cryptocurrency theft Archives

Tech Optimizer

November 16, 2025

TikTok malware scam tricks you with fake activation guides

Cybercriminals are exploiting TikTok to deceive users by presenting malicious downloads as free activation guides for popular software, including Windows and Microsoft 365. Security expert Xavier Mertens identified this campaign, which involves TikTok videos showcasing PowerShell commands that mislead users into executing them as administrators. These commands redirect users to a malicious website, downloading Aura Stealer malware that extracts saved passwords, cookies, and other sensitive information. This scam employs a ClickFix attack, making victims believe they are following legitimate instructions. The PowerShell command links to a remote domain, slmgr[.]win, which retrieves harmful executables hosted on Cloudflare, including updater.exe, a variant of Aura Stealer. Another file, source.exe, executes code in memory, complicating detection. To protect against these scams, users should avoid executing commands from TikTok, download software from trusted sources, keep security tools updated, use strong antivirus software, consider data removal services, reset credentials if compromised, use unique passwords, and enable multi-factor authentication.

Tech Optimizer

October 24, 2025

Why Aren’t Antivirus Programs Enough To Protect Crypto?

Cryptocurrency has introduced a decentralized approach to financial transactions, but it faces significant security challenges, including vulnerability to cyberattacks, theft, and fraud. Traditional antivirus software has limitations, such as reliance on signature-based detection, which struggles against emerging and polymorphic malware. Behavioral detection methods also have shortcomings, as stealth malware can disguise itself and conditional activation can evade detection. Fileless malware techniques and human error, such as phishing and weak password hygiene, further complicate security. To enhance security, cryptocurrency users should adopt a multi-layered strategy that includes using hardware wallets for offline storage of private keys, implementing multi-factor authentication (MFA), and utilizing dedicated anti-malware tools. Safe browsing habits and regular software patches are also essential, along with securely backing up private keys.

TrendTechie

August 16, 2025

Labubu-охота на криптопользователей, опасные торренты с фильмами и другие события кибербезопасности

- A user lost 140 ETH (approximately ,500) on August 15 due to crypto address "poisoning," resulting in a total loss of over .6 million from similar incidents within a week. - Labubu fans in Russia fell victim to a cryptocurrency theft scheme involving a counterfeit marketplace that prompted users to connect their crypto wallets. - The Efimer Trojan malware, distributed through compromised WordPress sites and torrents, has been identified as a method for stealing cryptocurrency by replacing wallet addresses in the clipboard. - Pro-Russian hackers gained control of a dam in Norway, opening discharge valves and allowing over 7.2 million liters of water to pass through before being stopped. - A cybersecurity researcher discovered a vulnerability in a car dealer's online portal that allowed remote access to customer data and vehicle control. - Tajikistan reportedly lost over million due to illegal mining activities. - BtcTurk suspended withdrawals amid suspicious transactions totaling million. - Hackers extracted million in Bitcoin from the Odin.fun platform, and KYC data leaks have led to increased attacks on crypto investors.

Tech Optimizer

April 8, 2025

Highly Dangerous New Malware Can Destroy Windows PCs, Steal Passwords And Crypto

Neptune RAT is a Remote Access Trojan that allows attackers to take control of vulnerable systems. It features a built-in crypto clipper that intercepts and modifies cryptocurrency transactions, redirecting funds from victims to hackers. The RAT can extract login credentials from over 270 applications, including web browsers like Chrome, increasing the risk of identity theft and financial loss. It can deploy ransomware to lock files and demand a ransom for their release. Neptune RAT can disable antivirus software, leaving systems vulnerable. It also enables real-time screen monitoring to spy on users, capturing sensitive information. In severe cases, it can execute a destruction option, potentially obliterating the victim's computer system.

TrendTechie

March 17, 2025

Новый вирус стал атаковать криптокошельки пользователей ПК

Cybersecurity experts from CyberArk have identified a new malware strain called MassJacker, which targets users who download unauthorized software to steal cryptocurrency. MassJacker is categorized as a "clipper" that alters clipboard data, replacing a user's cryptocurrency wallet address with a hacker's address during transactions. The attack often starts from a website posing as a free software download platform. Upon downloading, the Amadey virus first infiltrates the computer, followed by MassJacker, which disguises itself as a legitimate Windows process and uses encryption and command spoofing to avoid detection. Research shows that cybercriminals have created over 778,000 wallets for cryptocurrency theft, with 423 wallets accumulating approximately ,000, leading to potential total losses of around ,000. MassJacker shares similarities with another malware variant, MassLogger, but the identities of the attackers remain unknown.

AppWizard

October 1, 2024

Android users, delete this ‘dangerous’ crypto app from your phones – Times of India

A cybersecurity firm identified a malicious application called WalletConnect – Airdrop Wallet in the Google Play Store, designed to steal cryptocurrency from users. The app evaded detection for over five months after its introduction in March 2024, targeting Android users and employing evasion techniques to appear legitimate. It exploited the credibility of the WalletConnect protocol and siphoned approximately ,000 (around 58.6 lakh) in cryptocurrency from victims. The app achieved over 10,000 downloads by using fake positive reviews and advanced crypto drainer toolkits to manipulate search rankings. Users were misled into connecting their wallets and directed to phishing sites, resulting in unauthorized transactions. Despite some negative reviews, the developers countered with fake positive feedback to maintain the app's appearance of legitimacy.