Malone Lam, 20, splurged on mansions, luxury cars with millions in crypto allegedly stolen from investors. Read more at straitstimes.com.

Cryptocurrency was a theft target like never before in 2024

UN alleges North Korea stole $3B in crypto assets to fund nuclear weapons program. Despite sanctions, they continue to upgrade their nuclear arsenal #NorthKorea #CryptoTheft #NuclearProgram According to NewsBTC.

The Invisible Threat in Your Crypto Wallet Let’s set a scene. You’ve been navigating the crypto world for a while. You regularly send ETH to a friend, or maybe move…

AmiMoJo writes: In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing ...

#CryptoTheft at an all-time high reaching $1B! Chainalysis depicts a grim picture as ransomware attacks surge in 2023 despite focused efforts to combat #cybercrime. #RansomwareEpidemic According to Bitcoinist.

A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers.

NFT Trader hacked; millions in NFTs stolen. 13 Mutant Ape Yacht Club, 37 Bored Ape and inclusive of VeeFriends, World of Women tokens missing. Losses approximated at $3M. #NFTs #CryptoTheft According to Cointelegraph.

 A Russian blockchain engineer lost over $500,000 worth of cryptocurrencies in a sophisticated cyberattack, highlighting the persisting and increasing threats posed by hostile open-source packages. Even seasoned users can be duped into installing malicious software by attackers using public repositories and ranking algorithms, despite the developer community's growing knowledge and caution. The incident was discovered in June 2025, when the victim, an experienced developer who had recently reinstalled his operating system and only employed essential, well-known applications, noticed his crypto assets had been drained, despite rigorous attention to cybersecurity.  The researchers linked the breach to a Visual Studio Code-compatible extension called "Solidity Language" for the Cursor AI IDE, a productivity-boosting tool for smart contract developers. The extension, which was made public via the Open VSX registry, masqueraded as a legal code highlighting tool but was actually a vehicle for remote code execution. After installation, the rogue extension ran a JavaScript file called extension.js, which linked to a malicious web site to download and run PowerShell scripts.  These scripts, in turn, installed the genuine remote management tool ScreenConnect, allowing the perpetrators to maintain remote access to the compromised PC. The attackers used this access to execute further VBScripts, which delivered additional payloads such as the Quasar open-source backdoor and a stealer module capable of syphoning credentials and wallet passphrases from browsers, email clients, and cryptocurrency wallets.  The masquerade was effective: the malicious extension appeared near the top of search results in the extension marketplace, thanks to a ranking mechanism that prioritised recency and perceived activity over plain download counts. The attackers also plagiarised descriptions from legitimate items, thus blurring the distinction between genuine and fraudulent offerings. When the bogus extension failed to deliver the promised capabilities, the user concluded it was a glitch, allowing the malware to remain undetected.  In an additional twist, after the malicious item was removed from the store, the threat actors swiftly uploaded a new clone called "solidity," employing advanced impersonation techniques. The malicious publisher's name differed by only one character: an uppercase "I" instead of a lowercase "l," a discrepancy that was nearly hard to detect due to font rendering. The bogus extension's download count was intentionally boosted to two million in a bid to outshine the real program, making the correct choice difficult for users. The effort did not end there; similar attack tactics were discovered in further malicious packages on both the Open VSX registry and npm, which targeted blockchain developers via extensions and packages with recognisable names. Each infection chain followed a well-known pattern: executing PowerShell scripts, downloading further malware, and communicating with attacker-controlled command-and-control servers. This incident highlights the ongoing threat of supply-chain attacks in the open-source ecosystem.

Bybit confirms $1.5B crypto theft linked to North Korean hackers; Secret Service investigates separate $150M crypto heist. #CryptoTheft #NorthKorea #Cybersecurity

"Crypto thief steals $4.4M in a day from LastPass breach. Till now, total loss since 2022 is approx. $35M and rising with recent attack. #LastPass #CryptoTheft" According to Cointelegraph.

Blockchain investigator ZachXBT has traced the flow of 783 BTC, worth $91 million, that was taken in a social engineering scam.

North Korea-linked Hackers Stole Over $2 Billion in Crypto So Far in 2025: Report  Finance Magnates http://dlvr.it/TNXY1j

Explore the new XCSSET macOS malware variant's tactics in crypto theft and advanced obfuscation techniques.

Beware! A fake Skype app on the Chinese internet is facilitating a phishing scam leading to massive crypto fund theft. Stay vigilant! #SkypeScam #CryptoTheft #SlowMist According to CryptoPotato.

 North Korean hackers have stolen over $2 billion in cryptocurrency in 2025, while a Discord breach exposed sensitive user data, including government IDs of approximately 70,000 individuals. These incidents highlight the growing sophistication of cyber threats targeting both financial assets and personal information. Cybercrime surge North Korean state-sponsored hacking groups, such as the Lazarus Group, have significantly increased their cryptocurrency thefts, amassing more than $2 billion in 2025 alone, marking a record for these cybercriminals. The funds are believed to support North Korea’s nuclear weapons and missile development programs.The regime’s hacking activities now contribute approximately 13% to its estimated $15.17 billion GDP.  The largest single theft occurred in February 2025, when hackers stole $1.4 billion from the crypto exchange ByBit, with other attacks targeting platforms like WOO X and Seedify resulting in millions more in losses. North Korean hackers are increasingly focusing on wealthy individual cryptocurrency holders, who often lack the robust security measures of institutional investors, making them vulnerable targets.  Discord ID breach and data exposure Discord confirmed a breach in which hackers accessed the government-issued identification documents of around 70,000 users who had uploaded them for age verification disputes. The attackers infiltrated a third-party customer service provider, 5CA, to gain access to this sensitive data.  The stolen information, including selfies holding IDs, email addresses, and partial phone numbers, is being shared in Telegram groups, raising serious privacy concerns about digital age verification systems. This incident underscores the risks associated with centralized storage of personal identification documents. New tactics: EtherHiding on blockchains In a significant evolution of cyber-espionage tactics, a North Korean threat actor tracked as UNC5342 has been observed using a technique called “EtherHiding” since February 2025. This method involves embedding malicious code within smart contracts on public blockchains like Ethereum or BNB Smart Chain, using the decentralized ledger as a resilient command-and-control server.  This approach, part of a campaign named “Contagious Interview,” uses social engineering—posing as recruiters on LinkedIn—to lure victims into executing malware that downloads further payloads via blockchain transactions. The decentralized nature of blockchains makes EtherHiding highly resistant to takedown efforts, presenting a new challenge for cybersecurity defenses.