Ledger CTO Warns Of Crypto Clipper Malware Following Major NPM Breach
A significant supply chain attack has raised alarms within the cryptocurrency community, especially after the Node Package Manager (NPM) account of developer Qix was compromised. Charles Guilletment, the Chief Technology Officer of Ledger, a hardware wallet provider, issued a stark warning to crypto investors in a recent post on social media platform X (formerly Twitter). […]
Related News
For four days last week Yahoo's European servers were the equivalent of a cyber Typhoid Mary, spreading disease to anyone who came near. Yahoo was the victim of a major security breach, which caused its servers to send out millions of malware-laden ads to an estimated two million European users. Suspicions were first raised by Dutch security outfit Fox IT, which estimated that Yahoo's servers were responsible for 27,000 malware infections every hour the malware was live on Yahoo's website. Yahoo confirmed the embarrassing attack in a statement: "From December 31 to January 3 on our....
After a major leak of email and personal information earlier this year, Ledger customers are experiencing a surge in phishing attempts. Phishing attempts and scams against Ledger wallet owners are on the increase with one such scam netting more than 1,150,000 XRP from its victims. The scam used a phishing email that directed users to a fake version of the Ledger website that substituted a homoglyph in the URL — in this case a letter that looked like the letter ‘e’ but wasn’t. On the fake site, victims were fooled into downloading malware posing as a security update which drained the....
In an article published on MIT Technology Review, legendary cryptography expert Bruce Schneier warns that antivirus companies have tracked for years a recently uncovered, very powerful and sophisticated malware, but chose not to disclose their findings. Why? Because there are indications that the malware is developed and operated by a government - the United States government. Schneier is an American cryptographer, computer security and privacy specialist, and writer. He is the author of several books on general security topics, computer security and cryptography. One of the most....
It seems the review was already in process before the attack ever occured. Popular hardware wallet company Ledger recently announced that they had passed a notable security evaluation, known as SOC 2 Type 1. This certification came following a significant data breach the company suffered in June. Ledger did not, however, decide to conduct its security audit because of the breach, according to comments from a Ledger representative. "Ledger is always seeking to raise the security standards and has been working on getting the attestation prior to the data breach," the representative told....
Security firm Kaspersky Lab has found that bitcoin is the target in more than one fifth of all malware attacks aimed at victims' money. According to Kaspersky's latest threat report, entitled 'IT Threat Evolution Q2 2014', bitcoin mining malware accounted for 14% of attacks in the second quarter of 2014, while bitcoin wallet stealers accounted for 8%. Keyloggers, which can be used to compromise both bitcoin and banking services, also made the list, with 4% of all attacks attributed to various forms of key logging malware. Traditional banking malware still leads the way with 74%, but....