hack
925,453 مشاهدات
470 يقومون بالنقاش
رائج
جديد
ترجمة
🚨 JUST IN: Trust Wallet HACK CONFIRMED 🔐💥
Binance founder #CZ has confirmed that Trust Wallet was hacked, resulting in approximately $7 million stolen from users.
Here’s what we know 👇
• 💰 ~$7M lost in the exploit
• 🛡️ Trust Wallet says it will fully reimburse all affected users
• 🤝 A rare moment of clear accountability in crypto
This response matters. Too often, hacks end with silence or blame-shifting. Covering losses sends a strong signal — but it also raises a bigger question 👀
⚠️ If a leading self-custody wallet can be compromised, how safe are hot wallets really?
🔍 Key takeaway:
Self-custody ≠ risk-free.
Security still depends on code quality, audits, and user behavior.
✅ Accountability helps restore confidence
❌ But it doesn’t eliminate systemic wallet risks
The real lesson?
Diversify storage, use hardware wallets for large funds, and never assume “trusted” means “unbreakable.” 🔒
What do you think — does this restore trust, or expose deeper cracks in wallet security? 💭👇
$BTC
$ETH
#TrustWallet #hack #crypto
Binance founder #CZ has confirmed that Trust Wallet was hacked, resulting in approximately $7 million stolen from users.
Here’s what we know 👇
• 💰 ~$7M lost in the exploit
• 🛡️ Trust Wallet says it will fully reimburse all affected users
• 🤝 A rare moment of clear accountability in crypto
This response matters. Too often, hacks end with silence or blame-shifting. Covering losses sends a strong signal — but it also raises a bigger question 👀
⚠️ If a leading self-custody wallet can be compromised, how safe are hot wallets really?
🔍 Key takeaway:
Self-custody ≠ risk-free.
Security still depends on code quality, audits, and user behavior.
✅ Accountability helps restore confidence
❌ But it doesn’t eliminate systemic wallet risks
The real lesson?
Diversify storage, use hardware wallets for large funds, and never assume “trusted” means “unbreakable.” 🔒
What do you think — does this restore trust, or expose deeper cracks in wallet security? 💭👇
$BTC
$ETH
#TrustWallet #hack #crypto
ترجمة
Polymarket HACKED! User Funds WIPED OUT 🚨
Entry: 0.15 🟩
Target 1: 0.20 🎯
Stop Loss: 0.12 🛑
Web2 login vulnerability exploited. NOT a smart contract hack. Funds were drained through third-party authentication. The exploit is patched, but damage is done. Users lost everything without clicking scam links or revealing emails. Your Web3 assets are only as secure as your Web2 onboarding. Centralized login equals centralized risk. Do not wait. Secure your assets NOW.
Disclaimer: This is not financial advice.
#crypto #hack #security #FOMO #blockchain 💥
Entry: 0.15 🟩
Target 1: 0.20 🎯
Stop Loss: 0.12 🛑
Web2 login vulnerability exploited. NOT a smart contract hack. Funds were drained through third-party authentication. The exploit is patched, but damage is done. Users lost everything without clicking scam links or revealing emails. Your Web3 assets are only as secure as your Web2 onboarding. Centralized login equals centralized risk. Do not wait. Secure your assets NOW.
Disclaimer: This is not financial advice.
#crypto #hack #security #FOMO #blockchain 💥
ترجمة
🔐 TRUST WALLET HACK — CZ CONFIRMS
🚨 $7M stolen in a major security breach.
✅ Trust Wallet’s response:
· Will fully reimburse affected users
· Taking accountability publicly
· Rare move in the crypto space
💭 Key questions remain:
· Does this restore trust?
· Or highlight deeper security risks for hot wallets?
🛡️ Takeaway:
Transparency matters.Reimbursement is a strong step — but self-custody and cold wallets remain the gold standard.
💬 What’s your take?
Does this change how you store your crypto?
#TrustWallet #CZ #Binance #CryptoNews #Hack
$BIFI
$STO
$NEWT
🚨 $7M stolen in a major security breach.
✅ Trust Wallet’s response:
· Will fully reimburse affected users
· Taking accountability publicly
· Rare move in the crypto space
💭 Key questions remain:
· Does this restore trust?
· Or highlight deeper security risks for hot wallets?
🛡️ Takeaway:
Transparency matters.Reimbursement is a strong step — but self-custody and cold wallets remain the gold standard.
