The U.S. Justice Department (DoJ) on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds.
Both the individuals, Roman Storm and Roman Semenov, have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million.
The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet.
An investigation undertaken by the FBI found
Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security’s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credential harvesting malware while continuing to develop infrastructure for an upcoming (spoiler: now launched) campaign
A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign.
"The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence," Sysdig
A new information malware strain called Statc Stealer has been found infecting devices running Microsoft Windows to siphon sensitive personal and payment information.
"Statc Stealer exhibits a broad range of stealing capabilities, making it a significant threat," Zscaler ThreatLabz researchers Shivam Sharma and Amandeep Kumar said in a technical report published this week.
"It can steal
Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors.
Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller subset tied to bigger companies, spanning financial, aerospace, automotive, industrial, and security sectors
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin.
The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different
Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners.
The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai botnet.
Of these attack attempts, 20% (or
A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system.
Written in the Rust programming language, the malware is distributed in the form of bogus blockchain games and is capable of "emptying crypto wallets and stealing stored password and
An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of the supply chain attack targeting 3CX.
The findings come from SentinelOne, which mapped out the infrastructure pertaining to the intrusion to uncover underlying patterns. It's worth noting
On April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market, one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can read the FBI's warrant here for details specific to this case. In light of these events, I'd like to discuss how OSINT
As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob.
"The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag said in a
Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than they did a year ago, according to findings from Chainalysis.
"Ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June," the blockchain analytics firm said in a midyear crypto crime report
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal.
"The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said. "This is the first publicly
Login
FreshRSS