Skip to main content

Tag: cryptocurrency

242 articles

Person sits at cluttered desk with laptop and papers in a home office setting.

OkoBot Malware Targets Crypto Wallets with 20 Payloads

Beware of OkoBot malware, a sneaky threat that's using clever tactics like fake GitHub repositories and ClickFix attacks to steal your cryptocurrency wallet secrets and sensitive data. This malicious framework is armed with over 20 payloads, making it a formidable foe in the world of cybercrime.

Analyst 207
Cluttered developer workstation with laptop, papers, and coffee cups.

OkoBot Malware Targets Crypto Users Worldwide

Meet OkoBot, a sneaky malware framework that's got crypto users worldwide in its crosshairs, with over 20 malicious payloads and implants that can be assembled in different ways to wreak havoc. It spreads through clever tactics like ClickFix attacks and fake GitHub packages masquerading as legitimate software.

Analyst 207
Defendant Karen Serobovich Vardanyan sits somberly in a US federal courtroom.

Ryuk Ransomware Operative Pleads Guilty in US Court

A major player behind the notorious Ryuk Ransomware gang has taken responsibility for their crimes, with Karen Serobovich Vardanyan, a 34-year-old Armenian national, pleading guilty in a US court to conspiracy and computer fraud. As part of his plea deal, Vardanyan will pay over $1.1m in restitution for his role in the massive cyberattack that netted over $15m in bitcoin payments.

Analyst 207
Courthouse interior with subtle crypto symbols, conveying institutional enforcement.

Bulgarian Money Launderer Accused of Stealing Seized Crypto

Rossen G. Iossifov, already serving 121 months for a money laundering scheme, now faces new charges for allegedly trying to steal $290,000 in government-seized cryptocurrency while behind bars. He and his co-conspirators are accused of moving the digital assets to prevent seizure, according to a federal indictment in Kentucky.

Analyst 207
Crypto wallet and related technology on a desk in a brightly-lit office space.

Attackers Drain $3.1 Million Using 'Ill Bloom' Crypto Wallet Flaw

A single coordinated attack exploited the Ill Bloom flaw on May 27, draining a staggering $3.1 million from 431 wallets in a single day. This shocking theft was made possible by a weak random-number generator in certain wallet software that created easily guessable recovery phrases.

Analyst 207
Rows of servers and computers in a brightly-lit tech facility with a cityscape in the background.

DCloud Uni-App Framework Fuels 236,000 Scam Sites

Over the past two years, a staggering 236,000 scam sites have sprouted up using the DCloud Uni-App Framework, with operators continually launching sophisticated schemes to deceive victims. These sites are being used for a wide range of fraudulent activities, from fake cryptocurrency exchanges to crypto wallet drainers.

Analyst 207
Brightly-lit office with rows of computer servers and a large screen displaying a blurred image.

Hackers Inject Malicious Script in Polymarket Supply-Chain Attack

Polymarket has pledged to fully reimburse customers who lost around $3 million in a shocking supply-chain attack that injected malicious JavaScript into the platform's frontend via a third-party vendor breach. The incident highlights the vulnerability of even major players to these types of attacks.

Analyst 207
Server equipment in a clean, clinical data center environment with ambient daylight.

US Seizes Huione Cloud Account Tied to $31 Billion Cyber Scam Laundering

The US Department of Justice has seized a cloud account linked to a staggering $31 billion cyber scam laundering operation, disrupting a vast online marketplace for fraud and money laundering. This massive crackdown targeted HuiOne Group, a Cambodia-based company accused of helping scammers launder billions through its subsidiaries.

Analyst 207

Attacker Exploits JaredFromSubway MEV Bot in $15 Million Crypto Heist

In a shocking crypto heist, an attacker swiped a whopping $15 million from JaredFromSubway's MEV bot by cleverly manipulating its logic with fake pools and tokens. The attacker tricked the bot into granting access to helper contracts, ultimately draining $15 million in WETH, USDC, and USDT.

Analyst 207
Laptop screen on a desk in a brightly-lit indoor setting with blurred smartphones and tablets in the background.

Malware Campaign Exploits Fake Reviews to Spread Crypto Clipper

A single threat actor cleverly mimicked legitimate brands to spread Crypto Clipper Malware, using fake reviews, tutorial videos, and promotions on trusted platforms to manufacture credibility for a malicious crypto tool. They created a convincing illusion of a trusted product, complete with inflated download counts and coordinated five-star reviews.

Analyst 207
Person holding smartphone with blank screen in public setting.

Rokarolla Malware Targets 217 Banking and Crypto Apps

Beware: the Rokarolla malware is targeting 217 banking and crypto apps, allowing hackers to seize near-total control of your Android phone. It disguises itself as legitimate apps, often sneaking in through malicious websites offering fake Chrome or TikTok downloads.

Analyst 207
Smartphone on cluttered table with blurred screen, surrounded by scattered financial papers.

Rokarolla Malware Targets Android Banking Apps with 137 Commands

Meet Rokarolla, a sneaky Android banking trojan that's taking aim at 217 banking and cryptocurrency apps with an arsenal of 137 remote commands, giving attackers alarming control over infected phones. This malicious malware is designed to outsmart even Google's Play Protect defenses, putting your financial security at risk.

Analyst 207
People work at computer workstations in a dimly lit indoor software development workspace.