💬 What’s your take?
Does this change how you store your crypto?
#TrustWallet #CZ #Binance #CryptoNews #Hack
$BIFI
$STO
$NEWT
ترجمة
🚨 TRUST WALLET COLPITO DA HACK MISTERIOSO: OLTRE 6 MILIONI RUBATI 🚨
Centinaia di utenti Trust Wallet hanno subito un grave attacco il 24 dicembre: oltre 6 milioni di dollari in crypto (ETH, BTC, SOL e token EVM) sono stati prosciugati da portafogli compromessi.
L'incidente, segnalato dall'analista ZachXBT, ha coinvolto la versione 2.68 dell'estensione browser Chrome, aggiornata quel giorno, che conteneva codice malevolo per rubare seed phrase e trasferire fondi.
I fondi rubati, stimati tra 6 e 7 milioni, sono stati parzialmente lavati: 4 milioni inviati a exchange centralizzati come 3,3 milioni su ChangeNOW, 447.000 su KuCoin e 340.000 su FixedFloat; circa 2,8 milioni restano nel wallet dell'hacker.
Si sospetta un supply chain attack, con script maligni (es. 4482.js) che inviavano dati a un sito phishing come metrics-trustwallet.com, registrato poco prima.
Trust Wallet ha tardato a reagire, comunicando solo il 26 dicembre, mentre utenti perdevano fondi per oltre 30 ore.
Changpeng Zhao (CZ), proprietario tramite Binance, ha rassicurato: "I fondi sono SAFU, Trust coprirà tutte le perdite".
L'estensione mobile e altre versioni non sono state colpite; utenti invitati a disinstallare v2.68 e aggiornare a v2.69.
Questo episodio evidenzia rischi di estensioni browser e aggiornamenti non verificati, spingendo a maggiore vigilanza in un ecosistema con 220 milioni di account.
#BREAKING #alert #Hack #TrustWallet
Centinaia di utenti Trust Wallet hanno subito un grave attacco il 24 dicembre: oltre 6 milioni di dollari in crypto (ETH, BTC, SOL e token EVM) sono stati prosciugati da portafogli compromessi.
L'incidente, segnalato dall'analista ZachXBT, ha coinvolto la versione 2.68 dell'estensione browser Chrome, aggiornata quel giorno, che conteneva codice malevolo per rubare seed phrase e trasferire fondi.
I fondi rubati, stimati tra 6 e 7 milioni, sono stati parzialmente lavati: 4 milioni inviati a exchange centralizzati come 3,3 milioni su ChangeNOW, 447.000 su KuCoin e 340.000 su FixedFloat; circa 2,8 milioni restano nel wallet dell'hacker.
Si sospetta un supply chain attack, con script maligni (es. 4482.js) che inviavano dati a un sito phishing come metrics-trustwallet.com, registrato poco prima.
Trust Wallet ha tardato a reagire, comunicando solo il 26 dicembre, mentre utenti perdevano fondi per oltre 30 ore.
Changpeng Zhao (CZ), proprietario tramite Binance, ha rassicurato: "I fondi sono SAFU, Trust coprirà tutte le perdite".
L'estensione mobile e altre versioni non sono state colpite; utenti invitati a disinstallare v2.68 e aggiornare a v2.69.
Questo episodio evidenzia rischi di estensioni browser e aggiornamenti non verificati, spingendo a maggiore vigilanza in un ecosistema con 220 milioni di account.
#BREAKING #alert #Hack #TrustWallet
ترجمة
$BTC Trust Wallet Exploited, $6.77M Stolen 🚨💥
Trust Wallet has been exploited, impacting hundreds of users, with over $6.77M in assets stolen so far according to on-chain tracking.
The attacker has already consolidated and begun moving funds rapidly.
Approximately $4.25M has been routed through multiple services, including ChangeNOW, FixedFloat, KuCoin, and HTX.
This dispersion pattern suggests active laundering attempts to obfuscate fund trails.
The hacker wallet currently still holds a diversified portfolio, including BTC, ETH, BNB, and stablecoins, with total tracked assets exceeding $2.5M, indicating not all stolen funds have been offloaded yet.
In response, CZ has publicly stated that Trust Wallet will fully cover all user losses, aiming to contain fallout and restore confidence.
Will further stolen funds be frozen as they move — or has the attacker already slipped past recovery routes? 🛑⚡️
#TrustWallet #Hack #OnChain $TWT
Trust Wallet has been exploited, impacting hundreds of users, with over $6.77M in assets stolen so far according to on-chain tracking.
The attacker has already consolidated and begun moving funds rapidly.
Approximately $4.25M has been routed through multiple services, including ChangeNOW, FixedFloat, KuCoin, and HTX.
This dispersion pattern suggests active laundering attempts to obfuscate fund trails.
The hacker wallet currently still holds a diversified portfolio, including BTC, ETH, BNB, and stablecoins, with total tracked assets exceeding $2.5M, indicating not all stolen funds have been offloaded yet.
In response, CZ has publicly stated that Trust Wallet will fully cover all user losses, aiming to contain fallout and restore confidence.
Will further stolen funds be frozen as they move — or has the attacker already slipped past recovery routes? 🛑⚡️
#TrustWallet #Hack #OnChain $TWT
ترجمة
🚨 Update on Trust Wallet Incident 🚥🔴
CZ confirmed that ~$7M was affected by the recent Trust Wallet browser extension issue.
✅ Trust Wallet will fully cover the loss
🔒 User funds are SAFU
🛠️ Issue linked to Browser Extension v2.68 — users are advised to disable and upgrade to v2.69 immediately
$TWT $RIVER $LIGHT
This is how security incidents should be handled in crypto.
#TrustWallet #TWT #Hack #CZ #SAFU🙏
CZ confirmed that ~$7M was affected by the recent Trust Wallet browser extension issue.
✅ Trust Wallet will fully cover the loss
🔒 User funds are SAFU
🛠️ Issue linked to Browser Extension v2.68 — users are advised to disable and upgrade to v2.69 immediately
$TWT $RIVER $LIGHT
This is how security incidents should be handled in crypto.
#TrustWallet #TWT #Hack #CZ #SAFU🙏
ترجمة
TRUST WALLET HACKED! $6M GONE!
URGENT SECURITY ALERT. Trust Wallet browser extension version 2.68 compromised. Hundreds of users hit. At least $6 million lost. DO NOT DELAY. Disable version 2.68 IMMEDIATELY. Upgrade to version 2.69 NOW via the official Chrome Web Store. Your funds are at risk. Act fast.
Disclaimer: This is not financial advice.
$TWT #CryptoNews #SecurityAlert #Hack 🚨
URGENT SECURITY ALERT. Trust Wallet browser extension version 2.68 compromised. Hundreds of users hit. At least $6 million lost. DO NOT DELAY. Disable version 2.68 IMMEDIATELY. Upgrade to version 2.69 NOW via the official Chrome Web Store. Your funds are at risk. Act fast.
Disclaimer: This is not financial advice.
$TWT #CryptoNews #SecurityAlert #Hack 🚨
ترجمة
🚨🚨ALERTA DE HACK🚨🚨
LA EXTENSIÓN DE CHROME DE TRUST WALLET FUE HACKEADA.
SI LO TIENES, O ALGUNA VEZ IMPORTASTE TU SEMILLA EN ÉL,
¡RETIRE TODOS SUS FONDOS INMEDIATAMENTE!!
Más vale prevenir que curar.
#USCryptoStakingTaxReview
#USCryptoStakingTaxReview
#BinanceSquareFamily
#Hack
LA EXTENSIÓN DE CHROME DE TRUST WALLET FUE HACKEADA.
SI LO TIENES, O ALGUNA VEZ IMPORTASTE TU SEMILLA EN ÉL,
¡RETIRE TODOS SUS FONDOS INMEDIATAMENTE!!
Más vale prevenir que curar.
#USCryptoStakingTaxReview
#USCryptoStakingTaxReview
#BinanceSquareFamily
#Hack
ش
SKYAIUSDT
دائم
مغلق
الأرباح والخسائر
+0.02USDT
ترجمة
🚨 A $50,000,000 Mistake: The Silent On-Chain Scam Every Crypto User Must Understand
A crypto whale just lost nearly $50 million in a highly sophisticated address poisoning attack — and the most alarming part?
There was no hack, no smart-contract bug, no private key leak.
This was purely a human-behavior exploit.
Here’s what happened 👇
The victim followed what many consider a safe habit:
First, a small test transfer of $USDT to confirm the destination address.
That single action triggered the trap.
Within minutes, automated bots detected the transaction and generated a look-alike wallet address, matching the same starting and ending characters. The attacker then sent a tiny “dust” transaction from this fake address to pollute the victim’s transaction history.
Later, when the victim copied the address from history (instead of a trusted source), they unknowingly sent 49,999,950 USDT straight to the attacker.
💥 Gone in one transaction.
The stolen funds were quickly:
Swapped into $ETH
Split across multiple wallets
Partially routed through mixers to obscure the trail
Recovery chances? Extremely low.
Why this scam is so dangerous
No technical exploit involved
Targets common user habits
Relies on visual similarity & convenience
Bots run 24/7, waiting patiently for one mistake
Even experienced users are vulnerable.
How to protect yourself
❌ Never copy addresses from transaction history
✅ Verify the entire address, not just first & last characters
✅ Use address whitelisting whenever possible
🚩 Treat dust transactions as warnings, not confirmations
Crypto doesn’t forgive small mistakes.
One careless click can cost a lifetime of gains.
Stay sharp. Stay paranoid. That’s real security in this market.
#Hack #scam #StayAlert $BTC #ETH #USDT
A crypto whale just lost nearly $50 million in a highly sophisticated address poisoning attack — and the most alarming part?
There was no hack, no smart-contract bug, no private key leak.
This was purely a human-behavior exploit.
Here’s what happened 👇
The victim followed what many consider a safe habit:
First, a small test transfer of $USDT to confirm the destination address.
That single action triggered the trap.
Within minutes, automated bots detected the transaction and generated a look-alike wallet address, matching the same starting and ending characters. The attacker then sent a tiny “dust” transaction from this fake address to pollute the victim’s transaction history.
Later, when the victim copied the address from history (instead of a trusted source), they unknowingly sent 49,999,950 USDT straight to the attacker.
💥 Gone in one transaction.
The stolen funds were quickly:
Swapped into $ETH
Split across multiple wallets
Partially routed through mixers to obscure the trail
Recovery chances? Extremely low.
Why this scam is so dangerous
No technical exploit involved
Targets common user habits
Relies on visual similarity & convenience
Bots run 24/7, waiting patiently for one mistake
Even experienced users are vulnerable.
How to protect yourself
❌ Never copy addresses from transaction history
✅ Verify the entire address, not just first & last characters
✅ Use address whitelisting whenever possible
🚩 Treat dust transactions as warnings, not confirmations
Crypto doesn’t forgive small mistakes.
One careless click can cost a lifetime of gains.
Stay sharp. Stay paranoid. That’s real security in this market.
#Hack #scam #StayAlert $BTC #ETH #USDT
ترجمة
🚨 ALERT: North Korean Hackers Stole Record $2B in Crypto in 2025
💥 Just In: According to a new report from Chain analysis , North Korean state-backed hackers stole a record-breaking $2 billion worth of cryptocurrency in 2025.
🔐 Why This Matters to Every Trader & Holder:
· This marks a massive increase in scale and sophistication of attacks
· Highlights the urgent need for strong security (2FA, cold storage, smart contract audits)
· Could prompt tighter global regulations and exchange security measures
· Reminder that crypto’s growth attracts not just investors — but predators
⚠️ Stay Safe — Protect Your Assets:
✅Use hardware wallets for large holdings
✅ Enable multi-factor authentication (MFA) everywhere
✅ Avoid clicking suspicious links or approving unknown contracts
✅ Keep software & wallets updated
🌐 The Bigger Picture:
While thefts are alarming,they also push the industry toward better security infrastructure, insurance solutions, and regulatory clarity. Security is not optional — it's essential.
🛡️ Final Thought:
Crypto is aboutself-sovereignty — and with that comes responsibility. Stay informed, stay secure, and stay vigilant.
#CryptoNews #CyberSecurity #NorthKorea #Hack #Blockchain
$AKE
$AERGO
$RIVER
💥 Just In: According to a new report from Chain analysis , North Korean state-backed hackers stole a record-breaking $2 billion worth of cryptocurrency in 2025.
🔐 Why This Matters to Every Trader & Holder:
· This marks a massive increase in scale and sophistication of attacks
· Highlights the urgent need for strong security (2FA, cold storage, smart contract audits)
· Could prompt tighter global regulations and exchange security measures
· Reminder that crypto’s growth attracts not just investors — but predators
⚠️ Stay Safe — Protect Your Assets:
✅Use hardware wallets for large holdings
✅ Enable multi-factor authentication (MFA) everywhere
✅ Avoid clicking suspicious links or approving unknown contracts
✅ Keep software & wallets updated
🌐 The Bigger Picture:
While thefts are alarming,they also push the industry toward better security infrastructure, insurance solutions, and regulatory clarity. Security is not optional — it's essential.
