hack
925,911 views
473 Discussing
Hot
Latest
🚨 JUST IN: Trust Wallet HACK CONFIRMED 🔐💥
Binance founder #CZ has confirmed that Trust Wallet was hacked, resulting in approximately $7 million stolen from users.
Here’s what we know 👇
• 💰 ~$7M lost in the exploit
• 🛡️ Trust Wallet says it will fully reimburse all affected users
• 🤝 A rare moment of clear accountability in crypto
This response matters. Too often, hacks end with silence or blame-shifting. Covering losses sends a strong signal — but it also raises a bigger question 👀
⚠️ If a leading self-custody wallet can be compromised, how safe are hot wallets really?
🔍 Key takeaway:
Self-custody ≠ risk-free.
Security still depends on code quality, audits, and user behavior.
✅ Accountability helps restore confidence
❌ But it doesn’t eliminate systemic wallet risks
The real lesson?
Diversify storage, use hardware wallets for large funds, and never assume “trusted” means “unbreakable.” 🔒
What do you think — does this restore trust, or expose deeper cracks in wallet security? 💭👇
$BTC
$ETH
#TrustWallet #hack #crypto
Binance founder #CZ has confirmed that Trust Wallet was hacked, resulting in approximately $7 million stolen from users.
Here’s what we know 👇
• 💰 ~$7M lost in the exploit
• 🛡️ Trust Wallet says it will fully reimburse all affected users
• 🤝 A rare moment of clear accountability in crypto
This response matters. Too often, hacks end with silence or blame-shifting. Covering losses sends a strong signal — but it also raises a bigger question 👀
⚠️ If a leading self-custody wallet can be compromised, how safe are hot wallets really?
🔍 Key takeaway:
Self-custody ≠ risk-free.
Security still depends on code quality, audits, and user behavior.
✅ Accountability helps restore confidence
❌ But it doesn’t eliminate systemic wallet risks
The real lesson?
Diversify storage, use hardware wallets for large funds, and never assume “trusted” means “unbreakable.” 🔒
What do you think — does this restore trust, or expose deeper cracks in wallet security? 💭👇
$BTC
$ETH
#TrustWallet #hack #crypto
Polymarket HACKED! User Funds WIPED OUT 🚨
Entry: 0.15 🟩
Target 1: 0.20 🎯
Stop Loss: 0.12 🛑
Web2 login vulnerability exploited. NOT a smart contract hack. Funds were drained through third-party authentication. The exploit is patched, but damage is done. Users lost everything without clicking scam links or revealing emails. Your Web3 assets are only as secure as your Web2 onboarding. Centralized login equals centralized risk. Do not wait. Secure your assets NOW.
Disclaimer: This is not financial advice.
#crypto #hack #security #FOMO #blockchain 💥
Entry: 0.15 🟩
Target 1: 0.20 🎯
Stop Loss: 0.12 🛑
Web2 login vulnerability exploited. NOT a smart contract hack. Funds were drained through third-party authentication. The exploit is patched, but damage is done. Users lost everything without clicking scam links or revealing emails. Your Web3 assets are only as secure as your Web2 onboarding. Centralized login equals centralized risk. Do not wait. Secure your assets NOW.
Disclaimer: This is not financial advice.
#crypto #hack #security #FOMO #blockchain 💥
🔐 TRUST WALLET HACK — CZ CONFIRMS
🚨 $7M stolen in a major security breach.
✅ Trust Wallet’s response:
· Will fully reimburse affected users
· Taking accountability publicly
· Rare move in the crypto space
💭 Key questions remain:
· Does this restore trust?
· Or highlight deeper security risks for hot wallets?
🛡️ Takeaway:
Transparency matters.Reimbursement is a strong step — but self-custody and cold wallets remain the gold standard.
💬 What’s your take?
Does this change how you store your crypto?
#TrustWallet #CZ #Binance #CryptoNews #Hack
$BIFI
$STO
$NEWT
🚨 $7M stolen in a major security breach.
✅ Trust Wallet’s response:
· Will fully reimburse affected users
· Taking accountability publicly
· Rare move in the crypto space
💭 Key questions remain:
· Does this restore trust?
· Or highlight deeper security risks for hot wallets?
🛡️ Takeaway:
Transparency matters.Reimbursement is a strong step — but self-custody and cold wallets remain the gold standard.
