#hacked
hacked
511,956 рет көрілді
297 адам талқылап жатыр
Қызу саудада
Ең соңғы
Android Hackers Target 800 Banking, Crypto and Social Media Apps With ‘Near-Zero Detection Rates’: Zimperium
Android hackers are now targeting more than 800 applications across banking, cryptocurrency and social media sectors.
The cybersecurity firm Zimperium says its researchers have identified four active malware families that use advanced command-and-control infrastructure to steal credentials, conduct unauthorized financial transactions and exfiltrate data at scale.
“Collectively, these campaigns target over 800 applications across the banking, cryptocurrency, and social media sectors.
By employing advanced anti-analysis techniques and structural APK tampering, these families often maintain near-zero detection rates against traditional signature-based security mechanisms.”
The names of the malware families are RecruitRat, SaferRat, Astrinox and Massiv.
Attackers commonly rely on phishing websites, fraudulent job offers, fake software updates, text-message scams and promotional lures to convince victims to install malicious Android apps.
Once installed, the malware can request Accessibility permissions, hide app icons, block uninstall attempts, steal PINs and passwords through fake lock screens, capture one-time passcodes, stream live device screens and overlay counterfeit login pages on legitimate banking or crypto apps.
“Overlay attacks remain the cornerstone of the credential-harvesting lifecycle. Using Accessibility Services to monitor the foreground, the malware detects the exact moment a victim launches a financial application. The malware then fetches a malicious HTML payload and overlays it onto the legitimate application’s user interface, creating a highly convincing, deceptive facade.”
The company said the campaigns use HTTPS and WebSocket communications to blend malicious traffic with normal app activity, while some variants add extra encryption layers to evade detection.
More news — subscribe
#hacked
Android hackers are now targeting more than 800 applications across banking, cryptocurrency and social media sectors.
The cybersecurity firm Zimperium says its researchers have identified four active malware families that use advanced command-and-control infrastructure to steal credentials, conduct unauthorized financial transactions and exfiltrate data at scale.
“Collectively, these campaigns target over 800 applications across the banking, cryptocurrency, and social media sectors.
By employing advanced anti-analysis techniques and structural APK tampering, these families often maintain near-zero detection rates against traditional signature-based security mechanisms.”
The names of the malware families are RecruitRat, SaferRat, Astrinox and Massiv.
Attackers commonly rely on phishing websites, fraudulent job offers, fake software updates, text-message scams and promotional lures to convince victims to install malicious Android apps.
Once installed, the malware can request Accessibility permissions, hide app icons, block uninstall attempts, steal PINs and passwords through fake lock screens, capture one-time passcodes, stream live device screens and overlay counterfeit login pages on legitimate banking or crypto apps.
“Overlay attacks remain the cornerstone of the credential-harvesting lifecycle. Using Accessibility Services to monitor the foreground, the malware detects the exact moment a victim launches a financial application. The malware then fetches a malicious HTML payload and overlays it onto the legitimate application’s user interface, creating a highly convincing, deceptive facade.”
The company said the campaigns use HTTPS and WebSocket communications to blend malicious traffic with normal app activity, while some variants add extra encryption layers to evade detection.
More news — subscribe
#hacked
E Alex:
Damn, 800 apps with near-zero detection? That's wild. Stay safe out there.
☠️ Wasabi Protocol got hacked for $5 million across Ethereum, Base, Berachain and Blast
Not a day without a hack 😫
#Hacked $ETH $BERA
Not a day without a hack 😫
#Hacked $ETH $BERA
🚨 THE $17,000,000,000 WAKE-UP CALL 🚨
In just 10 years, hackers have drained $17B across 518 major incidents. The transition from DeFi exploits to CeFi targets in 2026 shows no one is safe without a plan.
The Reality Check:
Total Stolen: $17 Billion 💸
Total Hacks: 518 ⚔️
Biggest Lesson: Greed kills, but bad security buries you.
Stay SAFU by using 2FA (Non-SMS) and verifying every link.
