EUVD-2018-2881

Malware in sbrugna...

EUVD-2018-13140

Malware in sbrugna...

CVE-2018-10812

The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/sharedprefs/com.bitpiepreferences.xml on Android or a plist file in the app data folder on iO...

Zero-day spells disaster for Bitcoin ATM

Bitcoin ATMs have experienced a severe bout of cash drain after a zero-day bug was exploited to steal a total of $1.5 million in digital currency. The ATMs, located in various convenience stores, function along the lines of regular banking ATMs except your dealings are all in the cryptocurrency...

Soar Labs Soar Coin Security Vulnerability Exists

Soar Labs Soar Coin is an ethereum-based virtual cryptocurrency. A security vulnerability exists in the 'zerofeetransaction' function in Soar Labs Soar Coin git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f and previous versions. An attacker could exploit this vulnerability to steal Soar curren...

Design/Logic Flaw

Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port...

CVE-2018-20587

Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port...

CVE-2018-20587

CVE-2018-20587 affects Bitcoin Core (0.12.0–0.17.1) and Bitcoin Knots (0.12.0–0.17.x before 0.17.1.knots20181229). The root cause is Incorrect Access Control that lets local users bind the RPC IPv4 localhost port and forward requests to the IPv6 localhost port, enabling currency theft. The connec...

Bitpie application for Android and iOS information disclosure vulnerability

Bitpie application for Android is an Android-based application for managing and trading multiple blockchain assets.Bitpie application for iOS is its iOS-based version. A security vulnerability exists in versions 3.2.4 and earlier of the Bitpie application for Android and iOS based platforms, whic...

Code injection

The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/sharedprefs/com.bitpiepreferences.xml on Android or a plist file in the app data folder on iO...

Winnti Cyberespionage Campaign Targets Gaming Companies

A cybercrime gang has been running roughshod over the gaming industry for years using malware signed with valid digital certificates to steal source code and valuable in-game currency for a number of popular online games. Researchers at Kaspersky Lab this morning published a report on the Winnti...