12 matches found
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence AI and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performan...
Scammers Use Inferno Drainer to Steal $43K from CoinMarketCap Users
Scammers used Inferno Drainer to steal $43,000 in crypto from 110 CoinMarketCap users through a fake wallet prompt embedded in the site’s front-end...
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in...
Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identified by Check Point, masqueraded as the...
First Mobile Crypto Drainer on Google Play Steals $70K from Users
A malicious app disguised as a legitimate WalletConnect tool targeted mobile users on Google Play. The app stole…...
WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites
A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credite...
Crypto Exchange FixedFloat Hacked: $26 Million in BTC, ETH Stolen
By Deeba Ahmed FixedFloat suffered a significant loss of over 1,700 Ethereum and over 400 Bitcoin due to a drainer attack on February 18, 2024. This is a post from HackRead.com Read the original post: Crypto Exchange FixedFloat Hacked: $26 Million in BTC, ETH Stolen...
Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims
The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme "leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers'...
Mandiant's X Account Was Hacked Using Brute-Force Attack
The compromise of Mandiant's X formerly Twitter account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service DaaS group. "Normally, two-factor authentication would have mitigated this, but due to some team transitions and a change in X...
Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks
Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20...
Pink Drainer Posed as Journalists, Stole $3M from Discord and Twitter Users
By Habiba Rashid Pink Drainer hacking group has been employing sophisticated social engineering techniques, often masquerading as journalists from reputable media outlets like Decrypto and Cointelegraph. This is a post from HackRead.com Read the original post: Pink Drainer Posed as Journalists,...
Rogue cryptocurrency billboards go phishing for wallets
Billboards and digital real world advertising has raised many questions of privacy and anonymity in recent years. Until now, the primary concern has been mostly legal, yet potentially objectionable geolocation and user profiling. Bluetooth beacons work in tandem with geofenced billboards to send...