hack
941,106 views
536 Discussing
Hot
Latest
🚀 BINANCE STRATEGY 2026: Get on the Trend!
1. 💎 The "Hack" of BNB
Not just hold. Keep your $BNB in Simple Earn.
Why? It gives you automatic access to Launchpools and HODLer Airdrops. You are receiving the new AI and Gaming tokens before anyone else and at no additional cost.
2. 🤖 AI and Privacy (The real narrative)
Capital is moving from the "old" coins to Decentralized AI (like ZAMA).
Tip: Go to the "Zones" section in Binance and look for AI or FHE. That's where the strong volume is this quarter.
3. 📉 Zero Stress with Automatic Investment
Is Bitcoin at $78,000 scaring you? Use the Automatic Investment Bot (DCA).
Set up daily or weekly purchases. This way you average your entry price and eliminate the emotional factor of buying "high".
4. 🛡️ Capital Protection
Volatile market = Danger in Futures.
Golden rule: Never trade without Stop Loss. If the market turns, a 2% loss is a lesson; a liquidated account is a mistake.
🔥 TOP WATCHLIST FEBRUARY:
$BNB : To farm airdrops.
$SOL : The king of memecoins and quick volume.
$BTC : Consolidating its way to new highs.
#BitcoinDropMarketImpact #EstratégiaCrypto #Hack
1. 💎 The "Hack" of BNB
Not just hold. Keep your $BNB in Simple Earn.
Why? It gives you automatic access to Launchpools and HODLer Airdrops. You are receiving the new AI and Gaming tokens before anyone else and at no additional cost.
2. 🤖 AI and Privacy (The real narrative)
Capital is moving from the "old" coins to Decentralized AI (like ZAMA).
Tip: Go to the "Zones" section in Binance and look for AI or FHE. That's where the strong volume is this quarter.
3. 📉 Zero Stress with Automatic Investment
Is Bitcoin at $78,000 scaring you? Use the Automatic Investment Bot (DCA).
Set up daily or weekly purchases. This way you average your entry price and eliminate the emotional factor of buying "high".
4. 🛡️ Capital Protection
Volatile market = Danger in Futures.
Golden rule: Never trade without Stop Loss. If the market turns, a 2% loss is a lesson; a liquidated account is a mistake.
🔥 TOP WATCHLIST FEBRUARY:
$BNB : To farm airdrops.
$SOL : The king of memecoins and quick volume.
$BTC : Consolidating its way to new highs.
#BitcoinDropMarketImpact #EstratégiaCrypto #Hack
CrossCurve HACKED! $3M GONE!
Warning: Halt all CrossCurve interactions NOW.
Critical vulnerability exploited. Funds drained.
Hackers used fake cross-chain messages.
Gateway authentication bypassed.
PortalV2 contract emptied.
10 hacker wallets identified.
CrossCurve offers 10% bounty for return.
72-hour ultimatum issued. Legal action threatened.
Curve Finance advises caution on Eywa pools.
This is the second major hack in weeks.
Bridges remain prime targets.
This is for informational purposes only.
#crosschain #defi #hack 🚨
Warning: Halt all CrossCurve interactions NOW.
Critical vulnerability exploited. Funds drained.
Hackers used fake cross-chain messages.
Gateway authentication bypassed.
PortalV2 contract emptied.
10 hacker wallets identified.
CrossCurve offers 10% bounty for return.
72-hour ultimatum issued. Legal action threatened.
Curve Finance advises caution on Eywa pools.
This is the second major hack in weeks.
Bridges remain prime targets.
This is for informational purposes only.
#crosschain #defi #hack 🚨
🔥🦅 THE PHOENIX OF ETHEREUM ⚡️ THE DAO RESURGES WITH US💲 220 MILLION❗ 🚀🛡️
😱 Almost ten years after the historic hack of 2016 that split the network, the name that nearly destroyed Ethereum is back. But this time, not as a vulnerability, but as a Security Fund of $220 million. 🧵👇
🧨 1. From "Hack" to Security Treasury
Do you remember the hard fork that created Ethereum Classic ❓ That's right, about 75.109 $ETH (equivalent to ~US$ 220M) were "forgotten" or unclaimed in legacy contracts from that event.