🛡️ Final Thought:
Crypto is aboutself-sovereignty — and with that comes responsibility. Stay informed, stay secure, and stay vigilant.
#CryptoNews #CyberSecurity #NorthKorea #Hack #Blockchain
$AKE
$AERGO
$RIVER
ترجمة
⚠️Yearn Finance lại bị hack
Theo PeckShield, phiên bản V1 của giao thức DeFi Yearn Finance đã bị tấn công, gây ra thiệt hại khoảng 300.000 USD. Kẻ tấn công sau đó đã chuyển đổi toàn bộ số tiền bị đánh cắp thành 103 ETH và rút khỏi giao thức.
Đáng chú ý, đây không phải sự cố lần đầu. Chỉ vài tuần trước, Yearn.finance cũng từng hứng chịu một vụ tấn công khác gây thiệt hại lên tới 9 triệu USD, làm gia tăng lo ngại về mức độ an toàn của phiên bản V1 cũng như rủi ro bảo mật vẫn hiện hữu ngay cả với các giao thức DeFi lâu năm.
#Hack #defi
Theo PeckShield, phiên bản V1 của giao thức DeFi Yearn Finance đã bị tấn công, gây ra thiệt hại khoảng 300.000 USD. Kẻ tấn công sau đó đã chuyển đổi toàn bộ số tiền bị đánh cắp thành 103 ETH và rút khỏi giao thức.
Đáng chú ý, đây không phải sự cố lần đầu. Chỉ vài tuần trước, Yearn.finance cũng từng hứng chịu một vụ tấn công khác gây thiệt hại lên tới 9 triệu USD, làm gia tăng lo ngại về mức độ an toàn của phiên bản V1 cũng như rủi ro bảo mật vẫn hiện hữu ngay cả với các giao thức DeFi lâu năm.
#Hack #defi
ترجمة
🍔 Hackeo de Memecoin de McDonald's: ladrones ciberneticos roban alrededor de $700,000 en Solana
En un giro inesperado, el 21 de agosto, estafadores hackearon la cuenta oficial de Instagram de McDonald's, utilizando la plataforma del gigante de la comida rápida para vender una memecoin falsa basada en la mascota Grimace. Los hackers lograron recaudar más de $700,000 en Solana antes de que se descubriera la estafa.
💀 La estafa del Memecoin de Grimace 👾
Aprovechando la página de Instagram de McDonald's, con 5.1 millones de seguidores, los hackers promocionaron el token falso de Grimace como un "experimento de McDonald's en Solana". Esta táctica rápidamente captó la atención de la comunidad criptográfica, haciendo que la capitalización de mercado del token pasara de unos pocos miles de dólares a $25 millones en solo 30 minutos.
📊 Pump & Dump
Los malandros ya habían asegurado el 75% del suministro de tokens Grimace usando el implementador de memecoin Solana pump.fun. Luego distribuyeron estos tokens en 100 billeteras diferentes. A medida que el valor del token aumentaba, los hackers comenzaron a vender sus tenencias, lo que provocó que el precio del token cayera a $650,000 en solo 40 minutos.
💸 El desembolso
En total, los choros se llevaron alrededor de $700,000 en Solana de este esquema de pump and dump. Incluso editaron la biografía de Instagram de McDonald's para presumir de su éxito, escribiendo: "Lo siento, India_X_Kr3w acaba de engañarte, gracias por los $700,000 en Solana".
⚠️ Consecuencias
Las publicaciones y la biografía finalmente fueron restauradas, y McDonald's emitió una declaración reconociendo el ataque como un "incidente aislado". Este incidente es un recordatorio de los peligros en el mundo de las criptomonedas, donde incluso marcas conocidas pueden ser utilizadas para facilitar estafas.
#scam #hack #Solana $SOL #RiskManagement
En un giro inesperado, el 21 de agosto, estafadores hackearon la cuenta oficial de Instagram de McDonald's, utilizando la plataforma del gigante de la comida rápida para vender una memecoin falsa basada en la mascota Grimace. Los hackers lograron recaudar más de $700,000 en Solana antes de que se descubriera la estafa.
