π Cryptocurrency Thefts Surge in 2025, Chainalysis Reports
#Cryptocurrency #Theft #Chainalysis #2025 #WalletAttacks #EasternEurope #MiddleEast #CyberSecurity #SocialEngineering #Malware #Deepfake
According to Odaily, a recent report by Chainalysis reveals that cryptocurrency thefts in the first half of 2025 have reached $2.17 billion, surpassing the total for 2024. The report anticipates that losses for the entire year could reach $4 billion. There has been a notable increase in wallet attacks in Eastern Europe and the Middle East, along with a significant rise in physical robberies. The report highlights that attacks on personal wallets now account for 23% of incidents, with hackers increasingly using social engineering, malware, and deepfake videos to steal assets.#Cryptocurrency #Theft #Chainalysis #2025 #WalletAttacks #EasternEurope #MiddleEast #CyberSecurity #SocialEngineering #Malware #Deepfake
π Victim Loses $2.8 Million in Bitcoin Due to Social Engineering Scam
#Bitcoin #SocialEngineering #Scam #Cryptocurrency #Blockchain #Security #Fraud #LawEnforcement #PrivateKey #MnemonicPhrase #CryptoTheft #WrenchAttack #CryptoSecurity #TRMLabs #EuropeCrime #BTC
According to PANews, North Wales Police reported a victim lost approximately $2.8 million (around 2.1 million euros) in Bitcoin due to a social engineering attack. The scam involved fraudsters impersonating senior UK law enforcement officials, claiming the victim's identity appeared on a suspect's phone. They instructed the victim to 'protect' their assets via a fake website, leading to the theft of funds within minutes after the victim entered their wallet's mnemonic phrase. Police advise that law enforcement will not contact the public to discuss cryptocurrency holdings or request mnemonic phrases. Anyone receiving such calls should hang up immediately and verify by calling the non-emergency number 101.
Blockchain security firm TRM Labs highlighted that in the first half of 2025, over 80% of stolen crypto assets resulted from private key and mnemonic phrase leaks. Additionally, Europe is experiencing a surge in physical attacks targeting crypto assets, with France reporting at least ten 'wrench attacks,' including attempted kidnappings and cryptocurrency ransom cases.#Bitcoin #SocialEngineering #Scam #Cryptocurrency #Blockchain #Security #Fraud #LawEnforcement #PrivateKey #MnemonicPhrase #CryptoTheft #WrenchAttack #CryptoSecurity #TRMLabs #EuropeCrime #BTC
π Massive Social Engineering Attack Results in Theft of 783 Bitcoins Worth $91.4 Million
#SocialEngineering #BitcoinTheft #CryptocurrencySecurity #Blockchain #CryptoScams #Vigilance #Cybersecurity #WasabiWallet #HardwareWallets #MultiFactorAuthentication #BTC
On August 19, 2025, a sophisticated social engineering attack led to the theft of 783 Bitcoins, valued at approximately $91.4 million, according to blockchain intelligence firm BlockBeats and on-chain analyst ZachXBT.How the Attack UnfoldedThe attackers impersonated customer service representatives from popular trading platforms and hardware wallet providers. Using these deceptive tactics, they gained access to the victimβs funds, which were then gradually moved and dispersed across multiple wallets. Notably, the stolen Bitcoins were deposited multiple times into Wasabi Wallet, a privacy-focused Bitcoin mixing service, complicating traceability.This high-profile theft eerily coincided with the first anniversary of the $243 million Genesis creditors hack, highlighting ongoing vulnerabilities in crypto security.Key DetailsDate of Attack: August 19, 2025Amount Stolen: 783 BTC (~$91.4 million)Attack Method: Social engineering via impersonation of customer supportFunds Movement: Gradual dispersal and multiple deposits to Wasabi WalletTransaction Hash: da598f2a941ee3c249a3c11e5e171e186a08900012f6aad26e6d11b8e8816457What This Means for Crypto UsersThis incident serves as a stark reminder of the critical importance of vigilance against social engineering attacks. Even experienced users can fall victim to sophisticated scams that exploit trust and impersonation.Tips to Protect Your Crypto Assets:Always verify customer support contacts through official channels.Avoid sharing private keys or sensitive information.Use hardware wallets and enable multi-factor authentication.Be cautious of unsolicited messages or calls claiming to be support staff.#SocialEngineering #BitcoinTheft #CryptocurrencySecurity #Blockchain #CryptoScams #Vigilance #Cybersecurity #WasabiWallet #HardwareWallets #MultiFactorAuthentication #BTC
