Malware sidesteps Google permissions policy with new 2FA bypass technique

ESET analysis uncovers a novel technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions. When Google restricted the use of SMS and Call Log permissions in Android apps in March 2019, one of the positive effects was that credential-stealing apps lost the option to abuse these permissions for bypassing SMS-based two-factor authentication (2FA) mechanisms. … More Malware sidesteps Google permissions policy with new 2FA bypass technique

ESET discovers new fake cryptocurrency apps on Google Play able to phish and scam users out of cryptocurrency

ESET researchers have just concluded their analysis of fake cryptocurrency wallets that emerged on Google Play at the time of bitcoin’s renewed spike in value. This month has seen bitcoin growing, with its price climbing to its highest point since September 2018. Not surprisingly, cybercriminals were quick to notice this development and started upping their … More ESET discovers new fake cryptocurrency apps on Google Play able to phish and scam users out of cryptocurrency

Fake cryptocurrency apps crop up on Google Play as bitcoin price rises

ESET researchers have analyzed fake cryptocurrency wallets emerging on Google Play at the time of bitcoin’s renewed growth. May 2019 has seen bitcoin growing, with its price climbing to its highest points since September 2018. Not surprisingly, cybercrooks were quick to notice this development and started upping their efforts in targeting cryptocurrency users with various … More Fake cryptocurrency apps crop up on Google Play as bitcoin price rises

Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange

The thieves bade their time before running off with more than 7,000 Bitcoin ‘in one fell swoop’. Binance, one of the world’s largest cryptocurrency exchanges, has revealed that it’s fallen victim to a major security breach in which hackers made off with some US$41 million worth of Bitcoin. Several methods, including phishing attacks and malware … More Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange

Cryptocurrency exchange loses millions in heist

Bithumb believes that, unlike in past incidents, this theft was the work of rogue insiders. Major South Korea-based cryptocurrency exchange Bithumb has announced that it was hit by a heist that impacted its own virtual coins. The exchange didn’t say how much was lost. However, ZDNet wrote that cryptocurrency insiders tracked down the outgoing transactions from Bithumb’s wallet address, … More Cryptocurrency exchange loses millions in heist

Coinhive cryptocurrency miner to call it a day next week

The service became notorious for its use by ne’er-do-wells looking to make a quick buck by hijacking the processing power of victim machines to generate virtual money. Coinhive, a cryptocurrency mining service that rose to infamy after it began to be co-opted for cryptojacking campaigns in 2017, is shutting down. In a short blog post on Tuesday, the … More Coinhive cryptocurrency miner to call it a day next week

‘Highly critical’ bug exposes unpatched Drupal sites to attacks

Worse, attackers have already been spotted targeting the flaw to deliver cryptocurrency miners and other payloads. Days after the team behind Drupal urged website admins to apply an update patching a highly critical vulnerability in the content management system (CMS) platform, threat actors were spotted exploiting the loophole in the wild. The remote code execution … More ‘Highly critical’ bug exposes unpatched Drupal sites to attacks