💀 La estafa del Memecoin de Grimace 👾
Aprovechando la página de Instagram de McDonald's, con 5.1 millones de seguidores, los hackers promocionaron el token falso de Grimace como un "experimento de McDonald's en Solana". Esta táctica rápidamente captó la atención de la comunidad criptográfica, haciendo que la capitalización de mercado del token pasara de unos pocos miles de dólares a $25 millones en solo 30 minutos.
📊 Pump & Dump
Los malandros ya habían asegurado el 75% del suministro de tokens Grimace usando el implementador de memecoin Solana pump.fun. Luego distribuyeron estos tokens en 100 billeteras diferentes. A medida que el valor del token aumentaba, los hackers comenzaron a vender sus tenencias, lo que provocó que el precio del token cayera a $650,000 en solo 40 minutos.
💸 El desembolso
En total, los choros se llevaron alrededor de $700,000 en Solana de este esquema de pump and dump. Incluso editaron la biografía de Instagram de McDonald's para presumir de su éxito, escribiendo: "Lo siento, India_X_Kr3w acaba de engañarte, gracias por los $700,000 en Solana".
⚠️ Consecuencias
Las publicaciones y la biografía finalmente fueron restauradas, y McDonald's emitió una declaración reconociendo el ataque como un "incidente aislado". Este incidente es un recordatorio de los peligros en el mundo de las criptomonedas, donde incluso marcas conocidas pueden ser utilizadas para facilitar estafas.
#scam #hack #Solana $SOL #RiskManagement
ترجمة
North Korean Hackers Target Crypto with Nim-Based Malware Disguised as Zoom Updates
🔹 Fake Zoom meeting invites and update links deceive Web3 teams
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
ترجمة
🔥 Scammers on the Rise: How the Meme Coin Boom on Solana Unlocked New Ways to Steal Millions 💸
🌐 The Crypto Market in Shock!
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
ترجمة
Breaking News: Bybit Exchange Hacked
On February 21, 2025. Bybit Exchange, a prominent cryptocurrency exchange, experienced a significant security breach resulting in the unauthorized transfer of approximately $1.46 billion worth of assets. The incident involved the compromise of Bybit's Ethereum (ETH) cold wallet, leading to the loss of 401,346 ETH (approximately $1.1 billion) and various staked Ether (stETH) tokens. The perpetrator has been liquidating these assets on decentralized exchanges.
Bybit's CEO, Ben Zhou, confirmed the breach, explaining that a planned transfer was manipulated, allowing the attacker to gain control over the specific ETH cold wallet. Zhou assured users that all other cold wallets remain secure and that withdrawals are functioning normally.
This event marks one of the largest cryptocurrency hacks to date, surpassing previous incidents such as the Mt. Gox hack ($470 million), the CoinCheck hack in 2018 ($530 million), and the Ronin Bridge exploit ($650 million).
In response to the breach, major cryptocurrencies experienced price declines. Ethereum's price fell nearly 3% to approximately $2,727, while Bitcoin dipped by nearly 1% to around $98,091.
Users are advised to monitor their accounts closely and exercise caution with their assets during this period.
#BybitSecurityBreach #CryptocurrencyWealth #cryptouniverseofficial #Hack #bybit
Bybit's CEO, Ben Zhou, confirmed the breach, explaining that a planned transfer was manipulated, allowing the attacker to gain control over the specific ETH cold wallet. Zhou assured users that all other cold wallets remain secure and that withdrawals are functioning normally.
This event marks one of the largest cryptocurrency hacks to date, surpassing previous incidents such as the Mt. Gox hack ($470 million), the CoinCheck hack in 2018 ($530 million), and the Ronin Bridge exploit ($650 million).
In response to the breach, major cryptocurrencies experienced price declines. Ethereum's price fell nearly 3% to approximately $2,727, while Bitcoin dipped by nearly 1% to around $98,091.
Users are advised to monitor their accounts closely and exercise caution with their assets during this period.
#BybitSecurityBreach #CryptocurrencyWealth #cryptouniverseofficial #Hack #bybit
ترجمة
BE ALERT! ⚠️
#cryptohacks have already reached $3.1B in 2025.
That’s an 8.7% jump from last year, with 4+ months left to go.
#HackerAlert #Hack
#cryptohacks have already reached $3.1B in 2025.
That’s an 8.7% jump from last year, with 4+ months left to go.
