Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub

A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of...

“GodFather” Hits Banks, Crypto Wallets Apps as Android Trojan Emerges

By Deeba Ahmed Researchers believe that GodFather could be a successor of another banking trojan called Anubis, which had its source code leaked in January 2019 on an underground hacking forum. This is a post from HackRead.com Read the original post: “GodFather” Hits Banks, Crypto Wallets Apps as...

The Rise of the Rookie Hacker - A New Trend to Reckon With

More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends and 2023 predictions. Cybercrime remains a major threat to individuals, businesses, and governments around the world. Cybercriminals continue to take advantage of the prevalence of digital devices and the...

CVE-2022-3995

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lockunlockterawallet AJAX action. This makes it possible for authenticated attackers, with...

Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation

Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in th...

Typhon Stealer back with new variant named Typhon Reborn

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Typhon Stealer, a malware who became widely known for its capabilities to steal crypto wallets, monitor keystrokes, and evade antivirus programs, became widely known in early August 2022. Soon after, the...

call() should be used instead of transfer() on address payable

Lines of code Vulnerability details Proof of Concept The use of the deprecated transfer function for an address will inevitably make the transaction fail when: 1. The claimer smart contract does not implement a payable function. 2. The claimer smart contract does implement a payable fallback whic...

New Dropper Apps on Play Store Targeting Banking and Crypto Wallets

By Deeba Ahmed In total, 5 dropper apps with over 130,000 downloads through Play Store distributed banking trojans like Vultur and SharkBot. This is a post from HackRead.com Read the original post: New Dropper Apps on Play Store Targeting Banking and Crypto Wallets...

A single point of failure is not acceptable for this project

Lines of code Vulnerability details Impact The pause function on WardenPledge.sol has a single point of failure and onlyOwner can stop all project. Owner is not behind a multisig and changes are not behind a timelock.This information hasnt got in documents Even if protocol admins/developers are n...

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud. "These droppers continue the unstopping...

New PHP-based Ducktail infostealer is now after crypto wallets

A phishing campaign known to specifically target employees with access to their company's Facebook Business and Ads accounts has significantly widened its net and begun using a first-of-its-kind information-stealing malware to go after crypto wallets. The Ducktail Woo-ooh! campaign was first made...

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

A PHP version of an information-stealing malware called Ducktail has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler. "Like older versions .NetCore, the latest version PHP also aims to...

A Taxonomy of Access Control

My personal definition of a brilliant idea is one that is immediately obvious once its explained, but no one has thought of it before. I cant believe that no one has described this taxonomy of access control before Ittay Eyal laid it out in this paper. The paper is about cryptocurrency wallet...

GSD-2022-1004952 Logging of sensitive information in Wallet version Current version and possibly previous versions

In Slope Wallet, the current version and possibly previous versions the logging of sensitive information including seed phrases exist in the wallet software. This can be attacked via access to the logging data which is reportedly sent in clear text across the Internet and the logging server...

8,000 Solana Wallets Drained Millions Worth of Crypto in Cyberattack

By Waqas An unknown hacker targeted the Solana ecosystem on Wednesday and drained approx. $5 million worth of SOL and… This is a post from HackRead.com Read the original post: 8,000 Solana Wallets Drained Millions Worth of Crypto in Cyberattack...

Doenerium - Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.)

Fully Undetected Grabber Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc. Features Stealer Discord Token Discord Info - Username, Phone number, Email, Billing, Nitro Status & Backup Codes Discord Friends with rare badges Grabs crypto wallets Zcash Armory Bytecoin Jaxx Exodus Ethere...

Microsoft Warns of Evolving Toll Fraud Android Malware Draining Wallets

By Deeba Ahmed Those still using older versions of the Android operating system are at risk. Microsofts 365 Defender team has detected a… This is a post from HackRead.com Read the original post: Microsoft Warns of Evolving Toll Fraud Android Malware Draining Wallets...

The vulnerability of the “Restore Session” function in Web3 wallets for cryptocurrency MetaMask allows a hacker to gain access to the session restoration password.

The vulnerability of the “Restore Session” function in Web3 wallets for cryptocurrency MetaMask relates to the storage of confidential information in an unencrypted form. Exploiting this vulnerability could allow a attacker to gain access to the session restoration function...

Griefing on claim()

Lines of code Vulnerability details Issue: griefing can happen if coolDownPeriod 0 due to the fact that you can stake for someone else. Whenever a stake happens, the expiry variable increases with coolDownPeriod. This can be done either by watching the mempool and frontrun a stake when someone...

Upgraded Q -> M from 270 [1655579826704]

Judge has assessed an item in Issue 270 as Medium risk. The relevant finding follows: Gas stipend for payable.send may be too low for contract wallets ETH withdrawals in both the minter and token contracts use payableaddress.send to transfer ether to the vault address. If the configured vault is ...