Tag: defi
17 articles

Lazarus Group Deploys Memory-Only RAT in Financial Sector Attacks
The notorious Lazarus Group has unleashed a sneaky new attack tool, a memory-only Remote Access Trojan (RAT), targeting the financial sector with cunning precision. This stealthy malware, known as RemotePE, is just the latest weapon in the group's arsenal, and it's being used to infiltrate and manipulate its victims.

TrapDoor Attack Spreads Credential-Stealing Malware Across Software Ecosystems
A massive supply chain attack, dubbed TrapDoor, has been spreading credential-stealing malware across three major language ecosystems, infecting over 34 malicious packages and 384 versions. The coordinated campaign began on May 22, 2026, and continues to target developers with cleverly named packages related to cryptocurrency, DeFi, Solana, and AI.

Lazarus Hackers Orchestrate $290 Million KelpDAO Heist
In a shocking turn of events, the Lazarus hackers struck again, making off with a staggering $290 million from the KelpDAO decentralized finance project in a single weekend heist. But who benefits from this massive theft, and who's left to deal with the devastating aftermath?

Drift Protocol Hack Unfolds from Months-Long Insider Operation
The Drift Protocol hack, which resulted in a staggering $280 million loss, was not a quick exploit, but a meticulously planned six-month operation where attackers built a hidden presence within the ecosystem. This unprecedented breach reveals a shocking level of insider involvement, taking the attack far beyond a simple code vulnerability.

Drift Protocol Exploited for $280 Million by North Korean Hackers
In a shocking and sophisticated attack, North Korean hackers seized control of the Drift Protocol's Security Council, resulting in a staggering loss of at least $280 million. This brazen exploit raises serious questions about the security of even the most trusted blockchain platforms.

Drift Protocol Compromised in $280 Million Heist
In a shocking, high-stakes heist, a sophisticated threat actor exploited a vulnerability in Drift Protocol's governance, seizing control of its Security Council and making off with at least $280 million in a single, precision strike. This brazen breach serves as a stark reminder of the devastating consequences of compromised governance controls.

Uranium Finance Hack Exposed: Maryland Man Charged in $53m Crypto Heist
A Maryland man has been charged with stealing $53 million from Uranium Finance, a decentralized finance protocol, by exploiting weaknesses in smart contracts and then attempting to launder the proceeds through a complex web of cryptocurrency transactions. This brazen heist highlights the vulnerability of DeFi systems and the creative - yet illicit - tactics used by hackers to cash in.

ThreatsDay Bulletin Exclusive: Essential Cyber Threats
Ever wondered what happens when trusted doors are left unlocked? This ThreatsDay Bulletin shows how trusted attack chains—everyday files, SMS, cloud APIs and smart contracts—are being repurposed into stealthy, high‑leverage strikes and what you can do to shut them down.

DeFi Protocol Balancer Suffers Stunning $120M Heist
Who guards the guards? A sophisticated Balancer exploit drained over $120 million from the protocol’s liquidity pools, jolting the DeFi community and forcing a hard rethink of how permissionless innovation can survive against fast, well‑resourced attackers.

ThreatsDay Exclusive: Critical Crypto Fine, AI Hijack Alert
ThreatsDay peels back how criminals are weaponizing trust — not by inventing new tech but by exploiting convenience, stale components and lax controls, from a billion‑dollar crypto collapse to AI‑assisted hijacks and targeted smishing. Find out why ordinary systems and trusted channels are the new attack surface, and who should be closing the door.

EtherHiding: Exclusive Risky Crypto Heist Warning
What if the blockchain meant to protect your funds became a hiding place for thieves? Google warns North Korea-linked hackers are using EtherHiding—embedding malware in Ethereum transactions—to siphon crypto, forcing defenders to rethink how they detect and stop attacks.

EtherHiding in smart contracts: Exclusive Critical Threat
Imagine the smart contracts you trust quietly carrying malware — researchers say a North Korean‑linked group used a new EtherHiding trick to embed and trigger malicious payloads in blockchain contracts. Defenders now need to move beyond static code checks and adopt runtime monitoring to stop these covert distribution channels before they steal funds.

weaponize trust: Stunning, Risky Threats to Tech
This week’s ThreatsDay unpacks a staggering $15B crypto fraud, chilling satellite-enabled surveillance, and a rise in smishing — showing how everyday tech is being turned against us and what simple steps you can take to protect your money, data, and trust.

AkdoorTea backdoor: Exclusive Dangerous Threat to Devs
A new North Korea-linked campaign called DeceptiveDevelopment is planting a stealthy backdoor, AkdoorTea, in developer environments worldwide—threatening repositories, build systems, and crypto projects across Windows, macOS, and Linux. If you build or maintain crypto or open-source tooling, now’s the time to lock down keys, enforce MFA, and monitor developer endpoints before a single compromised laptop turns into a major breach.

malicious npm packages: Must-Stop Risky Supply-Chain Threat
Malicious npm packages and cloned GitHub repos are now weaponizing developer tooling to steal wallet keys and hijack Ethereum smart contracts, turning routine dependency installs into a direct route for theft. If you build dApps, treat every package as untrusted—use hardware wallets, isolate signing keys, and audit dependencies before they can cost you millions.

Lazarus Group Exclusive: Dangerous DeFi RATs Revealed
A North Korea-linked Lazarus campaign used a crafty phishing lure to deploy three cross-platform RATs—PondRAT, ThemeForestRAT and RemotePE—breaching a DeFi organization and highlighting how attackers now tailor stealthy, multi‑OS toolsets to target decentralized finance. It’s a wake-up call: assume breach, tighten access and key protections, and shift to behavior-based detection across heterogeneous environments.

Web3 cyber threats: Critical Must-Have Defense Guide
EncryptHub is targeting Web3 developers with convincing fake AI platforms, so learn to spot spoofed sites, verify domains and social profiles, and never share private keys. Use hardware wallets, multisig, and secure development practices to keep your projects and funds safe.