Attackers Drain $3.1 Million Using 'Ill Bloom' Crypto Wallet Flaw
A single coordinated attack exploited the Ill Bloom flaw on May 27, draining a staggering $3.1 million from 431 wallets in a single day. This shocking theft was made possible by a weak random-number generator in certain wallet software that created easily guessable recovery phrases.

DCloud Uni-App Framework Fuels 236,000 Scam Sites
Over the past two years, a staggering 236,000 scam sites have sprouted up using the DCloud Uni-App Framework, with operators continually launching sophisticated schemes to deceive victims. These sites are being used for a wide range of fraudulent activities, from fake cryptocurrency exchanges to crypto wallet drainers.

Hackers Inject Malicious Script in Polymarket Supply-Chain Attack
Polymarket has pledged to fully reimburse customers who lost around $3 million in a shocking supply-chain attack that injected malicious JavaScript into the platform's frontend via a third-party vendor breach. The incident highlights the vulnerability of even major players to these types of attacks.

US Seizes Huione Cloud Account Tied to $31 Billion Cyber Scam Laundering
The US Department of Justice has seized a cloud account linked to a staggering $31 billion cyber scam laundering operation, disrupting a vast online marketplace for fraud and money laundering. This massive crackdown targeted HuiOne Group, a Cambodia-based company accused of helping scammers launder billions through its subsidiaries.
Attacker Exploits JaredFromSubway MEV Bot in $15 Million Crypto Heist
In a shocking crypto heist, an attacker swiped a whopping $15 million from JaredFromSubway's MEV bot by cleverly manipulating its logic with fake pools and tokens. The attacker tricked the bot into granting access to helper contracts, ultimately draining $15 million in WETH, USDC, and USDT.

Malware Campaign Exploits Fake Reviews to Spread Crypto Clipper
A single threat actor cleverly mimicked legitimate brands to spread Crypto Clipper Malware, using fake reviews, tutorial videos, and promotions on trusted platforms to manufacture credibility for a malicious crypto tool. They created a convincing illusion of a trusted product, complete with inflated download counts and coordinated five-star reviews.

Rokarolla Malware Targets 217 Banking and Crypto Apps
Beware: the Rokarolla malware is targeting 217 banking and crypto apps, allowing hackers to seize near-total control of your Android phone. It disguises itself as legitimate apps, often sneaking in through malicious websites offering fake Chrome or TikTok downloads.

Rokarolla Malware Targets Android Banking Apps with 137 Commands
Meet Rokarolla, a sneaky Android banking trojan that's taking aim at 217 banking and cryptocurrency apps with an arsenal of 137 remote commands, giving attackers alarming control over infected phones. This malicious malware is designed to outsmart even Google's Play Protect defenses, putting your financial security at risk.

North Korean Hackers Exploit Developer Tools in Malware Campaigns
North Korean hackers have launched a sneaky malware campaign, tricking victims into executing cross-platform malware for macOS, Linux, and Windows through malicious scripts hidden in GitHub repositories. Their latest tactic, dubbed UNK_DeadDrop, uses recruitment lures to deliver self-running code to over 75% of targeted organizations across various sectors.

Zcash Vulnerability Exposes Risk of Fraudulent Transactions
A critical vulnerability in Zcash's Orchard privacy pool was discovered by security researcher Taylor Hornby, exposing a risk of fraudulent transactions and highlighting the importance of rigorous testing and review. The swift discovery was made possible by a commissioned review, underscoring the value of proactive security measures.

Google Engineer Charged with Insider Trading Using Company Data
A Google engineer, Michele Spagnuolo, has been charged with insider trading in the Southern District of New York for allegedly using company data to make lucrative bets on a cryptocurrency-based prediction market. He faces serious penalties, including up to 10 years in prison for commodities fraud and 20 years for wire fraud and money laundering.

TrapDoor Attack Spreads Credential-Stealing Malware Across Software Ecosystems
A massive supply chain attack, dubbed TrapDoor, has been spreading credential-stealing malware across three major language ecosystems, infecting over 34 malicious packages and 384 versions. The coordinated campaign began on May 22, 2026, and continues to target developers with cleverly named packages related to cryptocurrency, DeFi, Solana, and AI.

Typosquatting Evolves Into Supply Chain Threat
Typosquatting has morphed into a sinister supply chain threat, with attackers now embedding malicious lookalike domains within legitimate third-party scripts to intercept sensitive data. This alarming evolution has led to devastating attacks, such as the Trust Wallet compromise, where 2,500 wallets were drained in just 48 hours.

FBI Warns of $388 Million Lost to Crypto ATM Scams
The FBI's Internet Crime Complaint Center received over 13,400 complaints about crypto ATM scams in 2025, with victims losing a staggering $388 million - a 58% jump in losses from the previous year. This alarming trend is part of a broader surge in cybercrime, with over 1 million complaints filed and nearly $21 billion in losses reported last year.

US Indicts Suspected Dream Market Admin on Money Laundering Charges
A suspected administrator of the now-defunct Dream Market has been indicted in the US on 12 federal counts of money laundering, with the Department of Justice alleging he used cryptocurrency to buy gold bars and ship them to his home in Germany. If convicted, he faces up to 20 years in prison for each count.

TCLBanker Malware Spreads Rapidly via WhatsApp, Outlook
Beware of a rapidly spreading malware, TCLBanker, that's infecting 59 major banking, fintech, and cryptocurrency platforms through sneaky WhatsApp and Outlook attacks. This sneaky trojan uses a fake Logitech AI Prompt Builder installer to wreak havoc on your digital security.

Bitcoin Core Exposes High-Severity Memory Safety Flaw
Bitcoin Core developers have disclosed a high-severity vulnerability, tracked as CVE-2024-52911, which is the project's first known memory safety flaw that could potentially allow remote code execution. This rare but critical bug was fixed months ago and affects Bitcoin Core releases from 2017 to early 2025.

Grinex Shutdown Won't Curb Russian Sanctions Evasion
The shutdown of Grinex, a Kyrgyzstan-registered cryptocurrency exchange, highlights the cat-and-mouse game of sanctions evasion, where experts warn that the ecosystem's fragmentation will only make it harder to track illicit activity. As Kaitlin Martin, a senior intelligence analyst at Chainalysis, notes, a fractured ecosystem makes it increasingly difficult to target evasive maneuvers.

Global Crackdown Targets Crypto Scam Centers, Arrests 276
In a major global crackdown, authorities have arrested 276 suspects and shut down nine cryptocurrency scam centers, dealing a significant blow to fraudsters targeting Americans from abroad. This coordinated effort, led by Dubai Police and involving the FBI and China's Ministry of Public Security, sends a clear message: scammers can't hide from the law, no matter where they are in the world.

North Korea Exploits Fake Meetings to Fuel Crypto Heists
North Korea is using fake video meetings to trick people into crypto scams, fueling a growing concern in the world of cryptocurrency. This clever tactic is just one of the many evolving methods threat actors are using to steal money.