CVE-2018-1000851

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...

EUVD-2018-1785

Malware in sbrugna...

EUVD-2018-2038

Malware in sbrugna...

MultiBit HD Security Vulnerability

MultiBit HD is a bitcoin wallet open-sourced by MultiBit. A security vulnerability exists in versions prior to MultiBit HD 0.1.2 that stems from not setting the Message Authentication Code MAC...

Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors

Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide – the ransomware gang behind the Colonial Pipeline hack. According to researchers at Trend Micro, threat actors are taking advantage of the notoriety around the pipeline...

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized

Just as Colonial Pipeline restored all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its infrastructure, citing a law enforcement seizure. All the dark web sites...

bch-wallet-plugin-postoffice (>=1.0.0 <=1.0.8), bitcoin-wallet-api (>=0.0.5 <=0.1.6) potentially affected by CVE-2020-15130 via slpjs (>=0.22.5 <=0.23.3)

slpjs NPM version =0.22.5, =1.0.0, =0.0.5, =0.1.6 Source cves: CVE-2020-15130 Source advisory: OSV:GHSA-CC2P-4JHR-XHHX...

Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time

Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history. A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple...

Twitter Confirms it was Hacked in an Unprecedented Cryptocurrency Scam

Twitter locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies Wednesday afternoon in an effort to prevent hackers from perpetrating a massive cryptocurrency scam. The accounts fell victim to a compromise of the company’s internal systems by a group...

bch-wallet-plugin-postoffice (>=1.0.0 <=1.0.8), bitcoin-wallet-api (>=0.0.5 <=0.1.6) potentially affected by CVE-2020-11071 via slpjs (>=0.22.5 <=0.23.3)

slpjs NPM version =0.22.5, =1.0.0, =0.0.5, =0.1.6 Source cves: CVE-2020-11071 Source advisory: OSV:GHSA-JC83-CPF9-Q7C6...

Rapidly Growing Electrum Botnet Infects Over 152,000 Users; Steals $4.6 Million

An ongoing attack against Electrum Bitcoin wallets has just grown bigger and stronger with attackers now targeting the whole infrastructure of the exchange with a botnet of over 152,000 infected users, raising the amount of stolen users' funds to USD 4.6 million. Electrum has been facing cyber...

Electrum DDoS botnet reaches 152,000 infected hosts

By Jérôme Segura, Adam Thomas, and S!Ri We have been closely monitoring the situation involving the continued attacks against users of the popular Electrum Bitcoin wallet. Initially, victims were being tricked to download a fraudulent update that stole their cryptocurrencies. Later on, the threat...

TAU Threat Intelligence Notification – Fake Movie File Attack Targeting Cryptocurrency

A malicious Windows shortcut file is posing as a movie available on a torrent site - its payload is used to conduct web-injection, ultimately targeting victim’s web searches in browsers like Chrome, Firefox and Internet Explorer. The payload has the ability to search for and steal cryptocurrency...

CVE-2018-1000851

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

Design/Logic Flaw

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

CVE-2018-1000851

CVE-2018-1000851 affects Copay Bitcoin Wallet versions 5.01–5.1.0, with a vulnerability in wallet private key storage that can allow an attacker to compromise users’ private keys. The issue appears to be exploitable by running malicious code at startup. Remediation is to upgrade to 5.2.0 and late...

Brave Software: Field Day With Protocol Handlers

Summary ===================== When launching a protocol such as mailto:, SEARCH:, or bitcoin:, Brave only asks to allow the protocol to be opened by an external application. You can select on whether or not to remember the decision or not and to allow or deny it. The issue is that upon selecting...

How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs

Dr. Mordechai Guri, the head of R&D team at Israel's Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named "BeatCoin." BeatCoin is not a new hacking technique; instead, it's an experiment wherein the...

CVE-2018-1000022

Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to version 3.0.5 contains a Missing Authorization vulnerability in JSONRPC interface that can result in Bitcoin theft, if the user's wallet is not password protected. This attack appear to be exploitable via The victim must visit a...