Responsible for one of the top performing cryptocurrencies, IOTA is continuing to release new information in response to a Feb.12 hack on its official wallet. According to a Feb. 19 status update, the IOTA Foundation strongly recommends users of the Trinity Wallet to immediately change their passwords and use the seed migration tool to protect their assets. Trinity users who opened or updated their wallets between December 17th, 2019 and February 18th, 2020 may be vulnerable. Trinity users - If you opened #Trinity between Dec 17th 2019 - Feb 18th 01.30 CET 2020, you will need to use the seed …

Following an apparent hack of IOTA (MIOTA) official wallet on Feb. 12, the IOTA Foundation has released a safe desktop version of the Trinity wallet. According to a Feb. 17 update post, IOTA should update their Trinity apps to securely check their balances and transactions via Trinity 1.4.1, a new version that is designed to remove the recently detected vulnerability from the wallets. IOTA’s network coordinator is still paused for an upcoming token migration Released on Feb. 16, the new version of the wallet doesn’t apparently represent the full solution of the recent breach because the IOTA’s dedicated network Coordinator, …

Cybersecurity firm Trend Micro has detected that hacking group Outlaw has been updating its toolkit for stealing enterprises’ data for nearly half a year at this point. Outlaw — who had ostensibly been silent since last June — became active again in December, with upgrades on their kits’ capabilities, which now target more systems, according to an analysis from Trend Micro published on Feb. 10. The kits in question are designed to steal data from the automotive and finance industries. The new capabilities of the kits The group’s new developments include scanner parameters and targets, advanced breaching techniques used for …

North Korea’s internet use saw a 300% surge over the past three years, as the country’s regime has continued to rely on cryptocurrencies for various activities. Exploitation of crypto and blockchain technology is among the primary tactics for the country to generate revenue as well as transfer and use illicitly obtained funds, a new study says. Titled “How North Korea Revolutionized the Internet as a Tool for Rogue Regimes,” the study was released on Feb. 9 by Insikt Group, an intelligence arm of United States-based cybersecurity firm Recorded Future. The report analyzed North Korean senior leadership’s internet activity between Jan. …

Altsbit, a small cryptocurrency exchange that lost “almost all funds” in hack on Feb. 5, will shut down its services in May 2020. After Altsbit first reported on the hack on Twitter on Feb. 6, the exchange released withdrawal instructions on Feb. 9. According to the statement, the hack caused Altsbit to have lost 6.929 Bitcoin (BTC) and 23 Ether (ETH), among losses in other cryptocurrencies such as Pirate Chain (ARRR), VerusCoin (VRSC) and and Komodo (KMD). Users to be refunded from crypto in cold storage Despite a significant part of Altsbit’s crypto funds being stored on cold storage, the …

Edge, the web browser of information technology giant Microsoft, now blocks cryptojacking malware. A Microsoft Edge spokesperson told Cointelegraph on Feb. 10 that the latest version of the web browser features a new PUA (Potentially Unwanted Apps) blocking feature that may block some illicit cryptocurrency mining malware. When asked about whether Microsoft plans to protect Edge users from illicit cryptocurrency miners, the spokesperson said that “this will be a particular area of focus.” As cryptojacking is increasingly becoming a cybersecurity threat, efforts to tackle the issue are also scaling up. A new cybersecurity feature Cryptojacking is the practice of illicitly …

The North Korean hacking team Lazarus Group targeted several crypto exchanges last year, Chainalysis reports. One of the attacks involved the creation of a fake, but realistic trading bot website that was offered to employees of DragonEx exchange. In March 2019 the hackers stole approximately $7 million in various cryptocurrencies from Singapore-based DragonEx exchange. Though a relatively small sum, the hackers went to great lengths to obtain it. The group used a sophisticated phishing attack where they created a realistic website and social media presence for a fake company named WFC Proof. The supposed company had created Worldbit-bot, a trading …

Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1. The hackers published the data on two websites that were shared with the author of this article, …

Kraken Security Labs revealed on Jan 31. that Trezor hardware wallets and their derivatives can be hacked to extract private keys. Though the procedure is quite involved, Kraken claims that it “requires just 15 minutes of physical access to the device.” The attack requires a physical intervention on the Trezor wallet by either extracting its chip and placing it on a special device or soldering a couple of critical connectors. The Trezor chip must then be connected to a “glitcher device” that would send it signals at specific moments. These break the built-in protection that prevents the chip’s memory from …

Opportunistic cybercriminals are capitalizing on the death of basketball legend Kobe Bryant earlier this week by setting booby-traps for those searching for mementos of the star. According to a tweet by Microsoft Security Intelligence on Jan. 31, hackers are hiding malicious html code containing a cryptojacking script in desktop wallpaper of the NBA all-time great. Cryptojacking is a practice whereby cybercriminals hijack processing power from other computers to mine cryptocurrencies remotely. Following the tragic helicopter crash which claimed the lives of Byrant, his 13-year old daughter, and seven other occupants, there has been increased interest in the star from both …

A United Kingdom High Court ordered a proprietary injunction on Bitcoin (BTC) obtained through a ransomware attack on a Canadian insurance company. A proprietary injunction is an order which prevents a person from dealing with their own assets when it is subject of a proprietary claim. On Jan. 17, the UK High Court released documents concerning a ransomware attack, in which over 1,000 computers of the insurance company were rendered unusable through the use of malware that encrypted files, making them unaccessible. The unidentified attackers demanded $1.2 million in Bitcoin in exchange for decrypting the data. The firm’s insurer covered …

Changpeng Zhao, the co-founder and CEO of cryptocurrency exchange Binance, suggested that for most, keeping crypto assets on an exchange is safer than keeping the keys themselves. Zhao gave his comments in a tweet on Jan. 19 after famous crypto skeptic and gold bug Peter Schiff complained that he lost access to his Bitcoin (BTC). Invoking the phrase “SAFU” — a slanger term in the crypto community for “safe,” Zhao said: “Many hardcore crypto [organizations] advocate storing your own keys. But the truth is, today most people are not able to secure a key even from themselves (losing it). A …