CyberSecurity

Tasmania is facing a serious warning about the growing wave of scams linked to cryptocurrency ATMs. Police have found that all 15 of the most frequent users of these machines have fallen victim to fraud — without a single exception.

💸 Losses Exceed $2.5 Million
Investigators revealed that these 15 individuals lost more than AUD 2.5 million in total, with around AUD 900,000 deposited directly through crypto ATMs. Police identified no legitimate use of these machines among the state’s biggest users.
Since 2021, the number of crypto ATMs in Tasmania has surged from one to twenty. This rapid expansion brought not only convenience but also opened the door to criminal abuse, with international scam networks now actively manipulating and intimidating their victims.

🎯 Scammer Tactics: From Romance to Fake Government Warnings
Scammers use a variety of schemes — romantic scams, fake investments, impersonations of government officials, and tech support scams. In some cases, victims were forced to deposit cash into crypto ATMs after banks blocked suspicious transfers.
“People are losing their savings, selling off assets, postponing retirement. These are tragic stories that have long-term effects on families and the broader Tasmanian economy,” warned Detective Sergeant Paul Turner.

🌏 Global Expansion Continues Despite Rising Risks
Globally, the number of crypto ATMs continues to grow — more than 1,000 new machines were installed in the first half of this year. The highest concentration is in the U.S., Australia, and Canada, where rapid growth is accompanied by tighter regulations.
Australia has recently introduced a $5,000 transaction limit for ATM deposits and withdrawals, stricter customer checks, and mandatory fraud warnings. Still, Australians have lost over $3 million to crypto ATM scams in 2025 alone — with nearly half of the victims aged over 51.

🚨 Warning Signs You Shouldn't Ignore
Police emphasize that anyone asked by a stranger to deposit cash should be extremely cautious. Promises of guaranteed returns, urgency, and pressure are all red flags. Seniors living alone are especially vulnerable — some romantic scams have led to losses exceeding $400,000.

#Cryptoscam , #CryptoFraud , #CyberSecurity , #ScamAlert , #CryptoNews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

The crypto world has long balanced on the edge between freedom and control. At the heart of this tension lie so-called coin mixers – technologies that deeply divide opinions. Some see them as a vital privacy tool, others as a threat enabling criminal activity. So what exactly are coin mixers – and why are they so controversial?

🔍 What Does a Coin Mixer Do?
A coin mixer is a service that allows users to obscure the origin and destination of their cryptocurrency transactions. A user sends crypto to a mixer, which blends their funds with those of others and then sends out an equivalent amount to a recipient address – effectively breaking the link between sender and receiver.
This functionality is highly valuable for those who need privacy – journalists, political activists, or business owners. In a world where blockchain transactions are permanently public, protecting financial privacy can be crucial.

⚖️ The Double-Edged Sword of Anonymity
But anonymity comes with risks. Cybercriminals and hackers use mixers to launder stolen crypto – as seen with North Korea’s Lazarus Group. That’s why U.S. authorities cracked down hard. For example, the Ethereum-based service Tornado Cash was blacklisted in 2022, sparking a legal battle over the limits of state power.
U.S. courts eventually ruled that immutable smart contracts are not "property" – and thus not subject to sanctions. Tornado Cash was delisted in 2025, but the broader debate rages on.

⛓️ Who Should Be Held Accountable?
Mixers like Tornado Cash, Samourai Wallet, Wasabi Wallet, and Bitcoin Fog all use different methods. Some are custodial, holding funds during the mixing process. Others rely purely on decentralized smart contracts. But all share the same goal – to break the traceability of blockchain transactions.
Privacy advocates argue that mixers are crucial in protecting users from abuse and surveillance. Regulators, on the other hand, see them as enabling criminal activities.
Tornado Cash alone has processed over $7 billion. Analysts estimate that around $1.5 billion was tied to illicit activity. But what about the rest? Are those users victims of surveillance – or unwitting participants in a larger conflict?

🛡️ A New Generation of Privacy
Some modern projects aim to bridge the gap between privacy and compliance. For instance, Railgun employs a "private proof of innocence" system that detects and blocks known hacker wallets. In 2024, it stopped an attempt by the notorious Inferno Drainer to launder 174 ETH.
This suggests that privacy doesn't have to mean lawlessness. With the right design, technology can safeguard personal freedom while also preventing abuse.

🔮 The Future of Mixers: Freedom Under Watch?
Legal battles over Tornado Cash, criminal charges against Samourai Wallet, and the shutdown of services like Wasabi show that governments are taking mixers seriously. Yet they also hint that there's still room for privacy-preserving tools – if done right.
Can privacy-focused crypto projects create legally compliant mixers? Will lawmakers accept tools that preserve anonymity while blocking bad actors?
One thing is certain – the debate is far from over. Coin mixers remain at the heart of the ongoing struggle between innovation, privacy, and state control.

