Hackers Leverage Blockchain to Hit Japan's Hotels Through Booking.com Phishing
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App
In this blog entry, TrendAI™ Research examines a wave of phishing emails observed in May 2026 that targeted Japanese accommodation facilities using Booking.com, detailing the victims, attack techniques used, and characteristics of the malware involved.
An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research
Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]
Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Group
A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors.
Tyler Buchanan admits role in scheme that stole at least $8 million in virtual currency A Scottish man linked to the Scattered Spider cybercrime crew has pleaded guilty in the US to a phishing and SIM-swap scheme that stole at least $8 million in cryptocurrency.…
Also: ZachXBT Uncovers DPRK Worker Scam, Hyperbridge Hack, Coinone FineThis week, Operation Atlantic disrupts $45M phishing fraud, ZachXBT uncovers DPRK crypto worker scheme, Hyperbridge exploit, South Korea fines Coinone $3.5M, Kraken faces extortion attempt over insider data leak and American musician loses $420K in fake Ledger app.
UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access
An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers
A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims' browsers. [...]
The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector
Also: NodeCordRAT Malware, North Korean QR-Phishing CampaignThis week, U.K. crypto exchanges linked to Iranian sanctions evasion, NodeCordRAT malware spread via npm, an FBI alert on North Korean QR-code phishing, illicit crypto hit $154 billion in 2025 and U.S. President Donald Trump said he won't pardon Sam Bankman-Fried.
Order and contact details accessed via ecommerce partner, and phishing has begun Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using the platform may also be affected.…
Several users of the Trust Wallet Chrome extension report having their cryptocurrency wallets drained after installing a compromised extension update released on December 24, prompting an urgent response from the company and warnings to affected users. Simultaneously, BleepingComputer observed a phishing domain launched by hackers. [...]
Several users of the Trust Wallet Chrome extension report having their cryptocurrency wallets drained after installing a compromised extension update released on December 24, prompting an urgent response from the company and warnings to affected users. Simultaneously, BleepingComputer observed a phishing domain launched by hackers. [...]
Also: Trader Loses $50M in USDT in Address Poisoning ScamThis week, the U.K. FCA mapped a path to U.K. crypto regulation, iComTech promoter sentenced in Ponzi case, the U.S. SEC sought public company bans for former FTX and Alameda executives, a trader lost $50M in USDT in an address poisoning scam and a Brooklyn man indicted over $16M Coinbase phishing scam.
A new phishing kit called Spiderman is being used to target customers of dozens of European banks and cryptocurrency holders with pixel-perfect cloned sites impersonating brands and organizations. [...]
Also: LastPass Warns of Phishing Campaign, Trump's New CTFC Head PickEvery week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Meteora CEO faced fraud allegations, LastPass warned of a phishing campaign, Trump taps crypto lawyer to lead CFTC, Mt. Gox delayed creditor repayments again and an Indian court blocked WazirX from using customer funds to cover hack losses.