Cryptocurrency Blog 2025- 2026 2025 2024 2023 2022 2021 2020 2019 2018
AI blog APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
| 25.12.25 | GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS | Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). | Cryptocurrency blog | AWS Security Blog |
| 20.9.25 | Ethereum smart contracts used to push malicious code on npm | RL discovered how the crypto contracts were abused — and how this incident is tied to a larger campaign to promote malicious packages on top repositories. | Cryptocurrency blog | REVERSINGLABS |
| 17.8.25 | Android Cryptojacker Disguised as Banking App Exploits Device Lock State | The global craze around cryptocurrency has fueled both innovation and exploitation. While many legally chase digital gold, cybercriminals hijack devices to mine it covertly. Recently, we encountered a phishing website impersonating a well-known bank, hosting a fake Android app.... | Cryptocurrency blog | Seqrite |
| 16.8.25 | Sealed Chain of Deception: Actors leveraging Node.JS to Launch JSCeal | Check Point Research (CPR) is closely tracking the malicious execution of compiled Javascript files, which led to the discovery of JSCEAL, a campaign targeting crypto app users. | Cryptocurrency blog | Checkpoint |
| 26.7.25 | Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload | Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404 (based on the observed payload name, associated domain, and use of fake error pages). | Cryptocurrency blog | Wiz.io/blog |
| 26.7.25 | Beyond Mimo’lette: Tracking Mimo's Expansion to Magento CMS and Docker | Through investigations into a string of workload compromises involving ecommerce sites, the Datadog Security Research team discovered that the Mimo threat actor (also known as Mimo'lette), previously known for targeting the Craft content management system (CMS), has evolved its tactics to compromise the Magento ecommerce CMS platform through exploitation of an undetermined PFP-FPM vulnerability. | Cryptocurrency blog | Securitylabs.datadoghq |
| 19.7.25 | Android Cryptojacker Disguised as Banking App Exploits Device Lock State | The global craze around cryptocurrency has fueled both innovation and exploitation. While many legally chase digital gold, cybercriminals hijack devices to mine it covertly. Recently, we encountered a phishing website impersonating a well-known bank, hosting a fake Android app.... | Cryptocurrency blog | Seqrite |
| 12.7.25 | Crypto Wallets Continue to be Drained in Elaborate Social Media Scam | Darktrace’s latest research reveals that an evolving social engineering campaign continues to target cryptocurrency users through fake startup companies. | Cryptocurrency blog | DARKTRACE |
| 12.7.25 | Malicious pull request infects VS Code extension | ETHcode, a VS Code extension for Ethereum smart contract development, was compromised following a GitHub pull request. | Cryptocurrency blog | REVERSINGLABS |
| 4.7.25 | FoxyWallet: 40+ Malicious Firefox Extensions Exposed | A large-scale malicious campaign has been uncovered involving dozens of fake Firefox extensions designed to steal cryptocurrency wallet credentials. | Cryptocurrency blog | KOI SECURITY |
| 21.6.25 | DOJ Seizes $225M in Crypto Tied to Fraud and Money Laundering | The U.S. Department of Justice (DOJ) filed a civil forfeiture complaint to seize over $225.3 million in cryptocurrency. The funds are allegedly tied to a sprawling cryptocurrency investment fraud and money laundering operation that targeted hundreds of victims through blockchain-based schemes. | Cryptocurrency blog | Cyble |
| 7.6.25 | Over 20 Crypto Phishing Applications Found on the Play Store Stealing Mnemonic Phrases | CRIL discovers over 20 malicious apps targeting crypto wallet users with phishing tactics and Play Store distribution under compromised developer accounts. | Cryptocurrency blog | Cyble |
| 25.4.25 | Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie | Silent Push Threat Analysts have uncovered three cryptocurrency companies that are actually fronts for the North Korean advanced persistent threat (APT) group Contagious Interview: BlockNovas LLC, Angeloper Agency, and SoftGlide LLC. | Cryptocurrency blog | Silent Push |
| 19.4.25 | SCAMONOMICS THE DARK SIDE OF STOCK & CRYPTO INVESTMENTS IN INDIA | EXECUTIVE SUMMARY At CYFIRMA, we are committed to offering up-to-date insights into prevalent threats and tactics employed by malicious actors targeting both organizations | Cryptocurrency blog | Cyfirma |
| 19.4.25 | Cybersecurity Stop of the Month: Bitcoin Scam—How Cybercriminals Lure Victims with Free Crypto to Steal Credentials and Funds | In recent years, cryptocurrency has grown from a niche interest into a mainstream financial ecosystem. This evolution, however, hasn’t been without drawbacks. Namely, it has attracted cybercriminals who use the allure of digital wealth to perpetrate sophisticated fraud schemes. In 2023, illicit crypto addresses received at least $46.1 billion, up from $24.2 billion. This underscores how rapidly crypto-related crimes are spreading. | Cryptocurrency blog | PROOFPOINT |
|
22.3.25 |
GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the | Updated March 20: The recent compromise of the GitHub action tj-actions/changed-files and additional actions within the reviewdog organization has captured the attention of the GitHub community, marking another major software supply chain attack. Our team conducted an in-depth investigation into this incident and uncovered many more details about how the attack occurred and its timeline. | Cryptocurrency blog | Palo Alto |
|
15.3.25 |
Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims |
Unit 42 researchers discovered a campaign distributing thousands of fraudulent cryptocurrency investment platforms via websites and mobile applications. |
||
|
22.2.25 | Russian Threat Group CryptoBytes is Still Active in the Wild with UxCryptor | The SonicWall Capture Labs threat research team has recently been analyzing malware from the CryptoBytes hacker group. UxCryptor is a ransomware strain associated with the CryptoBytes group, a financially motivated Russian cybercriminal organization. It has been active since at least 2023. The group is known for leveraging leaked ransomware builders to create and distribute their malware. | Cryptocurrency blog | |
|
22.2.25 |
Crypto is soaring, but so are threats: Here’s how to keep your wallet safe |
|||
|
11.1.25 | Crypto is soaring, but so are threats: Here’s how to keep your wallet safe | As detections of cryptostealers surge across Windows, Android and macOS, it's time for a refresher on how to keep your bitcoin or other crypto safe | Cryptocurrency blog |