💬 What’s your take?
Does this change how you store your crypto?
#TrustWallet #CZ #Binance #CryptoNews #Hack
$BIFI
$STO
$NEWT
Trust Wallet Chrome Extension Hack Triggers $7M Losses
Trust Wallet users lost more than $7 million after the extension meant for Google's Chrome browser was hacked to install a false software update. The problem was identified on the 25th of December when on-chain sleuth ZachXBT discovered the draining of trust wallet funds after the issuance of a software update for the extension.
The Trust Wallet team has also recently confirmed that there was an issue and said, "The incident was limited to Chrome extension version 2.68. In consideration of your safety, we urge you to refrain from using version 2.68 and instead install version 2.69. Mobile and other browser users are unaffected by the issue".
However, Changpeng Zhao, Binance Co-Founder and parent company of Trust Wallet, was quick to reassure users that they would all be reimbursed. As for now, they are still trying to determine the cause of having such an exploit occur. But it is likely that these attacks occurred right as the update was released.
This episode has brought to light the emerging risk for web browser cryptocurrency wallets, even as cryptocurrency theft is on the rise worldwide. It is recommended to update web browser extensions, verify news about X, and refrain from using cryptocurrency wallets during surprise updates and notifications.
#TrustWallet #Hack
Trust Wallet users lost more than $7 million after the extension meant for Google's Chrome browser was hacked to install a false software update. The problem was identified on the 25th of December when on-chain sleuth ZachXBT discovered the draining of trust wallet funds after the issuance of a software update for the extension.
The Trust Wallet team has also recently confirmed that there was an issue and said, "The incident was limited to Chrome extension version 2.68. In consideration of your safety, we urge you to refrain from using version 2.68 and instead install version 2.69. Mobile and other browser users are unaffected by the issue".
However, Changpeng Zhao, Binance Co-Founder and parent company of Trust Wallet, was quick to reassure users that they would all be reimbursed. As for now, they are still trying to determine the cause of having such an exploit occur. But it is likely that these attacks occurred right as the update was released.
This episode has brought to light the emerging risk for web browser cryptocurrency wallets, even as cryptocurrency theft is on the rise worldwide. It is recommended to update web browser extensions, verify news about X, and refrain from using cryptocurrency wallets during surprise updates and notifications.
#TrustWallet #Hack
$BTC Trust Wallet Exploited, $6.77M Stolen 🚨💥
Trust Wallet has been exploited, impacting hundreds of users, with over $6.77M in assets stolen so far according to on-chain tracking.
The attacker has already consolidated and begun moving funds rapidly.
Approximately $4.25M has been routed through multiple services, including ChangeNOW, FixedFloat, KuCoin, and HTX.
This dispersion pattern suggests active laundering attempts to obfuscate fund trails.
The hacker wallet currently still holds a diversified portfolio, including BTC, ETH, BNB, and stablecoins, with total tracked assets exceeding $2.5M, indicating not all stolen funds have been offloaded yet.
In response, CZ has publicly stated that Trust Wallet will fully cover all user losses, aiming to contain fallout and restore confidence.
Will further stolen funds be frozen as they move — or has the attacker already slipped past recovery routes? 🛑⚡️
#TrustWallet #Hack #OnChain $TWT
Trust Wallet has been exploited, impacting hundreds of users, with over $6.77M in assets stolen so far according to on-chain tracking.
The attacker has already consolidated and begun moving funds rapidly.
Approximately $4.25M has been routed through multiple services, including ChangeNOW, FixedFloat, KuCoin, and HTX.
This dispersion pattern suggests active laundering attempts to obfuscate fund trails.
The hacker wallet currently still holds a diversified portfolio, including BTC, ETH, BNB, and stablecoins, with total tracked assets exceeding $2.5M, indicating not all stolen funds have been offloaded yet.
In response, CZ has publicly stated that Trust Wallet will fully cover all user losses, aiming to contain fallout and restore confidence.
Will further stolen funds be frozen as they move — or has the attacker already slipped past recovery routes? 🛑⚡️
#TrustWallet #Hack #OnChain $TWT
🚨 Update on Trust Wallet Incident 🚥🔴
CZ confirmed that ~$7M was affected by the recent Trust Wallet browser extension issue.
