Cash App is notifying 8.2 million current and former US customers of a data breach after a former employee accessed their account information. Block, Inc., the owner of Cash App, disclosed in a Form 8-K SEC filing that the breach occurred on December 10th, 2021, after a former employee downloaded internal Cash App reports while no longer employed at the company. Block says that the reports included Cash App customers' full names and brokerage account numbers associated with investment activity on Cash App. For some customers, additional information was exposed in the reports, including portfolio values, holdings, and possibly trading activity for one trading day.
More on Bleeping Computer• 2022-04-06
Germany's Federal Criminal Police Office, the Bundeskriminalamt (BKA), on Tuesday announced the official takedown of Hydra, the world's largest illegal dark web marketplace. "[543] Bitcoins amounting to currently the equivalent of approximately €23 million were seized, which are attributed to the marketplace," the BKA said in a press release. The agency attributed the shutdown of Hydra to an extensive investigation operation conducted by its Central Office for Combating Cybercrime (ZIT) in partnership with U.S. law enforcement authorities since August 2021. Launched in 2015, Hydra was a Russian-language dark web marketplace that opened as a competitor to the now-defunct Russian Anonymous Marketplace (aka RAMP), primarily known for its high-traffic narcotics market before expanding their focus to peddle forged documents and stolen credit cards.
More on The Hacker News• 2022-04-05
Two European Parliament committees voted in favor of changes to the Transfer of Funds Regulation that target transactions to and from unhosted wallets. The Committee on Economic and Monetary Affairs and the Committee on Civil Liberties, Justice and Home Affairs voted in favor of amendments to the Transfer of Funds Regulation that “impose a host of new privacy invasions on wallet users,” according to Coinbase’s Chief Legal Officer. The amendments are ostensibly aimed at cracking down on money laundering, but critics have voiced their concerns about the effects the amendments will have on privacy. And exchanges are naturally concerned about their ability to do business.
More on Darknetlive• 2022-04-02
The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems. The app, which is equipped with functionalities to save and manage a cryptocurrency wallet, is also designed to trigger the launch of the implant that can take control of the infected host. Russian cybersecurity firm Kaspersky said it first encountered the rogue application in mid-December 2021.
More on The Hacker News• 2022-04-01
Meet Satoshi Island, a 32 million square foot private isle giving you access to pristine waters, year-round sunlight, modular homes, and the promise of a decentralized democracy. The Satoshi Island we're talking about isn't a tale of fiction, but a real-life private island dedicated to the crypto community. Located in the tropical paradise of Vanuatu, between Australia and Fiji, the island is owned by Satoshi Island Holdings Ltd., which intends to turn it into "the crypto capital of the world"— a place where crypto enthusiasts and professionals can thrive. And, the name of the island is hardly surprising—inspired by Satoshi Nakamoto, the pseudonymous person purported to be the original developer of Bitcoin (BTC).
More on Bleeping Computer• 2022-03-29
So-called NFT “rug pulls” or scams hurt buyers who invest their money into hot new projects. But the pseudonymous nature of the crypto space doesn’t mean that alleged scammers can always disappear without consequences, as a pair of NFT creators have discovered. Today, the United States Department of Justice announced that it has charged a pair of 20-year-olds, Ethan Nguyen and Andre Llacuna, with conspiracy to commit wire fraud and conspiracy to commit money laundering over the Frosties NFT project. Nguyen (a.k.a. “Frostie” and other pseudonyms) and Llacuna (“heyandre”) are the alleged creators of Frosties, an Ethereum NFT project that held its mint in January. After selling through the 8,888 NFTs and banking about $1.1 million worth of ETH in the process, the creators closed down the project’s Discord channel and disappeared with the funds.
More on Decrypt• 2022-03-25
The UK’s National Crime Agency is calling for the regulation of cryptocurrency mixers. Gary Cathcart, head of financial investigation at the National Crime Agency, said that mixers “can be used to provide a ‘layering’ service, churning criminal cash, obscuring its origins and audit trail, similar to how a cash business might be used by criminals to legitimize cash through the banking system.” According to the NCA, “regulation would force mixers to comply with money laundering laws, with an obligation to carry out customer checks and audit trails of currencies passing through the platforms.” The NCA said that law enforcement needs to be able to investigate “what is often serious criminal activity.”
More on Darknetlive• 2022-03-16
A federal grand jury in San Diego returned an indictment today charging the founder of BitConnect with orchestrating a global Ponzi scheme. BitConnect is an alleged fraudulent cryptocurrency investment platform that reached a peak market capitalization of $3.4 billion.
More on DOJ• 2022-02-25
Around $295,000 has been drained from the vaults of decentralized finance (DeFi) platform Flurry Finance following a hack on its smart contracts. The attack took place on Tuesday (February 22) when a malicious hacker deployed an exploit that enabled the increase of a multiplier influencing the balance of rhoToken, a deposit token used by Flurry Finance for yield aggregation. The upshot was an increase in the attackers’ token balance and the illicit withdrawal of additional funds, according to blockchain security company CertiK. The attacker managed to repeat the process several times before Flurry Finance blocked further withdrawals by pausing smart contracts running on Polygon and the Binance Smart Chain (BSC).
More on The Daily Swig• 2022-02-25
Who hacked The DAO in 2016, diverting 3.6 million ether? We identify the apparent hacker — he denies it — by following a complicated trail of crypto transactions and using a previously undisclosed privacy-cracking forensics tool.
More on Forbes• 2022-02-22
Federal officials seized some $3.6 billion worth of bitcoin Tuesday tied to the 2016 hack of the crypto exchange Bitfinex. On Tuesday, agents arrested two individuals in New York on charges they conspired to launder proceeds from the Bitfinex hack in 2016. The married couple, Ilya "Dutch" Lichtenstein and Heather Morgan, will appear in court at 3:00 p.m. ET in New York, according to a U.S. Department of Justice press release. Some 120,000 BTC was stolen in the hack, worth around $60 million at the time and representing nearly one-sixth of the total trading volume at the time. At today's prices, the total amount of bitcoin stolen is valued at $4.5 billion, but the DOJ only seized about 94,000 BTC valued at $3.6 billion.
More on CoinDesk• 2022-02-08
A Kentucky woman who helped launder her son’s drug money will spend 15 months in prison. She used Coinbase. A Kentucky woman was sentenced to 15 months in prison for helping her son launder drug money. Her son, John Frank Naber III, sold counterfeit Adderall pills on the darkweb as well as to local customers. Cara Leann Naber, 57, assisted her son in laundering his drug trafficking proceeds and structuring bank transactions to evade federal cash transaction reporting requirements. Her son is currently serving a 132-month prison term for selling methamphetamine, laundering money, and owning a firearm as a convicted felon.
More on Darknetlive• 2022-02-08