Tag Archive for: Crypto

North Korean hackers are targeting this huge crypto exchange

/in


North Korean hackers are attempting to lure in cryptocurrency experts via bogus job offers for crypto exchange platform Coinbase.

As reported by Bleeping Computer, a campaign orchestrated by the well known North Korean Lazarus hacking group has been uncovered, and its target is those involved in the increasingly popular fintech (financial technology) industry.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

In what is clearly part of a social engineering attack, the hacking group engages in conversation with targets through LinkedIn, which ultimately culminates in a job offer being presented to the potential victim.

Coinbase is a leading cryptocurrency exchange company, so, at face value, many who are not privy to the attack will naturally be interested in adding them to their resumes. However, if the attack were to succeed, then the consequences could lead to untold amounts of crypto wallets being seized and stolen.

Hossein Jazi, who works as a security researcher at internet security firm Malwarebytes and has been analyzing Lazarus since February 2022, said individuals from the cybergang are masquerading as employees from Coinbase. The scam attracts potential victims by approaching them to fill the role of “Engineering Manager, Product Security.”

If that individual falls for the fake job offer, then they’ll eventually be given instructions to download a PDF explaining the job in full. However, the file itself is actually a malicious executable utilizing a PDF icon to trick people.

The file itself is called “Coinbase_online_careers_2022_07.exe,” which seems innocent enough if you didn’t know any better. But while it opens a fake PDF document created by the threat actors, it also loads malicious DLL codes onto the target’s system.

A fake job offer for Coinbase in the form of a PDF.
Bleeping Computer/@h2jazi

After it’s successfully deployed onto the system, the malware will then make use of GitHub as a central command center in order to receive commands, after which it has free rein to carry out attacks on devices that have been breached.

U.S. intelligence services have previously issued warnings regarding Lazarus’ activity in issuing cryptocurrency wallets and investment apps infected with trojans, effectively allowing them to steal private…

Source…

Are Cold Wallets Safer Than Hot Wallets For Storing Your Crypto Keys?

/in


Recently, hackers stole around $5.2 million worth of Solana from 8,000 hot wallets, such as Phantom, Slope, and Trust. Solana claimed that the security vulnerability was in the code of the third-party wallets and not in their own. 

Now in the light of such revelations, cyber experts are debating whether crypto investors should store their private keys in cold wallets in order to secure their crypto holdings from such cyber hacking.

Incidentally, Peck Shield Alert, a security firm has Tweeted that around $8,000 worth Stablecoin and Solana have been stolen. Besides, Solana has also struggled with security issues in the past, and now, probes has revealed that as many as four addresses were linked to the hacker. 

Crypto investing has come in vogue of late as they are considered the currencies of tomorrow. They are based on the Blockchain, and will be the native currency in the WEB3 space, the new digital world that we will be able to access in a few years using virtual reality.

Central banks across the world, including the Reserve Bank of India have announced they will be launching the central bank digital currency (CBDC) soon. As we usher towards this new world, the important question that now rises is how we can keep our money safe.

Technically, you can store crypto in a custodial wallet, where they do not provide you with a private key. Else, you can choose a hot wallet where your private key is stored in a browser extension or a desktop application, and lastly there is the most secure of all, the cold wallet, where you store your key in a hardware wallet. Keeping the private key secure is the most important piece of the puzzle.

Let us understand the concept of hot and cold wallets in detail.

Hot Wallets

Hot wallets include Web-based wallets (browser extension), mobile wallets, and desktop wallets. They are all connected to the Internet. In other words, if your system gets compromised, or if the hot wallet you use has security vulnerabilities, like in the Solana hacking case, where hackers stole the private key from inactive crypto Slope, Trust, and Phantom wallets, hackers can steal your private keys and drain your wallet. They can use a crypto tumbler…

Source…

Coinbase phishing hack signals more crypto attacks to come, says security firm

/in


Coinbase has increasingly been targeted by scammers with phishing attacks, according to security firm PIXM. (Photo by Marco Bello/Getty Images)

Recent phishing attacks on Coinbase and its customers revealed how these campaigns are not only becoming more sophisticated and multi-faceted, but how threats to cryptocurrency sites are on the rapid rise, according to research and analysis from security firm PIXM.

“Since its rise to prominence, [Coinbase] has been increasingly targeted by scammers, fraudsters, and cyber criminals, due in part to the fact that its user-base is so large and mainstream,” said the PIXM blog posted earlier Aug. 4, “it is assumed to cover an audience of casual, generally non-technical, crypto investors.” Coinbase is “arguably the most mainstream cryptocurrency exchange used globally,” having added more than 89 million users to its platform since it began business a decade ago in 2012.

In their “multi-layered” phishing attacks on Coinbase, cybercriminals sent out spoofed emails purporting to come from the cryptocurrency company in order to steal financial and personal data to resell and log into users’ legitimate accounts to steal their funds in real-time. The attacks combined email and brand impersonations to steal from Coinbase wallet-holders, despite their use of multi-factor authentication (MFA), according to PIXM’s analysis.

According to Chris Cleveland, founder and CEO of PIXM, this complex and sophisticated campaign involved “surprising tactics to steal much more than just passwords.”

“After stealing a user’s Coinbase password, the phishing sites used a built in two-factor relay system to enter the user’s password into the real Coinbase site and then further solicit the actual two-factor authentication code from the user, [which] allowed the hacker to bypass two-factor authentication and access a user’s Coinbase wallet.”

Bad actors typically sent Coinbase customers a notification that their account “needed attention due to an urgent matter,” such as being “locked” or requiring a transaction confirmation. “Users were prompted to enter login credentials and a two-factor authentication code into the fake website,” according to…

Source…

Keep Your Crypto Safe! (Security tips for beginners)

/in