#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Blockchain | Breaking Cybersecurity News | The Hacker News

Category — Blockchain
Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Nov 15, 2024 Financial Fraud / Blockchain
Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday. Lichtenstein was charged for his involvement in a money laundering scheme that led to the theft of nearly 120,000 bitcoins (valued at over $10.5 billion at current prices) from the crypto exchange. Heather Rhiannon Morgan, his wife, also pleaded guilty to the same crimes last year. They were both arrested in February 2022. Morgan is scheduled to be sentenced on November 18. "Lichtenstein, 35, hacked into Bitfinex's network in 2016, using advanced hacking tools and techniques," the DoJ said in a press statement. "Once inside the network, Lichtenstein fraudulently authorized more than 2,000 transactions transferring 119,754 bitcoin from Bitfinex to a cryptocurrency wallet in Lichtenstein's control." TRM Labs said Lichtenstein exploited a vulnerability in Bit...
Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

Nov 05, 2024 Malware / Blockchain
An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx , Phylum , and Socket published over the past few days. The activity was first flagged on October 31, 2024, although it's said to have been underway at least a week prior. No less than 287 typosquat packages have been published to the npm package registry. "As this campaign began to unfold in earnest, it became clear that this attacker was in the early stages of a typosquat campaign targeting developers intending to use the popular Puppeteer, Bignum.js, and various cryptocurrency libraries," Phylum said. The packages contain obfuscated JavaScript that's executed during (or post) the installation process, ultimately le...
FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

Oct 12, 2024 Cryptocurrency / Cybercrime
The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau of Investigation (FBI) taking the "unprecedented step" of creating its own cryptocurrency token and company called NexFundAI . NexFundAI, as per information on the website, was marketed as redefining the "intersection between finance and artificial intelligence" and that its aim was to "create a cryptocurrency token that not only serves as a secure store of value but also acts as a catalyst for positive change in the world of AI." "Three market makers — ZM Quant, CLS Global, and MyTrade — along with their employees are charged with allegedly wash trading and/or conspiring to wash trade on behalf of NexFundAI, a cryptocurrency co...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Sep 17, 2024 Cryptocurrency / Malware
Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud. Clipper malware, also called ClipBankers , is a type of malware that Microsoft calls cryware , which comes with capabilities to monitor a victim's clipboard activity and steal sensitive data a user copies, including replacing cryptocurrency addresses with those under an attacker's control. In doing so, digital asset transfers initiated on a compromised system are routed to a rogue wallet instead of the intended destination address. "In clipping and switching, a cryware monitors the contents of a user's clipboard and uses string search patterns to look for and identify a string resembling a hot wallet address," the tech giant noted way back in 2022. "If the target user pastes or uses CTRL + V into an application window, the cryware replaces the object in the clipbo...
WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach

WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach

Jul 19, 2024 Cryptocurrency / Cybercrime
Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets. "A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal's digital asset custody and wallet infrastructure from February 2023." The Mumbai-based company said the attack stemmed from a mismatch between the information that was displayed on Liminal's interface and what was actually signed. It said the payload was replaced to transfer wallet control to an attacker. Crypto custody firm Liminal is one of the six signatories on the wallet and is responsible for transaction verifications. "Our preliminary investigations show that one of the self custody multi-sig smart contract wallets created outside of the Liminal ecosystem has been compromised...
HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia

HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia

Jul 10, 2024 Online Scam / Blockchain
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News. The British blockchain analytics firm said that the marketplace is part of HuiOne Group, a Cambodian conglomerate with links to Cambodia's ruling Hun family and that another HuiOne business, HuiOne International Payments, is actively involved in laundering scam proceeds globally. According to its website , HuiOne's financial services arm is said to have 500,000 registered users. It also touts Alipay, Huawei, PayGo Wallet, UnionPay, and Yes Seatel as its customers. Southeast Asian countries like Burma, Cambodia, Laos, Malaysia, Myanmar, and the Philippines have become...
How to Use Python to Build Secure Blockchain Applications

How to Use Python to Build Secure Blockchain Applications

Jun 27, 2024
Did you know it's now possible to build blockchain applications, known also as decentralized applications (or "dApps" for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit , an all-in-one development toolkit for Algorand, enables developers to build blockchain applications in pure Python. This article will walk you through the benefits of building blockchain applications, why Python is an ideal choice for dApp development, how to set up your blockchain development environment, and how to start building secure blockchain applications in native Python.  Why build blockchain applications?  Blockchain application development goes far beyond creating a decentralized database and peer-to-peer transactions. It unlocks a new level of trust, security, and efficiency for various applications. Guarantee tamper-proof records: Blockchain creates an immutable and transpar...
Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups

Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups

Jun 13, 2024 Cyber Crime / Ransomware
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs. The product is believed to have been offered to the Conti and LockBit ransomware syndicates that then used the crypter to disguise the file-encrypting malware and launch successful attacks. "And at the end of 2021, members of the [Conti] group infected the computer networks of enterprises in the Netherlands and Belgium with hidden malware," according to a translated version of the statement released by the agency. As part of the investigation, authorities conducted searches in Kyiv and Kharkiv, and seized computer equipment, mobile phones, and notebooks. If found guilty, the defendant is expected to face up to 15 years ...
Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group

Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group

May 29, 2024 Cyber Espionage / Malware
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group. "Moonstone Sleet is observed to set up fake companies and job opportunities to engage with potential targets, employ trojanized versions of legitimate tools, create a malicious game, and deliver a new custom ransomware," the Microsoft Threat Intelligence team said in a new analysis. It also characterized the threat actor as using a combination of tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to meet its strategic objectives. The adversary, hitherto tracked by Redmond under the emerging cluster moniker Storm-1789, is assessed to be a state-aligned group that originally exhibited strong t...
Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

May 19, 2024 Blockchain / Financial Crime
The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles on April 12 and May 16, respectively. The foreign nationals have been "charged for leading a scheme to launder funds to the tune of at least $73 million tied to an international crypto investment scam," Deputy Attorney General Lisa Monaco  said . Prosecutors have accused Li, Zhang, and their co-conspirators of managing an international syndicate that laundered the funds obtained via cryptocurrency investment scams. As part of the fraudulent operation, victims are said to have been tricked into transferring millions of dollars to U.S. bank accounts that were opened in the name of various shell companies. "A network of money launderers then facilitated the transfer of those...
Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering

Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering

May 15, 2024 Cryptocurrency / Anonymity
A Dutch court on Tuesday sentenced one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service to 5 years and 4 months in prison. While the name of the defendant was  redacted in the verdict , it's known that Alexey Pertsev, a 31-year-old Russian national, had been  awaiting trial  in the Netherlands on money laundering charges. Pertsev, one of the developers of Tornado Cash, was  arrested  in Amsterdam in August 2022 days after the U.S. Treasury Department  sanctioned  the service for allowing malicious actors such as the Lazarus Group to launder and cash out their proceeds. In addition to the imprisonment, the defendant is expected to forfeit cryptocurrency assets worth €1.9 million (~$2.05 million) and a Porsche car that had been previously seized. "The defendant declared that it was never his intention to break the law or to facilitate criminal activities," a su...
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

May 01, 2024 Financial Crime / Forensic Analysis
A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market. The  findings  come from Elliptic in collaboration with researchers from the MIT-IBM Watson AI Lab. The 26 GB dataset, dubbed  Elliptic2 , is a "large graph dataset containing 122K labeled subgraphs of Bitcoin clusters within a background graph consisting of 49M node clusters and 196M edge transactions," the co-authors  said  in a paper shared with The Hacker News. Elliptic2 builds on the  Elliptic Data Set  (aka Elliptic1), a transaction graph that was made public in July 2019 with the goal of  combating financial crime  using graph convolutional neural networks ( GCNs ). The idea, in a nutshell, is to uncover u...
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Apr 19, 2024 Ransomware / Endpoint Security
Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia," cybersecurity agencies from the Netherlands and the U.S., along with Europol's European Cybercrime Centre (EC3),  said  in a joint alert. "In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines." The double-extortion group has been observed using a C++ variant of the locker in the early stages, before shifting to a Rust-based code as of August 2023. It's worth noting that the e-crime actor is  completely different  from the Akira ransomware family that was active in 2017. Initial access to target networks is facili...
Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

Apr 13, 2024 Cryptocurrency / Regulatory Compliance
A former security engineer has been  sentenced  to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question,  pled guilty  to one count of computer fraud in December 2023  following his arrest  in July. "At the time of both attacks, Ahmed, a U.S. citizen, was a senior security engineer for an international technology company whose resume reflected skills in, among other things, reverse engineering smart contracts and blockchain audits, which are some of the specialized skills Ahmed used to execute the hacks," the U.S. Department of Justice (DoJ) noted at the time. While the name of the company was not disclosed, he was residing in Manhattan, New York, and  working for Amazon  before he was apprehended. Court documents show that Ahmed exploited a security flaw in an unnamed cryptocurrency exchange's smart ...
Expert Insights / Articles Videos
Cybersecurity Resources