#TornadoCash , #MoneyLaundering , #BlockchainTechnology , #CyberSecurity , #Regulation

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

🔹 For the first time in history, the U.S. Secret Service has publicly disclosed details of its global effort to fight cryptocurrency scams. According to their findings, the agency has seized nearly $400 million in digital assets over the past decade, mainly from sophisticated fraud rings using fake investment platforms.
🔹 At the center of these operations is the Global Investigative Operations Center, which tracks digital crime using advanced software, domain tracing, and patient analysis – without weapons or badges. Chief analyst Jamie Lam explained at a recent Bermuda meeting:

"They’ll send you a picture of a young investor, but behind it may be an old man in Russia."

How These Crypto Scams Work
The schemes are calculated: they start by offering victims small profits to build trust, only to disappear once larger sums are invested.
“People think they’re safe using Bitcoin, but that’s simply not true,” warned agent Smith during a training session for officials in Bermuda.
He pointed out that victims often see what appears to be a golden opportunity and don’t realize they’re falling into a trap.

Support from Coinbase and Tether – Seniors Lose Billions
Crypto scams have now become a major part of online crime. According to the FBI, $9.3 billion of the $16.6 billion in reported U.S. internet crimes in 2024 involved crypto. The most impacted group were seniors, who lost $2.8 billion – mostly through fake investment websites.
Fortunately, there have been successful recoveries. In one case, the Secret Service worked with Coinbase and Tether to recover $225 million in USDT, marking one of the largest fund recoveries in crypto history.

Strong Technology Requires Strong Investigations
Bermuda Governor Andrew Murdoch stated:

“Technology is a powerful engine of economic growth, but it’s also highly vulnerable to abuse. We need strong investigative tools to match the sophistication of digital criminals.”

#CryptoScams , #CryptoFraud , #CryptoCrime , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Brazil’s biggest banking breach ever just went down — over $180 million drained from top institutions like Bradesco and Credsystem using a flaw in C&M’s financial software. 🚨

Hackers hijacked bank accounts linked to BMP and instantly moved the funds out using Pix, Brazil’s instant payment system. From there, it was a crypto highway: USDT and BTC used to clean the stolen cash through local exchanges. 🧼💸

The Central Bank cut off access but didn’t report full losses. Insiders say it's already too late — the funds are gone. 🏴‍☠️

"If they don’t fix the core messaging system, this will happen again." — Rocelo Lopes, Smartpay CEO

Brazil’s banking system just got exposed on a massive scale.

#Bitcoin #CryptoNews #Brazil #HackAlert $BTC
$USDT $BNB
#Pix #Binance #CyberSecurity

За даними компанії Koi Security, у магазині додатків Mozilla Firefox виявлено понад 40 шкідливих розширень, які маскуються під популярні криптогаманці, такі як MetaMask, Coinbase, Trust Wallet, Phantom, Exodus та OKX. Ці фальшиві додатки, активні з квітня 2025 року, крадуть облікові дані гаманців, зокрема мнемонічні фрази та приватні ключі, передаючи їх на сервери зловмисників. Деякі розширення досі доступні для завантаження, що становить серйозну загрозу для користувачів. Про це повідомляється у звіті Koi Security від 3 липня 2025 року.
Зловмисники використовують клоновані відкриті коди легітимних гаманців, додаючи шкідливий код, який непомітно викрадає дані. Для підвищення довіри вони створюють сотні фальшивих п’ятизіркових відгуків, що вводить в оману користувачів. Koi Security виявила ознаки, що вказують на російськомовну групу хакерів, зокрема коментарі російською у коді та підозрілі метадані. Користувачам рекомендують встановлювати розширення лише з перевірених джерел і використовувати списки дозволених додатків.
Цей інцидент підкреслює зростання кіберзагроз у криптоіндустрії. Слідкуйте за новинами, щоб захистити свої активи! Підписуйтесь на #MiningUpdates

*#CryptoTheft #FirefoxAlert #MaliciousExtensions #CyberSecurity #MetaMask #Coinbase

🔹 Fake Zoom meeting invites and update links deceive Web3 teams

🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques

🔹 Attackers steal browser data, passwords, and Telegram chats

Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.

The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.

NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.

🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.

Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it

🔹 Creates hidden files and folders that look like legitimate macOS system components

🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic

🔹 Delays execution for 10 minutes to avoid early detection by security software

Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.

Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.

