North Korean Hackers Steal $1.5B in Cryptocurrency
Schneier on Security 25.02.2025 18:04
It looks like a very sophisticated attack against the Dubai-based exchange Bybit:
Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had been stored in a “Multisig Cold Wallet” when, somehow, it was transferred to one of the exchange’s hot wallets. From there, the cryptocurrency was transferred out of Bybit altogether and into wallets controlled by the unknown attackers.
[…]
…a subsequent investigation by Safe found no signs of unauthorized access to its infrastructure, no compromises of other Safe wallets, and no obvious vulnerabilities in the Safe codebase. As investigators continued to dig in, they finally settled on the true cause. Bybit ultimately said that the fraudulent transaction was “manipulated by a sophisticated attack that altered the smart contract logic and masked the signing interface, enabling the attacker to gain control of the ETH Cold Wallet.”…
Unmanaged Devices: The Overlooked Threat CISOs Must Confront
Dark Reading 25.02.2025 16:00
No matter the strategy, companies must approach securing unmanaged devices with sensitivity and respect for employee privacy.
Industrial System Cyberattacks Surge as OT Stays Vulnerable
Dark Reading 25.02.2025 12:00
Nearly a third of organizations have an operational system connected to the Internet with a known exploited vulnerability, as attacks by state and non-state actors increase.
Stürmer Maschinen von Ransomware-Attacke getroffen
CSO Online 25.02.2025 11:25
Die Ransomware-Bande Lynx hat den Maschinengroßhändler Stürmer Maschinen kürzlich auf ihre Opferliste gesetzt. Auf ihrer Leak-Seite im Darknet behaupten die Cyberkriminellen, einen Datensatz von 800 Gigabyte abgezogen zu haben. Um welche Daten es sich dabei genau handelt ist unklar. Informationen zur Lösegeldforderung und Frist gibt es ebenfalls nicht.