ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Search across headline titles and summaries.
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019
The U.S. Department of the Treasury has announced sanctions against Grinex, the successor to Russian cryptocurrency exchange Garantex, which was previously sanctioned for helping ransomware gangs launder their money. [...]
US Treasury Says Crypto Exchange Helped Launder $100 Million for Ransomware GangsThe U.S. Department of Treasury sanctioned Thursday a Russian founder and co-owners of the Garantex cryptocurrency exchange in a bid to tighten methods criminal hackers use to launder extortion money and Kremlin sanctions busting. Regulators also sanctioned Garantex successor Grinex.
More than $300 million worth of cryptocurrency linked to cybercrime and fraud schemes has been frozen due to two separate initiatives involving law enforcement and private companies. [...]
Also: Trump Signs Pro-Crypto EO, Credix Disappears After $4.5M HackEvery week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, includes Do Kwon's guilty plea, Trump's crypto-linked executive order, Credix's post-hack disappearance, $7M Odin.fun exploit and hackers using fake Firefox crypto wallet extensions for theft.
Turkish exchange is the latest victim of a recent spate of major crypto thefts Turkish cryptocurrency exchange BtcTurk is halting all deposits and withdrawals amid fears that blockchain bandits succeeded in significantly compromising its hot wallets.…
The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy
Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users." The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand,
Cryptocurrency Tracing Suggests Group Is Rebrand of Russian-Speaking BlackCat GroupEven lesser-known ransomware groups haul in serious extortion cash - although in the ransomware world, little is what it seems. Take relative newcomer Embargo, which appears to be a rebrand of, or successor to, the notorious BlackCat group, also known as Alphv.
Coinbase's Philip Martin on How Attackers Are Spending Months on Crypto Exploits"The attackers are willing to invest time, effort and expense in attacking cryptocurrency companies because that's where the money is," says Philip Martin, chief security officer at Coinbase, warning that defenders must stay agile to counter increasingly targeted and sophisticated threats.
Tells court 'What I did was wrong and I want to apologize for my conduct' Terraform Labs founder Do Kwon has pled guilty to committing fraud when promoting the so-called "stablecoin" Terra USD and now faces time in jail.…
The U.S. Department of Justice (DoJ) seized cryptocurrency and digital assets worth $1,091,453 at the time of confiscation, on January 9, 2024, from the BlackSuit ransomware gang. [...]
US cops yank servers, domains, and crypto from the Russia-linked gang - but the crooks remain at large In a display of bureaucratic bravado, US law enforcement agencies say they've “disrupted” the BlackSuit ransomware gang (also known as Royal), freeing millions of dollars in virtual currency from its clutches.…
TRM Labs observed crypto payments worth $34.2m moved from victims addresses to a range of destinations likely associated with the group
PLUS: Crypto mixer founders plead guilty; Another French telco hacked; Meta fights WhatsApp scams; And more! Infosec In Brief A critical vulnerability in the on-prem version of Trend Micro's Apex One endpoint security platform is under active exploitation, the company admitted last week, and there's no patch available.…