Illicit Crypto Economy Surges as Nation-States Join in the Fray
Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump.
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Search across headline titles and summaries.
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump.
Also: Unleash Protocol Hack, LastPass Breach Linked to Crypto TheftsThis week, an alleged fraud kingpin deported to China, Bitfinex hacker gained early release, Unleash Protocol's $3.9M hack, TRM tied crypto thefts to the LastPass breach, Trust Wallet's link to the Sha1-Hulud attack, Flow's NFT loan fallout, Ledger's data exposure and Kontigo reimbursements.
Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware called NodeCordRAT
A new wave of GoBruteforcer botnet malware attacks is targeting databases of cryptocurrency and blockchain projects on exposed servers believed to be configured using AI-generated examples. [...]
Crimson Collective claims 'sophisticated attack' that allows them to 'disconnect every user from their mobile service' Internet service provider Brightspeed confirmed that it's investigating criminals' claims that they stole more than a million customers' records and have listed them for sale for three bitcoin, or about $276,370. …
Order and contact details accessed via ecommerce partner, and phishing has begun Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using the platform may also be affected.…
Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining, botnet payloads, and other malicious activity to IoT networks and enterprises.
Ilya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016, said he has been released early
TRM Labs says it has recorded $35m drained from users’ wallets following 2022 LastPass breach