Tag cryptocurrency

Major Supply Chain Compromise: Backdoor Found in Ripple’s xrpl.js npm Package Targeting Private Keys

April 23, 2025
Blockchain / Cryptocurrency

The JavaScript library xrpl.js, associated with Ripple cryptocurrency, has been compromised in a supply chain attack by unidentified threat actors, aimed at stealing users’ private keys. This vulnerability impacts several versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. Versions 4.2.5 and 2.14.3 have since addressed the issue. xrpl.js serves as a widely-used API for interacting with the XRP Ledger blockchain, developed by Ripple Labs since 2012, and has garnered over 2.9 million downloads along with more than 135,000 weekly downloads. “The official xrpl (Ripple) NPM package was compromised by sophisticated attackers who embedded a backdoor specifically designed to steal cryptocurrency private keys and access wallets,” stated Charlie Eriksen of Aikido Security. The malicious code modifications are believed to have been introduced by a…

Ripple’s xrpl.js npm Package Compromised in Significant Supply Chain Attack April 23, 2025 Blockchain / Cryptocurrency In a concerning development within the cryptocurrency sector, the npm JavaScript library for Ripple, known as xrpl.js, has fallen victim to unknown adversaries in a software supply chain attack aimed at capturing users’ private…

Read More

Major Supply Chain Compromise: Backdoor Found in Ripple’s xrpl.js npm Package Targeting Private Keys

April 23, 2025
Blockchain / Cryptocurrency

The JavaScript library xrpl.js, associated with Ripple cryptocurrency, has been compromised in a supply chain attack by unidentified threat actors, aimed at stealing users’ private keys. This vulnerability impacts several versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. Versions 4.2.5 and 2.14.3 have since addressed the issue. xrpl.js serves as a widely-used API for interacting with the XRP Ledger blockchain, developed by Ripple Labs since 2012, and has garnered over 2.9 million downloads along with more than 135,000 weekly downloads. “The official xrpl (Ripple) NPM package was compromised by sophisticated attackers who embedded a backdoor specifically designed to steal cryptocurrency private keys and access wallets,” stated Charlie Eriksen of Aikido Security. The malicious code modifications are believed to have been introduced by a…

NY Man and Company Ordered to Pay $228M in Ponzi Scheme Settlement

Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime Highlights: Coinbase’s Misconfigured Smart Contract, GMX Repayment Plans Rashmi Ramesh (rashmiramesh_) • August 21, 2025 Image: Shutterstock Each week, Information Security Media Group compiles notable cybersecurity incidents in the realm of digital assets. This week includes a New York Ponzi scammer…

Read MoreNY Man and Company Ordered to Pay $228M in Ponzi Scheme Settlement

Coinbase Exposed: Agents Bribed, Data of ~1% of Users Compromised; $20M Extortion Bid Fails

May 15, 2025
Cryptocurrency / Threat Intelligence

Coinbase has reported a data breach involving a small fraction of its users after cybercriminals targeted its overseas customer support agents. The company revealed that these criminals offered cash incentives to a limited number of insiders, who then extracted data concerning less than 1% of Coinbase’s monthly active users. The attackers aimed to compile a list of customers to impersonate Coinbase and trick them into surrendering their cryptocurrency assets. On May 11, 2025, the perpetrators attempted to extort Coinbase for $20 million, claiming possession of sensitive information about specific customer accounts and internal documents. In response, Coinbase confirmed that the compromised agents, based in India, have been terminated. The firm assured customers that no passwords, private keys, or funds were at risk.

Coinbase Faces Breach After Insider Compromise; User Data Exposed in Extortion Attempt May 15, 2025 In a recent security disclosure, Coinbase revealed that an unauthorized breach of its systems has resulted in the theft of account information pertaining to a small percentage of its user base. The cryptocurrency exchange stated…

Read More

Coinbase Exposed: Agents Bribed, Data of ~1% of Users Compromised; $20M Extortion Bid Fails

May 15, 2025
Cryptocurrency / Threat Intelligence

Coinbase has reported a data breach involving a small fraction of its users after cybercriminals targeted its overseas customer support agents. The company revealed that these criminals offered cash incentives to a limited number of insiders, who then extracted data concerning less than 1% of Coinbase’s monthly active users. The attackers aimed to compile a list of customers to impersonate Coinbase and trick them into surrendering their cryptocurrency assets. On May 11, 2025, the perpetrators attempted to extort Coinbase for $20 million, claiming possession of sensitive information about specific customer accounts and internal documents. In response, Coinbase confirmed that the compromised agents, based in India, have been terminated. The firm assured customers that no passwords, private keys, or funds were at risk.

