Tag: cryptocurrency theft

Attack reports, vulnerabilities, indicators and intrusion sets linked to cryptocurrency theft.

Attack reports (32)

• 140+ npm Packages Compromised in Coordinated Supply Chain Attack · Published 17/06/2026 15:38 · Modified 17/06/2026 20:24
• Bluekit Phishing as a Service (PhaaS) · Published 17/06/2026 01:44 · Modified 17/06/2026 08:20
• Android Banker with Complete Device Takeover Capabilities · Published 16/06/2026 16:27 · Modified 16/06/2026 17:19
• Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency · Published 08/06/2026 10:05 · Modified 09/06/2026 09:00
• Copycat hits another npm package · Published 19/05/2026 00:26 · Modified 19/05/2026 17:59
• macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain · Published 18/05/2026 19:52 · Modified 18/05/2026 18:26
• Needle: Inside a Modular Crypto-Stealing C2 That Left Its Keys in the … · Published 11/05/2026 08:50 · Modified 11/05/2026 09:56
• “Say My Name”: How MioLab is building MacOS Stealer Empire · Published 30/04/2026 14:20 · Modified 04/05/2026 11:29
• AMOS Stealer delivered via Cursor AI agent session · Published 25/04/2026 06:37 · Modified 27/04/2026 14:58
• TwizAdmin -- Multi-Stage Crypto Clipper, Infostealer & Ransomware Operation · Published 22/04/2026 12:41 · Modified 22/04/2026 15:32
• From fake Proton VPN sites to gaming mods, this Windows infostealer is … · Published 15/04/2026 18:13 · Modified 20/04/2026 11:22
• Dissecting macOS intrusion from lure to compromise · Published 17/04/2026 08:37 · Modified 17/04/2026 10:47
• Direct-Sys Loader and CGrabber Stealer Five-Stage Malware Chain · Published 17/04/2026 09:21 · Modified 17/04/2026 10:45
• A new Mac stealer targeting $10K+ crypto wallets · Published 15/04/2026 16:59 · Modified 15/04/2026 15:58
• Polymarket Trader Funds at Risk: DPRK npm Package Steals Wallet Keys and … · Published 13/04/2026 17:11 · Modified 13/04/2026 16:23
• REFUNDEE: Inside a Shadow Panel Phishing-as-a-Service Operation · Published 13/04/2026 17:06 · Modified 13/04/2026 15:48
• Funnull Resurfaces: Exposing RingH23 Arsenal and MacCMS Supply Chain Attacks · Published 02/03/2026 17:39 · Modified 03/03/2026 17:15
• Anatomy of a Russian Crypto Drainer Operation · Published 04/02/2026 15:24 · Modified 04/02/2026 21:20
• December 2025 Infostealer Trend Report · Published 16/01/2026 20:33 · Modified 19/01/2026 09:29
• HUMINT Operations Uncover Cryptojacking Campaign: Discord-Based Distribution of Clipboard Hijacking Malware Targeting … · Published 15/01/2026 17:16 · Modified 16/01/2026 13:42
• Investigation Report: Android/BankBot-YNRK Mobile Banking Trojan · Published 31/10/2025 09:30 · Modified 31/10/2025 10:51
• The Evolution of Chaos Ransomware: Faster, Smarter, and More Dangerous · Published 09/10/2025 03:41 · Modified 09/10/2025 14:31
• Kimsuky Attack Disguised as Sex Offender Notification Information · Published 24/09/2025 10:38 · Modified 24/09/2025 12:03
• How Lumma Stealer sneaks into organizations · Published 21/04/2025 17:31 · Modified 21/04/2025 22:51
• The Wagmi Manual: Copy, Paste, and Profit · Published 08/04/2025 10:29 · Modified 08/04/2025 11:50