#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Typo in domain name leads to convincing phishing attack targeting US political circles

A Nigerian fraudster is accused of stealing $250,000 in cryptocurrency by impersonating a senior figure associated with Donald Trump's and J.D. Vance’s presidential inaugural committee, according to U.S. federal prosecutors.
The individual reportedly mimicked Steve Witkoff, co-chair of the Trump-Vance inaugural committee, and on December 24, 2024, sent a deceptive email from @t47lnaugural.com — subtly replacing the letter “i” in the real domain @t47inaugural.com with a lowercase “L”, which appears nearly identical in certain fonts.
Believing the email to be legitimate, the victim transferred 250,300 USDT.ETH, a dollar-pegged stablecoin on the Ethereum blockchain, to a crypto wallet controlled by the scammer just two days later. According to the U.S. Attorney’s Office for the District of Columbia, the FBI was able to trace the blockchain activity and recover $40,300 of the stolen funds, which are now subject to civil forfeiture.

AI, politics, and phishing: A new landscape for crypto fraud
Tether, the issuer of the USDT stablecoin, helped authorities freeze the stolen funds — part of a broader trend of cooperation in fighting crypto fraud. Last month, the company also supported a $225 million seizure related to a massive “pig butchering” investment scam involving multiple federal agencies.
Security experts say this scam represents a modern twist on an old tactic: phishing, updated for the crypto age. Criminals now exploit political figures and real-world events to build trust and urgency, making their scams more believable.
“This is pure opportunism — exploiting public trust, political sentiment, and the irreversible nature of crypto transactions,” said one crypto exchange CEO.
Experts warn that as AI and deepfake technologies improve, phishing schemes will become faster, more convincing, and scalable. Preventing these scams will require coordination among regulators, tech companies, financial institutions, and the crypto industry.
Another analyst noted that phishing remains the oldest trick in the book — still fooling victims across crypto, e-commerce, and online banking. Rather than hacking systems, scammers manipulate human emotion, triggering fear, greed, or FOMO.
While many blame cryptocurrencies themselves, security professionals point to traditional tools — like fake URLs and spoofed domains — that remain the backbone of most fraud. In legacy systems like VoIP and domain infrastructure, where KYC is weak, scammers continue to exploit these gaps just as they have for decades.

#Cryptoscam , #CyberSecurity , #PhishingAlert , #CryptoCrime , #CryptoNews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

🔹 Over 40 fake extensions impersonating popular crypto wallets discovered

🔹 Attack is ongoing — malicious wallets still active with fake five-star reviews

🔹 Extensions steal seed phrases and track users' IP addresses

Firefox Becomes the Latest Target of Crypto Scams
Security researchers from Koi have uncovered a large-scale campaign targeting Firefox users through fake wallet extensions. These malicious add-ons mimic legitimate crypto wallets but are designed to steal private keys and monitor user activity.
The attack is still active, with several fake wallets remaining available in the official Firefox Add-ons Store. Experts warn that new fake versions continue to appear, often disguised with artificially boosted five-star ratings.

Tricking Casual Users with Familiar Logos
Attackers are targeting casual crypto users who often search for wallets directly through the browser’s extension marketplace. Fake extensions replicate the look and branding of popular wallets and deceive users into entering seed phrases and credentials.
“The attack is simple but highly effective — it preys on users who want quick access to crypto without verifying the source,” warns the SlowMist team.

Top Wallets Faked in the Campaign
Koi identified fake versions of major crypto wallets including:

🔹 MetaMask, Trust Wallet, Coinbase, Phantom, Exodus

🔹 OKX, Keplr, MyMonero, Bitget, Ethereum Wallet, Leap, and more
Over 40 malicious extensions were found, with new ones emerging regularly. Some remain active through unofficial links, and the campaign reportedly began around April 2025.
These extensions send stolen seed phrases and users’ IP addresses to attacker-controlled servers for further use and targeting.

Open-Source Code Reused for Malicious Purposes
Attackers cloned open-source code from legitimate wallets (e.g., MetaMask) and added malicious lines to harvest user data. They mimicked the original UI, logos, and behavior, making the extensions hard to distinguish from the real ones.
While previous scams focused on specific wallets, this campaign targeted multi-asset wallets widely used in DeFi, trading, NFTs, and on-chain tasks.

Russian Origin Suspected
Code analysis revealed Russian language comments, and metadata from one command-and-control server further indicated a Russian threat actor.

How to Stay Safe: Expert Recommendations
🔹 Avoid searching for wallets directly in extension marketplaces

🔹 Only install from official websites or verified sources

🔹 Do not trust five-star reviews — they may be fake

🔹 Use allowlist filters where possible to control installed extensions

Conclusion: Star Ratings Aren’t a Guarantee of Safety
This campaign highlights how attackers can exploit user trust and extension platforms’ verification systems. With fake reviews, authentic-looking design, and legitimate-sounding names, users are more vulnerable than ever.
If you use crypto wallets in Firefox, double-check your installed extensions now and remove anything not verified from an official source.

#CryptoSecurity , #CyberSecurity , #Cryptoscam , #CryptoNews , #CryptoCommunity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“