π Hackers Exploit Microsoft Teams to Target Cryptocurrency Users
#MicrosoftTeams #Hacking #Hackers #SocialEngineering #Phishing #Cryptocurrency #Crypto #Web3 #Cybersecurity #HashDit
The Web3 security firm HashDit stated on X, βHackers are using Microsoft Teams to compromise users and steal their cryptocurrency. The attack is deceptively simple and relies on social engineering tactics.β#MicrosoftTeams #Hacking #Hackers #SocialEngineering #Phishing #Cryptocurrency #Crypto #Web3 #Cybersecurity #HashDit
π British Citizen Charged in Extensive Cybercrime Case Involving U.S. Entities
#cybercrime #extortion #ransomware #socialengineering #scatteredspider #cryptocurrency #serverraid #british #britishcitizen #moneylaundering #fraud #cybersecurity #usentities #criticalinfrastructure #courtsystem #thalhajubair
According to Foresight News, British citizen Thalha Jubair has been indicted for his involvement in over 120 cyber intrusions and extortion attacks affecting 47 U.S. entities. The total ransom paid by victims exceeds $115 million. The indictment alleges that 19-year-old Jubair collaborated with the cybercrime group Scattered Spider, using social engineering techniques to gain unauthorized access to networks, steal and encrypt information, and then demand ransom from victims. The group also targeted critical infrastructure companies and the U.S. court system. In July 2024, law enforcement successfully seized approximately $36 million in cryptocurrency during a server raid. Jubair faces multiple charges, including computer fraud, telecommunications fraud, and money laundering, with a maximum sentence of 95 years in prison.#cybercrime #extortion #ransomware #socialengineering #scatteredspider #cryptocurrency #serverraid #british #britishcitizen #moneylaundering #fraud #cybersecurity #usentities #criticalinfrastructure #courtsystem #thalhajubair
π U.S. Department of Justice Arrests Teen Linked to Ransomware Group
#DOJ #Ransomware #Cybercrime #ScatteredSpider #Earth2Star #Jubair #BTC #Bitcoin #RansomwareAttack #CyberSecurity #SocialEngineering #HelpDesk #LinkedIn #InvestorWebsites #PANews #SlowMist #23pds
According to PANews, the U.S. Department of Justice has arrested a 19-year-old member of the Scattered Spider ransomware group. Court documents reveal that the individual, identified as Jubair, also known as Earth2Star, allegedly obtained approximately 920.16 BTC in ransom through ransomware attacks.
23pds, the Chief Information Security Officer at SlowMist Technology, stated on the X platform that the Scattered Spider network did not exploit zero-day vulnerabilities, use new malware, or target vulnerable external machines. Instead, they conducted basic reconnaissance using social media platforms like LinkedIn and investor websites to gather information about companies. They then called help desks to gain trust and execute their attacks.#DOJ #Ransomware #Cybercrime #ScatteredSpider #Earth2Star #Jubair #BTC #Bitcoin #RansomwareAttack #CyberSecurity #SocialEngineering #HelpDesk #LinkedIn #InvestorWebsites #PANews #SlowMist #23pds
π Notion's AI Agents Face Prompt Injection Vulnerability
#Notion #AIAgents #PromptInjection #Vulnerability #Security #CyberSecurity #DataExfiltration #Steganography #PDFs #SocialEngineering #ManualReview #DataPrivacy #ThreatMitigation #SecurityBestPractices #InfoSec #Privacy #DataSecurity
According to BlockBeats, AI researcher Abi Raghuram has identified a prompt injection vulnerability in Notion's newly released AI Agents. This security risk allows attackers to embed hidden text, such as white font, in files like PDFs. When users process these files with the AI Agent, the hidden prompts may be executed, potentially leading to the transmission of sensitive information to external addresses.
Researchers highlight that such attacks often employ social engineering tactics, including impersonating authority, creating urgency, and providing false security assurances to increase their success rate. Experts advise users to exercise caution by avoiding the upload of PDFs or files from unknown sources to the AI Agent. It is also recommended to strictly limit the Agent's internet access and data export permissions, perform steganography removal or cleansing on suspicious files, and conduct manual reviews. Additionally, requiring the AI Agent to display a clear confirmation prompt before any external submission can help mitigate the risk of sensitive data leaks.#Notion #AIAgents #PromptInjection #Vulnerability #Security #CyberSecurity #DataExfiltration #Steganography #PDFs #SocialEngineering #ManualReview #DataPrivacy #ThreatMitigation #SecurityBestPractices #InfoSec #Privacy #DataSecurity
π Unauthorized LayerZero Initialization Leads to GAIN Minting Incident
#LayerZero #GAIN #GoPlus #minting #crosschain #BinanceSmartChain #Ethereum #insiders #socialengineering #YalaAttack #cryptoSecurity #blockchain
According to BlockBeats, GoPlus has reported on social media that an unusual minting of GAIN tokens may have occurred due to unauthorized LayerZero Peer initialization and malicious exploitation. This incident is similar to the recent Yala attack.
The attackers, potentially insiders or individuals who socially engineered project members, initialized an additional LayerZero Peer on the Ethereum network. They minted TTTTT tokens and exploited a misconfigured Peer to bypass cross-chain verification, resulting in the minting of 5 billion GAIN tokens on the Binance Smart Chain.#LayerZero #GAIN #GoPlus #minting #crosschain #BinanceSmartChain #Ethereum #insiders #socialengineering #YalaAttack #cryptoSecurity #blockchain
π California Man Pleads Guilty to Cryptocurrency Fraud and Money Laundering
#CryptocurrencyFraud #MoneyLaundering #RICO #SocialEngineering #LuxuryGoods #ShellCompanies #California
According to PANews, a California resident, Kunal Mehta, has admitted to participating in a cryptocurrency fraud ring and pleaded guilty to violating the Racketeer Influenced and Corrupt Organizations (RICO) Act. The group is accused of using social engineering tactics to steal cryptocurrency assets valued at $263 million, now estimated at $385 million, across the United States. These assets were reportedly spent on luxury items such as cars, nightclubs, watches, bags, and private jets. Mehta allegedly used shell companies to purchase and hold luxury vehicles like Lamborghinis and Rolls-Royces to conceal the identities of his underage accomplices.#CryptocurrencyFraud #MoneyLaundering #RICO #SocialEngineering #LuxuryGoods #ShellCompanies #California
π Pepe Website Compromised by Cyber Attack
#Pepe #websitecompromised #cyberattack #InfernoDrainer #phishing #walletstealing #socialengineering #cybersecurity #Blockaid #memecoin #PEPE
According to PANews, the official website of the meme coin PEPE has been compromised by attackers, redirecting users to malicious links. On Thursday, cybersecurity firm Blockaid reported that their system detected a front-end attack on the Pepe website, which now contains malicious code known as Inferno Drainer. Inferno Drainer is a toolkit used by threat actors, comprising phishing site templates, wallet-stealing programs, and social engineering tools.#Pepe #websitecompromised #cyberattack #InfernoDrainer #phishing #walletstealing #socialengineering #cybersecurity #Blockaid #memecoin #PEPE
π Victim Loses Over $282 Million in Crypto Scam
#crypto #scam #hardwarewallet #LTC #BTC #Monero #XMR #Thorchain #Ethereum #Ripple #Litecoin #socialengineering
According to Odaily, a victim lost more than $282 million in LTC and BTC due to a hardware wallet social engineering scam on January 10, 2026, around 23:00 UTC+8. The attacker began converting the stolen 2.05 million LTC and 1,459 BTC into Monero through multiple instant exchanges, causing an increase in XMR prices. Additionally, the stolen BTC was transferred cross-chain via Thorchain to Ethereum, Ripple, and Litecoin. The affected addresses include bc1ql...tf86, bc1qp...0wzm, and ltc1q...nr70.#crypto #scam #hardwarewallet #LTC #BTC #Monero #XMR #Thorchain #Ethereum #Ripple #Litecoin #socialengineering
π Ethereum Foundation Backs Security Efforts Against Cyber Threats
#EthereumFoundation #SecurityEfforts #CyberThreats #WhitehatTeam #SecurityAlliance #SEAL #DrainAttacks #SocialEngineering #BlockchainSecurity #1Ts #NS3AI #ETH
