Malicious npm packages target Ethereum developers' private keys
Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. [...]
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Search across headline titles and summaries.
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. [...]
Former Terraform CEO Do Hyeong Kwon is now in the US facing federal fraud charges
The amount of crypto stolen in the Web3 ecosystem rose by 31.6% compared to 2023, with phishing the most costly attack vector
Do Hyeong Kwon Extradited to US For Allegedly Defrauding Investors Out of BillionsAuthorities say Do Hyeong Kwon, former CEO of Terraform Labs, appeared in a Manhattan federal courtroom Thursday after facing extradition from Montenegro over allegations he defrauded investors out of billions of dollars while misrepresenting his company’s cryptocurrency and other products.
Animoca Brands Co-Founder's Social Media HackedThis week, Cambodia introducing new crypto directive, a hacker compromising Animoca Brands co-founder's social media, FTX co-CEO having his sentence reduced by a year, IRS pushing new crypto tax reporting rules and the Blockchain Bandit moving funds after two years of inactivity.
Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems