Tag: CRYPTO

GrassCall Campaign: The Hackers Behind Job Recruitment Cyber Scams
The “GrassCall” malware campaign is an advanced social engineering attack targeting job seekers in the cryptocurrency and Web3 sectors, orchestrated by the Russian cybercriminal organization “Crazy Evil.” Utilizing fake job interviews, the attackers compromise systems to steal cryptocurrency assets, resulting in hundreds of victims. Affected: cryptocurrency sector, job seekers

Keypoints :

The GrassCall malware campaign is led by the Russian-speaking cyber-criminal organization “Crazy Evil.”…
Read More
Fake Cloudflare Verification Results in LummaStealer Trojan Infections
This article describes an ongoing malware campaign utilizing malicious WordPress plugins to spread the LummaStealer trojan. The malware trick users into running harmful PowerShell commands, thus collecting sensitive data from infected PCs. The campaign exploits fake human verification prompts primarily targeting Windows users. Affected: WordPress websites, Windows operating system users

Keypoints :

LummaStealer is an infostealer malware designed to collect sensitive data.…
Read More
Malware campaign ‘DollyWay’ breached 20,000 WordPress sites
Summary: The ‘DollyWay’ malware operation has targeted over 20,000 WordPress sites since 2016, evolving into a sophisticated redirection scam that generates millions of fraudulent impressions monthly. It employs complex tactics including dynamic script injection and auto-reinfection to maintain persistent control over compromised sites. GoDaddy researchers link various malware campaigns under the ‘DollyWay World Domination’ umbrella, emphasizing a notable escalation in risk for affected organizations.…
Read More

Summary: The video discusses the latest episode of “Security Now” with Steve Gibson, covering a range of topics, including an in-depth analysis of the cryptography used in Telegram’s messenger, updates on the Rowhammer vulnerability, and the implications of recent security incidents involving Twitter and Firefox. It also encourages listeners to participate in a study on Rowhammer, providing detailed instructions on how to assess their own systems for vulnerabilities.…
Read More
Summary: Two critical vulnerabilities have been discovered in the xml-crypto library, affecting its ability to securely verify XML signatures. Identified as CVE-2025-29774 and CVE-2025-29775, both vulnerabilities carry a CVSSv4 score of 9.3, posing serious risks for applications utilizing this library. Users are urged to upgrade to version 6.0.1 or the appropriate patch versions to mitigate these security threats.…
Read More
FBI Issues Warning Over Free Online File Converters That Actually Install Malware
Summary: The FBI Denver Field Office has issued a warning regarding an increase in scam websites that masquerade as free online file converters but instead load malware onto users’ systems. This malware can lead to ransomware attacks and the theft of sensitive personal information. Users are advised to remain vigilant and protect their devices with anti-malware solutions.…
Read More
Microsoft identifies new RAT targeting cryptocurrency wallets and more
Summary: Microsoft has discovered a new remote access trojan named StilachiRAT, which utilizes sophisticated evasion techniques to maintain persistence on compromised systems while exfiltrating sensitive data. The malware targets several cryptocurrency wallet extensions and can manipulate system settings and steal credentials. Although the origin of StilachiRAT remains unknown, its capabilities warrant serious attention due to its stealth and extensive data collection functions.…
Read More
Thousands of Fake Crypto Investment Platforms Uncovered in Widespread Scam Campaign
Summary: Researchers from Unit 42 have uncovered a complex network of fraudulent cryptocurrency investment platforms that employ tactics akin to Ponzi and pyramid schemes. These scams leverage popular brands and current events to gain users’ trust while promising unrealistic returns. The campaign, which is actively targeting users chiefly in East Africa and Asia, relies on impersonation and multi-level marketing to recruit affiliates, raising significant concerns about the extensive reach and impact of these fraudulent activities.…
Read More
Crypto exchange OKX shuts down tool used by North Korean hackers to launder stolen funds
Summary: OKX, a Seychelles-based cryptocurrency exchange, has temporarily suspended its decentralized finance services after detecting attempts by the North Korean Lazarus Group to launder stolen funds. The exchange aims to implement upgrades to prevent future misuse while addressing ongoing scrutiny from regulators regarding its compliance practices.…
Read More
Major Cyber Attacks in Review: February 2025
In February 2025, multiple significant cyber incidents revealed ongoing risks across various industries worldwide. Notable attacks included the Qilin ransomware incident at Lee Enterprises, which disrupted media distribution, and a .5 billion cryptocurrency theft attributed to North Korea’s Lazarus Group. Breaches at DISA Global Solutions, Orange, and LANIT highlighted severe vulnerabilities in finance, telecom, healthcare, media, and government sectors.…
Read More
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Summary: This week’s cybersecurity report highlights the evolving landscape of cyber threats, including advanced techniques used by threat groups and rising supply chain vulnerabilities. Law enforcement efforts against cybercriminal networks show promise, while new exploits and vulnerabilities demand prompt attention from organizations. The report includes notable incidents, emerging attack methods, and critical vulnerabilities that security teams should prioritize.…
Read More
How to Execute the Bybit .5B ETH Heist – An Attack Path for Offensive Security Operations in AWS
On February 21st, a significant cryptocurrency theft occurred involving Bybit, where hackers from the Lazarus Group infiltrated a supplier’s system to redirect 401,000 Ethereum coins worth approximately .5 billion. The attack exemplifies a supply chain vulnerability that permitted hackers to exploit AWS services while leaving the Bybit system itself secure.…
Read More
Decrypting Zoom Team Chat: Forensic Analysis of Encrypted Chat Databases
This article delves into the complexities of analyzing Zoom Team Chat artifacts within a digital forensic framework, highlighting the challenges posed by data encryption and the necessity for both local and server-side keys. The forensic analysis focuses on user activity tracking through various applications, culminating in the extraction of crucial communication data from Zoom Team Chat.…
Read More
Coinbase phishing email tricks users with fake wallet migration
Summary: A deceptive phishing campaign targeting Coinbase users tricks recipients into creating a new wallet by providing a recovery phrase controlled by attackers. The emails falsely present a mandatory wallet migration and bypass email security checks, making them seem legitimate. Coinbase warns users to be vigilant and never use recovery phrases provided by emails.…
Read More