#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Chainalysis | Breaking Cybersecurity News | The Hacker News

North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Nov 30, 2023 Cryptocurrency / Cyberattacks
Threat actors from the Democratic People's Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a  major revenue generation mechanism  since at least 2017 to get around sanctions imposed against the country. "Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from the rest of the world, the regime's ruling elite and its highly trained cadre of computer science professionals have privileged access to new technologies and information," cybersecurity firm Recorded Future  said  in a report shared with The Hacker News. "The privileged access to resources, technologies, information, and sometimes international travel for a small set of selected individuals with promise in mathematics and computer science equips them with the necessary skills for conducting cyber attacks against the cryptocurrency industry." The disclosure comes as the U.S. Treasury Department  imp
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack

NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack

Aug 04, 2023 Cryptocurrency / Cyber Crime
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were  arrested in February 2022 , following the seizure of roughly 95,000 of the stolen crypto assets that were held by the defendants. The funds were valued at $3.6 billion at the time. Since then, the U.S. government said it has seized another approximately $475 million tied to the breach. "Lichtenstein used a number of advanced hacking tools and techniques to gain access to Bitfinex's network," the U.S. Department of Justice (DoJ)  said . "Once inside their systems, Lichtenstein fraudulently authorized more than 2,000 transactions in which 119,754 bitcoin was transferred from Bitfinex to a cryptocurrency wallet in Lichtenstein's control." He is
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting

Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting

Jul 12, 2023 Ransomware / Cyber Threat
Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than they did a year ago, according to findings from Chainalysis. "Ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June," the blockchain analytics firm  said  in a midyear crypto crime report shared with The Hacker News. "If this pace continues, ransomware attackers will extort $898.6 million from victims in 2023, trailing only 2021's $939.9 million." In contrast, crypto scams have pulled in 77% less revenue than they did through June of 2022, largely driven by the abrupt exit of  VidiLook , which paid users VDL tokens in return for watching digital ads that could then be exchanged for large rewards. So have the inflows to illicit addresses associated with malware, darknet markets, child abuse material, and fraud shops. The development, following a  declin
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches

New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches

Mar 20, 2023 Data Breach / Dark Web
2022 was the year when inflation hit world economies, except in one corner of the global marketplace – stolen data. Ransomware payments fell by over 40% in 2022 compared to 2021. More organisations chose not to pay ransom demands, according to findings by blockchain firm Chainalysis. Nonetheless, stolen data has value beyond a price tag, and in risky ways you may not expect. Evaluating stolen records is what  Lab 1, a new cyber monitoring platform , believes will make a big difference for long-term cybersecurity resilience. Think of data value this way:  Stolen credentials can become future phishing attacks Logins for adult websites are potential extortion attempts Travel and location data are a risk to VIPs and senior leadership, And so on… Hackers could retaliate for non-payment by simply posting their loot to forums where the data will be available for further enrichment and exploitation.  Shining a light on dark places Even though your company may not have suffered a di
Hackers Steal $100 Million Cryptocurrency from Binance Bridge

Hackers Steal $100 Million Cryptocurrency from Binance Bridge

Oct 10, 2022
BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100 million in digital assets. "There was an exploit affecting the native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as 'BSC Token Hub,'" it  said  last week. "The exploit was through a sophisticated forging of the low level proof into one common library." According to Binance CEO Changpeng Zhao, the exploit on the cross-chain bridge " resulted in extra BNB ," prompting a  temporary suspension  of the Binance Smart Chain (BSC). "BNB, which stands for 'Build and Build' (formerly called Binance Coin), is the blockchain gas token that 'fuels' transactions on BNB Chain," Binance  noted  earlier this February. No user funds are said to have been impacted, since the vulnerability in the BSC Token Hub bridge enabled the unknown threat actor
U.S. Seizes Cryptocurrency Worth $30 Million Stolen by North Korean Hackers

U.S. Seizes Cryptocurrency Worth $30 Million Stolen by North Korean Hackers

Sep 09, 2022
More than $30 million worth of cryptocurrency plundered by the North Korea-linked Lazarus Group from online video game Axie Infinity has been recovered, marking the first time digital assets stolen by the threat actor have been seized. "The seizures represent approximately 10% of the total funds stolen from Axie Infinity (accounting for price differences between time stolen and seized), and demonstrate that it is becoming more difficult for bad actors to successfully cash out their ill-gotten crypto gains," Erin Plante, senior director of investigations at Chainalysis,  said . The development arrives more than five months after the  crypto hack  resulted in the theft of $620 million from the decentralized finance (DeFi) platform Ronin Network, with the attackers laundering a majority of the proceeds – amounting to $455 million – through the Ethereum-based cryptocurrency tumbler Tornado Cash. The March 2022 cryptocurrency heist resulted in losses totaling 173,600 ETH wort
FBI Seizes 'SSNDOB' ID Theft Service for Selling Personal Info of 24 Million People

FBI Seizes 'SSNDOB' ID Theft Service for Selling Personal Info of 24 Million People

Jun 08, 2022
An illicit online marketplace known as SSNDOB was taken down in operation led by U.S. law enforcement agencies, the Department of Justice (DoJ) announced Tuesday. SSNDOB trafficked in personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the U.S., generating its operators $19 million in sales revenue. The action saw the seizure of several domains associated with the marketplace — ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz — in cooperation with authorities from Cyprus and Latvia. According to blockchain analytics firm  Chainalysis , SSNDOB's Bitcoin payment processing system has received nearly $22 million worth of Bitcoin across over 100,000 transactions since April 2015. Furthermore, bitcoin transfers to the tune of more than $100,000 have been unearthed between SSNDOB and  Joker's Stash , another darknet market that specialized in stolen credit card information and voluntarily c
Cybersecurity Resources