What is the one security tool you can't live without? Let’s help each other stay safe! 👇
#CryptoSecurity #Hacked
In just 10 years, hackers have drained $17B across 518 major incidents. The transition from DeFi exploits to CeFi targets in 2026 shows no one is safe without a plan.
The Reality Check:
Total Stolen: $17 Billion 💸
Total Hacks: 518 ⚔️
Biggest Lesson: Greed kills, but bad security buries you.
Stay SAFU by using 2FA (Non-SMS) and verifying every link.
What is the one security tool you can't live without? Let’s help each other stay safe! 👇
#CryptoSecurity #Hacked
الأمن السيبراني في العملات الرقمية
طرق حماية أصولك من الاختراق. حلّ تحديات تفاعلية لاكتشاف نقاط الضعف في حسابك.
#HotTrends
#Hacked
$BTC
$XRP
$USDC
طرق حماية أصولك من الاختراق. حلّ تحديات تفاعلية لاكتشاف نقاط الضعف في حسابك.
#HotTrends
#Hacked
$BTC
$XRP
$USDC
🚨 BINANCE SQUARE POST
$606,000,000 stolen in 18 days. April 2026 is already the worst month for crypto hacks since the $1.4B Bybit breach.
Two attacks. Both Lazarus Group. Both devastating:
→ $285M — Drift Protocol (April 1)
→ $292M — KelpDAO (April 18)
The KelpDAO exploit alone triggered $10B+ in Aave outflows and sent shockwaves across 20+ connected protocols.
And it's not slowing down. DeFi attack frequency is up 68% year-on-year. Smart contract audits alone are no longer enough — attackers have shifted to private keys, bridge infrastructure, and AI-driven social engineering.
😫Most retail traders only think about fees and leverage when choosing an exchange. Security should be the first filter.
What actually matters when vetting an exchange:
✅ Proof of reserves (independently verified)
✅ Cold storage ratio
✅ Track record after a breach — did they compensate users?
✅ MiCA / regulated status in your jurisdiction
✅ Insurance funds
We review every exchange on these criteria before anything else.
🔗 Full exchange rankings: https://trading365.org/reviews
Don't let the next hack be your exit from crypto.
#Hacked #StolenFunds
$606,000,000 stolen in 18 days. April 2026 is already the worst month for crypto hacks since the $1.4B Bybit breach.
Two attacks. Both Lazarus Group. Both devastating:
→ $285M — Drift Protocol (April 1)
→ $292M — KelpDAO (April 18)
The KelpDAO exploit alone triggered $10B+ in Aave outflows and sent shockwaves across 20+ connected protocols.
And it's not slowing down. DeFi attack frequency is up 68% year-on-year. Smart contract audits alone are no longer enough — attackers have shifted to private keys, bridge infrastructure, and AI-driven social engineering.
😫Most retail traders only think about fees and leverage when choosing an exchange. Security should be the first filter.
What actually matters when vetting an exchange:
✅ Proof of reserves (independently verified)
✅ Cold storage ratio
✅ Track record after a breach — did they compensate users?
✅ MiCA / regulated status in your jurisdiction
✅ Insurance funds
We review every exchange on these criteria before anything else.
🔗 Full exchange rankings: https://trading365.org/reviews
Don't let the next hack be your exit from crypto.
