#cryptocurrency
16 articles
The cryptocurrency and decentralized finance sectors faced significant pressure between April 12 and May 1, 2026, with 20 articles documenting a high-severity threat landscape. Lazarus Group, BlueNoroff, and FakeWallet were observed targeting global operations, particularly affecting regions including the United States, Europe, North America, and Asia. The campaign leveraged CVE-2023-4863, with a severity mix of one medium, fifteen high, and four critical incidents impacting financial services and DeFi platforms.
CRITICALNorth Korea Laundered 76% of All Stolen Crypto in 2026
North Korean hackers laundered 76% of all stolen cryptocurrency in 2026 — $2.3 billion — per Chainalysis.
HIGHBlueNoroff Fakes Zoom Calls to Lure Crypto Execs
BlueNoroff uses stolen video, AI avatars, and fake Zoom invites to turn crypto executives into attack lures.
MEDIUMCrypto Launderer Gets 5 Years for $260M Cyber Theft Role
A California man received a 63-month prison sentence for laundering cryptocurrency stolen by a cybercriminal ring that defrauded victims of approximately $260 million.
HIGH26 Fake Crypto Wallet Apps on Apple App Store Steal Seed Phrases
Kaspersky found 26 malicious apps on the Apple App Store since fall 2025 that impersonate wallets like MetaMask and Coinbase to steal recovery phrases and private keys via…
HIGHNorth Korean Hackers Steal $12 Million in Crypto via Trojanized
North Korean hackers siphoned over $12 million from crypto users in Q1 2026 using trojanized trading apps like CoinStats and TradingView AI Agent to steal recovery phrases and…
HIGHNorth Korean Fake Job Scams Spread Malware via 'Contagious Interview'
North Korean operatives use a 'contagious interview' tactic, where a compromised developer's GitHub repo spreads RATs to other job seekers.
HIGHMalicious Crypto Apps Hijack Recovery Phrases from Apple App Store
Apple removed 45 malicious cryptocurrency apps from its App Store after they stole recovery phrases and private keys from users, mimicking legitimate wallets like MetaMask and Coinbase.
HIGHBritish National Pleads Guilty to SIM Swapping, SMS Phishing for Crypto Theft
Tyler Robert Buchanan admitted to a U.S. conspiracy that stole over $1 million in cryptocurrency via SMS phishing, corporate network intrusions, and SIM swapping attacks targeting victims nationwide.
HIGHFakeWallet Crypto Stealer Infects iOS Devices via Apple App Store
Kaspersky discovered 22 malicious iOS apps on the official App Store impersonating crypto wallets like MetaMask and Coinbase, stealing seed phrases and private keys from over 1,000 victims.
CRITICALLazarus Group Steals $290 Million in KelpDAO Cross-Chain Bridge Attack
North Korea's Lazarus Group exploited a smart contract flaw to steal $290 million from the KelpDAO cross-chain bridge, marking one of the largest DeFi heists of 2026 and highlighting persistent risks in cross-chain infrastructure.
HIGHUNC1069 Targets Crypto Professionals with Fake Zoom and Teams Meetings
North Korean threat actor UNC1069 lures Web3 professionals with fake Zoom and Microsoft Teams meetings to deploy malware that steals cryptocurrency, according to new research.
HIGHOmnistealer Malware Harvests Passwords, Crypto Wallets via Blockchain C2
Omnistealer malware, detailed by Malwarebytes, steals credentials from 1Password, Bitwarden, NordPass, and Exodus crypto wallets, using the Solana blockchain for stealthy command-and-control communication.
HIGHFake Ledger Live App on Apple App Store Steals $9.5M in Cryptocurrency
A malicious Ledger Live app distributed via Apple's official App Store for macOS stole approximately $9.5 million from 50 victims by harvesting recovery phrases.
HIGHKraken Faces Extortion After Insider Breach Exposed Bug Bounty Flaw
Kraken's security team discovered an insider breach where a researcher exploited a zero-day flaw to steal $3 million in crypto, then demanded a bug bounty payment.
CRITICALCritical Android SDK Flaw Exposed Millions of Crypto Wallet Private Keys
A vulnerability in the EngageLab Push SDK, tracked as CVE-2023-4863, allowed attackers to steal private keys from millions of Android cryptocurrency wallets by intercepting push notifications.
HIGHInternational Operation Disrupts SIM Swap & BEC Schemes, Recovers $45M
A joint US, UK, and Canadian law enforcement operation disrupted multi-million dollar crypto theft schemes using SIM swapping and BEC, identifying over $45M in stolen assets and freezing $12M.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.