Latest coverage for Cryptocurrency
Cryptocurrency security covers theft, fraud, ransomware payments, wallet compromise, and blockchain risks involving digital assets and transactions.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Cryptocurrency is a digital asset secured by cryptography and recorded on a decentralized blockchain ledger. It enables peer-to-peer transactions without intermediaries, relying on consensus mechanisms like proof-of-work or proof-of-stake to validate and add transaction blocks. Users control funds through private keys, which are critical for accessing and transferring cryptocurrency.
From an information security perspective, protecting private keys is paramount, as their compromise leads to irreversible theft. Cryptocurrency exchanges and wallet software are frequent targets for hacking, requiring robust security controls and vulnerability management. Additionally, the pseudonymous nature of transactions can facilitate illicit activities, challenging efforts to trace funds and enforce compliance. Defenses include hardware wallets, multi-factor authentication, and secure key management practices to mitigate risks inherent in cryptocurrency operations.
Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims
OCR plugin great for extracting crypto-wallet secrets from galleries Kaspersky eggheads say they’ve spotted the first app containing hidden optical character recognition spyware in Apple’s App Store. Cunningly, the software nasty is designed to steal cryptocurrency.…
If Ransomware Inc was a company, its 2024 results would be a horror show
35% drop in payments across the year as your backups got better and law enforcement made a difference Ransomware extortion payments fell in 2024, according to blockchain analyst biz Chainalysis this week.…
DeepSeek Phishing Sites Pursue User Data, Crypto Wallets
Riding the wave of notoriety from the Chinese company's R1 AT chatbot, attackers are spinning up lookalike sites for different malicious use cases.
Still-Lucrative Ransomware's Profits Plunged 35% Last Year
Collapse of LockBit and BlackCat/ALPHV Tied to Ongoing Decline in Big-Game HuntingRansomware may still be raking in massive cryptocurrency profits for practitioners, but 2024 turned out to be less of a banner year than predicted, with blockchain researchers reporting that the sum total of known ransom payments to ransomware groups in 2024 plummeted by 35%.
Cryptohack Roundup: Critical Ethereum Vulnerability
Also: Conviction in £1.5M Fraud, Sentencing in Torture and Theft CaseThis week's stories include a critical Ethereum vulnerability, conviction in a £1.5M fraud, sentencing in a torture and crypto theft case, SEC's new roadmap, Jan crypto stats, Coinbase social engineering victims, and U.S. lawmakers' digital assets working group.
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,
Top 3 Ransomware Threats Active in 2025
You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: "Pay $2 million in Bitcoin within 48 hours or lose everything." And the worst part is that even after paying, there’s no guarantee you’ll get your data back. Many victims hand over the money, only to receive nothing in return, or worse, get
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems
Crypto-stealing apps found in Apple App Store for the first time
A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]
US accuses Canadian math prodigy of $65M crypto scheme
Suspect, still at large, said to back concept that 'code is law' New York feds today unsealed a five-count criminal indictment charging a 22-year-old Canadian math prodigy with exploiting vulnerabilities in two decentralized finance protocols, allegedly using them to fraudulently siphon around $65 million from investors in the platforms.…
Canadian charged with stealing $65 million using DeFI crypto exploits
The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols. [...]
High-profile X Accounts Targeted in Phishing Campaign
Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes
1-Click Phishing Campaign Targets High-Profile X Accounts
In an attack vector that's been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims.
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer