CyberSecurityBoard
Sponsor Register Login

Episode 120 Cryptocurrency Refusing to Let Go

The FBI infiltrated the Hive ransomware gang in the middle of 2022, but were unable to identify the servers. However, they were able to provide free decryption keys to hundreds of victims. The Austrian authorities noticed a database on the dark web that looked like their own, and it was discovered that the MD5 hashing algorithm was too easy to create two files with the same hash. This allowed the hackers to cheat the authentication process. Version 4.17.5 of the software now forces two options, and code-signing certificates were stolen from GitHub on 07 December 2022. GitHub realised this and it took them two months to figure out what happened. The only thing that was stolen were code-signing keys, and three of them were still valid. GitHub revoked all the certificates, even though it had a knock-on effect on their own code. An alternative to inventing your own USB-key-based password manager is to buy a portable password manager such as KeePass. These typically have two rows of five or six keys next to each other, and they have a full-disk encryption layer inside the drive enclosure. When the power goes down, the key gets flushed from memory and the thing gets locked again. The downside is that they are more expensive than regular USB keys.

This Cyber News was published on nakedsecurity.sophos.com. Publication date: Fri, 03 Feb 2023 17:59:02 +0000


Cyber News related to Episode 120 Cryptocurrency Refusing to Let Go

CVE-2022-49123 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
How Businesses Can Manage Cryptocurrency Fraud - With cryptocurrency payments on the rise, businesses must learn how to safeguard against potential risks. Businesses across the US are seeking innovative payment methods, with an estimated 75% of retailers looking to embrace cryptocurrency payment ...
1 year ago Cyberdefensemagazine.com
New Research Delves Into the World of Malicious Cryptocurrency Mining - As cryptocurrency prices have soared in recent years, malicious cryptocurrency miners have increasingly targeted vulnerable computer systems with malicious crypto-mining software in search of profits. In a new research paper, security researchers at ...
2 years ago Thehackernews.com
North Korean Hackers Amass $3bn in Cryptocurrency Heists - North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future's Insikt Group. The revelation underscores the prolonged engagement of the regime in the cryptocurrency ...
1 year ago Infosecurity-magazine.com
Chainalysis observes decrease in cryptocurrency crime in 2023 - While the ransomware market is rising and cybercriminals continue to rack up bitcoin payments, illicit cryptocurrency activity is declining, according to new research from Chainalysis. Funds sent to illicit cryptocurrency addresses dropped from $39.6 ...
1 year ago Techtarget.com Rocke
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
1 year ago Bleepingcomputer.com
Listen Now to the Smashing Security Podcast Episode 305 - Are you looking for the latest podcast from the top experts in computer security and privacy? Look no further than the Smashing Security Podcast Episode 305, hosted by security expert Grahame Cluley. This episode readily provides the latest research, ...
2 years ago Grahamcluley.com
Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns - On January 3, 2024, Mandiant's X social media account was taken over and subsequently used to distribute links to a cryptocurrency drainer phishing page. The following blog post provides additional insight into the drainer leveraged in this campaign, ...
1 year ago Mandiant.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
Scattered Spider member pleads guilty to identity theft, wire fraud charges | The Record from Recorded Future News - Urban, who goes by the alias "Sosa," “Elijah,” and “King Bob” was "part of a group of loosely organized individuals who engage in account takeovers and [stole] cryptocurrency from online exchanges" from August 2022 through ...
1 month ago Therecord.media Scattered Spider
Smashing Security Podcast Episode 306: What is the State of Cyber Security in 2020? - The recent pandemic has created a need for businesses to invest in cybersecurity more than ever. The popularity of digital communication and remote access has exposed organizations to more cybersecurity threats than ever before. Graham Cluley’s ...
2 years ago Grahamcluley.com
How to Keep Your Data Secure: Leaks, Breaches, Patches and Tweaks - In today’s world, data security is more important than ever. With the rise of cybercrime, data breaches, and security threats, it’s essential to stay vigilant when it comes to protecting your data. In this article, we discuss the latest news on ...
2 years ago Nakedsecurity.sophos.com
Bitzlato Cryptocurrency Exchange Shut Down by Authorities for Cybercriminal Links - Bitlato, a cryptocurrency exchange based in the UK, has been shutdown by the authorities after accusations of links to cybercrime. The sudden closure of the exchange left investors and customers in shock and without their funds. ...
2 years ago Grahamcluley.com
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report - North Korean threat actors are believed to have stolen more than $3 billion in cryptocurrency to date, according to a report from threat intelligence firm Recorded Future. Collectively tracked as the Lazarus Group, the North Korean hackers specialize ...
1 year ago Securityweek.com Lazarus Group
New Attack Exploiting X/Twitter Advertising Display URL Feature to Trick Users - Cybersecurity researchers have uncovered a campaign that tricks users by displaying trusted domain names in advertisements while redirecting victims to malicious cryptocurrency scam websites. This technique was previously reported by Bleeping ...
1 day ago Cybersecuritynews.com
Episode 120 Cryptocurrency Refusing to Let Go - The FBI infiltrated the Hive ransomware gang in the middle of 2022, but were unable to identify the servers. However, they were able to provide free decryption keys to hundreds of victims. The Austrian authorities noticed a database on the dark web ...
2 years ago Nakedsecurity.sophos.com
Chrome 120 Patches 10 Vulnerabilities - Google on Tuesday announced the release of Chrome 120 to the stable channel with patches for 10 vulnerabilities. Of the resolved issues, five were reported by external researchers, who received a total of $15,000 in bug bounty rewards, according to ...
1 year ago Securityweek.com CVE-2023-6508 CVE-2023-6509 CVE-2023-6345
Google Chrome 120 Released with Patch for 10 Critical Security Flaws - Google has recently released Chrome 120 for Windows, Mac, and Linux. This version of Chrome comes with 10 security patches to ensure a safer browsing experience for its users. The most recent versions of Chrome available to users are 120.0.6099.62 ...
1 year ago Cybersecuritynews.com CVE-2023-6508 CVE-2023-6511 CVE-2023-6512
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
2 years ago Therecord.media Lazarus Group
NY engineer pleads guilty to stealing millions from two crypto exchanges - A former security engineer for an international tech company pleaded guilty in federal court to hacking two decentralized cryptocurrency exchanges. As a result of these hacks in July 2022, U.S. citizen Shakeeb Ahmed, 34, illegally obtained over $12 ...
1 year ago Therecord.media
Multichain Inferno Drainer Abuse Web3 Protocols - A cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, 'Inferno Drainer', a well-known multichain cryptocurrency drainer, was operational under ...
1 year ago Gbhackers.com
North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled - It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum in the last 24 hours, using the coin mix-up service ...
1 year ago Cysecurity.news Lazarus Group
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data - A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital ...
7 months ago Thehackernews.com
Sanctioned entities fueled $16 billion in cryptocurrency activity last year, report says | The Record from Recorded Future News - Sanctioned entities and jurisdictions were responsible for nearly $16 billion in cryptocurrency activity last year, driven in part by a resurgence of activity in the mixing service Tornado Cash and a spike in the use of crypto in Iran. The amount of ...
2 months ago Therecord.media
Google Chrome Use After Free Flaw Let Attacker Hijack Browser - The latest stable channel update for Google Chrome, version 120.0.6099.199 for Mac and Linux and 120.0.6099.199/200 for Windows, is now available and will shortly be rolled out to all users. The Extended Stable channel has been updated to ...
1 year ago Gbhackers.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)