Stay informed on the latest cryptocurrency security trends, threats, and protection strategies with our comprehensive infosec coverage.
Search across headline titles and summaries.
Background for this topic.
In the context of information security, cryptocurrency presents unique challenges and considerations. The inherent security features of blockchain, such as encryption and decentralization, can provide robust protection against traditional financial fraud and identity theft. However, the same features also create opportunities for new forms of cybercrime, such as cryptojacking, where hackers use others' computing resources to mine cryptocurrency, or wallet theft, where private keys are stolen, granting attackers access to a user's funds.
Furthermore, the semi-anonymous nature of transactions makes cryptocurrency a prime target for money laundering and illegal activities. Information security efforts in the cryptocurrency space focus on securing wallet software, exchange platforms, smart contracts, and strengthening the privacy and integrity of transactions. It also involves educating users on securing their private keys and practicing safe digital hygiene to protect their assets in the ever-evolving cybersecurity landscape.
Weekly headline count for the current query.
The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating payments related to terrorist activities. [...]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives […]
A Google security engineer was charged with insider trading after winning $1.2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentralized prediction market. [...]
Also: UK Sanctions HTX-Linked EntityThis week, the U.S. sanctioned Sinaloa Cartel-linked networks, the U.K. sanctioned a HTX-linked entity, Syndicate Labs shuttered, Missouri sued CoinFlip, Verus attacker took a bounty deal, StablR was exploited and malicious packages targeted crypto developer systems.
New actor Jinx-0164 hit crypto developers with fake recruiter lures and macOS malware
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. [...]
North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and […]
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations
Hey, Gemini, how much can we earn from one pump-and-dump cycle?
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets
Also: Hackers Stole From Verus Bridge, ThorChain and Echo ProtocolThis week, Forsage's co-founder was extradited to the U.S. over a $340M scam, hackers stole from Verus Bridge, ThorChain and Echo Protocol, ZachXBT alleged insider control behind LAB token surge, an Ohio man was sentenced in a Ponzi scheme case and crypto ATM scams cost Americans $388M in 2025.
Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]
A solo Russian-speaking threat actor ran a 5-year Telegram channel and, starting September 2025, used AI to automate its content, credential theft, and a cryptocurrency fraud scheme targeting American audiences.
The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. [...]
Also: Indictments in Theft Case, KelpDAO Restarts OperationsThis week, banking Trojan TCLBanker targeted crypto platforms, three people indicted in a violent digital assets-related robbery, Kelp DAO restarted services after the $292 million hack and the U.S. Department of the Treasury tightened oversight of Binance.
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2)
Rough Monday
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications. [...]
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms