With 16% of U.S. citizens using a cryptocurrency trading platform, OCC acting Chief Michael Hsu urges collaborative efforts to pass cryptocurrency regulations, which he says could lead to greater innovation in the space.
North Korean cybercriminals escalated their illicit campaigns throughout 2021, frequently carrying out crypto hacks to siphon funds, launder gains and cash out using a decentralized exchange. New data from Chainalysis says North Korean hackers lifted nearly $400 million in cryptoassets last year.
A new Lazarus-linked APT threat known as BlueNoroff has emerged and is actively targeting cryptocurrency startups in a campaign called "SnatchCrypto." Research by Kaspersky found that more than 15 venture businesses and their employees have fallen victim to the nation-state threat actors.
Amid a surge in cryptocurrency investment - particularly across DeFi - blockchain experts warn that lax security was a main factor in $1.3 billion in cryptoassets being lost to hacks, exploits and scams in 2021. The losses, according to CertiK, rose from $500 million in 2020.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.
Arbix Finance, a yield-farming protocol that runs on Binance Smart Chain, has reportedly siphoned user funds in what blockchain security firm CertiK labeled a "rug pull." This follows a Library of Congress report indicating that the number of nations banning cryptocurrency has doubled since 2018.
To crack down on the criminal use of cryptocurrency, including for ransomware, authorities are increasingly targeting "cryptocurrency businesses that do not have the compliance controls in place necessary to mitigate the risks of illicit activity," says Ari Redbord of TRM Labs.
A vulnerability in Polygon, a framework used to build Ethereum-compatible blockchain networks, has been fixed. The bug, discovered by white hat hackers at bug bounty platform Immunefi, would have put 9,276,584,332 MATIC, worth nearly $23 billion, at risk.
A Republican senator will soon introduce a bill that, for the first time, attempts to regulate the cryptocurrency space. The bill would reportedly add investor protections, rein in stablecoins and create a self-regulatory organization under the jurisdiction of the SEC and CFTC.
Threat actors have attempted to steal two-factor authentication codes from users of Australian cryptocurrency exchange CoinSpot, researchers say. The codes would help attackers perform "potentially unauthorized withdrawals from individual accounts," say analysts at Cofense Phishing Defense Center.
The Department of Justice says it's thwarted a Sony Group insider who allegedly embezzled $154 million, converted the proceeds to bitcoin, and demanded a ransom payment to return the money. Authorities say the former Sony employee has been criminally charged in Japan.
A top U.S. Department of the Treasury official said financial regulators are prepared to extend existing authorities to rein in stablecoins, although Treasury officials hope instead that Congress will move on key legislation to regulate the space.
Six U.S. senators sent a letter to the Treasury Dept. regarding new cryptocurrency regulation stemming from the infrastructure bill. The lawmakers urge Treasury Secretary Janet Yellen to address concerns around the law, which requires a broad group of professionals to report information to the IRS.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.