The Lazarus hacker group, which is allegedly sponsored by the North Korean government, has deployed new viruses to steal cryptocurrency. Major cybersecurity firm Kaspersky reported on Jan. 8 that Lazarus has doubled down its efforts to infect both Mac and Windows users’ computers. The group had been using a modified open-source cryptocurrency trading interface called QtBitcoinTrader to deliver and execute malicious code in what has been called “Operation AppleJeus,” as Kaspersky reported in late August 2018. Now, the firm reports that Lazarus has started making changes to the malware. Kaspersky identified a new macOS and Windows virus named UnionCryptoTrader, which …

The Ethereum (ETH) network was apparently the target of a coordinated attack, according to several analysts. Following reports that some Parity Ethereum nodes lost sync with the network, on Dec. 31, core blockchain infrastructure company Parity Technology said it believed there was an attack underway and subsequently released network upgrades to protect against it. According to cryptocurrency security consultant Sergio Demian Lerner, the attack was implemented in a simple way, wherein “you send to a Parity node a block with invalid transactions, but valid header (borrowed from another block). The node will mark the block header as invalid and ban …

A United Kingdom national, and alleged member of “The Dark Overlord” hacking collective, has been extradited to the United States to face charges. According to an announcement from the U.S. Department of Justice on Dec. 18, the charges relate to the purported theft of sensitive information from companies in the St. Louis area, and threats to release this information unless a ransom was paid in Bitcoin (BTC). Justice across international borders Nathan Wyatt, 39, pled not guilty to charges of aggravated identity theft, threatening to damage a protected computer, and conspiring to commit those and other computer fraud offenses, and …

Note: This story has been updated to provide more details about the incident. VeChain Foundation’s wallet has been compromised in a hacker attack targeting funds earmarked for the foundation’s buyback program. Per a VeChain Foundation announcement on Dec. 13, an unknown hacker has redirected 1.1 billion VET tokens — valued at approximately $6,600,000 at press time — from the VeChain Foundation’s buyback wallet to a personal wallet address. Security breach is likely a result of internal misconduct unnoticed due to human error In the initial update on the incident, VeChain Foundation noted that the hack is in “no way related” …

Liquidators of hacked New Zealand cryptocurrency exchange Cryptopia have recovered almost $11 million in the past six months, but say the process remains difficult. In its second report into its operations at Cryptopia, Grant Thornton confirmed that receipts from May to November totaled around 10.9 million New Zealand dollars ($7.18 million). Funds trickle back from oblivion Expenses, including payments to certain preferential creditors, came to NZ$3.74 million ($2.46 million), resulting in a net recovery of NZ$7.2 million ($4.74 million). “We continue to investigate the affairs of the Company and its directors in the period prior to our appointment to determine …

The Maker Foundation has announced a series of governance polls aimed at security after software developer Micah Zoltu explained how any hacker with $20 million at their disposal could stage an attack on the MakerDAO network and steal close to $340 million. In a Dec. 9 blog post, the Maker Foundation interim risk team announced a series of governance polls into its voting system, with one poll asking the Maker community whether the governance security module (GSM) should be upgraded from 0 seconds to 24 hours. Earlier on Dec. 9, Zoltu had made the claim that it would cost a …

Unknown hackers have attempted to launch a second 51% attack on Vertcoin (VTC) but ended up paying for the privilege out of their own pockets. As Vertcoin’s lead maintainer James Lovejoy revealed in a report on the attack on Dec. 2, a malicious entity targeted cryptocurrency exchange Bittrex in order to manipulate the Vertcoin blockchain. Hackers paid at least $440 to attack VTC Vertcoin forked off from Bitcoin (BTC) in 2014 and experienced a major attack in December last year, during which hackers stole funds worth $100,000. This time, however, it appears the exploit was much less successful. “Based on …

A group of hackers has launched a new cryptojacking campaign on Nov. 24, scanning as many as 59,000 IP networks to find Docker platforms that have API endpoints exposed online, business technology publication ZDNet reports Nov. 26. According to the report, the campaign is targeting vulnerable Docker instances in order to deploy crypto-malware to generate funds for the hacking group by mining Monero (XMR). The mass scanning issue was first discovered by American internet security firm Bad Packets LLC on Nov. 25. Troy Mursch, chief research officer and co-founder of Bad Packets LLC, said that exploit activity targeting exposed Docker …

The software available for download on Monero’s (XMR) official website was compromised to steal cryptocurrency, according to a Nov. 19 Reddit post published by the coin’s core development team. The command-line interface (CLI) tools available at getmonero.org may have been compromised over the last 24 hours. In the announcement, the team notes that the hash of the binaries available for download did not match the expected hashes. The software was malicious On GitHub, a professional investigator going by the name of Serhack said that the software distributed after the server was compromised is indeed malicious, stating: “I can confirm that …

Anonymous hacker Phineas Fisher will pay up to $100,000 in crypto to hackers for leaking some damaging information about global high-profile firms. The bounty, called the “Hacktivist Bug Hunting Program” was published on Nov. 15 and targets big companies including Israeli spyware vendor NSO Group and American oil company Halliburton, as Vice reported on Nov. 17. The idea of the new bounty is to pay other hackers who carry out politically motivated hacks against firms, which would lead to the disclosure of documents in the public interest, according to Vice. Other targets reportedly include mining and livestock companies in South …

Speaking today at BlockShow Asia 2019, Genesis Block HK co-founder Clement Ip shared a negative personal experience during a panel on how Asian trading firms make profits. His company is a blockchain venture capital firm, crypto quant hedge fund, and mining company focused on investing in blockchain projects. Sharing the stage with two other speakers — Kyle Davies of Three Arrows Capital and Joshua Ho of QCP Capital — Ip came out with his sad story. He said he lost "a lot of coins" due to an exchange hack, and his takeaway lesson was clear: "Don't leave your assets on …

Gregg Bennett, a SIM-swap hack victim and angel investor, sued cryptocurrency exchange Bittrex over allegedly allowing the theft of nearly $1 million in Bitcoin (BTC). According to a press release published on Oct. 30, Bennett believes the exchange violated its own security standards and allowed hackers to steal his cryptocurrency in April. The lawsuit, filed in King County Superior Court, suggests that the exchange committed “unfair and deceptive acts that misrepresented its level of security." A SIM-swapping attack The hackers reportedly took control of Bennett’s mobile number and then used it to access his online accounts, including Bittrex, on April …