An unknown threat actor has been quietly mining Monero cryptocurrency on open source Redis servers around the world for years, using a custom-made malware variant that is virtually undetectable by agentless and conventional antivirus tools. Since September 2021, the threat actor has compromised at least 1,200 Redis servers — that thousands of mostly smaller organizations…

BTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the extraction of new Bitcoin coins. BTC.com is one of the largest platforms for transferring Bitcoin…

The two, Eric Meiggs, 24, of Brockton, and Declan Harrington, 22, of Beverly, employed SIM swapping, computer hacking, and other techniques as part of their nefarious activities, the US Department of Justice says. According to documents presented in court, the two targeted executives of cryptocurrency companies and individuals who had large amounts of cryptocurrency or…

According to the agency, miscreants are taking advantage of the increased interest in cryptocurrency and the complex functionality and the open source nature of DeFi platforms to perform nefarious activities. Cybercriminals are exploiting security flaws in the smart contracts governing DeFi platforms to steal virtual currency and cause investors to lose money, the FBI says….

Believed to be backed by the North Korean government, Lazarus has been active since at least 2009, orchestrating various high-profile attacks, including numerous assaults on cryptocurrency entities. Also referred to as Hidden Cobra, Lazarus is believed to comprise multiple subgroups, the activities of which often overlap, the same as their tools. Over the past couple…

In this video for Help Net Security, Maor Hizkiev, Senior Director Software Engineering at Datto, talks about a recently analyzed community phishing campaign revolving around Nvidia. This phishing campaign started back in 2020, when Nvidia released their 30 series of graphic cards, which are heavily used by cryptominers. Datto started monitoring this phishing campaign on…

This is a result of basic mechanics: “When one object exerts a force on a second object, the second one exerts a force on the first that is equal in magnitude and opposite in direction.” In cyber, it means that when defenses get stronger, attackers get more sophisticated; and when attackers get more sophisticated, defenses…