DoJ Takes Down 145 Domains Linked to BidenCash Carding Operations

The U.S. Department of Justice (DoJ) announced on Wednesday the seizure of cryptocurrency assets and around 145 domains associated with the underground carding platform BidenCash. According to the DoJ, “BidenCash operators streamlined the process of buying and selling stolen credit cards and personal information.” The marketplace, which charges fees for transactions, launched in March 2022 to replace Joker’s Stash and other carding forums like UniCC. Since its inception, BidenCash has reportedly served over 117,000 users, facilitated the trafficking of more than 15 million payment card numbers and personal data, and generated at least $17 million in revenue.

U.S. Department of Justice Seizes 145 Domains Linked to BidenCash Carding Marketplace On June 5, 2025, the U.S. Department of Justice (DoJ) announced a significant action against the illicit carding marketplace known as BidenCash, seizing approximately 145 domains linked to both the clearnet and dark web. This operation is part…

Read More

DoJ Takes Down 145 Domains Linked to BidenCash Carding Operations

The U.S. Department of Justice (DoJ) announced on Wednesday the seizure of cryptocurrency assets and around 145 domains associated with the underground carding platform BidenCash. According to the DoJ, “BidenCash operators streamlined the process of buying and selling stolen credit cards and personal information.” The marketplace, which charges fees for transactions, launched in March 2022 to replace Joker’s Stash and other carding forums like UniCC. Since its inception, BidenCash has reportedly served over 117,000 users, facilitated the trafficking of more than 15 million payment card numbers and personal data, and generated at least $17 million in revenue.

Do Kwon Admits Guilt in $40 Billion Fraud Case

Read more on Blockchain & Cryptocurrency, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Breaking: Trump Signs Pro-Crypto Executive Order, Credix Disappears Post $4.5M Hack Written by Rashmi Ramesh (@rashmiramesh_) • August 14, 2025 Read more Image: Shutterstock This week’s cybersecurity roundup by Information Security Media Group highlights significant incidents in…

Read MoreDo Kwon Admits Guilt in $40 Billion Fraud Case

Lazarus Group Leverages Google Chrome Vulnerability to Take Control of Compromised Devices

Oct 24, 2024
Vulnerability / Cyber Attack

The Lazarus Group, a North Korean cyber threat actor, has been linked to the exploitation of a zero-day vulnerability in Google Chrome, allowing them to control infected devices. Cybersecurity firm Kaspersky reported this discovery, which stemmed from a new attack chain identified in May 2024. The attack targeted the personal computer of an unnamed Russian individual using the Manuscrypt backdoor. This involved triggering the zero-day exploit simply by visiting a counterfeit gaming website, “detankzone[.]com,” which aimed at cryptocurrency users. It is believed this campaign began in February 2024. Kaspersky researchers Boris Larin and Vasily Berdnikov noted that the website masqueraded as a professionally designed page for a decentralized finance (DeFi) NFT-based multiplayer online battle arena (MOBA) tank game, enticing users to download a trial version. However, this was merely a façade.

Lazarus Group Exploits Google Chrome Vulnerability to Compromise Targeted Devices On October 24, 2024, cybersecurity experts revealed that the Lazarus Group, a notorious North Korean cyber threat actor, has exploited a recently patched zero-day vulnerability in Google Chrome to gain control over infected devices. The findings were reported by Kaspersky,…

Read More

Lazarus Group Leverages Google Chrome Vulnerability to Take Control of Compromised Devices

Oct 24, 2024
Vulnerability / Cyber Attack

The Lazarus Group, a North Korean cyber threat actor, has been linked to the exploitation of a zero-day vulnerability in Google Chrome, allowing them to control infected devices. Cybersecurity firm Kaspersky reported this discovery, which stemmed from a new attack chain identified in May 2024. The attack targeted the personal computer of an unnamed Russian individual using the Manuscrypt backdoor. This involved triggering the zero-day exploit simply by visiting a counterfeit gaming website, “detankzone[.]com,” which aimed at cryptocurrency users. It is believed this campaign began in February 2024. Kaspersky researchers Boris Larin and Vasily Berdnikov noted that the website masqueraded as a professionally designed page for a decentralized finance (DeFi) NFT-based multiplayer online battle arena (MOBA) tank game, enticing users to download a trial version. However, this was merely a façade.

Power Utility Reports Suspected Pot Growers to Police; EFF Claims It’s Illegal.

In May 2020, an unsettling incident unfolded in Sacramento, California, when homeowner Alfonso Nguyen encountered two deputies from the Sacramento County Sheriff’s Department at his residence. They accused him of illicit cannabis cultivation and insisted on searching his home. Upon his refusal, one deputy reportedly labeled him a liar and…

Read MorePower Utility Reports Suspected Pot Growers to Police; EFF Claims It’s Illegal.