✅ Trust Wallet will fully cover the loss
🔒 User funds are SAFU
🛠️ Issue linked to Browser Extension v2.68 — users are advised to disable and upgrade to v2.69 immediately
$TWT $RIVER $LIGHT
This is how security incidents should be handled in crypto.
#TrustWallet #TWT #Hack #CZ #SAFU🙏
CZ confirmed that ~$7M was affected by the recent Trust Wallet browser extension issue.
✅ Trust Wallet will fully cover the loss
🔒 User funds are SAFU
🛠️ Issue linked to Browser Extension v2.68 — users are advised to disable and upgrade to v2.69 immediately
$TWT $RIVER $LIGHT
This is how security incidents should be handled in crypto.
#TrustWallet #TWT #Hack #CZ #SAFU🙏
TRUST WALLET HACKED! $6M GONE!
URGENT SECURITY ALERT. Trust Wallet browser extension version 2.68 compromised. Hundreds of users hit. At least $6 million lost. DO NOT DELAY. Disable version 2.68 IMMEDIATELY. Upgrade to version 2.69 NOW via the official Chrome Web Store. Your funds are at risk. Act fast.
Disclaimer: This is not financial advice.
$TWT #CryptoNews #SecurityAlert #Hack 🚨
URGENT SECURITY ALERT. Trust Wallet browser extension version 2.68 compromised. Hundreds of users hit. At least $6 million lost. DO NOT DELAY. Disable version 2.68 IMMEDIATELY. Upgrade to version 2.69 NOW via the official Chrome Web Store. Your funds are at risk. Act fast.
Disclaimer: This is not financial advice.
$TWT #CryptoNews #SecurityAlert #Hack 🚨
See original
⚡⚡⚡ ATTENTION: The Trust Wallet browser extension has been HACKED! ⚠️
On December 25–26, hackers injected malicious code into the Trust Wallet Chrome extension version 2.68 — already ~$7 million stolen from hundreds of users ( BTC , ETH , SOL and others).
What is important to know:
ONLY the browser extension (Chrome) version 2.68 is affected
The mobile app and other versions are safe
Trust Wallet confirmed the incident and released a fix — version 2.69
CZ promised: all losses will be fully compensated (SAFU!)
Urgently, if you have the extension:
DO NOT open Trust Wallet in the browser!
Disable the extension
Update to 2.69 only from the official Chrome Store
If money has been lost — contact support, they will compensate
Take care of your wallets, especially browser ones — the risks are always higher! 🔒
$TWT
#TrustWallet #Hack #CryptoSecurity #Bitcoin
On December 25–26, hackers injected malicious code into the Trust Wallet Chrome extension version 2.68 — already ~$7 million stolen from hundreds of users ( BTC , ETH , SOL and others).
What is important to know:
ONLY the browser extension (Chrome) version 2.68 is affected
The mobile app and other versions are safe
Trust Wallet confirmed the incident and released a fix — version 2.69
CZ promised: all losses will be fully compensated (SAFU!)
Urgently, if you have the extension:
DO NOT open Trust Wallet in the browser!
Disable the extension
Update to 2.69 only from the official Chrome Store
If money has been lost — contact support, they will compensate
Take care of your wallets, especially browser ones — the risks are always higher! 🔒
$TWT
#TrustWallet #Hack #CryptoSecurity #Bitcoin
See original
About $7 million affected by #hacking #TrustWallet , and the company has promised to cover user losses.
The total estimated losses are around $7 million (some early reports mention $6 million to $6.77 million, but CZ confirmed around
$7 million).
Changpeng Zhao (CZ, founder of Binance and owner of Trust Wallet) directly stated that Trust Wallet will fully cover all user losses.
#cuanbitcoin #cz #hack
The total estimated losses are around $7 million (some early reports mention $6 million to $6.77 million, but CZ confirmed around
$7 million).
Changpeng Zhao (CZ, founder of Binance and owner of Trust Wallet) directly stated that Trust Wallet will fully cover all user losses.
#cuanbitcoin #cz #hack
See original
🚨 TRUST WALLET HIT BY MYSTERIOUS HACK: OVER 6 MILLION STOLEN 🚨
Hundreds of Trust Wallet users suffered a severe attack on December 24: over 6 million dollars in crypto (ETH, BTC, SOL, and EVM tokens) were drained from compromised wallets.
