U.S. federal prosecutors accused two Russian nationals of carrying out the heist that provoked the 2014 collapse cryptocurrency trading exchange Mt. Gox, then the world's largest crypto platform. One of them used the proceeds to co-found BTC-e, a now-shuttered crypto money laundering platform.
In the latest weekly update, four ISMG editors discuss highlights from Verizon's 16th annual Data Breach Investigations Report, what's on the mind of CISOs in Malaysia and the Philippines, and how the U.S. SEC sued crypto trading platforms Binance and Coinbase over securities violations.
This week: A U.S. federal court issued a summons to Binance CEO Changpeng Zhao, Lazarus may be behind the $35 million Atomic Wallet heist, and Manhattan prosecutors seized a scam crypto recovery website. Also, the Blockchain Association weighs in on Tornado Cash, and crypto security attacks decline.
Hacking group Asylum Ambuscade, which security researchers say aligns with Belarusian government interests, has an "unusual" twist: It appears to be mixing cybercrime - focused on banking and cryptocurrency customers - with cyberespionage, including attacks targeting Ukraine.
The Biden administration stepped up regulatory enforcement against cryptocurrency trading platforms in consecutive lawsuits targeting Binance and Coinbase for alleged violations of securities laws. "We already have digital currency. It's called the U.S. dollar," said U.S. SEC Chairman Gary Gensler.
In the days between May 26 and June 1, Tornado Cash validators regained control, Tron patched a bug that could be exploited for $500 million, Binance said it will delist privacy coins in four European countries, Coinbase settled insider trading charges and Hong Kong police joined the metaverse.
Between May 19 and 25, a hacker took control of Tornado Cash and stole $1 million, plaintiffs in a Coinbase-bankrolled lawsuit pressed for summary judgment, attackers used crypto phishing as a service to steal $6 million, Trezor hot wallet was found to possibly be buggy and Celer patched a bug.
The BlueNoroff hacker group, which is associated with the North Korean military's Reconnaissance General Bureau, is using RustBucket malware to target macOS systems of users primarily in the United States and Asia - a tactic observed for the first time since the group began its operations.
Law enforcement and regulatory action over the past year in the United States most likely dissuaded hackers from stealing cryptocurrency, making the amount stolen in the first quarter of the year the lowest compared to each of the four quarters in 2022, TRM Labs said.
MiCA's consumer protection provisions extend to cybersecurity, with its anti-money laundering, cyberattack liability and travel rule clauses. ISMG contributors Ari Redbord of TRM Labs and Troy Leach of Cloud Security Alliance discuss its impact on cybercrime, compliance challenges and the way ahead.
In the days between May 11 and May 18, the Uranium Finance hacker laundered more stolen funds, LayerZero launched a $15 million bug bounty program, the European Union adopted comprehensive cryptocurrency legislation, and Ledger faced backlash on its seed phrase recovery solution.
A hacker made $34 million from MEV bot attacks, NYDFS penalized Bitflyer for lax cybersecurity, Ishan Wahi was sentenced in the Coinbase insider trading case, the IRS is training Ukraine in blockchain forensics and the New York AG proposed a crypto cybersecurity bill.
In the days between April 28 and May 4, the FBI and Ukrainian police seized nine virtual currency exchanges that serviced cybercriminals, Privacy Affairs noted the cost of hacked crypto accounts on darknet markets, and Level Finance suffered a $1 million hack.
Organizations with a security-by-design approach need to go beyond being reactive to a proactive, offensive strategy to strengthen their security posture, says Mrutyunjay Mahapatra, member board of directors and chairman of the audit committee at Reserve Bank Innovation Hub.
Between April 21 and 27, hackers stole $1.8 million from Merlin, $22,638 from Kucoin and $170,000 from Trust Wallet and attacked UniSat Wallet. The U.S. indicted two men for DPRK-linked money laundering, and a U.K. parliamentary panel heard plans to curb cybercrime with better crypto seizure skills.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.