230 matches found
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions
An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android ap...
CVE-2023-33242
Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt 256 in total because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed...
CVE-2023-33241
Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signature...
CVE-2023-33242
CVE-2023-33242 affects crypto wallets implementing Lindell17 TSS. The vulnerability arises from mishandling aborts after a failed signature, allowing an attacker to exfiltrate the full ECDSA private key by extracting one bit per signature attempt (256 total). Connected materials include a PoC/exp...
CVE-2023-33242 Lindell17 TSS Abort Mishandling
Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt 256 in total because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed...
CVE-2023-33241 GG18 / GG20 TSS Beta Parameter Vulnerability
Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signature...
CVE-2023-33241
CVE-2023-33241 affects wallets using GG18/GG20 TSS (MPC) protocols. A malicious pallier key injected during the protocol and cheating in the range proof may allow an attacker to exfiltrate a full ECDSA private key (or other parties’ key shares), with the required effort potentially depending on B...
CVE-2023-33241 GG18 / GG20 TSS Beta Parameter Vulnerability
Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signature...
Kanti Ransomware Strikes Cryptocurrency Users
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kanti is a novel strain of ransomware that has been specifically designed to target cryptocurrency users. This sophisticated ransomware is cunningly crafted to infiltrate systems and encrypt files,...
Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets
In yet another sign of a lucrative crimeware-as-a-service CaaS ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions. "The Meduza Stealer has a...
Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets
In yet another sign of a lucrative crimeware-as-a-service CaaS ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions. "The Meduza Stealer has a...
New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer or AMOS on Telegram for $1,000 per month, joining the likes of MacStealer. "The Atomic macOS Stealer can steal various types of information from the victim's machine, including...
ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection
A significant number of victims in the consumer and enterprise sectors located across Australia, Japan, the U.S., and India have been affected by an evasive information-stealing malware called ViperSoftX. ViperSoftX was first documented by Fortinet in 2020, with cybersecurity company Avast...
Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and...
New Variant of BlackGuard Stealer Malware Steals Sensitive Information and Crypto Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the BlackGuard stealer malware that propagates through removable media and hijacks crypto wallets. It can steal sensitive information from various applications and supports stealing...
New MortalKombat Ransomware Attack Aiming for Crypto Wallets
By Habiba Rashid Hackers are deploying the MortalKombat ransomware and Laplas Clipper malware in a financially motivated campaign against victims worldwide. This is a post from HackRead.com Read the original post: New MortalKombat Ransomware Attack Aiming for Crypto Wallets...
Hackers Aim at Crypto Wallets with Hacked Namecheap Phishing Emails
By Deeba Ahmed Namecheap users should remain cautious, as hackers are using its inbox to scam users through phishing emails designed… This is a post from HackRead.com Read the original post: Hackers Aim at Crypto Wallets with Hacked Namecheap Phishing Emails...
MAL-2023-2333 Malicious code in tkccalendar (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 254bade3f624909b0affad604dd128b2212d3e5debf35db4303405002ec22a5b Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2316 Malicious code in tkcaelndar (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c49be3ad2a45b16c6ad5922865a55eb1b6086e4af4f531855090f53be356741 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in beautifulsuop (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx df1ed5abeb9bc99da5bd07d1c2408f50915eb7cf6e632c80f3fa50bf8e4561c1 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...