Bloomberg Crypto X account snafu leads to Discord phishing attack
The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. [...]
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Search across headline titles and summaries.
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. [...]
The official Twitter account for Bloomberg Crypto was compromised earlier today, ultimately redirecting users to a deceptive website used to steal Discord credentials in a phishing attack. [...]
An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain
Also: OneCoin Exec's Guilty Plea; SEC's Crypto Enforcement YearThis week, Poloniex prepared to resume operations after a $100 million hack, a OneCoin executive pleaded guilty, the SEC reported an "impactful" crypto enforcement year, a bug put $2.1 billion at risk, $27 million was stolen, the Data Act vote happened in Europe, and China released an NFT theft law.
The security vulnerability in a component of a widely used JavaScript implementation of Bitcoin makes passwords guessable via brute-force attacks.
Attackers sought crypto donations of $100-$5000 using Bitcoin, Litecoin and Ethereum addresses
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [...]
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [...]
Browser Data, Crypto Wallets and Chat Apps Are Also Top Targets, Researchers ReportInfo-stealer malware built for stealing lucrative, sensitive data - including cryptocurrency wallet and remote access credentials - continues to remain popular for criminally inclined individuals. Researchers reports that RedLine, LokiBot, Mars and Aurora remain attackers' top info-stealer choices.
Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. [...]