The Big Idea ⥱ Instead of leaving these funds idle, pioneers like Griff Green and the Ethereum Foundation are reviving The DAO as a permanent security endowment.
📊 2. The "One Trillion Dollar Security" Plan
The goal is not just to audit code, but to protect YOU, the end user
Permanent Staking ⥱ ~69.420 $ETH will be staked to generate an annual yield of $8 million, which will fund ongoing audits and security research.
User Focus ⥱ The fund will heavily invest in combating phishing, wallet recovery mechanisms, and withdrawal limits to prevent hackers from draining entire accounts. 🕵️♂️🔒
📈 3. Who's in Command ❓
This is not an amateur project. The board of curators includes heavyweights like Vitalik Buterin, experts from MetaMask and ENS. What was once a painful lesson about "code is law" now becomes the foundation for Ethereum to achieve global banking scale.
📢 I WANT TO HEAR FROM YOU
Do you think this "redemption" of The DAO is the final step for Ethereum to be accepted as the definitive financial infrastructure of the world? 🏛️ vs 🚀
👇 Comment "SECURITY" if you believe that crypto $ETH is stronger than ever in 2026❗
💡 @Leandro-Fumao 📣 This is not financial advice. Always do your own research before investing in any crypto project.
#BinanceSquareFamily #Ethereum #EthereumNews #VitalikButerin #Hack
😱 Almost ten years after the historic hack of 2016 that split the network, the name that nearly destroyed Ethereum is back. But this time, not as a vulnerability, but as a Security Fund of $220 million. 🧵👇
🧨 1. From "Hack" to Security Treasury
Do you remember the hard fork that created Ethereum Classic ❓ That's right, about 75.109 $ETH (equivalent to ~US$ 220M) were "forgotten" or unclaimed in legacy contracts from that event.
The Big Idea ⥱ Instead of leaving these funds idle, pioneers like Griff Green and the Ethereum Foundation are reviving The DAO as a permanent security endowment.
📊 2. The "One Trillion Dollar Security" Plan
The goal is not just to audit code, but to protect YOU, the end user
Permanent Staking ⥱ ~69.420 $ETH will be staked to generate an annual yield of $8 million, which will fund ongoing audits and security research.
User Focus ⥱ The fund will heavily invest in combating phishing, wallet recovery mechanisms, and withdrawal limits to prevent hackers from draining entire accounts. 🕵️♂️🔒
📈 3. Who's in Command ❓
This is not an amateur project. The board of curators includes heavyweights like Vitalik Buterin, experts from MetaMask and ENS. What was once a painful lesson about "code is law" now becomes the foundation for Ethereum to achieve global banking scale.
📢 I WANT TO HEAR FROM YOU
Do you think this "redemption" of The DAO is the final step for Ethereum to be accepted as the definitive financial infrastructure of the world? 🏛️ vs 🚀
👇 Comment "SECURITY" if you believe that crypto $ETH is stronger than ever in 2026❗
💡 @Leandro-Fumao 📣 This is not financial advice. Always do your own research before investing in any crypto project.
#BinanceSquareFamily #Ethereum #EthereumNews #VitalikButerin #Hack
BRIDGE HACKED! FUNDS MISSING NOW $CRSCCrossCurve bridge exploit confirmed. Smart contract vulnerability unleashed. All activity MUST halt immediately. Users, pause everything. Your funds are at risk.
The team found tokens mistakenly sent to wrong wallets. No malice suspected yet. Cooperation is key. Return the funds. A bounty is offered for white-hat assistance.
72 hours. That's the deadline. Return funds or face legal action. We are tracing every asset. Exchanges, stablecoins, analytics firms are on standby. Act fast. Contact us or send funds back. Time is critical.
Disclaimer: This is not financial advice.
#CRSC #CryptoNews #BlockchainSecurity #Hack 🚨
The team found tokens mistakenly sent to wrong wallets. No malice suspected yet. Cooperation is key. Return the funds. A bounty is offered for white-hat assistance.
