Episode 120 Cryptocurrency Refusing to Let Go

The FBI infiltrated the Hive ransomware gang in the middle of 2022, but were unable to identify the servers. However, they were able to provide free decryption keys to hundreds of victims. The Austrian authorities noticed a database on the dark web that looked like their own, and it was discovered that the MD5 hashing algorithm was too easy to create two files with the same hash. This allowed the hackers to cheat the authentication process. Version 4.17.5 of the software now forces two options, and code-signing certificates were stolen from GitHub on 07 December 2022. GitHub realised this and it took them two months to figure out what happened. The only thing that was stolen were code-signing keys, and three of them were still valid. GitHub revoked all the certificates, even though it had a knock-on effect on their own code. An alternative to inventing your own USB-key-based password manager is to buy a portable password manager such as KeePass. These typically have two rows of five or six keys next to each other, and they have a full-disk encryption layer inside the drive enclosure. When the power goes down, the key gets flushed from memory and the thing gets locked again. The downside is that they are more expensive than regular USB keys.

This Cyber News was published on nakedsecurity.sophos.com. Publication date: Fri, 03 Feb 2023 17:59:02 +0000


Cyber News related to Episode 120 Cryptocurrency Refusing to Let Go

How Businesses Can Manage Cryptocurrency Fraud - With cryptocurrency payments on the rise, businesses must learn how to safeguard against potential risks. Businesses across the US are seeking innovative payment methods, with an estimated 75% of retailers looking to embrace cryptocurrency payment ...
9 months ago Cyberdefensemagazine.com
New Research Delves Into the World of Malicious Cryptocurrency Mining - As cryptocurrency prices have soared in recent years, malicious cryptocurrency miners have increasingly targeted vulnerable computer systems with malicious crypto-mining software in search of profits. In a new research paper, security researchers at ...
1 year ago Thehackernews.com
North Korean Hackers Amass $3bn in Cryptocurrency Heists - North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future's Insikt Group. The revelation underscores the prolonged engagement of the regime in the cryptocurrency ...
1 year ago Infosecurity-magazine.com
Chainalysis observes decrease in cryptocurrency crime in 2023 - While the ransomware market is rising and cybercriminals continue to rack up bitcoin payments, illicit cryptocurrency activity is declining, according to new research from Chainalysis. Funds sent to illicit cryptocurrency addresses dropped from $39.6 ...
10 months ago Techtarget.com
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
10 months ago Bleepingcomputer.com
Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns - On January 3, 2024, Mandiant's X social media account was taken over and subsequently used to distribute links to a cryptocurrency drainer phishing page. The following blog post provides additional insight into the drainer leveraged in this campaign, ...
10 months ago Mandiant.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com
Listen Now to the Smashing Security Podcast Episode 305 - Are you looking for the latest podcast from the top experts in computer security and privacy? Look no further than the Smashing Security Podcast Episode 305, hosted by security expert Grahame Cluley. This episode readily provides the latest research, ...
1 year ago Grahamcluley.com
Bitzlato Cryptocurrency Exchange Shut Down by Authorities for Cybercriminal Links - Bitlato, a cryptocurrency exchange based in the UK, has been shutdown by the authorities after accusations of links to cybercrime. The sudden closure of the exchange left investors and customers in shock and without their funds. ...
1 year ago Grahamcluley.com
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report - North Korean threat actors are believed to have stolen more than $3 billion in cryptocurrency to date, according to a report from threat intelligence firm Recorded Future. Collectively tracked as the Lazarus Group, the North Korean hackers specialize ...
1 year ago Securityweek.com
Smashing Security Podcast Episode 306: What is the State of Cyber Security in 2020? - The recent pandemic has created a need for businesses to invest in cybersecurity more than ever. The popularity of digital communication and remote access has exposed organizations to more cybersecurity threats than ever before. Graham Cluley’s ...
1 year ago Grahamcluley.com
How to Keep Your Data Secure: Leaks, Breaches, Patches and Tweaks - In today’s world, data security is more important than ever. With the rise of cybercrime, data breaches, and security threats, it’s essential to stay vigilant when it comes to protecting your data. In this article, we discuss the latest news on ...
1 year ago Nakedsecurity.sophos.com
Episode 120 Cryptocurrency Refusing to Let Go - The FBI infiltrated the Hive ransomware gang in the middle of 2022, but were unable to identify the servers. However, they were able to provide free decryption keys to hundreds of victims. The Austrian authorities noticed a database on the dark web ...
1 year ago Nakedsecurity.sophos.com
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
1 year ago Therecord.media
Chrome 120 Patches 10 Vulnerabilities - Google on Tuesday announced the release of Chrome 120 to the stable channel with patches for 10 vulnerabilities. Of the resolved issues, five were reported by external researchers, who received a total of $15,000 in bug bounty rewards, according to ...
11 months ago Securityweek.com
Google Chrome 120 Released with Patch for 10 Critical Security Flaws - Google has recently released Chrome 120 for Windows, Mac, and Linux. This version of Chrome comes with 10 security patches to ensure a safer browsing experience for its users. The most recent versions of Chrome available to users are 120.0.6099.62 ...
11 months ago Cybersecuritynews.com
NY engineer pleads guilty to stealing millions from two crypto exchanges - A former security engineer for an international tech company pleaded guilty in federal court to hacking two decentralized cryptocurrency exchanges. As a result of these hacks in July 2022, U.S. citizen Shakeeb Ahmed, 34, illegally obtained over $12 ...
11 months ago Therecord.media
Multichain Inferno Drainer Abuse Web3 Protocols - A cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, 'Inferno Drainer', a well-known multichain cryptocurrency drainer, was operational under ...
10 months ago Gbhackers.com
North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled - It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum in the last 24 hours, using the coin mix-up service ...
8 months ago Cysecurity.news
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data - A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital ...
2 months ago Thehackernews.com
Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto - Y is the author of a book I can very greatly recommend, with the fascinating title Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency. As I dug into this cypherpunk world, around 2010 and 2011, I came upon this thing that ...
1 year ago Nakedsecurity.sophos.com
US cybercops trace and return nearly $9M stolen by scammers The Register - The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called "Pig butchering" scams. Authorities tracked payments to cryptocurrency addresses belonging to one organization known for ...
1 year ago Theregister.com
Crypto drainer steals $59 million from 63k people in Twitter ad push - Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. According to blockchain threat analysts at ScamSniffer, they ...
11 months ago Bleepingcomputer.com
Google Chrome Use After Free Flaw Let Attacker Hijack Browser - The latest stable channel update for Google Chrome, version 120.0.6099.199 for Mac and Linux and 120.0.6099.199/200 for Windows, is now available and will shortly be rolled out to all users. The Extended Stable channel has been updated to ...
11 months ago Gbhackers.com
SIEM agent being used in SilentCryptoMiner attacks | Securelist - The most interesting action in this attack was the implementation of unusual techniques like using an SIEM agent as backdoor, adding the malicious payload to a legitimate digital signature, and hiding directories containing malicious files. The ...
2 months ago Securelist.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)