#HackerAlert #Hack
ترجمة
🇺🇸 ESTADOUNIDENSES PERDIERON 9.300 MILLONES EN FRAUDES CRIPTO DURANTE 2024.
El Centro de Denuncias de Delitos en Internet (IC3) del Buró Federal de Investigación (FBI) ha publicado su informe anual que detalla las denuncias y pérdidas debido a estafas y fraudes relacionados con criptomonedas en 2024.
Según el informe publicado el 23 de abril, el IC3 recibió más de 140.000 denuncias que mencionaban criptomonedas en 2024, lo que resultó en aproximadamente 9.300 millones de dólares en pérdidas.
El buró informó que las personas mayores de 60 años fueron las más afectadas por fraudes relacionados con criptomonedas, con aproximadamente 33.000 denuncias y 2.800 millones de dólares en pérdidas.
#Fraud_alert #FraudAlert #Hack #crypto
$SOL $XRP
El Centro de Denuncias de Delitos en Internet (IC3) del Buró Federal de Investigación (FBI) ha publicado su informe anual que detalla las denuncias y pérdidas debido a estafas y fraudes relacionados con criptomonedas en 2024.
Según el informe publicado el 23 de abril, el IC3 recibió más de 140.000 denuncias que mencionaban criptomonedas en 2024, lo que resultó en aproximadamente 9.300 millones de dólares en pérdidas.
El buró informó que las personas mayores de 60 años fueron las más afectadas por fraudes relacionados con criptomonedas, con aproximadamente 33.000 denuncias y 2.800 millones de dólares en pérdidas.
#Fraud_alert #FraudAlert #Hack #crypto
$SOL $XRP
🥷💸 أكثر من 280 مليون دولار سُرقت هذا الصيف بسبب اختراقات الكريبتو!
🔟 هذه قائمة بأكبر 10 اختراقات وخروقات أمنية:
1️⃣ Nobitex – $82M (اختراق Hot Wallet)
2️⃣ BtcTurk – $48M (اختراق مفاتيح خاصة)
3️⃣ CoinDCX – $44.2M (فقدان صلاحيات وصول)
4️⃣ GMX – $42M (ثغرة Re-entrancy)
5️⃣ BigONE – $27M (فقدان صلاحيات وصول)
6️⃣ WOO X – $14M (Phishing)
7️⃣ Resupply – $9.6M (التلاعب بأوراكل الأسعار)
8️⃣ ALEX – $8.4M (تحويلات خبيثة)
9️⃣ BetterBank – $5M (ثغرة بروتوكول)
🔟 CrediX – $4.5M (اختراق مفاتيح خاصة)
⚠️ المجموع: +280M$ خلال الصيف فقط!
👉 الدرس: المخاطر الأمنية في عالم الكريبتو ما زالت مرتفعة جدًا، والحماية يجب أن تكون أولوية قصوى لكل مستثمر أو مؤسسة.
#Hack
#Crypto #Security #DeFi #Hacks #Blockchain #Binance #crypto #عملات_رقمية #ضرار_الحضري
🔟 هذه قائمة بأكبر 10 اختراقات وخروقات أمنية:
1️⃣ Nobitex – $82M (اختراق Hot Wallet)
2️⃣ BtcTurk – $48M (اختراق مفاتيح خاصة)
3️⃣ CoinDCX – $44.2M (فقدان صلاحيات وصول)
4️⃣ GMX – $42M (ثغرة Re-entrancy)
5️⃣ BigONE – $27M (فقدان صلاحيات وصول)
6️⃣ WOO X – $14M (Phishing)
7️⃣ Resupply – $9.6M (التلاعب بأوراكل الأسعار)
8️⃣ ALEX – $8.4M (تحويلات خبيثة)
9️⃣ BetterBank – $5M (ثغرة بروتوكول)
🔟 CrediX – $4.5M (اختراق مفاتيح خاصة)
⚠️ المجموع: +280M$ خلال الصيف فقط!
👉 الدرس: المخاطر الأمنية في عالم الكريبتو ما زالت مرتفعة جدًا، والحماية يجب أن تكون أولوية قصوى لكل مستثمر أو مؤسسة.
#Hack
#Crypto #Security #DeFi #Hacks #Blockchain #Binance #crypto #عملات_رقمية #ضرار_الحضري
سجّل الدخول لاستكشاف المزيد من المُحتوى