hackeralert

On June 23, 2025, Cointelegraph’s website was targeted by a front‑end attack that injected a fake “airdrop” pop‑up designed to steal users’ wallets. The alert spread quickly on social media when investors noticed the message didn’t match any official campaign. The incident drew attention because it compromised one of the world’s largest crypto news portals, increasing the perceived credibility of the scam and the risk of users falling for it.

So far, there is no official confirmation of the amount stolen, but experts estimate that some unsuspecting users may have interacted with the pop‑up and connected their wallets, potentially resulting in immediate token losses. Cybersecurity professionals stated that the attack likely exploited a vulnerability in external scripts or integrated ads—a common method in front‑end supply‑chain attacks. Market analysts added that although the direct financial impact remains uncertain, incidents like this increase overall distrust and can damage the reputation of platforms in the crypto sector.

For investors, the case reinforces the need for extreme caution, even when browsing trusted websites. Essential tips include: never trusting unexpected pop‑ups offering rewards, checking URLs carefully, being skeptical of any request to connect your wallet instantly, and using extensions that block suspicious scripts. Experts also recommend separating wallets—one for browsing and another for holding larger amounts—reducing the risk of serious losses in surprise attacks.
#HackerAlert #news #MarketSentimentToday #TrendingTopic #BTC
$PENDLE
$ASTER
$HYPE

Date: December 26, 2025
Topic: Cybersecurity / Wallet Safety
The holiday quiet was shattered yesterday when reports confirmed a critical security breach targeting Trust Wallet users. In a stark reminder of the risks inherent to Web3, a specific vulnerability in the browser extension has led to over $6 million in estimated losses.
The Incident: What We Know
The attack vector was precise. Hackers identified an exploit in the Trust Wallet Browser Extension (Version 2.68).
The Flaw: Malicious code injected into this specific version allowed attackers to siphon funds the moment users unlocked their extension or signed a transaction.
The Scope: The breach was limited to the browser extension; mobile app users appear unaffected.
The Solution: Trust Wallet has urgently released Version 2.69. If you are using the extension, you must update immediately and consider revoking permissions for any recent interactions.
The Bigger Picture: Self-Custody vs. Exchange Security
This incident forces us to revisit the most critical debate in crypto: Is your money safer in your own hands, or in the vault of a major exchange like Binance?
While the mantra "Not your keys, not your crypto" is popular, yesterday’s events highlight that self-custody comes with a heavy burden: You are your own bank security guard.
1. The Trust Wallet Model (Self-Custody)
When you use a non-custodial wallet like Trust Wallet, you have absolute freedom. No one can freeze your account, and no one can block your transactions. However, this freedom comes with zero safety nets.
The Risk: You are vulnerable to "local" attacks—malware on your computer, phishing links, or supply-chain hacks like the v2.68 extension exploit.
The Consequence: If a hacker drains your wallet, the funds are gone. There is no customer support to reverse the transaction, and no insurance fund to reimburse you.
2. The Binance Model (Exchange Custody)
Holding funds on a Tier-1 exchange like Binance flips the script. You give up direct control of the private keys in exchange for institutional-grade defense.
The Defense: Binance employs AI-driven risk engines that monitor for suspicious withdrawals 24/7. If a hacker tries to drain your account, the system often flags and blocks the transaction before it leaves the platform.
The Insurance: Unlike self-custody, major exchanges maintain protection funds (like Binance’s SAFU Fund). In the rare event of a platform-wide breach, there is a mechanism in place to make users whole.
The Trade-off: You face "counterparty risk"—you must trust the exchange’s solvency and operational integrity.
The Analyst Verdict: The Hybrid Solution 🛡️
The "Maximalist" view of using only one storage method is outdated. Yesterday’s hack proves that software wallets have vulnerabilities, just as exchanges do.
My recommendation for 2026:
For Trading: Keep your active liquidity on Binance. The friction of moving funds is lower, and you benefit from their active security monitoring (Whitelisting, 2FA, Risk AI).
For Hodling: If you demand self-custody, move your long-term stack to a Hardware Wallet (Cold Storage). Browser extensions are convenient, but they are "Hot Wallets"—always connected, always at risk.
Stay safe, update your extensions, and never store your life savings in a browser.
$ZKC
$ZBT
$0G
#USGDPUpdate
#Binance
#TrustWallet
#HackerAlert

📅 December 20 | Global Crypto Ecosystem
In the crypto world, it's not always sophisticated exploits or coding flaws that cause the biggest losses. Sometimes, a single misplaced click is enough. An experienced trader lost nearly $50 million in USDT after falling for one of the simplest and, paradoxically, most effective scams in the ecosystem: the address poisoning attack.

📖According to data from the on-chain analytics platform Lookonchain, the victim transferred 49,999,950 USDT to an address controlled by an attacker, after withdrawing the funds from Binance with the intention of sending them to their own wallet.
The process began seemingly safely. As usual, the trader first made a test transaction of 50 USDT to the destination address. However, an automated script created by the attacker detected the movement and immediately generated a fake address designed to look almost exactly like the legitimate address.
The fraudulent wallet address matched the first five and last four characters of the real address. The discrepancies lay in the middle of the alphanumeric string, a section that many wallet interfaces hide with ellipses, facilitating visual confusion.
Subsequently, the attacker sent small transactions from this fake address to the victim's wallet, "poisoning" the transaction history. When the trader returned minutes later and copied an address from their history to send the full amount, they inadvertently selected the malicious address.
Data from Etherscan shows that the test transaction occurred at 3:06 UTC, while the erroneous transfer of the full amount was executed just 26 minutes later, at 3:32 UTC.
The attacker acted with extreme speed. According to the security firm SlowMist, in less than 30 minutes the USDT was exchanged for DAI using MetaMask Swap, a strategic move since Tether can freeze USDT, but DAI lacks centralized controls.
The attacker then converted the funds to approximately 16,690 ETH and deposited 16,680 ETH into Tornado Cash, the cryptocurrency mixer, severely hindering on-chain tracing.
In a desperate attempt to recover the funds, the victim offered the attacker a $1 million "white hat" bounty in exchange for the return of 98% of the stolen assets. The victim also stated that they had filed a criminal complaint and were receiving support from law enforcement, cybersecurity agencies, and multiple blockchain protocols.

Topic Opinion:
Address poisoning doesn't exploit technical flaws, but rather everyday habits: copy and paste, trusting history, assuming "I already tried it." In an environment where transactions are irreversible, the automation of attacks is advancing faster than user education.
💬 Should wallets display full addresses by default?

Leave your comment...
#HackerAlert #USDT #Ethereum #TornadoCash #CryptoNews $ETH

After a strong breakout earlier in the year, SAPIEN has entered a digestion phase, currently trading near the $0.17 level. While the recent dip has caused some caution, technical analysts see this as a potential "buy the dip" opportunity.

​Support Levels: Traders are watching the $0.168 support closely. If this level holds through late December, a recovery toward $0.20 is expected by early 2026.
​Long-Term Sentiment: With a bullish EMA alignment and growing volume, the market tone remains cautiously optimistic for this social-finance (SoFi) asset.$SAPIEN

The FBI, in coordination with European partners, has taken down a large-scale cryptocurrency-based money laundering platform operated by a Russian national. The illegal service, E-Note, functioned as a digital laundromat for cybercriminals across the globe and reportedly processed over $70 million in proceeds from ransomware, account takeovers, and other crimes.

The Dark Side of Crypto Under the FBI’s Lens
According to the U.S. Attorney’s Office for the Eastern District of Michigan, E-Note was dismantled in a coordinated international operation. The FBI not only seized servers and mobile apps used in the operation but also took down domains like e-note.com, e-note.ws, and jabb.mn.
The platform allegedly allowed cybercriminals to:

🔹 Move stolen crypto across borders

🔹 Convert crypto into cash in multiple currencies

🔹 Use money mule networks to further obscure the trail
The U.S. Department of Justice said that E-Note was linked to groups that had attacked hospitals and critical infrastructure in the U.S., as well as broader ransomware campaigns worldwide.

Russian Operator Indicted – Faces 20 Years
The man behind the operation was identified as Mykhalio Petrovich Chudnovets, a 39-year-old Russian citizen. According to court documents, he started offering laundering services to cybercriminals in 2010, later using E-Note as the primary tool to clean digital proceeds.
“Chudnovets collaborated with financially motivated cybercriminals, transferring their illicit gains across borders and converting crypto into hard cash,” investigators said.
He is charged with conspiracy to launder monetary instruments and faces up to 20 years in prison under U.S. law.
His current whereabouts remain unknown, but tech outlet The Register suggests he is still at large.

International Action – More Crackdowns to Follow
Law enforcement from Germany and Finland also played a critical role in the operation. The bust follows a December Europol takedown of Cryptomixer, a crypto mixing service that reportedly processed over €1 billion in transactions tied to cybercrime and laundering over the past decade.
Even Russia has had trouble with crypto crime. Earlier this year, authorities raided crypto exchanges in Moscow’s financial center amid investigations into capital flight.
In late 2024, more crypto firms were raided, with dozens of suspects charged in cases involving anonymous payment systems like UAPS and Cryptex, which were laundering funds for criminal networks.
A Russian government advisor recently estimated that two-thirds of fraudulently obtained money in Russia is laundered via crypto.

#russia , #HackerAlert , #MoneyLaundering , #CyberSecurity , #CryptoNews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

The year 2025 marked a turning point in crypto hacking. While the total number of incidents dropped by 74%, North Korean state-sponsored hackers managed to steal over $2 billion, mainly in Ethereum (ETH) and Solana (SOL) – making this one of the most devastating years in crypto history.

Fewer Attacks, Bigger Hauls
Unlike in the past, where North Korea launched many smaller attacks, their strategy now focuses on massive, high-impact heists. The largest hit came in February, when Bybit, a major exchange, was breached for $1.5 billion – the largest crypto theft in history.
Additional attacks, such as the one on Upbit, show that even improved security across exchanges isn’t enough to stop these highly coordinated cyber threats.

How North Korea Hacks the Blockchain
According to Chainalysis, North Korea has radically changed its tactics. Instead of attacking from the outside, hackers infiltrate crypto companies as IT staff, gaining insider access to security systems and private keys.
Other attackers pose as recruiters from top crypto firms, conducting fake interviews where job seekers are tricked into downloading malicious software. These “technical tests” are used to harvest credentials and access company infrastructure.

59% of 2025’s Crypto Hacks? North Korea
Chainalysis data shows that North Korean hackers were responsible for 59% of all crypto stolen in 2025. Since 2016, they’ve looted a total of $6.75 billion in digital assets.
Attacks on personal wallets also remain widespread – with over 158,000 incidents targeting 80,000 victims. Though the total amount stolen from individuals dropped from $1.5 billion in 2024 to $713 million, the number of victims is rising.
This shift suggests that while crypto exchanges have improved their security, hackers are increasingly targeting individuals, who are perceived as easier prey.

Where Do the Billions Go?
Investigators have traced North Korea’s money laundering methods, which include:
🔹 Using Chinese intermediaries

🔹 Employing cross-chain bridges to move assets across blockchains

🔹 Following a 45-day laundering cycle after each major hack

#cryptohacks , #HackerAlert , #northkorea , #CyberSecurity , #CryptoNews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Tensions are rising again on the crypto scene. The U.S. Department of Justice (DOJ) has launched a new legal battle—this time against North Korean IT workers who allegedly infiltrated American companies using fake identities and obtained millions in cryptocurrencies. These funds were reportedly funneled back to North Korea to finance its weapons programs.
🔹 On Thursday, the DOJ announced it had filed a civil forfeiture complaint for $7.74 million in cryptocurrency. The funds have already been "frozen and seized" by U.S. authorities. The crypto assets are allegedly tied to Sim Hyon Sop, a representative of North Korea’s Foreign Trade Bank.

🎭 Fraudulent IT Workers and Digital Money Laundering
According to the DOJ, North Korea has long exploited the international remote IT workforce and cryptocurrency ecosystem to evade U.S. sanctions. The FBI investigation reportedly uncovered a large-scale operation where North Korean workers, using fake or stolen American identities, were hired by unsuspecting U.S. companies. Their salaries were often paid in stablecoins like USDC and USDT.
To disguise the origin of the funds and send them back to North Korea, the workers allegedly used tactics such as:
🔹 Fake accounts and identities

🔹 Microtransactions

🔹 Chain-hopping (switching between blockchains)

🔹 Hiding value in NFTs

🔹 Using U.S.-based accounts to appear legitimate

🔹 Crypto mixing services

💬 DOJ Claims vs. Geopolitical Reality
“North Korea has for years exploited global remote IT contract work and cryptocurrency to evade U.S. sanctions and fund its weapons programs,” stated Sue J. Bai, DOJ’s head of national security. U.S. Attorney Jeanine Ferris Pirro added:
“In other countries, crime may pay—but not here. We’ll stop your scheme, hit back, and seize everything you illegally earned.”
💥 Critics, however, point to a double standard. While the U.S. cracks down on so-called “enemies,” it has itself directed hundreds of millions in crypto to Ukraine in recent years—including for lethal weaponry. Billions in fiat have also been funneled to the Israeli military, while civilians in Gaza face displacement and destruction.

