Tag: CRYPTO

SheByte PaaS Launches Subscription Service for Cybercriminals
Summary: The shutdown of LabHost, a major phishing-as-a-service platform, led to a temporary decline in phishing attacks against Canadian banks, but the emergence of SheByte quickly filled the void. SheByte has innovatively marketed its services, attracting cybercriminals with customizable phishing kits and a user-friendly interface. Despite initial challenges, SheByte’s resilience indicates a significant evolution in the cyber threat landscape targeting Canadian financial institutions.…
Read More
North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature
Summary: North Korean hackers are exploiting Zoom’s Remote Control feature to install malware on the devices of cryptocurrency investors by masquerading as legitimate business contacts. This attack utilizes social engineering tactics, making targets inadvertently grant remote access during what appears to be legitimate meetings. The malware deployed can exfiltrate sensitive information, resulting in significant financial losses.…
Read More
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Summary: Recent cyber activity highlights the subtle ways attackers gain access to systems, often exploiting overlooked vulnerabilities and misconfigurations. Major findings include active exploitation of a Windows flaw and a phishing campaign targeting crypto developers. Organizations need to be vigilant against these evolving threats and ensure prompt patching of vulnerabilities.…
Read More

Summary: The video discusses the prevalence of scams in various investment opportunities, particularly in fields like cryptocurrency and organ harvesting. It emphasizes the importance of caution when considering such ventures, warning viewers not to be easily swayed by famous personalities or enticing offers.

Keypoints:

Many investment opportunities in crypto and organ harvesting are scams.…
Read More
Summary: A recent tactic involves threat actors using Zoom’s remote control feature to install malware on victims’ computers. Known as ELUSIVE COMET, this group targets individuals by inviting them to Zoom calls under false pretenses, leading to accidental sharing of access. Users are cautioned to be vigilant with remote control permissions during online meetings to avoid falling victim to similar scams.…
Read More
Lazarus_Linked_Malware_Targets_Windows
This article provides an analysis of the malware sample 875b0cbad25e04a255b13f86ba361b58453b6f3c5cc11aca2db573c656e64e24.exe, attributed to the Lazarus Group, a state-sponsored cyber threat actor. Using tools like ANY.RUN and Hybrid Analysis, the analysis reveals the malware’s behavior, including process injection and registry modifications, targeting primarily Windows systems and expanding to Linux and macOS environments.…
Read More
Summary: Cybersecurity researchers have discovered a malicious package on PyPI named ccxt-mexc-futures that reroutes trading orders on the MEXC cryptocurrency exchange to a malicious server, compromising users’ sensitive information and tokens. The package has been removed from the repository but had over 1,000 downloads, and developers are advised to revoke compromised tokens.…
Read More
Understanding and Threat Hunting for RMM Software Misuse
Threat actors are increasingly exploiting Remote Monitoring and Management (RMM) software to conduct sophisticated cyberattacks, using tools like AnyDesk, Atera Agent, and MeshAgent for unauthorized access, data exfiltration, and persistence in compromised networks. This trend highlights the potential risks posed by these tools, which are often embedded in organizational IT workflows.…
Read More
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Summary: Cheap Android smartphones from Chinese manufacturers have been found pre-loaded with trojanized apps, including counterfeit versions of WhatsApp and Telegram, that enable cryptocurrency theft. The malicious software, referred to as Shibai, is designed to intercept and manipulate cryptocurrency transactions, while also harvesting sensitive data and images.…
Read More

Summary: The video discusses the allure and utility of VS Code for developers, particularly for PowerShell scripting, while cautioning about the potential risks of installing dubious extensions that could lead to malware infections, specifically mentioning the XM rig crypto miner.

Keypoints:

VS Code is widely used for various coding tasks, including PowerShell.…
Read More
Malicious npm Package Disguised as Advcash Integration Triggers Reverse Shell
The article discusses a malicious npm package, @naderabdi/merchant-advcash, which embeds a reverse shell trigger disguised as a legitimate payment processing module for the Advcash payment platform. This security threat is aimed at end users making transactions, leading to severe implications for their system’s security. Affected: npm package, Advcash platform, end users

Keypoints :

A malicious npm package called @naderabdi/merchant-advcash has been discovered.…
Read More
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
Summary: A North Korea-linked hacking group, referred to as Slow Pisces, has been linked to a series of malicious campaigns targeting cryptocurrency developers, delivering stealer malware disguised as job-related coding challenges. The group uses platforms like LinkedIn for recruitment lures, employing multi-stage attacks that focus on individual victims rather than broad phishing methods.…
Read More
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Summary: Researchers have uncovered a sophisticated remote access trojan named ResolverRAT, primarily targeting the healthcare and pharmaceutical sectors through phishing attacks. The malware utilizes fear-based language in localized emails to induce urgency and uses advanced techniques to evade detection. The campaign’s attributes indicate potential connections to previous phishing campaigns, highlighting a complex and evolving threat landscape.…
Read More
Malicious NPM Packages Target Cryptocurrency, PayPal Users
Summary: Threat actors have been distributing malicious NPM packages targeting PayPal and cryptocurrency wallet users to steal sensitive information and funds. The malicious packages impersonate legitimate services to trick users, utilizing preinstall hooks to execute harmful scripts unnoticed. Victims are advised to remove compromised applications and check for suspicious NPM packages and network activities.…
Read More
Lazarus_Linked_Malware_Targets_Windows
This analysis of the APT38 malware highlights the sophisticated methods used by the Lazarus Group, emphasizing the malware’s malicious capabilities and behaviors, such as process injection and command and control operations. The findings indicate the need for immediate security measures against such threats. Affected: Windows, Linux, macOS, financial institutions, government agencies, corporate networks

Keypoints :

The malware analyzed is linked to the Lazarus Group, a state-sponsored APT associated with North Korea.…
Read More
The CyberDiplomat’s Daily Report 14th April 2025 | Monday
The CyberDiplomat’s Daily Incident Report highlights a significant increase in global cyber threats across various regions, notably Asia, Oceania, Europe, North America, and Africa. Key incidents include a DDoS attack on Tempo, rising malware detections, and critical data breaches in sectors like healthcare and transportation. The report underscores the urgency for stronger cybersecurity measures and collaborative efforts among organizations to mitigate these evolving threats.…
Read More
Toward a Safer Digital ASEAN: Building Legal and Law Enforcement Synergy
Summary: Southeast Asia’s rapid digital transformation is leading to an alarming rise in cybercrime, which threatens national security and public trust. Although ASEAN governments are beginning to respond, they must enhance their cooperation and legal frameworks to combat these evolving threats effectively. The region faces significant challenges in enforcement capabilities, legal inconsistencies, and the urgent need for collective action.…
Read More