AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. [...]
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Search across headline titles and summaries.
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. [...]
'Cyber Android RAT' Can Capture WhatsApp History, Crypto Seed PhrasesCybercriminals are advertising on criminal hacking online boards an Android remote access Trojan that can steal victims' WhatsApp conversation history, surveil them in real time and extract cryptocurrency seed phrases for the low price of about $500 a month.
Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. [...]
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud
The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency
PLUS: Europol takes down two crime gangs; LastPass users phished (again); Crooks increase crypto hauls; And more Infosec In Brief The FBI is investigating a breach of its systems which reportedly affected systems related to wiretapping and surveillance.…