hackers

El Exchange de criptomonedas Nobitex, con sede en Irán, ha sido hackeado, perdiendo más de $ 80 millones de dólares en activos digitales, esto según publicó en sus redes el investigador ZachXBT. Pero aquí no queda la cosa, y es que este ataque pasaría desapercibido si no fuera porque los hackers que perpetraron este hecho son "proisrael", mandando un fuerte mensaje mientras se expande la guerra en el medio oriente ¿Cómo sucedió este ataque y quiénes son estos hackers? Exploremos.

A tempranas horas del 18 de junio, el investigador en cadena ZachXBT publicó en su canal oficial de telegram. que el exchange de #Criptomonedas iraní “nobitex” había sido víctima de #hackers , quienes sustrajeron fondos por un valor total de $ 81.7 millones de dólares.

Según el investigador, de alguna manera el grupo de hackers logró tener acceso a las billeteras calientes del Exchange de criptomonedas y pudieron retirar varios activos digitales a través de la red de tron y blockchains compatibles con la #Ethereum virtual Machine (EVM).

Una vez que el Exchange detectó estos movimientos no autorizados, procedieron a suspender todo uso de esas billeteras.
Lo interesante y que llama la atención en la comunidad es que estos hackers usaron “direcciones vanity” para poder retirar los activos digitales. Para conocimiento general, una "dirección vanity" es una secuencia de caracteres específicas definidas por el usuario. En pocas palabras, es una dirección donde tú puedes ponerle las palabras que quieras.

Y como se observa, no perdieron la oportunidad para llamar la atención y enviar fuertes mensajes a través de este hecho.

Lo que hace más interesante, es que al parecer estas direcciones serían direcciones de quema, es decir, direcciones las cuáles el grupo de hackers no tiene acceso alguno (no tienen las llaves privadas), por lo que en verdad esos $ 81.7 millones de dólares estarían técnicamente “quemados”.

Los autores detrás de estos hechos se autodenominan “Gonjeshkedarande”, quienes son un grupo de hackers pro israelí.

Luego de estos hechos, el grupo de hackers envió un mensaje a través de sus redes, haciendo fuertes acusaciones al Exchange Nobitex y su cercanía a grupos armados. Además, insta a sus usuarios a reirar todos sus fondos cuanto antes porque publicaría archivos internos del Exchange.

Mientras tanto, Nobitex menciona que todos los fondos de los usuarios están seguros en su billetera fría, y que los daños serían compensados a cada usuario afectado.

👉Mas actualizaciones cripto ...
Comparte y sigueme para más 👈😎
$ETH

I'm 💯 sure you didn't read any post or article like my article, it will blow your mind.
Ok let's start discussing
So, imagine waking up one day, logging into your wallet, and BAM 💥—your ETH is gone! Just like that! Vanished into the abyss! 😭 Well, after experiencing this nightmare (hypothetically... hopefully), I decided it's time to talk about Bybit Wallet Security and how hackers steal ETH! 🕵️‍♂️

👾 How Hackers Steal Your ETH?

Hackers don’t just wave a magic wand and steal your crypto (I wish it was that simple 😅). Instead, they use tricks like:

🔹 Phishing Attacks – Fake websites that look EXACTLY like Bybit, waiting for you to enter your details. 🤦‍♂️
🔹 Malware & Keyloggers – That "free airdrop" you clicked on? Yeah, that just gave someone access to your private keys. 🤷‍♂️
🔹 Smart Contract Exploits – Ever heard of those "too-good-to-be-true" DeFi projects? Well, hackers use dodgy contracts to drain your funds. 🚀💀
🔹 SIM Swapping & Social Engineering – If your 2FA is linked to your phone number, hackers might just "convince" your mobile provider to hand over your SIM. 🧐

💀 So… Can Hackers Even Use Stolen ETH?

Short answer: NO! ❌

Once ETH is stolen, it’s tracked on every exchange like a wanted criminal! 🚔 Most exchanges, including Bybit, Binance, OKX, and others, mark stolen ETH as “tainted”—making it IMPOSSIBLE to cash out. Every transaction gets flagged like 🚨 "SPAM ALERT!" 🚨

But wait… there’s a catch! 😨

🐍 The BTC Loophole

Hackers can use mixers like Tornado Cash (until regulators shut it down) or simply convert ETH into BTC! Why? Because Bitcoin’s blockchain doesn’t have a built-in "spam" or "blacklist" system. So, if they swap ETH → BTC, they might just get away with it. 😱
(Don't tell that f**** trick to hacker's 😁
✅ How to Secure Your Wallet?

Alright, enough scary talk—let's make sure YOU don’t end up like me (hypothetically, of course 😜):

🔹 Enable 2FA! Don’t be lazy. Google Authenticator > SMS (Always!) 🔑
🔹 Use a Hardware Wallet (Ledger/Trezor) to store large amounts. 🏦
🔹 NEVER click random links! Even if it’s from "Bybit Support" (Spoiler: It’s NOT). 🚫
🔹 Check Contract Approvals – Use tools like revoke.cash to remove unnecessary permissions. 🧐
🔹 Stay Updated! Follow Bybit’s official security alerts and crypto security news. 📰

Final Words: Don’t Learn the Hard Way! 😅

If I had secured my Bybit wallet better, maybe I wouldn’t be writing this post with tears in my eyes. 😭😂 So, be smart, stay safe, and don’t let hackers enjoy your hard-earned crypto! 🚀🔒

#Bybit #CryptoSecurity #Ethereum #Hackers #StaySafe

The Health Sector #cybersecurity Coordination Center (HC3) in the United States has announced that at least one healthcare institution in the U.S. has been hit by the Trinity ransomware, a new threat targeting critical infrastructure.
The Threat of Trinity Ransomware and How It Works
A U.S. government agency issued a warning regarding the Trinity ransomware, which targets victims and extorts them for #CryptocurrencyPayments in exchange for not leaking sensitive data. This ransomware uses various attack methods, including phishing emails, malicious websites, and exploiting software vulnerabilities.
Once it infiltrates a system, the ransomware scans the victim's computer, collects sensitive information, and encrypts files using advanced encryption algorithms, rendering them unreadable. #hackers then leave a message in the computer informing the victim that their data has been encrypted and demanding a ransom in exchange for a decryption key.
Hackers’ Demands: 24-Hour Deadline for Payment
In the ransom note, victims are warned that they have only 24 hours to pay the ransom in cryptocurrency, or their data will be leaked or sold. HC3 noted that there are currently no available decryption tools for Trinity ransomware, leaving victims with few options for recovery.
"Victims have 24 hours to contact the cybercriminals, and if they fail to do so, the stolen data will be leaked or sold," HC3 reported. The ransomware primarily targets critical infrastructure, including healthcare providers.
Attacks on Healthcare Institutions
The Trinity ransomware has already affected seven organizations, with healthcare facilities being one of its primary targets. HC3 reported that at least one healthcare entity in the U.S. was recently impacted by this ransomware, raising concerns about cybersecurity in the healthcare sector.
Crypto Ransom Payments Reached $1 Billion in 2023
According to the Chainalysis 2024 #cryptocrime Report, ransomware attackers received approximately $1.1 billion in cryptocurrency payments in 2023. These ransoms were paid by high-profile institutions and critical infrastructure, with attacks ranging from small criminal groups to large syndicates.
The report also revealed that 538 new ransomware variants were created in 2023, with major corporations like BBC and British Airways being among the primary targets of these attacks.
#cyberattacks

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

 

On August 21, 2024,b# McDonald's faced a significant security breach when a hacker hijacked the company's official Instagram account to promote a fraudulent cryptocurrency. The hacker leveraged the global reach and credibility of McDonald's to promote a fake Solana-based meme coin called “GRIMACE.” This event quickly drew widespread attention as it demonstrated the increasing frequency and sophistication of cyber-attacks targeting major corporations' social media accounts.
The hacker's campaign was both audacious and cunning. By exploiting the McDonald's brand, they aimed to deceive unsuspecting followers into believing that the fast-food giant was endorsing the new cryptocurrency. The posts on McDonald's Instagram account featured flashy graphics and promises of high returns, a common tactic used in crypto scams. The use of "GRIMACE" as the meme coin's name was a direct reference to one of McDonald's iconic mascots, further adding a layer of deception to the campaign.#
The fraudulent promotion was designed to lure followers into purchasing the fake coin, likely through links provided in the hacked posts. Once followers clicked on these links, they were probably directed to a phishing site designed to collect personal information or facilitate fraudulent transactions. The hacker’s strategy relied on the trust that McDonald's followers had in the brand, making the scam more convincing and potentially more damaging.McDonald's quickly responded to the breach, issuing a statement that their Instagram account had been compromised and that the posts promoting "GRIMACE" were fraudulent. The company urged followers not to engage with the content or click on any links. They also worked with Instagram to regain control of the account and remove the malicious posts.This incident underscores the vulnerability of even the largest and most established brands to cyber-attacks. It also highlights the growing trend of cybercriminals targeting social media platforms to execute their schemes, particularly in the rapidly evolving world of cryptocurrency. As businesses continue to expand their digital presence, ensuring robust cybersecurity measures will be crucial to protecting their brand integrity and safeguarding their customers from similar attacks.#hackers #BinanceCreatorAwards

Crypto hackers have stolen $4+ billion in the last 2 years.
If you are not careful, you'll be next.
This article shares 8 security practices that everyone should be using.
If you already have multisig, virtual machines, 3 identities, your own email servers, a nuclear bunker and a lifetime supply of ramen.
Then you won’t need this guide,
For everyone else let's begin.

1. Crypto Storage
Hardware Wallets (Tier 1) - Ledger, NGRAVE, Trezor
Paper Wallet (Tier 2) - Easily lost and damaged. But costs only time.
Desktop wallet (Tier 3) - Only as safe as the system they are on. Not Ideal.

2. Emails
Old emails with weak passwords are a common point of entry for hackers.
If you’ve had it for a while and used it for multiple websites, chances are you want to get rid of it.

3. VPN
Most main providers are good enough (nord / express).
You can take your privacy even further and try something like Mullvad.

4. 2FA
2FA everything.
Cold 2fa Device (Tier 1) - Yubikey or Google Titan
Custom 2fa Device (Tier 2) - Cheaper option is to buy a cheap phone, download 2fa, swap it to flight mode forever.
Note: 2FA can be circumvented, it is not an absolute defence.\

5. Passwords
This is where we disproportionately limit the damage a successful hack can do to us. I’m going to share a multilevel system I’ve built for myself.
There are two tiers of data.
Level 1 Data
Level 2 Data

Level 1 Data
To determine if your data is level 1 ask yourself this.
"If a hacker had access to only this information, would they be able to attack me?"
For example, if a hacker gained access to your private keys, they could directly access your cryptocurrency.

Level 1 Data Rules
- Keep offline
- Never be stored on your laptop
- When entering these passwords, you will alternate between using your actual keyboard and an on-screen keyboard
- These passwords will be a minimum of 15 keys long and as complex as possible
- Have back ups

Level 2 Data
Any data which on its own cannot grant the hacker access to any of your funds or important data is considered level 2.
This means If a hacker were to gain access to a level 2 password, they would still be unable to actually access anything vulnerable.

Level 2 Data Rules
You can randomly generate by your password manager and should never be typed, always copy and paste from your manager without revealing the password in case you are being watched or key logged.

6. EXCHANGES
Don't trust any sketchy exchanges with your crypto.
-Deposit only what you need to buy/sell.
-Use reputable exchanges like Binance.
- Use 2FA
-Set a global lock that requires a minimum wait time before settings are changed
-Whitelist your addresses and set a lock on adding new addresses
-Use leverage to reduce counterparty risk

7. Advanced: Separate computers
Separate computers are an expensive option so decide if it’s worth the investment relative to the value of your online security and assets.
-High Security Computer
-Low Security Computer

High Security Computer
Used only for handling crypto, banking, trading and other sensitive activities.
Your high security device is never to deviate from essential websites or click on any links.
All it takes is one mistake to compromise your security.

Low Security Computer
For all other activities, you can use your low security device.
There should never be crossover between these two devices.

8. PROTECT OTHERS
Someone you care about getting attacked can be leveraged against you.
Share this with others and make sure they are as protected as you.

#hackers #BitEagleNews

A U.S. appeals court has revived investor Michael Terpin’s lawsuit against telecommunications company #AT&T concerning the theft of $24 million in cryptocurrency following a SIM swap hack. This decision allows Terpin to continue his legal claims under the Federal Communications Act (#FCA ).
Key Claims Reconsidered
A Ninth Circuit Court of Appeals panel reinstated a key claim in the case, in which Terpin alleges that AT&T allowed hackers to take over his phone account, leading to the loss of his #Cryptocurency portfolio. This ruling reinstates part of the lawsuit that had been previously dismissed and allows Terpin to continue his claims based on federal laws protecting telecommunications data.
Fraud and Negligence by AT&T
The court ruled that Terpin presented enough evidence to show that AT&T's failure to protect his account resulted in hackers gaining access to his phone number through a fraudulent SIM swap. They then used this number to access his personal data and change his passwords, ultimately stealing $24 million worth of cryptocurrency.
The 2018 SIM Swap Hack
The hack occurred in January 2018, when a group of #hackers , led by 15-year-old Ellis Pinsky, allegedly paid AT&T employees to transfer Terpin’s phone number to a SIM card under their control. Despite new security measures implemented after a previous breach, the hackers found a way to bypass the protection. Once they gained access to his phone number, they changed his passwords and stole the cryptocurrency.
Legal Battles with Hackers
Pinsky returned his portion of the stolen funds, but another hacker, Nicholas Truglia, was ordered by a Los Angeles court to pay Terpin $75.8 million in damages. This case highlighted the vulnerability of cryptocurrency accounts during SIM swap attacks.
AT&T and Hacking Incidents
Around the same time, AT&T faced another issue with hackers allegedly stealing customer information, such as call logs and text messages. AT&T reportedly paid $400,000 in bitcoin to hackers to remove the stolen data, although the company officially neither confirmed nor denied the payment.
What’s Next?
The reinstatement of Terpin’s claim allows the lawsuit to proceed, with Terpin seeking $24 million in damages, plus interest and legal fees. His legal team believes this verdict may pave the way for other consumers to sue telecommunications companies for insufficient protection during SIM swaps.
AT&T has apologized to Terpin but noted that most of the allegations against the company were dismissed, and they remain confident in defending the remaining claims. This case has attracted attention from blockchain experts, as the number of #HackingIncidents related to cryptocurrency continues to rise.

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“