North Korean Hackers Exploit Developer Tools in Malware Campaigns

North Korean hackers have launched a sneaky malware campaign, tricking victims into executing cross-platform malware for macOS, Linux, and Windows through malicious scripts hidden in GitHub repositories. Their latest tactic, dubbed UNK_DeadDrop, uses recruitment lures to deliver self-running code to over 75% of targeted organizations across various sectors.

Analyst 207
Security researcher working on laptop in lab setting with notes in background.

Zcash Vulnerability Exposes Risk of Fraudulent Transactions

A critical vulnerability in Zcash's Orchard privacy pool was discovered by security researcher Taylor Hornby, exposing a risk of fraudulent transactions and highlighting the importance of rigorous testing and review. The swift discovery was made possible by a commissioned review, underscoring the value of proactive security measures.

Analyst 207
Google software engineer sits in a formal courtroom or government briefing room, surrounded by daylight from tall windows,…

Google Engineer Charged with Insider Trading Using Company Data

A Google engineer, Michele Spagnuolo, has been charged with insider trading in the Southern District of New York for allegedly using company data to make lucrative bets on a cryptocurrency-based prediction market. He faces serious penalties, including up to 10 years in prison for commodities fraud and 20 years for wire fraud and money laundering.

Analyst 207
Developer workstation with laptop and monitor displaying code, surrounded by notes and empty coffee cups, in a modern…

TrapDoor Attack Spreads Credential-Stealing Malware Across Software Ecosystems

A massive supply chain attack, dubbed TrapDoor, has been spreading credential-stealing malware across three major language ecosystems, infecting over 34 malicious packages and 384 versions. The coordinated campaign began on May 22, 2026, and continues to target developers with cleverly named packages related to cryptocurrency, DeFi, Solana, and AI.

Analyst 207
Cluttered coding workspace surrounds a laptop with a blurred webpage.

Typosquatting Evolves Into Supply Chain Threat

Typosquatting has morphed into a sinister supply chain threat, with attackers now embedding malicious lookalike domains within legitimate third-party scripts to intercept sensitive data. This alarming evolution has led to devastating attacks, such as the Trust Wallet compromise, where 2,500 wallets were drained in just 48 hours.

Analyst 207
Cryptocurrency kiosk in a public place with a blank screen.

FBI Warns of $388 Million Lost to Crypto ATM Scams

The FBI's Internet Crime Complaint Center received over 13,400 complaints about crypto ATM scams in 2025, with victims losing a staggering $388 million - a 58% jump in losses from the previous year. This alarming trend is part of a broader surge in cybercrime, with over 1 million complaints filed and nearly $21 billion in losses reported last year.

Analyst 207
Formal court interior with podium and blurred law books, backdrop for financial crime indictment.

US Indicts Suspected Dream Market Admin on Money Laundering Charges

A suspected administrator of the now-defunct Dream Market has been indicted in the US on 12 federal counts of money laundering, with the Department of Justice alleging he used cryptocurrency to buy gold bars and ship them to his home in Germany. If convicted, he faces up to 20 years in prison for each count.

Analyst 207
Busy office scene with people in background, laptop in foreground displaying signs of malware breach.

TCLBanker Malware Spreads Rapidly via WhatsApp, Outlook

Beware of a rapidly spreading malware, TCLBanker, that's infecting 59 major banking, fintech, and cryptocurrency platforms through sneaky WhatsApp and Outlook attacks. This sneaky trojan uses a fake Logitech AI Prompt Builder installer to wreak havoc on your digital security.

Analyst 207
A minimalist room with a laptop, smartphone, and papers on a desk near large windows.

Bitcoin Core Exposes High-Severity Memory Safety Flaw

Bitcoin Core developers have disclosed a high-severity vulnerability, tracked as CVE-2024-52911, which is the project's first known memory safety flaw that could potentially allow remote code execution. This rare but critical bug was fixed months ago and affects Bitcoin Core releases from 2017 to early 2025.

Analyst 207
Dimly lit, abandoned cryptocurrency trading room with scattered papers and broken equipment.

Grinex Shutdown Won't Curb Russian Sanctions Evasion

The shutdown of Grinex, a Kyrgyzstan-registered cryptocurrency exchange, highlights the cat-and-mouse game of sanctions evasion, where experts warn that the ecosystem's fragmentation will only make it harder to track illicit activity. As Kaitlin Martin, a senior intelligence analyst at Chainalysis, notes, a fractured ecosystem makes it increasingly difficult to target evasive maneuvers.

Analyst 207
Law enforcement officers from multiple countries stand united in a daytime scene, conveying authority and cooperation in a…

Global Crackdown Targets Crypto Scam Centers, Arrests 276

In a major global crackdown, authorities have arrested 276 suspects and shut down nine cryptocurrency scam centers, dealing a significant blow to fraudsters targeting Americans from abroad. This coordinated effort, led by Dubai Police and involving the FBI and China's Ministry of Public Security, sends a clear message: scammers can't hide from the law, no matter where they are in the world.

Analyst 207
Person's hand reaching for laptop keyboard on a desk in a brightly-lit office setting.

North Korea Exploits Fake Meetings to Fuel Crypto Heists

North Korea is using fake video meetings to trick people into crypto scams, fueling a growing concern in the world of cryptocurrency. This clever tactic is just one of the many evolving methods threat actors are using to steal money.

Analyst 207