Cybersecurity

The TradingView community is facing a new wave of scams!

Cybercriminals are creating fake YouTube channels impersonating official TradingView accounts, luring users into downloading malicious software.

Rapidly Growing Threat of Fake Channels
Scammers are using stolen or hacked accounts with verified badges and thousands of subscribers to appear legitimate.

They offer fake “developer versions” or “cracked” paid apps of TradingView while secretly spreading dangerous malware files.
TradingView warned:
“Scammers create convincing YouTube channels that appear to be official TradingView accounts, often using stolen verified profiles.”

In reality, the downloaded files contain PowerShell scripts that, when executed, install a Remote Access Trojan (RAT).

This malware allows hackers to control the victim’s device, steal sensitive data like crypto wallet credentials, and drain financial accounts.

How to Stay Safe from These Scams
The impact has been devastating — many users lost access to their crypto wallets.
Scammers produce highly realistic content with deepfake personalities, fake positive comments, and copied TradingView videos.

🔹 Essential safety tips from TradingView:
Never download TradingView software from any third-party source — only from the official website.Never run any PowerShell or command-line scripts if requested.Avoid offers that sound "too good to be true" — like free access to premium features or fake giveaways.
TradingView Fights Back Against Scammers
TradingView is collaborating with YouTube and law enforcement agencies to identify and take down fraudulent channels.

If you become a victim, they recommend:
Immediately disconnect your device from the internet.Run a deep malware scan.Change all passwords, especially for crypto wallets and trading accounts.Notify your wallet provider and consider moving your funds to a secure hardware wallet.

#tradingview , #CyberSecurity , #CryptoSafety , #CryptoCommunity , #HackerAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

North Korean hacking groups have once again demonstrated how dangerously sophisticated they can be. This time, they’ve set their sights on crypto developers — posing as legitimate U.S.-based companies with one goal: to infect victims’ systems with malware.

🎭 Two Fake Companies. One Malicious Scheme.
Cybersecurity firm Silent Push has revealed that North Korean hackers created two LLCs — Blocknovas LLC in New Mexico and Softglide LLC in New York — pretending to be recruiters in the crypto industry. These companies sent “job offers” that contained malicious code. The notorious Lazarus Group, linked to North Korea’s intelligence services, is believed to be behind the operation.
A third entity, Angeloper Agency, showed the same digital fingerprint, though it wasn’t officially registered.

🧠 Malware That Steals Crypto Wallets
Once unsuspecting developers opened the infected files, the malware began harvesting login credentials, wallet keys, and other sensitive data. According to Silent Push’s report, multiple victims have already been identified — most linked to the Blocknovas domain, which was by far the most active.
The FBI has seized the domain and issued a warning that similar aliases may reappear soon.

💸 Covert Funding for North Korea’s Missile Program
According to U.S. officials, the ultimate goal of the scheme is simple: generate hard currency to fund North Korea’s nuclear weapons program. Intelligence sources say Pyongyang has been deploying thousands of IT operatives abroad to illegally raise funds through fraudulent schemes.
This case is especially troubling because it shows that North Korean hackers managed to set up legal companies inside the United States, a rare and alarming development.

🔐 Three Malware Families, One Lazarus Signature
Analysts found that the job files contained at least three known malware families, capable of opening backdoors, downloading additional malicious payloads, and stealing sensitive information. These tactics align closely with past attacks by the Lazarus Group.

⚠️ FBI Warning: Be Cautious of "Too Good to Be True" Job Offers
Federal agents emphasize that this case is a chilling reminder of how North Korea continues to evolve its cyber threats. Tech and cybersecurity professionals should thoroughly vet unsolicited job offers, especially those from unfamiliar companies. Developers infected by these schemes could lose cryptocurrency or unknowingly grant hackers access to larger systems and exchanges.