The Ethereum Foundation has announced its sponsorship of the whitehat team Security Alliance (SEAL) to address drain and social engineering attacks affecting Ethereum users. According to NS3.AI, this initiative, known as '1Ts,' aims to bolster security measures by supporting engineers who collaborate with SEAL to identify and mitigate these threats. SEAL also plans to expand this collaborative security approach to other blockchain ecosystems.#EthereumFoundation #SecurityEfforts #CyberThreats #WhitehatTeam #SecurityAlliance #SEAL #DrainAttacks #SocialEngineering #BlockchainSecurity #1Ts #NS3AI #ETH
π North Korean Hackers Use AI Deepfakes in Crypto Attacks
#NorthKoreanHackers #AIDeepfakes #CryptoAttacks #Mandiant #SocialEngineering #UNC1069 #Malware #CryptocurrencyTheft #Cybersecurity #AIImpersonation #Phishing
Google's Mandiant team has uncovered a North Korean hacking group employing AI-generated deepfakes in advanced social engineering attacks targeting cryptocurrency companies. According to NS3.AI, the group, identified as UNC1069, uses AI to impersonate trusted individuals during fraudulent video meetings. This tactic results in malware infections aimed at stealing credentials and cryptocurrency. This development occurs as North Korean actors increasingly focus on targeted, high-value attacks instead of broad phishing campaigns, contributing to a rise in cryptocurrency thefts.#NorthKoreanHackers #AIDeepfakes #CryptoAttacks #Mandiant #SocialEngineering #UNC1069 #Malware #CryptocurrencyTheft #Cybersecurity #AIImpersonation #Phishing
π Flagship Bank Faces Data Breach: Customer Information Compromised
#FlagshipBank #DataBreach #CustomerInformation #SecurityBreach #SocialEngineering #CreditMonitoring #FinancialSecurity #IdentityTheft #PrivacyProtection #EmployeeTraining
Flagship Bank has reported a security breach involving unauthorized access to sensitive customer data, including names, Social Security numbers, and financial information. According to NS3.AI, the breach occurred on April 15, 2025, through a social engineering attack. While there is currently no evidence of identity theft, the bank is taking proactive measures by offering 12 months of credit monitoring to affected customers and implementing enhanced employee training to prevent future incidents.#FlagshipBank #DataBreach #CustomerInformation #SecurityBreach #SocialEngineering #CreditMonitoring #FinancialSecurity #IdentityTheft #PrivacyProtection #EmployeeTraining
π Cybercrime Forum LeakBase Shut Down in International Operation
#Cybercrime #LeakBase #FBI #Europol #InternationalOperation #Cybersecurity #UserDataSeizure #CryptocurrencyThreats #SocialEngineering #LeakedCredentials #Arrests #NS3AI
An international operation spearheaded by the FBI and Europol has successfully dismantled the cybercrime forum LeakBase, which boasted over 142,000 members. According to NS3.AI, authorities from 14 countries collaborated to seize user data, issue prevention notices, and execute search warrants and arrests across various jurisdictions. This crackdown is part of a broader effort to address the increasing threats posed by leaked credentials and social engineering tactics targeting cryptocurrency users.#Cybercrime #LeakBase #FBI #Europol #InternationalOperation #Cybersecurity #UserDataSeizure #CryptocurrencyThreats #SocialEngineering #LeakedCredentials #Arrests #NS3AI
π Security Alert Issued for Mac Users Targeted by Infiniti Stealer
#MacSecurity #InfinitiStealer #MalwareAlert #CryptocurrencySecurity #MacOSThreat #PythonMalware #CyberSecurity #SocialEngineering #KeychainTheft #WalletSecurity #MalwarePrevention #GoPlusAlert
GoPlus has issued a security warning regarding the malicious program Infiniti Stealer, which is targeting the cryptocurrency wallets of Mac users. According to Foresight News, the program employs social engineering tactics known as 'ClickFix,' using fake Cloudflare CAPTCHA pages to trick users into executing malicious commands on their terminals.
Once the commands are executed, the attack chain removes macOS's quarantine attributes and runs the payload in the background. The final payload is a Python stealer program compiled into a native binary file using Nuitka, designed to evade detection effectively. Infiniti Stealer is capable of accessing browser credentials, macOS Keychain, cryptocurrency wallets, and developer keys, such as .env files, and includes sandbox detection and delayed execution features.