72 hours. That's the deadline. Return funds or face legal action. We are tracing every asset. Exchanges, stablecoins, analytics firms are on standby. Act fast. Contact us or send funds back. Time is critical.
Disclaimer: This is not financial advice.
#CRSC #CryptoNews #BlockchainSecurity #Hack 🚨
Step Finance treasury hacked: $29 million in SOL leaves Solana front page wallets
📅 January 31
We are not talking about a small protocol, but one that aggregates positions from almost 95% of the network's projects, that organizes the Solana Crossroads conference in Istanbul and that even ventured into the tokenization of stocks like Nvidia and Tesla.
📖The incident was revealed by the Step Finance team itself through a statement on X, where they confirmed a security breach in some of their treasury and commission wallets. Hours before the announcement, onchain data already showed unusual movements: exactly 261,854 SOL were de-staked and transferred out of the addresses linked to the protocol.
The security firm CertiK estimated that the value of the funds moved is around $29 million. However, the team is yet to clarify the root cause of the incident. It is not known whether it was a vulnerability in smart contracts, a flaw in access controls or the direct compromise of private keys. It has also not been confirmed whether user funds, beyond the protocol's treasury, were affected.
Step Finance is not a minor player within the ecosystem. Founded in 2021, it functions as a visualization dashboard that aggregates LP tokens, yield farm positions, and multiple Solana protocols into a single dashboard. Additionally, it operates the SolanaFloor news outlet, manages a validator node, and allocates 100% of the validator's revenue—after operating costs—to repurchases of the STEP token to distribute to those staking xSTEP.
This event adds to a chain of incidents that have hit projects in the Solana ecosystem in the last year. In April 2025, Loopscale lost $5.8 million just two weeks after its launch. In August, CrediX suffered a theft of $4.5 million after controlling an administrative wallet. In November, South Korean exchange Upbit reported a $37 million hack involving assets on the Solana network.
Topic Opinion:
No matter how big or well-known a project is, security remains the Achilles heel of DeFi.
💬 Do you think these types of incidents continue to slow down institutional adoption in Solana?
Leave your comment...
#solana #defi #Hack #CryptoSecurity #CryptoNews $SOL
We are not talking about a small protocol, but one that aggregates positions from almost 95% of the network's projects, that organizes the Solana Crossroads conference in Istanbul and that even ventured into the tokenization of stocks like Nvidia and Tesla.
📖The incident was revealed by the Step Finance team itself through a statement on X, where they confirmed a security breach in some of their treasury and commission wallets. Hours before the announcement, onchain data already showed unusual movements: exactly 261,854 SOL were de-staked and transferred out of the addresses linked to the protocol.
The security firm CertiK estimated that the value of the funds moved is around $29 million. However, the team is yet to clarify the root cause of the incident. It is not known whether it was a vulnerability in smart contracts, a flaw in access controls or the direct compromise of private keys. It has also not been confirmed whether user funds, beyond the protocol's treasury, were affected.
Step Finance is not a minor player within the ecosystem. Founded in 2021, it functions as a visualization dashboard that aggregates LP tokens, yield farm positions, and multiple Solana protocols into a single dashboard. Additionally, it operates the SolanaFloor news outlet, manages a validator node, and allocates 100% of the validator's revenue—after operating costs—to repurchases of the STEP token to distribute to those staking xSTEP.
This event adds to a chain of incidents that have hit projects in the Solana ecosystem in the last year. In April 2025, Loopscale lost $5.8 million just two weeks after its launch. In August, CrediX suffered a theft of $4.5 million after controlling an administrative wallet. In November, South Korean exchange Upbit reported a $37 million hack involving assets on the Solana network.
Topic Opinion:
No matter how big or well-known a project is, security remains the Achilles heel of DeFi.
💬 Do you think these types of incidents continue to slow down institutional adoption in Solana?
Leave your comment...
