Category: cryptocurrency

Binance, the cryptocurrency exchange platform, has issued a warning regarding Clipper Malware, a threat that enables attackers to manipulate users’ wallet addresses. This can lead to the unauthorized diversion of digital funds.

This alert primarily affects users of various cryptocurrencies, particularly Bitcoin, which has recently experienced a decline in value following the second assassination attempt on former U.S. President Donald Trump.

Clipper Malware, also known as ClipBankers, was first identified in November 2022. It monitors victims’ clipboard activities, tracking what they copy, edit, and paste. Once attackers gain control of the clipboard, they can alter copied text, including cryptocurrency addresses, often replacing them with those of the attackers.

With this control, attackers can redirect funds to rogue wallets, effectively hijacking transactions meant for legitimate addresses. Microsoft has classified this type of malware as “Cryware,” highlighting its ability to replace clipboard contents.

A 2023 survey by the FBI estimated that cryptocurrency-related losses reached $5.6 billion.

Trade analysts have suggested that banning digital wallets and cryptocurrencies could reduce cybercrime by disrupting the operations of those spreading ransomware and malware. However, this approach is complicated by the decentralized nature of cryptocurrencies, which lack a governing authority to validate transactions. As a result, implementing such bans presents significant challenges for countries and law enforcement agencies.

The post Binance issues malware threat to Bitcoins users appeared first on Cybersecurity Insiders.

Scammers are once again using deepfake technology to dupe unwary internet Facebook and Instagram users into making unwise cryptocurrency investments. AI-generated videos promoting fraudulent cryptocurrency trading platform Immediate Edge have used deepfake footage of British Prime Minister Sir Keir Starmer and His Royal Highness Prince William to reach an estimated 890,000 people via Meta's social media platforms. Read more in my article on the Hot for Security blog.

This is pretty horrific:

…a group of men behind a violent crime spree designed to compel victims to hand over access to their cryptocurrency savings. That announcement and the criminal complaint laying out charges against St. Felix focused largely on a single theft of cryptocurrency from an elderly North Carolina couple, whose home St. Felix and one of his accomplices broke into before physically assaulting the two victims—­both in their seventies—­and forcing them to transfer more than $150,000 in Bitcoin and Ether to the thieves’ crypto wallets.

I think cryptocurrencies are more susceptible to this kind of real-world attack because they are largely outside the conventional banking system. Yet another reason to stay away from them.

Apps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley of the brand-new "The AI Fix" podcast.

Interesting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password.

Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version—­and subsequent versions until 2015­—did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user’s computer­—it determined the computer’s date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past.

If Michael knew the day or general time frame in 2013 when he generated it, as well as the parameters he used to generate the password (for example, the number of characters in the password, including lower- and upper-case letters, figures, and special characters), this would narrow the possible password guesses to a manageable number. Then they could hijack the RoboForm function responsible for checking the date and time on a computer and get it to travel back in time, believing the current date was a day in the 2013 time frame when Michael generated his password. RoboForm would then spit out the same passwords it generated on the days in 2013.

The United States Department of Justice has dealt a blow to dark web drug traffickers by arresting a man alleged to operate the dark web drugs marketplace Incognito Market. According to a DOJ press release, the alleged operator of a darknet platform sold over $100 million worth of narcotics worldwide. Read more in my article on the Hot for Security blog.
Google says it is deleting the your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.