#Hacked #StolenFunds
DefiLlama数据显示,过去十年币圈经历了518次攻击,累计损失超过170亿美金。
这170亿基本就是行业成长的血泪学费,但这数据抛出来,市场上连个水花都没见着。现在的玩家对黑客新闻已经彻底脱敏,这种“安全审美疲劳”其实是种典型的情绪拐点。
从筹码角度看,被盗的币很大一部分成了永远找不回的黑洞,反而变相完成了强制通缩。当这种利空消息已经无法引发恐慌抛售,甚至被当成老掉牙的谈资时,说明市场底部的韧性已经磨出来了。大家现在与其担心代码漏洞,不如担心自己的钱包里还没跑出百倍狗。
这么多年了,你们给黑客贡献过“学费”吗? #Security #DeFi #Hacked $BTC $ETH
这170亿基本就是行业成长的血泪学费,但这数据抛出来,市场上连个水花都没见着。现在的玩家对黑客新闻已经彻底脱敏,这种“安全审美疲劳”其实是种典型的情绪拐点。
从筹码角度看,被盗的币很大一部分成了永远找不回的黑洞,反而变相完成了强制通缩。当这种利空消息已经无法引发恐慌抛售,甚至被当成老掉牙的谈资时,说明市场底部的韧性已经磨出来了。大家现在与其担心代码漏洞,不如担心自己的钱包里还没跑出百倍狗。
这么多年了,你们给黑客贡献过“学费”吗? #Security #DeFi #Hacked $BTC $ETH
#ScrollCoFounderXAccountHacked
Bigger Lesson for Web3 Founders
🔐 #ScrollCoFounderXAccountHacked
This incident is another wake-up call for Web3 founders and teams. As public-facing figures, their accounts carry massive influence and are prime targets for hackers. A single compromised post can lead to financial losses for followers and reputational damage for projects. Best practices like hardware-based 2FA, limited access permissions, and rapid response protocols are no longer optional. For users, the key takeaway is simple: never trust announcements blindly—even from well-known founders—without cross-checking official project channels
#Hack #HackerAlert #Hacked
Bigger Lesson for Web3 Founders
🔐 #ScrollCoFounderXAccountHacked
This incident is another wake-up call for Web3 founders and teams. As public-facing figures, their accounts carry massive influence and are prime targets for hackers. A single compromised post can lead to financial losses for followers and reputational damage for projects. Best practices like hardware-based 2FA, limited access permissions, and rapid response protocols are no longer optional. For users, the key takeaway is simple: never trust announcements blindly—even from well-known founders—without cross-checking official project channels
#Hack #HackerAlert #Hacked
🚨OKX #SLAPS BACK AT JUSTIN SUN OVER #STOLEN FUNDS FREEZE DRAMA
🔹Tron’s X account #hacked ; malicious contract posted, DMs sent.
🔹Justin Sun claims OKX ignored a law enforcement freeze notice.
🔹OKX #CEO Star Xu denies receiving any such request—even checked spam folder.
🔹Xu: “We need legal process, not personal posts or oral requests.”
🔹OKX demands proof of request, while Sun deletes key posts.
🔹Part of ongoing trend of high-profile crypto X hacks (e.g., Kaito AI, Pump.fun).
$TRX
🔹Tron’s X account #hacked ; malicious contract posted, DMs sent.
🔹Justin Sun claims OKX ignored a law enforcement freeze notice.
🔹OKX #CEO Star Xu denies receiving any such request—even checked spam folder.
🔹Xu: “We need legal process, not personal posts or oral requests.”
🔹OKX demands proof of request, while Sun deletes key posts.
🔹Part of ongoing trend of high-profile crypto X hacks (e.g., Kaito AI, Pump.fun).
$TRX
Bybit Hackers Identified – North Korean Cybercriminals Behind $1.5B Theft! 🚨
Investigations confirm that Park Jin Hyok, a North Korean computer engineer linked to the Lazarus Group, played a key role in the $1.5 billion Bybit hack. The notorious cybercrime syndicate has been responsible for some of the biggest crypto heists in history!
🔎 Key Findings:
• Blockchain analyst ZachXBT, in collaboration with Arkham Intelligence, traced stolen funds back to Lazarus-linked wallets.
• The same group was previously linked to the $70M Phemex attack in January 2025.
• Lazarus continues to exploit crypto exchanges, DeFi platforms, and bridge protocols, targeting weak security systems.
🔥 What This Means for Crypto?
With North Korean state-sponsored hackers intensifying their attacks, crypto traders and exchanges must prioritize security to prevent future breaches. Regulators are closely watching!
💡 Pro Tip: Always use hardware wallets, enable 2FA, and avoid interacting with unknown smart contracts to keep your assets safe!
#BinanceAirdropAlert
#Hacked
Investigations confirm that Park Jin Hyok, a North Korean computer engineer linked to the Lazarus Group, played a key role in the $1.5 billion Bybit hack. The notorious cybercrime syndicate has been responsible for some of the biggest crypto heists in history!