#HackerAlert , #CyberSecurity , #NorthKoreaHackers , #CryptoSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Ukraine’s cyber defense just took a massive hit. U.S. President Donald Trump has suspended critical cybersecurity support for Ukraine, freezing over $200 million in funding, equipment shipments, and intelligence sharing. Key protection programs have been canceled or paused—leaving Ukraine more vulnerable than ever to Russian cyber warfare.

❌ Contracts Canceled, Equipment Blocked, Funding Frozen
The disruption began immediately after Trump took office in January. The U.S. State Department and USAID halted most support programs—ones that helped Ukraine safeguard its government networks, energy grids, airports, and sensitive infrastructure.
🔹 According to Bloomberg, dozens of U.S. and Ukrainian cybersecurity workers were removed from their posts.

🔹 A $128 million contract with consulting firm DAI Global was frozen.

🔹 Equipment and software never made it to Ukraine.
Even planned aid to Ukraine’s electoral commission and the Chernobyl power station has now been suspended.

🛰️ Musk’s DOGE Unit Guts USAID as Trump Tightens Grip
Elon Musk entered the scene via his DOGE unit, which reportedly dismantled much of USAID. Musk claimed—without evidence—that the agency was “pushing radical leftist agendas” worldwide.
Meanwhile, Trump is ramping up pressure on Ukrainian President Volodymyr Zelenskyy to accept a peace deal widely seen as tilted in favor of Moscow. U.S. Vice President JD Vance warned this week that if no deal is reached, America could withdraw entirely—ending all future cybersecurity aid.

💼 Private Sector Steps In as U.S. Support Vanishes
While federal funding dries up, private companies are stepping in. Bloomberg reports that firms like Mandiant, Symantec (Broadcom), and Palo Alto Networks have formed the Cyber Defense Assistance Collaborative to keep helping Ukraine.
Their $40 million contribution includes:
🔹 Tools for breach detection

🔹 Malware protection

🔹 Intelligence on Russian hacking strategies

⚠️ What’s at Stake? Silence from the U.S. Puts All of Eastern Europe at Risk
This pullback comes at a time when Ukraine faces mounting threats both on the battlefield and online. In 2022, Russian-linked hackers disrupted a U.S. satellite system used by Ukrainian forces, crippling unit coordination.
Ukraine has also suffered DDoS attacks and malware campaigns aimed at disabling energy systems and government infrastructure. And now, just as cyber warfare intensifies, the U.S. is pulling away.

📉 Summary: U.S. Exit Leaves Ukraine Exposed
Trump’s decision to freeze U.S. cyber aid to Ukraine could have far-reaching consequences—not just for Kyiv, but for regional and global stability. If the U.S. steps out completely, Ukraine will be left to fend for itself—on the most dangerous front of modern warfare.

#CyberSecurity , #USPolitics , #TRUMP , #Geopolitics , #worldnews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

North Korean state-sponsored hackers employ sophisticated social engineering tactics to infiltrate the cryptocurrency industry. By creating fake crypto consulting firms and orchestrating sham job interviews, these threat actors are deploying malware to compromise systems and steal sensitive information.​
The Deceptive Strategy
Fake Companies Established: Hackers have set up front companies, BlockNovas LLC, Angeloper Agency, and SoftGlide LLC, to pose as legitimate crypto consulting firms.Malware Deployment via Job Interviews: These entities conduct fake job interviews, during which they trick candidates into downloading malware under the guise of coding assignments or technical assessments.​Malware Families Used: The campaign utilizes multiple malware strains, including:​BeaverTail: A JavaScript-based stealer and loader.​InvisibleFerret: A Python backdoor capable of establishing persistence on Windows, Linux, and macOS systems.​OtterCookie: Another malware variant delivered via the same infection chain.​
Technical Details
Command-and-Control Infrastructure: BeaverTail connects to external servers (e.g., lianxinxiao[.]com) to receive commands and download additional payloads.​Data Exfiltration Capabilities: The malware suite can harvest system information, initiate reverse shells, steal browser data and files, and install remote access tools like AnyDesk.​Use of Legitimate Tools: The attackers have been found hosting tools like Hashtopolis, a password-cracking management system, on their domains to facilitate their operations.​
Implications and Recommendations
Targeted Industries: The cryptocurrency sector remains a prime target due to its financial assets and often less stringent security measures.​Social Engineering Threats: This campaign underscores the importance of verifying the legitimacy of potential employers and being cautious during recruitment processes.​Security Measures: To mitigate such threats, organizations should implement robust cybersecurity protocols, including employee training on phishing and social engineering tactics.​

