Crimeware-as-a-service: A new threat to crypto users

January 13, 2025 Coin Telegraph

caas

Crimeware-as-a-service fuels cybercrime in crypto. Explore its impact, tactics used and key steps to safeguard your wallets and transactions.

Crimeware-as-a-service (CaaS) involves experienced criminals selling their tools and services to less experienced offenders for a price. This model resembles software-as-a-service (SaaS), where the provider gives access to the software to the subscriber. In the case of crimeware-as-a-service, the SaaS model has reshaped itself in the context of cybercrime.

In the early days of cybercrime, cybercriminals mostly worked alone or in small groups, playing with technology and trying to sneak into people’s bank accounts or emails for personal gains and fun. Criminals generally used email to send viruses and commit scams.

JPMorgan Chase Employee Allegedly Steals 7,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

Fake OKX plugins found on the Firefox browser store

January 8, 2025 Coin Telegraph

Coin Telegraph

According to cybersecurity firm CertiK, the number of crypto hacks and exploits rose to 303 incidents in 2024, up from 282 in 2023.

Crypto exchange OKX has warned users of fraudulent OKX browser extension that have appeared on the Firefox browser plugin store. Extensions integrate third-party functionality within a web browser interface.

According to OKX, the company has not released any Firefox browser plugins and has advised users who mistakenly downloaded the plugin to transfer any funds in wallets connected to the fraudulent extension.

OKX contacted Firefox to remove the applications and reminded users never to download OKX-specific software from third parties.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

Virtuals Protocol Discord server hacked, fake Google links posted

January 8, 2025 Coin Telegraph

Coin Telegraph

The security incidents occurred days after a researcher discovered a critical bug in a Virtuals Protocol audited contract, which was fixed.

AI agent platform Virtuals Protocol suffered a hack to its Discord server on Jan. 8, and several fraudulent links purporting to be the Virtuals Protocol website were posted on Google Search.

According to the Virtuals team, one of the Discord group’s moderators was the victim of a private key breach that compromised the messaging server. The breach has since been resolved.

Cybersecurity firm Scam Sniffer also detected three malicious links advertised on the Google Search page impersonating the Virtuals Protocol website in a separate incident.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

Ledger Users Targeted in New Data Breach Phishing Campaign

December 20, 2024 Bitcoin.com

bitcoin.com

Users of the Ledger series of hardware wallets are being targeted as part of a widespread phishing campaign that takes advantage of earlier data leaks. Some users have received emails alerting them to a data breach that could have exposed their seed phrases to attackers. Ledger Users Receiving Data Breach Emails in Phishing Campaign Attackers […]

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

Brooklyn DA shutters 40 NFT scam sites after artist loses $135K

December 9, 2024 Coin Telegraph

Brooklyn DA shutters 40 NFT scam sites after artist loses 5K

Brooklyn District Attorney's Office

An investigation into the victim of an NFT scam led the Brooklyn District Attorney’s Virtual Currency Unit to discover and dismantle a network of fake NFT marketplace sites.

Brooklyn’s District Attorney said his office has shut down 40 fraudulent non-fungible token (NFT) marketplace websites after an 85-year-old artist was conned out of $135,000 by a scammer.

The victim was contacted on LinkedIn by someone posing as an art dealer who convinced him to mint his artwork on a fake NFT marketplace resembling the New York-based OpenSea, the Brooklyn District Attorney’s Office said on Dec. 6.

He was later told he made $300,000 in profits — but in order to access it, he had to send a $135,000 “fee,” which he sourced from fully liquidating his retirement account, credit card payments and a loan.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

Five Alleged Scammers Federally Charged With Running Crypto Phishing Scheme by DOJ

November 22, 2024 The Daily Hodl

crypto

The Department of Justice (DOJ) recently unsealed charges against five alleged scammers for running a crypto phishing scam that cost victims millions of dollars. According to a new press release from the U.S. Attorney’s Office, Central District of California, Tyler Buchanan of the UK and four other American defendants are being charged with charges ranging […]

The post Five Alleged Scammers Federally Charged With Running Crypto Phishing Scheme by DOJ appeared first on The Daily Hodl.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

US charges 5 in $11M crypto hacking scheme linked to ‘Scattered Spider’

November 21, 2024 Coin Telegraph

US charges 5 in M crypto hacking scheme linked to ‘Scattered Spider’

Arrest

The US charged five people it linked to a group suspected of a hacking spree, with one alleged victim being robbed of over $6.3 million worth of crypto.

United States prosecutors charged five people with being part of a group that hacked dozens of businesses and individuals to steal $11 million in crypto and sensitive information.

The California US Attorney’s Office said on Nov. 20 that the defendants sent SMS phishing links or SIM-swapped individuals and employees of certain companies to steal login credentials to their work or crypto exchange accounts.

Court documents seen by Cointelegraph detailed at least 29 alleged individual crypto-theft victims. Prosecutors claimed one victim was robbed of more than $6.3 million worth of crypto after having their email and wallets breached.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

North Korean hacker BlueNoroff targets crypto firms with new malware

November 8, 2024 Coin Telegraph

BlueNoroff

According to cybersecurity firm Recorded Future, North Korean hacker groups have stolen approximately $3 billion in funds since 2017.

BlueNoroff, the infamous North Korean hacker group responsible for a string of phishing and cybersecurity attacks since 2019, is targeting crypto firms with a new malware that attacks MacOS computers.

According to a report from SentinelLabs, the malware operation nicknamed “Hidden Risk” is spread through PDF files in multiple stages. The threat actors use fake news headlines and legitimate crypto market research to lure in unsuspecting individuals and companies.

Once the user downloads the PDF file, a seemingly legitimate decoy PDF is downloaded and opened, while the malware downloads as a separate file on the MacOS desktop in the background.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

Bitget wallet on Telegram hits 6 million users 3 days after launch

October 31, 2024 Coin Telegraph

Bitget

Bitget Wallet’s Telegram Mini App, Bitget Wallet Lite mini, has attracted more than six million users in just three days after its soft launch.

Bitget Wallet, a self-custodial cryptocurrency wallet operated by Bitget exchange, is gaining popularity on Telegram, where its Mini App attracted millions of users within days of launch.

On Oct. 31, Bitget Wallet announced the official launch of Bitget Wallet Lite, a multichain wallet integrated into Telegram, allowing users to buy, store and send crypto within the app.

The official launch comes three days after the Bitget Wallet Lite’s soft launch on Oct. 28, with six million users joining the Mini App on Telegram since.

JPMorgan Chase Employee Allegedly Steals $857,000, Abusing Insider Status To Manipulate Hundreds of US Treasury Checks: Department of Justice

EigenLayer (EIGEN) X Account Hacked in Phishing Scam Less Than One Month After the Token’s Launch

October 18, 2024 The Daily Hodl

Altcoins

The social media platform X account behind a new Ethereum (ETH) ‘restaking’ protocol has been compromised weeks after the token’s launch. According to PeckShieldAlert, the social media account belonging to EigenLayer (EIGEN) was hacked with a phishing link this morning. “EigenLayer X account has been compromised. Do*NOT* click the phishing link eligible-eigenfoundation[.]org” It is not […]

The post EigenLayer (EIGEN) X Account Hacked in Phishing Scam Less Than One Month After the Token’s Launch appeared first on The Daily Hodl.

phishing

Share this video