#solana #defi #Hack #CryptoSecurity #CryptoNews $SOL
🚨MILLION DOLLAR MISTAKE:😭$ETH
A victim (0xd674) lost 4556 $ETH ($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC...dD2E48.
The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital's deposit address and repeatedly sent dust transactions.
11 hours ago, the victim copied an address directly from transaction history to deposit into Galaxy Digital but copied the poison address instead.
As a result, 4,556 $ETH ($12.4M) was sent to the attacker.
💢A painful lesson!
Always double-check the address before making a transfer.
Don't copy addresses from your transaction history for convenience.
Victim address:
0xd6741220a947941bF290799811FcDCeA8AE4A7Da
#Mistake #crypto #Hack #HackerAlert #hackers
A victim (0xd674) lost 4556 $ETH ($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC...dD2E48.
The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital's deposit address and repeatedly sent dust transactions.
11 hours ago, the victim copied an address directly from transaction history to deposit into Galaxy Digital but copied the poison address instead.
As a result, 4,556 $ETH ($12.4M) was sent to the attacker.
💢A painful lesson!
Always double-check the address before making a transfer.
Don't copy addresses from your transaction history for convenience.
Victim address:
0xd6741220a947941bF290799811FcDCeA8AE4A7Da
#Mistake #crypto #Hack #HackerAlert #hackers
The details of the recent hack on Bybit are continuing to emerge. Hackers successfully stole around 135,000 Ethereum, worth approximately $335 million, from the platform's hot wallets. Investigations show that the hackers managed to launder 45,900 ETH (around $113 million) within a very short period. At this rate, it’s estimated that the remaining stolen Ethereum could be fully laundered in just 8 to 10 days.
In response, Bybit assured users that their funds are safe and that investigations into the attack are ongoing. The hackers have been using decentralized platforms to quickly launder the stolen Ethereum, highlighting the need for cryptocurrency exchanges and the broader crypto community to reassess their security measures.
#bybit #Hack
In response, Bybit assured users that their funds are safe and that investigations into the attack are ongoing. The hackers have been using decentralized platforms to quickly launder the stolen Ethereum, highlighting the need for cryptocurrency exchanges and the broader crypto community to reassess their security measures.
#bybit #Hack
⚠️ Beware of the new malware RatOn. It targets Android devices, hacks wallets (MetaMask, Trust, Phantom) and banking apps, and can even lock your screen for ransom. Active since July, spreading through fake TikTok apps.
When your whole life is on your phone, device security must come first. Get proper antivirus and run regular checks.
#scam #Android #Hack #tiktok #fake
When your whole life is on your phone, device security must come first. Get proper antivirus and run regular checks.
#scam #Android #Hack #tiktok #fake
#SBIGroup Crypto Loses $21M in Suspected North Korean #Hack
Blockchain investigator ZachXBT reported Wednesday that addresses linked to SBI Group Crypto lost approximately $21 million on September 24. The stolen funds included $BTC , $ETH , $LTC , $DOGE, and Bitcoin Cash, which were subsequently laundered through Tornado Cash.
SBI Crypto operates as a subsidiary of Japanese financial conglomerate SBI Group. The company did not immediately respond to requests for comment regarding the incident. Blockchain security firm Cyvers assisted #ZachXBT with the investigation.
The attack exhibits characteristics similar to other exploits connected to North Korean #hackers. Stolen funds were routed through instant exchanges before being deposited into Tornado Cash, a decentralized mixing protocol designed to obscure transaction origins.
ZachXBT has established a reputation as one of the most prolific cryptocurrency investigators, identifying numerous instances of illicit fund movements. In June, the sleuth reported that Iranian cryptocurrency exchange Nobitex appeared compromised for over $80 million across Tron and EVM-compatible chains.
Earlier this year, Arkham Intelligence attributed the Bybit hack involving over $1.5 billion to Lazarus Group, widely believed to operate under North Korean state sponsorship. The attribution cited information provided by ZachXBT.
#TornadoCash has faced sustained scrutiny as a platform enabling hackers to launder stolen funds. The Treasury Department's Office of Foreign Assets Control sanctioned the protocol in August 2022. Roman Storm faced charges in 2023 for conspiracy to commit money laundering and sanctions violations related to operating Tornado Cash.
