Undefined Behavior

Overview Versions of zencashjs prior to 1.2.0 may cause loss of funds when used with cryptocurrency wallets. The package relies on a string comparison of the first two characters of a Horizen address to determine the destination address type of a transaction P2PKH or P2SH. Due to the base58 addre...

Insecure Credential Storage in web3

All versions of web3 are vulnerable to Insecure Credential Storage. The package stores encrypted wallets in local storage and requires a password to load the wallet. Once the wallet is loaded, the private key is accessible via LocalStorage. Exploiting this vulnerability likely requires a Cross-Si...

New Electrum DDoS botnet steals $4.6M after infecting 152,000 hosts

By Ryan De Souza The majority of the bots are located in Brazil and Peru but the number of victims is constantly increasing across diverse regions. Threat actors who previously targeted cryptocurrency wallets through Distributed Denial of Service DDoS attacks have now launched another malware...

Rapidly Growing Electrum Botnet Infects Over 152,000 Users; Steals $4.6 Million

An ongoing attack against Electrum Bitcoin wallets has just grown bigger and stronger with attackers now targeting the whole infrastructure of the exchange with a botnet of over 152,000 infected users, raising the amount of stolen users' funds to USD 4.6 million. Electrum has been facing cyber...

Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange

Hackers yesterday stole nearly $19 million worth of cryptocurrency from Bithumb , the South Korea-based popular cryptocurrency exchange admitted today. According to Primitive Ventures' Dovey Wan, who first broke the information on social media, hackers managed to compromise a number of Bithumb's...

CB Threat Intelligence Notification: Vidar InfoStealer Trojan Aims to Steal Data Before Erasing Itself

Vidar is an info stealer trojan, which was sold under the name Vidar Pro stealer and can be distributed through different campaigns. This malware will perform multiple types of malicious behavior including stealing web browser cookies and history, digital wallets, two-factor authentication data,...

Cryptocurrency Firm Loses $145 Million After CEO Dies With Only Password

QuadrigaCX, the largest bitcoin exchange in Canada, has claimed to have lost CAD 190 million nearly USD 145 million worth of cryptocurrency after the exchange lost access to its cold offline storage wallets. Reason? Unfortunately, the only person with access to the company's offline wallet, found...

Cryptocurrency Firm Loses $145 Million After CEO Dies With Only Password

QuadrigaCX, the largest bitcoin exchange in Canada, has claimed to have lost CAD 190 million nearly USD 145 million worth of cryptocurrency after the exchange lost access to its cold offline storage wallets. Reason? Unfortunately, the only person with access to the company's offline wallet, found...

Ukrainian Police Arrest 6 Hackers Linked to DDoS and Financial Attacks

Ukrainian Police have this week busted out two separate groups of hackers involved in carrying out DDoS attacks against news agencies and stealing money from Ukrainian citizens, respectively. According to the authorities, the four suspected hackers they arrested last week, all aged from 26 to 30...

Vidar and GandCrab: stealer and ransomware combo observed in the wild

We have been tracking a prolific malvertising campaign for several weeks and captured a variety of payloads, including several stealers. One that we initially identified as Arkei turned out to be Vidar, a new piece of malware recently analyzed in detail by Fumik0 in his post: Let’s dig into Vidar...

Rogue Developer Infects Widely Used NodeJS Module to Steal Bitcoins

A widely used third-party NodeJS module with nearly 2 million downloads a week was compromised after one of its open-source contributor gone rogue, who infected it with a malicious code that was programmed to steal funds stored in Bitcoin wallet apps. The Node.js library in question is...

Spam and phishing in Q3 2018

Quarterly highlights Personal data in spam We have often said that personal data is candy on a stick to fraudsters and must be kept safe that is, not given out on dubious websites. It can be used to gain access to accounts and in targeted attacks and ransomware campaigns. In Q3, we registered a...

Drupal, Phishing and A New Cryptomining Botnet

It’s a well-known fact that security solutions must quickly adapt to new attack methods. There are several ways to achieve this goal, regularly applying security patches and updates, relying on threat intelligence and more. At Imperva, we use pattern anomaly detection as one of the tools to...

Hola VPN’s Chrome extension hacked to target MyEtherWallet users

By Waqas Although the decentralized approach to handling cryptocurrency wallets has been This is a post from HackRead.com Read the original post: Hola VPN's Chrome extension hacked to target MyEtherWallet users...

Orbit - Cryptocurrency Wallets Relationship Visualizer

Give it a blockchain based crypto wallet address and it will crawl 3 levels deep in transaction data to plot a graph out of the information. Usage Run orbit.py with python3 as follows python3 orbit.py Enter the wallet address | | | ' | || | | | | Enter a wallet address: xxxxxxxxxxxxxxx Now orbit...

Most LokiBot samples in the wild are "hijacked" versions of the original malware

Hacker himself got hacked. It turns out that most samples of the LokiBot malware being distributed in the wild are modified versions of the original sample, a security researcher has learned. Targeting users since 2015, LokiBot is a password and cryptocoin-wallet stealer that can harvest...

Hackers Stole Over $20 Million in Ethereum from Insecurely Configured Clients

Security researchers have been warning about cybercriminals who have made over 20 million dollars in just past few months by hijacking insecurely configured Ethereum nodes exposed on the Internet. Qihoo 360 Netlab in March tweeted about a group of cybercriminals who were scanning the Internet for...

Meet MEWKit, a tricky phishing attack draining Ethereum wallets

By Waqas Another day, another phishing attack trying to steal Ethereum cryptocurrency but This is a post from HackRead.com Read the original post: Meet MEWKit, a tricky phishing attack draining Ethereum wallets...

SquirtDanger malware steal passwords & take screenshots of user activity

By Waqas SquirtDanger is Capable of Draining Crypto-wallets, Killing Process, Stealing Passwords This is a post from HackRead.com Read the original post: SquirtDanger malware steal passwords & take screenshots of user activity...

Hackers Exploiting 'Bitmessage' Zero-Day to Steal Bitcoin Wallet Keys

Bitmessage developers have warned of a critical 'remotely executable' zero-day vulnerability in the PyBitmessage application that was being exploited in the wild. Bitmessage is a Peer-to-Peer P2P communications protocol used to send encrypted messages to users. Since it is decentralized and...