The incident, reported by analyst ZachXBT, involved version 2.68 of the Chrome browser extension, updated that day, which contained malicious code to steal seed phrases and transfer funds.
The stolen funds, estimated between 6 and 7 million, have been partially laundered: 4 million sent to centralized exchanges like 3.3 million on ChangeNOW, 447,000 on KuCoin, and 340,000 on FixedFloat; about 2.8 million remain in the hacker's wallet.
A supply chain attack is suspected, with malicious scripts (e.g., 4482.js) sending data to a phishing site like metrics-trustwallet.com, registered shortly before.
Trust Wallet was slow to respond, only communicating on December 26, while users were losing funds for over 30 hours.
Changpeng Zhao (CZ), owner via Binance, reassured: "The funds are SAFU, Trust will cover all losses."
The mobile extension and other versions were not affected; users are urged to uninstall v2.68 and update to v2.69.
This incident highlights the risks of browser extensions and unverified updates, prompting greater vigilance in an ecosystem with 220 million accounts.
#BREAKING #alert #Hack #TrustWallet
Hundreds of Trust Wallet users suffered a severe attack on December 24: over 6 million dollars in crypto (ETH, BTC, SOL, and EVM tokens) were drained from compromised wallets.
The incident, reported by analyst ZachXBT, involved version 2.68 of the Chrome browser extension, updated that day, which contained malicious code to steal seed phrases and transfer funds.
The stolen funds, estimated between 6 and 7 million, have been partially laundered: 4 million sent to centralized exchanges like 3.3 million on ChangeNOW, 447,000 on KuCoin, and 340,000 on FixedFloat; about 2.8 million remain in the hacker's wallet.
A supply chain attack is suspected, with malicious scripts (e.g., 4482.js) sending data to a phishing site like metrics-trustwallet.com, registered shortly before.
Trust Wallet was slow to respond, only communicating on December 26, while users were losing funds for over 30 hours.
Changpeng Zhao (CZ), owner via Binance, reassured: "The funds are SAFU, Trust will cover all losses."
The mobile extension and other versions were not affected; users are urged to uninstall v2.68 and update to v2.69.
This incident highlights the risks of browser extensions and unverified updates, prompting greater vigilance in an ecosystem with 220 million accounts.
#BREAKING #alert #Hack #TrustWallet
See original
🚨🚨HACK ALERT🚨🚨
THE TRUST WALLET CHROME EXTENSION HAS BEEN HACKED.
IF YOU HAVE IT, OR HAVE EVER IMPORTED YOUR SEED INTO IT,
WITHDRAW ALL YOUR FUNDS IMMEDIATELY!!
Better safe than sorry.
#USCryptoStakingTaxReview
#USCryptoStakingTaxReview
#BinanceSquareFamily
#Hack
THE TRUST WALLET CHROME EXTENSION HAS BEEN HACKED.
IF YOU HAVE IT, OR HAVE EVER IMPORTED YOUR SEED INTO IT,
WITHDRAW ALL YOUR FUNDS IMMEDIATELY!!
Better safe than sorry.
#USCryptoStakingTaxReview
#USCryptoStakingTaxReview
#BinanceSquareFamily
#Hack
B
SKYAIUSDT
Perp
Closed
PNL
+0.02USDT
🚨 A $50,000,000 Mistake: The Silent On-Chain Scam Every Crypto User Must Understand
A crypto whale just lost nearly $50 million in a highly sophisticated address poisoning attack — and the most alarming part?
There was no hack, no smart-contract bug, no private key leak.
This was purely a human-behavior exploit.
Here’s what happened 👇
The victim followed what many consider a safe habit:
First, a small test transfer of $USDT to confirm the destination address.
That single action triggered the trap.
Within minutes, automated bots detected the transaction and generated a look-alike wallet address, matching the same starting and ending characters. The attacker then sent a tiny “dust” transaction from this fake address to pollute the victim’s transaction history.
Later, when the victim copied the address from history (instead of a trusted source), they unknowingly sent 49,999,950 USDT straight to the attacker.
💥 Gone in one transaction.
The stolen funds were quickly:
Swapped into $ETH
Split across multiple wallets
Partially routed through mixers to obscure the trail
Recovery chances? Extremely low.
Why this scam is so dangerous
No technical exploit involved
Targets common user habits
Relies on visual similarity & convenience
Bots run 24/7, waiting patiently for one mistake
Even experienced users are vulnerable.
How to protect yourself
❌ Never copy addresses from transaction history
✅ Verify the entire address, not just first & last characters
✅ Use address whitelisting whenever possible
🚩 Treat dust transactions as warnings, not confirmations
Crypto doesn’t forgive small mistakes.
One careless click can cost a lifetime of gains.
Stay sharp. Stay paranoid. That’s real security in this market.
#Hack #scam #StayAlert $BTC #ETH #USDT
A crypto whale just lost nearly $50 million in a highly sophisticated address poisoning attack — and the most alarming part?
There was no hack, no smart-contract bug, no private key leak.
This was purely a human-behavior exploit.
Here’s what happened 👇
The victim followed what many consider a safe habit:
First, a small test transfer of $USDT to confirm the destination address.
That single action triggered the trap.
Within minutes, automated bots detected the transaction and generated a look-alike wallet address, matching the same starting and ending characters. The attacker then sent a tiny “dust” transaction from this fake address to pollute the victim’s transaction history.
Later, when the victim copied the address from history (instead of a trusted source), they unknowingly sent 49,999,950 USDT straight to the attacker.
💥 Gone in one transaction.
The stolen funds were quickly:
Swapped into $ETH
Split across multiple wallets
Partially routed through mixers to obscure the trail
Recovery chances? Extremely low.
Why this scam is so dangerous
No technical exploit involved
Targets common user habits
Relies on visual similarity & convenience
Bots run 24/7, waiting patiently for one mistake
Even experienced users are vulnerable.
How to protect yourself
❌ Never copy addresses from transaction history
✅ Verify the entire address, not just first & last characters
✅ Use address whitelisting whenever possible
🚩 Treat dust transactions as warnings, not confirmations
Crypto doesn’t forgive small mistakes.
One careless click can cost a lifetime of gains.
Stay sharp. Stay paranoid. That’s real security in this market.
#Hack #scam #StayAlert $BTC #ETH #USDT
🚨 ALERT: North Korean Hackers Stole Record $2B in Crypto in 2025
💥 Just In: According to a new report from Chain analysis , North Korean state-backed hackers stole a record-breaking $2 billion worth of cryptocurrency in 2025.
🔐 Why This Matters to Every Trader & Holder:
· This marks a massive increase in scale and sophistication of attacks
· Highlights the urgent need for strong security (2FA, cold storage, smart contract audits)
· Could prompt tighter global regulations and exchange security measures
· Reminder that crypto’s growth attracts not just investors — but predators
⚠️ Stay Safe — Protect Your Assets:
✅Use hardware wallets for large holdings
✅ Enable multi-factor authentication (MFA) everywhere
✅ Avoid clicking suspicious links or approving unknown contracts
✅ Keep software & wallets updated
🌐 The Bigger Picture:
While thefts are alarming,they also push the industry toward better security infrastructure, insurance solutions, and regulatory clarity. Security is not optional — it's essential.
🛡️ Final Thought:
Crypto is aboutself-sovereignty — and with that comes responsibility. Stay informed, stay secure, and stay vigilant.
#CryptoNews #CyberSecurity #NorthKorea #Hack #Blockchain
$AKE
$AERGO
$RIVER
💥 Just In: According to a new report from Chain analysis , North Korean state-backed hackers stole a record-breaking $2 billion worth of cryptocurrency in 2025.
🔐 Why This Matters to Every Trader & Holder:
· This marks a massive increase in scale and sophistication of attacks
· Highlights the urgent need for strong security (2FA, cold storage, smart contract audits)
· Could prompt tighter global regulations and exchange security measures
· Reminder that crypto’s growth attracts not just investors — but predators
⚠️ Stay Safe — Protect Your Assets:
✅Use hardware wallets for large holdings
✅ Enable multi-factor authentication (MFA) everywhere
✅ Avoid clicking suspicious links or approving unknown contracts
✅ Keep software & wallets updated
🌐 The Bigger Picture:
While thefts are alarming,they also push the industry toward better security infrastructure, insurance solutions, and regulatory clarity. Security is not optional — it's essential.