🔎 Key Findings:
• Blockchain analyst ZachXBT, in collaboration with Arkham Intelligence, traced stolen funds back to Lazarus-linked wallets.
• The same group was previously linked to the $70M Phemex attack in January 2025.
• Lazarus continues to exploit crypto exchanges, DeFi platforms, and bridge protocols, targeting weak security systems.
🔥 What This Means for Crypto?
With North Korean state-sponsored hackers intensifying their attacks, crypto traders and exchanges must prioritize security to prevent future breaches. Regulators are closely watching!
💡 Pro Tip: Always use hardware wallets, enable 2FA, and avoid interacting with unknown smart contracts to keep your assets safe!
#BinanceAirdropAlert
#Hacked
A known contact on TG reached out to me to ask for a chat. Scheduled a Zoom call. When I got on the Zoom, it asked me for camera access which I found a bit odd because I have used Zoom many times.
Even crazier, the team members had their cameras on. I could see their legit faces. Everything looked very real. But I couldn’t hear them. It said my Zoom needs an update. But it asked me to download a script file.
I immediately left. Messaged the guy on Telegram and told him to call me on TG to verify him. He then proceeded to erase all the messages and block me.
#Hacked #HackerAlert
Even crazier, the team members had their cameras on. I could see their legit faces. Everything looked very real. But I couldn’t hear them. It said my Zoom needs an update. But it asked me to download a script file.
I immediately left. Messaged the guy on Telegram and told him to call me on TG to verify him. He then proceeded to erase all the messages and block me.
#Hacked #HackerAlert
🚨 Just In: Eric Council Jr Sentenced to 14 Months For US SEC X Hack
Eric Council Jr., 26, of Athens, Alabama, has been sentenced to 14 months in federal prison for his involvement in a cybercrime conspiracy.
The case involved the hacking of the U.S. Securities and Exchange Commission’s (SEC) official X (formerly Twitter) account.
According to a statement from federal authorities, Eric Council Jr conspired with others to gain access to the US SEC’s X account by carrying out a SIM swap.
On January 9, 2024, a false post was published from the account, falsely claiming the SEC had approved Bitcoin Exchange Traded Funds (ETFs).
Bitcoin’s price rose quickly by more than $1,000 before falling after the SEC confirmed the post was not legitimate.
Eric Council Jr pleaded guilty in February 2025 to conspiracy to commit aggravated identity theft. U.S. District Judge Amy Berman Jackson sentenced him to 14 months in prison, ordered the forfeiture of $50,000, and imposed three years of supervised release.
He is prohibited from accessing the dark web or engaging in any activity involving identity fraud during the supervision period.
#SEC #Hacked #HackerAlert #US
Eric Council Jr., 26, of Athens, Alabama, has been sentenced to 14 months in federal prison for his involvement in a cybercrime conspiracy.
The case involved the hacking of the U.S. Securities and Exchange Commission’s (SEC) official X (formerly Twitter) account.
According to a statement from federal authorities, Eric Council Jr conspired with others to gain access to the US SEC’s X account by carrying out a SIM swap.
On January 9, 2024, a false post was published from the account, falsely claiming the SEC had approved Bitcoin Exchange Traded Funds (ETFs).
Bitcoin’s price rose quickly by more than $1,000 before falling after the SEC confirmed the post was not legitimate.
Eric Council Jr pleaded guilty in February 2025 to conspiracy to commit aggravated identity theft. U.S. District Judge Amy Berman Jackson sentenced him to 14 months in prison, ordered the forfeiture of $50,000, and imposed three years of supervised release.
He is prohibited from accessing the dark web or engaging in any activity involving identity fraud during the supervision period.
#SEC #Hacked #HackerAlert #US
Breaking News !
BYBIT one of the biggest crypto exchange got hacked by a hacker. 1.4 billion worth of $ETH Got stolen #Hacked #Alert🔴 #BybitWalletHack
BYBIT one of the biggest crypto exchange got hacked by a hacker. 1.4 billion worth of $ETH Got stolen #Hacked #Alert🔴 #BybitWalletHack
Басқа контенттерді шолу үшін жүйеге кіріңіз