🧨 Ethics vs. Geopolitical Power
The case once again raises uncomfortable questions. Who has the “right” to use crypto, and for what purpose? Is legality determined by ethics—or by geopolitical allegiance? The DOJ concludes:
“This forfeiture follows two federal indictments against Sim, accusing him of conspiring (1) with North Korean IT workers to generate revenue through illegal employment in companies across the U.S. and abroad, and (2) with OTC crypto traders to use stolen funds to purchase goods for North Korea.”
This situation reveals a complex game of digital masks, economic sanctions, and geopolitical theater—where ethics often vanish in the shadow of state power.

#HackerAlert , #northkorea , #CryptoCrime , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Hackers from Lazarus Group Target Crypto Developers
The notorious North Korean hacking syndicate, Lazarus Group, has intensified its cyber warfare against the cryptocurrency sector, now setting its sights on developers.
According to the latest security investigation, Lazarus Group has infiltrated npm, one of the most widely used software package repositories for JavaScript developers. By leveraging typosquatting tactics (deliberately mimicking legitimate package names), they have uploaded malicious versions of popular npm packages.
These infected packages deploy a stealthy malware called BeaverTail, which can:

🔹 Steal developer login credentials.

🔹 Extract saved browser passwords.

🔹 Access sensitive wallet data, including Solana and Exodus wallets.
Security researchers discovered that all stolen data is transmitted to a hardcoded command-and-control (C2) server, a known Lazarus Group tactic for discreetly exfiltrating sensitive information.
According to Kirill Boychenko, a cybersecurity threat analyst, this method poses a severe risk to developers working on financial and blockchain applications.
Lazarus Group Behind the $1.46 Billion Bybit Hack
Beyond attacking the developer ecosystem, Lazarus Group has been linked to one of the largest crypto exchange hacks in history.
On February 21, 2025, hackers associated with the group successfully infiltrated Bybit, one of the world’s leading crypto exchanges, making off with an estimated $1.46 billion in digital assets.
How Did the Hackers Pull It Off?
🔹 They exploited a security flaw within Bybit’s infrastructure.

🔹 Manipulated Ethereum smart contract logic.

🔹 Redirected funds to their controlled wallets.

Bybit’s CEO, Ben Zhou, confirmed that despite immediate intervention, 20% of the stolen funds had already been laundered through mixing services, making them nearly impossible to trace.
North Korea Funds Its Nuclear Program with Stolen Crypto
A 2024 UN report revealed that North Korean cybercriminals were responsible for over 35% of all global crypto thefts in the past year, accumulating over $1 billion in stolen digital assets.
Lazarus Group is not just a cybercrime syndicate but also a geopolitical threat, as the stolen funds are reportedly being directly funneled into national military and defense programs.
Developers Are Under Attack – How to Stay Safe
With rising cyber threats, security experts are urging developers and crypto users to adopt stricter security measures to protect themselves from Lazarus Group’s attacks. Key recommendations include:

🔹 Verifying the authenticity of software packages before installation.

🔹 Using AI-powered tools like Socket AI Scanner to detect anomalies.

🔹 Enabling multi-factor authentication (MFA) for wallets, exchanges, and developer accounts.

🔹 Monitoring network activity and blocking suspicious traffic.

Bybit Launches Bounty for Stolen Funds Recovery
Following the Bybit hack, the exchange has introduced a Recovery Bounty Program, offering up to 10% of recovered funds as a reward for anyone who helps track the stolen assets.
The Cyber War on Crypto Is Just Beginning
As Lazarus Group continues evolving its attack methods, it is clear that the war between hackers and the crypto industry is far from over.
Developers, exchanges, and investors must remain vigilant, strengthening security defenses to prevent becoming the next victims of these sophisticated cyberattacks.

#CryptoSecurity , #HackerAlert , #BybitHack , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“