#CyberSecurity #NorthKorea #CryptoThreats

💡Stay Informed: Don’t miss out! Follow BTCRead on Binance Square for the latest updates and more.✅🌐

📢Disclaimer: This article is for informational purposes only and does not constitute financial advice. Always conduct your research before making investment decisions.

Japan is facing a shocking wave of cyberattacks on online brokerage accounts. Criminals are gaining access through phishing, malware, and stolen login credentials, then using the compromised accounts to manipulate penny stocks. According to regulators and cybersecurity experts, the total damage has already exceeded 100 billion yen (around $710 million).

🔹 How the attacks work:

The scheme is simple but effective: hackers gain access to an account, buy low-cap stocks in Japan, the U.S., or China, artificially pump up the prices, then sell for profit. Many of the stocks are owned by the hackers themselves, allowing them to cash in directly from the manipulation.

🔹 Japan becomes a weak link in the global market

Eight of Japan’s largest online brokers – including Rakuten Securities and SBI Securities – have confirmed suspicious transactions. Some firms have even blocked purchases of certain low-cap stocks listed in China, the U.S., and domestically. The success of these attacks has revealed serious gaps in Japan’s cyber defenses.

🎯 Personal Stories: Losing Life Savings in a Blink
The story of Mai Mori, a 41-year-old part-time worker from Aichi, made headlines after she discovered that hackers used her Rakuten retirement account to buy over 639,000 yen worth of Chinese stocks – about 12% of her savings.

When she contacted Rakuten, she was advised to file a police report. But the response from authorities was discouraging: “In most fraud cases, victims end up quietly accepting the loss.”
Another victim from Tokyo, who chose to remain anonymous, lost 50 million yen after his account was hijacked. Even though he saw a warning pop-up on his phone and called his broker immediately, it was too late to freeze the account.

⚠️ Who’s to Blame?
Brokers blame the users. Police blame the brokers. Meanwhile, the government is urging firms to "act in good faith" when dealing with affected customers – but very few investors have been compensated so far.
On April 22, Finance Minister Katsunobu Kato called on securities companies to engage in sincere discussions with victims. Yet actual payouts remain rare.

📈 Fraud Cases Are Skyrocketing
📊 In February, only 33 suspicious trades were reported. In just the first half of April, that number jumped to 736. The Financial Services Agency hasn’t disclosed total losses, but experts warn the trend is threatening Japan’s national campaign to shift household savings from cash to investments.

🛡️ How Are Hackers Getting In?

🔹 Phishing & Man-in-the-Middle Attacks:

Victims are lured to fake login pages via phishing emails or malicious ads. These pages forward login credentials and session cookies to attackers, who then gain full account access.

🔹 Infostealers (data-theft malware):

Small hidden programs embedded in attachments or links. Once inside a device, they silently search browsers and files for saved IDs and passwords, sending them back to the attacker.

🔹 Web browsers as a vulnerability:

According to expert Yutaka Sejiyama from Macnica Security, Japan’s cultural preference for desktop browsers over mobile trading apps is a key weakness. Mobile apps usually offer biometric authentication and encrypted channels, making them more secure. “If people switched to mobile apps, many of these thefts could be prevented,” he argues.

💡 The Bigger Picture: Is Japan’s Financial Shift in Jeopardy?
The Japanese government wants its citizens to invest more and save less – but the growing number of scams and the lack of consumer protection could completely undermine public trust.

#Japan , #cybercrime , #hackers , #CyberSecurity , #HackerAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

The Foundation announced that a patch has already been released to fix this security vulnerability.

The XRP Ledger Foundation identified a 'critical vulnerability' in the official JavaScript library used to interact with the XRP Ledger blockchain network, according to a statement released by the nonprofit organization.
On April 22, Aikido, a blockchain security specialist, indicated in a blog post that the open-source JavaScript library of the XRP Ledger had been 'compromised by sophisticated attackers who set up a backdoor to steal cryptocurrency private keys and access wallets.'

Darknet, drugs, cryptocurrency, and one man at the center: U.S. authorities have charged Behrouz Parsarad with running one of the largest illegal online marketplaces. He faces life imprisonment.

🕵️‍♂️ The Allegations: Hundreds of Thousands of Illegal Transactions
According to the indictment, Iranian citizen Behrouz Parsarad allegedly operated Nemesis, a darknet marketplace that from 2021 to 2024 facilitated the sale of drugs, illicit cyber services, and other banned goods. The platform reportedly processed over 400,000 orders, with more than 13% for stimulants like cocaine and meth, and over 4% for opioids such as fentanyl and heroin.
The U.S. Department of Justice described Nemesis as a highly damaging criminal platform that significantly contributed to global drug distribution and cybercrime.

💸 Laundering Money Through Crypto
Parsarad is also accused of providing money laundering services, including cryptocurrency mixing to obscure transaction trails. He allegedly took a commission from every sale on the Nemesis platform.

U.S. Sanctions and a Life Sentence Looming
The U.S. sanctioned Parsarad in March. Before it was shut down, Nemesis had reportedly facilitated $30 million in drug sales. Parsarad now faces a mandatory minimum of 10 years and a maximum of life in prison — that is, if the U.S. can ever extradite him. He currently resides in Iran, a country with no extradition treaty with the U.S.
Despite this, officials say Parsarad has discussed building a new version of Nemesis. And experts question whether he worked alone.

🧑‍💻 Why Has No One Else Been Charged?
Although Parsarad is the only one indicted, cybersecurity experts say a darknet platform of this size likely required an entire team — administrators, moderators, developers, money launderers, and more.
“As seen in past takedowns like AlphaBay and Hydra,” said TRM Labs legal expert Ari Redbord, “these platforms often operate as distributed teams that maintain trust, availability, and financial systems.”

🌐 The Darknet Lives On — and Thrives
The takedown of Nemesis doesn’t mark the end of darknet operations. According to TRM Labs, 20–30 drug-focused darknet markets are active globally at any given time.
These markets tend to fall into two main ecosystems:
🔹 Russian-language markets (e.g., Blacksprut, Kraken) — highly profitable and deeply rooted in local drug economies.

🔹 Western markets (e.g., Abacus Market, STYX) — smaller but more resilient, relying on postal shipping and operating internationally.
According to Redbord, the average lifespan of a drug darknet market is two to three years, after which it’s usually abandoned or taken down by authorities.

🧨 Even though Nemesis is gone, the darknet thrives. And as long as demand for anonymous illegal trade remains, it will continue — under new names and new leadership.

#darknet , #cybercrime , #CyberSecurity , #aml , #scam

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

In a rare twist in the crypto world, the hacker who exploited the decentralized exchange KiloEX has decided to return nearly all of the stolen funds. The reversal came after the team offered a 10% white hat bounty in exchange for the safe return of assets and a promise not to pursue legal action. What began as an attack has turned into a white hat rescue story.

🔹 Two Transactions, Almost $7 Million Recovered
The attacker first sent back $1.4 million, followed hours later by an additional $5.5 million. The funds were sent from addresses previously linked to the hacker.
🔸 These transfers fulfilled the terms of a deal proposed on April 15, in which KiloEX offered to drop all investigations if 90% of the stolen funds were returned.

🔸 Otherwise, the team threatened to escalate the case to law enforcement and Web3 security partners.
Following the return, KiloEX declared the case officially closed and confirmed that the hacker is now recognized as a white hat eligible for the promised reward.

🔹 Exchange Still Down, But Token Starts to Recover
In the aftermath of the hack, KiloEX halted all trading activity and is now working to rebuild liquidity and reactivate its 55+ trading pairs.
Its native token KILO has since rebounded to $0.42 following the announcement, though it remains near a three-month low. Prior to the token return, KiloEX launched a fundraising campaign to restore liquidity quickly.
The exploited oracle vulnerability has been fully patched, with KiloEX assuring that a similar attack is no longer possible.

🔹 Multi-Chain Hack Hits $7.4M Across Four Networks
Unlike typical exploits that target Ethereum, this was a multi-chain attack, affecting Base, BNB Chain, opBNB, and Taiko.

The majority of stolen assets were held in USDC on BNB Smart Chain, which ultimately worked in KiloEX’s favor — Circle’s stablecoins can be frozen.

🔹 Protocols and Exchanges Worked Together
KiloEX stated it was monitoring all attacker wallets and immediately froze some of the stolen funds. Exchanges like Binance, Mexc, Gate, and Bybit, along with protocols such as Manta Network, assisted in the containment effort.
The incident, though not massive in scale, showcased Web3’s increasing ability to collaborate in real time and stop bad actors from laundering funds. It’s a case study in how centralized and decentralized players can align under pressure.

🔹 KiloEX Aims to Restore Trust
The hack came just weeks after the launch of KILO’s native token, causing an initial price crash. Still, the KiloEX team handled the crisis transparently, avoided denial or cover-ups, and is focused on rebuilding trust.
KiloEX is part of the growing trend of high-leverage perpetual DEXs, which attract traders looking for profits amid high volatility — despite the inherent risks.

#HackerAlert , #CryptoNewss , #crypto , #CyberSecurity , #CryptoScamAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Reports indicate that the popular rapper Wiz Khalifa’s X account was hacked on November 3, with the account misused to promote a fraudulent memecoin called "WIZ." This token is currently trading for under $10,000.
Fraudulent Posts Target Crypto Fans
After the account hack, a post appeared suggesting that Wiz Khalifa had "worked with his team to launch $WIZ for all crypto fans." The post encouraged Khalifa’s 35.7 million followers to invest in the token.

WIZ Value Plummets Following a Brief Surge
The WIZ memecoin launched via the Solana platform pump.fun, initially reaching a market cap of $3.4 million within the first 15 minutes. Shortly after, however, its value plummeted as early holders sold off their tokens in large amounts, bringing WIZ down to under $28,000. According to DEX Screener, the token is currently valued around $8,400.

Profits from Token Manipulation
Data from Solscan reveals that the two largest holders bought over 155 million WIZ tokens at launch for approximately $19,100 and later sold them for a combined profit of $160,000.
Suspected Link to Another Hacking Incident
The hacker’s exact identity and how they accessed Khalifa’s account remain unknown. However, blockchain detective ZachXBT noted that this hacker is likely the same individual who compromised Truth Terminal developer Andy Ayrey’s account on October 29. Zach warned on November 3 in his public Telegram group, “Do not buy Wiz Khalifa’s Pump Fun token; it’s the same hacker who recently compromised Andy Ayrey.”
Repeated Account Hacking Pattern
The hack of Ayrey’s account followed a similar strategy—using the account to promote fraudulent memecoins, yielding over $1.5 million in illicit gains.
Significant Drop in Other Memecoins
Truth Terminal, which employs an AI bot, was responsible for inflating the value of the memecoin Goatseus Maximus (GOAT) to a peak of $940 million. However, GOAT’s market cap has since fallen by 39%, currently at $544 million since October 24.

What’s Your Take on Social Media Security?
Do you think stricter security measures should be implemented? We’d love to hear your thoughts in the comments!
#Cryptoscam , #CryptoNews🚀🔥 , #cybersecurity , #Memecoins🤑🤑 , #memecoinalert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“