MAL-2023-1878 Malicious code in ibtcoinlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c6808d88b17a3f48bec02829a95864c92b924fc72c48269b79401cad99212228 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1706 Malicious code in crypotcompare (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c52ad7cd9331da60215c98cfafcd7542ddbd66fc466dc226c3694451292a9aad Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in cryptocomapre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a89417c87ac231046e9865ee3d066199d0a6e5d3760851bf6018b6f8b357598f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1730 Malicious code in cryptocopare (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 34d0288f9446302c5745b17a0af72a5476116352e458c414a97e6b90455a6a73 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1732 Malicious code in cryptoeed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 57f9be453bddf684644f5396b29f4abae7d1ebe50129e0f8dfa6d9acfe4c0528 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1846 Malicious code in freqtrrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 34e14d5414277f5878fe798b333fe5c090755ada44684a95ee85f7e90a9839f4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-2151 Malicious code in reqtrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9eafd0ca4dd4d799f7fc2c72d39f61b3ea59fd355085c35889d3f640f62bb992 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1830 Malicious code in ferqtrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 18cc0f08f6bc2db28674fad653770d86cfd55c151a1380feb8acdd0c17e5e90e Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1677 Malicious code in ccx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4b65e79327daa2cc5ec5b36d4f94dde43607d8cb595f276122659ef69d86a25a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Upgraded Q -> 2 from #251 [1675573596034]

Judge has assessed an item in Issue 251 as 2 risk. The relevant finding follows: L-03 The claim function might use an amount of gas greater than the block gas limit. Description: The claim function at the Quest.sol contract can consume an amount of gas greater than the block gas limit if the user...

TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users

We look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and Indonesia since July 2022. The malware steals users’ credentials and assets such as cryptocurrency from digital wallets, as well as money from bank and finance apps. Analyzing the...

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges

A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP...

FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

The U.S. Federal Bureau of Investigation FBI on Monday confirmed that North Korean threat actors were responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022. The law enforcement agency attributed the hack to the Lazarus Group and APT38 aka...

Tracking the Stealthy Movements of Vidar Info-Stealer Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Vidar is an info-stealer malware that was first spotted in the wild in late 2018. It is considered a distinct fork of the Arkei malware family and has a simple business model where customers pay between...

Google Chrome Vulnerability Exposes Data of 2.5 Billion Users

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in Google Chrome could affect over 2.5 billion users. An attacker can exploit this vulnerability for the theft of sensitive files, such as crypto wallets and cloud provider...

Newly Discovered PoweRAT Malware Distributed through PyPI

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A newly discovered malware called “PoweRAT" combines a stealer and a RAT remote access tool. The malware is being distributed through the Python Package Index PyPI, a repository of software for the Pytho...

Google Chrome “SymStealer” Vulnerability: How to Protect Your Files from Being Stolen

The Imperva Red Team recently disclosed a vulnerability, dubbed CVE-2022-3656, affecting over 2.5 billion users of Google Chrome and Chromium-based browsers. This vulnerability allowed for the theft of sensitive files, such as crypto wallets and cloud provider credentials. Introduction Chrome is...

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

Information Stealer LummaC2 Targets Browsers and Crypto Wallets

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LummaC2 Stealer is an information stealer that targets Chromium and Mozilla-based browsers. It is designed to steal sensitive information from a victims machine, including crypto wallets, extensions, and...