GoPlus advises users to adhere to the principles of 'do not click, do not install, do not sign, do not transfer,' and to check for persistent files in the /tmp and ~/Library/LaunchAgents/ paths, as well as promptly reset credentials.#MacSecurity #InfinitiStealer #MalwareAlert #CryptocurrencySecurity #MacOSThreat #PythonMalware #CyberSecurity #SocialEngineering #KeychainTheft #WalletSecurity #MalwarePrevention #GoPlusAlert
π Drift Protocol Suffers Unauthorized Access in Complex Attack
#DriftProtocol #UnauthorizedAccess #SecurityBreach #ComplexAttack #DurableNonce #TransactionApproval #SocialEngineering #CryptoSecurity #DeFi #BlockchainSecurity #ProtocolFreeze #MultisigUpdate #CryptoTheft #DeFiAttack
Drift Protocol has reported an unauthorized access incident involving a sophisticated attack using a durable nonce, according to ChainCatcher. The attacker gained control over the Drift Security Council's management by exploiting pre-signed transactions with durable nonce accounts to delay execution. The investigation indicates that the incident was not due to vulnerabilities in Drift's program or smart contracts, and there is no evidence of mnemonic phrase theft. The attacker obtained access through unauthorized or forged transaction approvals, potentially involving social engineering.
As a result, approximately $280 million was extracted from the protocol, affecting all lending, vault deposits, and trading funds. However, DSOL assets not deposited in Drift, including those staked to Drift validators, and insurance fund assets remain unaffected and are being protected. As a precautionary measure, all remaining protocol functions have been frozen, and the multisig has been updated to remove compromised wallets.#DriftProtocol #UnauthorizedAccess #SecurityBreach #ComplexAttack #DurableNonce #TransactionApproval #SocialEngineering #CryptoSecurity #DeFi #BlockchainSecurity #ProtocolFreeze #MultisigUpdate #CryptoTheft #DeFiAttack
π Solana Foundation Chair Addresses Impact of Drift Incident
#Solana #DriftIncident #LilyLiu #BlockchainSecurity #SmartContract #EcosystemImpact #SocialEngineering #OperationalSecurity #SolanaFoundation #CyberSecurity #CryptoNews #TechUpdates #SOL
On April 2, Solana Foundation Chair Lily Liu commented on the significant impact of the Drift incident on the ecosystem. According to BlockBeats, Liu stated that the Drift team is working tirelessly to investigate and manage the situation, with the foundation providing support. She emphasized that the smart contract itself has proven resilient, noting that the real target of the attack was individuals, focusing on social engineering and operational security vulnerabilities rather than exploiting code.
Liu highlighted Solana's history of overcoming challenges through rapid iteration, improved development, mutual support, and enhanced security measures. She urged vigilance, advising users to review their security settings and continue building. Updates will be provided as new developments occur.#Solana #DriftIncident #LilyLiu #BlockchainSecurity #SmartContract #EcosystemImpact #SocialEngineering #OperationalSecurity #SolanaFoundation #CyberSecurity #CryptoNews #TechUpdates #SOL
π Cybercriminals Exploit Cloud-Based Android Phones to Evade Bank Security
#cybercriminals #cloudbasedphones #android #banksecurity #fraud #socialengineering #malware #cybersecurity #NS3AI #malwarebytes
Cybercriminals are increasingly using rented cloud-based Android phones, which cost between $0.10 and $0.50 per hour, to circumvent bank anti-fraud measures and deplete customer accounts. According to NS3.AI, these attacks continue to depend heavily on social engineering tactics. Malwarebytes researcher Pieter Arntz highlighted that these methods often involve soliciting one-time passwords, login approvals, or transfers to so-called 'safe accounts.'#cybercriminals #cloudbasedphones #android #banksecurity #fraud #socialengineering #malware #cybersecurity #NS3AI #malwarebytes
π Drift Faces $285 Million Exploit Due to Social Engineering Tactics
#Drift #exploit #socialengineering #NorthKorea #DeFi #Solana #CarbonVoteToken #TRMLabs #USDC #cybersecurity
Drift experienced a significant exploit amounting to $285 million, attributed to suspected North Korean operatives employing in-person social engineering against its contributors. According to NS3.AI, the group targeted contributors at several major industry conferences over a six-month period leading up to the exploit. TRM Labs identified this incident as the largest DeFi hack of 2026 to date and the second-largest exploit in Solana's history. The attacker reportedly utilized CarbonVote Token to secure collateral acceptance, increase withdrawal limits, and extract assets, including USDC.#Drift #exploit #socialengineering #NorthKorea #DeFi #Solana #CarbonVoteToken #TRMLabs #USDC #cybersecurity