Blockchain investigator ZachXBT reported Wednesday that addresses linked to SBI Group Crypto lost approximately $21 million on September 24. The stolen funds included $BTC , $ETH , $LTC , $DOGE, and Bitcoin Cash, which were subsequently laundered through Tornado Cash.
SBI Crypto operates as a subsidiary of Japanese financial conglomerate SBI Group. The company did not immediately respond to requests for comment regarding the incident. Blockchain security firm Cyvers assisted #ZachXBT with the investigation.
The attack exhibits characteristics similar to other exploits connected to North Korean #hackers. Stolen funds were routed through instant exchanges before being deposited into Tornado Cash, a decentralized mixing protocol designed to obscure transaction origins.
ZachXBT has established a reputation as one of the most prolific cryptocurrency investigators, identifying numerous instances of illicit fund movements. In June, the sleuth reported that Iranian cryptocurrency exchange Nobitex appeared compromised for over $80 million across Tron and EVM-compatible chains.
Earlier this year, Arkham Intelligence attributed the Bybit hack involving over $1.5 billion to Lazarus Group, widely believed to operate under North Korean state sponsorship. The attribution cited information provided by ZachXBT.
#TornadoCash has faced sustained scrutiny as a platform enabling hackers to launder stolen funds. The Treasury Department's Office of Foreign Assets Control sanctioned the protocol in August 2022. Roman Storm faced charges in 2023 for conspiracy to commit money laundering and sanctions violations related to operating Tornado Cash.
30.1K #BTC ($2.1B) of #Silk Road #hack funds controlled by US government is on the move right now.
0.001 BTC ($69) transferred to a Coinbase deposit address so it’s a test transfer possibly.
txn hash
9c3af4b48e66565f1da1da8278036fa1dbb09f2beaaca99c3504475390ba4590
Coinbase deposit address
3KrZVU9Jz4UKHpKUtuvkEMX1tY8zeiTvX2
0.001 BTC ($69) transferred to a Coinbase deposit address so it’s a test transfer possibly.
txn hash
9c3af4b48e66565f1da1da8278036fa1dbb09f2beaaca99c3504475390ba4590
Coinbase deposit address
3KrZVU9Jz4UKHpKUtuvkEMX1tY8zeiTvX2
MAKINA WIPED OUT. HUGE LOSS.
5,107,871 USDC GONE.
The multi-chain DeFi execution engine Makina was just hit hard on Ethereum. Attackers exploited a vulnerability. They manipulated pool prices. They inflated LP assets. Arbitrage attack executed. This is a massive blow. Don't get caught in the crossfire. Stay sharp.
Disclaimer: This is not financial advice.
#DeFi #Hack #CryptoNews 🚨
5,107,871 USDC GONE.
The multi-chain DeFi execution engine Makina was just hit hard on Ethereum. Attackers exploited a vulnerability. They manipulated pool prices. They inflated LP assets. Arbitrage attack executed. This is a massive blow. Don't get caught in the crossfire. Stay sharp.
Disclaimer: This is not financial advice.
#DeFi #Hack #CryptoNews 🚨
#ScrollCoFounderXAccountHacked
Bigger Lesson for Web3 Founders
🔐 #ScrollCoFounderXAccountHacked
This incident is another wake-up call for Web3 founders and teams. As public-facing figures, their accounts carry massive influence and are prime targets for hackers. A single compromised post can lead to financial losses for followers and reputational damage for projects. Best practices like hardware-based 2FA, limited access permissions, and rapid response protocols are no longer optional. For users, the key takeaway is simple: never trust announcements blindly—even from well-known founders—without cross-checking official project channels
#Hack #HackerAlert #Hacked
Bigger Lesson for Web3 Founders
🔐 #ScrollCoFounderXAccountHacked
This incident is another wake-up call for Web3 founders and teams. As public-facing figures, their accounts carry massive influence and are prime targets for hackers. A single compromised post can lead to financial losses for followers and reputational damage for projects. Best practices like hardware-based 2FA, limited access permissions, and rapid response protocols are no longer optional. For users, the key takeaway is simple: never trust announcements blindly—even from well-known founders—without cross-checking official project channels
#Hack #HackerAlert #Hacked
🔥 Scammers on the Rise: How the Meme Coin Boom on Solana Unlocked New Ways to Steal Millions 💸
🌐 The Crypto Market in Shock!