🛡️ Final Thought:
Crypto is aboutself-sovereignty — and with that comes responsibility. Stay informed, stay secure, and stay vigilant.
#CryptoNews #CyberSecurity #NorthKorea #Hack #Blockchain
$AKE
$AERGO
$RIVER
See original
⚠️Yearn Finance was hacked
According to PeckShield, the V1 version of the DeFi protocol Yearn Finance was attacked, causing damages of approximately 300,000 USD. The attacker then converted the entire amount stolen into 103 ETH and withdrew from the protocol.
Notably, this is not the first incident. Just a few weeks ago, Yearn.finance also suffered another attack causing damages of up to 9 million USD, raising concerns about the safety of the V1 version as well as the security risks that still exist even with long-established DeFi protocols.
#Hack #defi
According to PeckShield, the V1 version of the DeFi protocol Yearn Finance was attacked, causing damages of approximately 300,000 USD. The attacker then converted the entire amount stolen into 103 ETH and withdrew from the protocol.
Notably, this is not the first incident. Just a few weeks ago, Yearn.finance also suffered another attack causing damages of up to 9 million USD, raising concerns about the safety of the V1 version as well as the security risks that still exist even with long-established DeFi protocols.
#Hack #defi
See original
🍔 McDonald's Memecoin Hack: Cyber Thieves Steal Around $700,000 in Solana
In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.
💀 The Grimace Memecoin Scam 👾
Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.
📊 Pump & Dump
The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.
💸 The Payout
In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."
⚠️ Aftermath
The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.
#scam #hack #Solana $SOL #RiskManagement
In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.
💀 The Grimace Memecoin Scam 👾
Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.
📊 Pump & Dump
The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.
💸 The Payout
In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."
⚠️ Aftermath
The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.
#scam #hack #Solana $SOL #RiskManagement
North Korean Hackers Target Crypto with Nim-Based Malware Disguised as Zoom Updates
🔹 Fake Zoom meeting invites and update links deceive Web3 teams
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🔥 Scammers on the Rise: How the Meme Coin Boom on Solana Unlocked New Ways to Steal Millions 💸
🌐 The Crypto Market in Shock!
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
Breaking News: Bybit Exchange Hacked
On February 21, 2025. Bybit Exchange, a prominent cryptocurrency exchange, experienced a significant security breach resulting in the unauthorized transfer of approximately $1.46 billion worth of assets. The incident involved the compromise of Bybit's Ethereum (ETH) cold wallet, leading to the loss of 401,346 ETH (approximately $1.1 billion) and various staked Ether (stETH) tokens. The perpetrator has been liquidating these assets on decentralized exchanges.
Bybit's CEO, Ben Zhou, confirmed the breach, explaining that a planned transfer was manipulated, allowing the attacker to gain control over the specific ETH cold wallet. Zhou assured users that all other cold wallets remain secure and that withdrawals are functioning normally.
This event marks one of the largest cryptocurrency hacks to date, surpassing previous incidents such as the Mt. Gox hack ($470 million), the CoinCheck hack in 2018 ($530 million), and the Ronin Bridge exploit ($650 million).
In response to the breach, major cryptocurrencies experienced price declines. Ethereum's price fell nearly 3% to approximately $2,727, while Bitcoin dipped by nearly 1% to around $98,091.
Users are advised to monitor their accounts closely and exercise caution with their assets during this period.
#BybitSecurityBreach #CryptocurrencyWealth #cryptouniverseofficial #Hack #bybit
Bybit's CEO, Ben Zhou, confirmed the breach, explaining that a planned transfer was manipulated, allowing the attacker to gain control over the specific ETH cold wallet. Zhou assured users that all other cold wallets remain secure and that withdrawals are functioning normally.
This event marks one of the largest cryptocurrency hacks to date, surpassing previous incidents such as the Mt. Gox hack ($470 million), the CoinCheck hack in 2018 ($530 million), and the Ronin Bridge exploit ($650 million).
In response to the breach, major cryptocurrencies experienced price declines. Ethereum's price fell nearly 3% to approximately $2,727, while Bitcoin dipped by nearly 1% to around $98,091.
Users are advised to monitor their accounts closely and exercise caution with their assets during this period.
#BybitSecurityBreach #CryptocurrencyWealth #cryptouniverseofficial #Hack #bybit
Login to explore more contents