The Lazarus Group stole cryptocurrencies worth 60 million NOK (about $5.84 million) in March 2022 as a result of the Axie Infinity Ronin Bridge hack, according to a statement from the Norwegian police agency kokrim. The crime-fighting unit in Oslo stated in a statement that “this case illustrates that we also have a great capacity […]
Norway Seizes $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers Read More »
DevOps platform CircleCI revealed on Friday that unidentified threat actors hacked a worker’s laptop and used malware to obtain their two-factor authentication-backed credentials to access the company’s systems and data a month earlier. The “complex attack,” according to the CI/CD provider CircleCI, occurred on December 16, 2022, and the malware evaded detection by its anti malware.
Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident Read More »
On Thursday, cloud services provider Rackspace acknowledged that the intrusion from last month was caused by the Play ransomware group. A previously unidentified security exploit was used by the security event, which happened on December 2, 2022, to acquire initial access to the Rackspace Hosted Exchange email system. The Texas-based business stated that “CVE-2022-41080 is
Rackspace Admits Play Ransomware Gang Was Behind Recent Breach Read More »
BitKeep, a decentralized multi-chain cryptocurrency wallet, announced a cyber attack on its Android app on Wednesday that allowed threat actors to spread fake copies of it in order to steal users’ digital money. In a “large-scale hacking event,” according to BitKeep CEO Kevin Como, “the altered APK caused the disclosure of user’s private keys and
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies Read More »
The LastPass security breach in August 2022 might have been more serious than the firm had initially revealed. The well-known password management service disclosed on Thursday that, using information stolen from the earlier break-in, malicious actors were able to steal a wealth of personal information belonging to its users, including their encrypted password vaults. Basic
LastPass Acknowledges Serious Data Breach, Password Vaults Stolen Read More »
In an effort to lower the entrance barrier for malicious activity, the U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that provided services to carry out distributed denial-of-service (DDoS) cyberattacks on behalf of other threat actors. Additionally, six individuals were charged for their alleged ownership of the operation: Jeremiah Sam
FBI Files 6 Charges, Seizes 48 Domains Associated with DDoS-for-Hire Service Platforms Read More »
Popular password-management firm LastPass announced that it is looking into a second security issue in which hackers gained access to some of its customer data. According to LastPass CEO Karim Toubba, “We recently discovered suspicious activity within a third-party cloud storage service, which is now used by both LastPass and its partner, GoTo.” In October
LastPass Suffers Another Security Breach; Exposed Some Customers Information Read More »
The Google Play Store has been uncovered to be home to a malicious Android SMS software that secretly harvests text messages with the intention of opening accounts on numerous websites and services, including Facebook, Google, and WhatsApp. Over 100,000 people downloaded the Symoo app (com.vanjan.sms), which served as a relay for messages to be sent
On Monday, the U.S. Justice Department (DoJ) announced the removal of seven domain names in connection with a bitcoin “pig slaughtering” hoax. The actors received almost $10 million from five victims as part of the deceptive plan, according to the DoJ, which ran from May to August 2022. Pig butchering, also known as Sha Zhu
U.S. Authorities Burst Fake Crypto Investment Websites Read More »
It has been discovered that a well-known Windows information stealer by the name of ViperSoftX is used to spread a malicious extension for web browsers based on the Chromium operating system. Due to its standalone features that allow it to track website visits, steal login information and clipboard contents, and even swap cryptocurrency addresses via an
This Malware Steals Password & Crypto Using Browser Extensions Read More »