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
North Korean Hackers Target Crypto with Nim-Based Malware Disguised as Zoom Updates
🔹 Fake Zoom meeting invites and update links deceive Web3 teams
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Gala Games CEO Attributes $23M Exploit to Internal Control Failures
Gala Games CEO Eric Schiermeyer has confirmed that a "security incident" led to the unauthorized sale of 600 million GALA tokens, worth approximately $23 million. The breach, which Schiermeyer attributed to "messed up" internal controls, has raised significant concerns within the blockchain gaming community.
Incident Overview
On May 20, at 7:32 pm UTC, blockchain observers reported the minting of 5 billion GALA tokens, valued at around $200 million at the time. The compromised wallet was selling the tokens in batches, leading to a sharp drop in GALA's price. The token hit a 24-hour low of $0.038, a 20% decrease from its daily high, before recovering slightly to $0.041, according to CoinGecko.
“We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens,” Schiermeyer wrote in a May 20 post on X (formerly Twitter). He admitted, “We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.”
Response and Mitigation
Gala Games quickly identified the compromise and revoked unauthorized access to the GALA contract. Schiermeyer assured users that the Ethereum contract was secure and had not been compromised. The company believes it has identified the person responsible and is collaborating with the FBI, the U.S. Justice Department, and international authorities to address the incident.
In a follow-up post on X, Gala Games announced that the security breach had been contained and the affected wallet frozen. However, details about the perpetrator and the method of access to the GALA contract remain undisclosed.
Ongoing Legal Disputes
This security incident occurs amid ongoing legal battles between Schiermeyer and Gala Games co-founder Wright Thurston. Both have filed lawsuits against each other, with Thurston accusing Schiermeyer of squandering millions in company assets, while Schiermeyer alleges that Thurston stole $130 million worth of GALA tokens.
Gala Games did not respond to requests for additional comments.
The incident underscores the critical need for robust internal controls and security measures in the cryptocurrency and blockchain industries, as companies continue to navigate complex technological and legal landscapes.
$GALA #GALA #GalaGames #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Incident Overview
On May 20, at 7:32 pm UTC, blockchain observers reported the minting of 5 billion GALA tokens, valued at around $200 million at the time. The compromised wallet was selling the tokens in batches, leading to a sharp drop in GALA's price. The token hit a 24-hour low of $0.038, a 20% decrease from its daily high, before recovering slightly to $0.041, according to CoinGecko.
“We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens,” Schiermeyer wrote in a May 20 post on X (formerly Twitter). He admitted, “We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.”
Response and Mitigation
Gala Games quickly identified the compromise and revoked unauthorized access to the GALA contract. Schiermeyer assured users that the Ethereum contract was secure and had not been compromised. The company believes it has identified the person responsible and is collaborating with the FBI, the U.S. Justice Department, and international authorities to address the incident.
In a follow-up post on X, Gala Games announced that the security breach had been contained and the affected wallet frozen. However, details about the perpetrator and the method of access to the GALA contract remain undisclosed.
Ongoing Legal Disputes
This security incident occurs amid ongoing legal battles between Schiermeyer and Gala Games co-founder Wright Thurston. Both have filed lawsuits against each other, with Thurston accusing Schiermeyer of squandering millions in company assets, while Schiermeyer alleges that Thurston stole $130 million worth of GALA tokens.
Gala Games did not respond to requests for additional comments.
The incident underscores the critical need for robust internal controls and security measures in the cryptocurrency and blockchain industries, as companies continue to navigate complex technological and legal landscapes.
$GALA #GALA #GalaGames #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Login to explore more contents