Ex-Amazon engineer pleads guilty to hacking crypto exchanges
Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. [...]
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Search across headline titles and summaries.
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. [...]
A new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN (New Kind of Network) technology for data exchange, making it a stealthy threat. [...]
Ledger is warnings users not to use web3 dApps after a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs. [...]
Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. [...]