cryptocurrency

Over 20,000 Crypto Fraud Victims Identified in International Crackdown

An international law enforcement effort called Operation Atlantic, led by the UK's National Crime Agency (NCA) and involving agencies from Canada, the UK, and the US, has identified over 20,000 victims of cryptocurrency fraud and frozen more than $12 million in criminal proceeds. This joint operation disrupted multiple fraud networks globally, highlighting the effectiveness of public-private partnerships in combating crypto scams and supporting victims.

https://www.bleepingcomputer.com/news/security/police-identifies-20-000-victims-in-international-crypto-fraud-crackdown/

Drift Crypto Platform Confirms $280 Million Stolen in Hack as Researchers Point Finger at North Korea

The decentralized finance platform Drift confirmed a $280 million theft through a sophisticated attack involving the rapid takeover of its security council administrative powers, with pre-signed transactions exploited via social engineering. Blockchain security experts, including Elliptic, have attributed the hack to North Korean state-backed hackers, consistent with previous crypto theft tactics used by the DPRK to fund its military program, marking the eighteenth such incident tracked this year.

https://therecord.media/drift-crypto-confirms-280-million-stolen-north-korea

OpenSourceMalware.com

Extreme TLDR:
14 malicious ClawdBot skills, posing as crypto trading tools, distribute malware targeting ByBit, Polymarket, and others. Skills leverage social engineering for credential theft on macOS and Windows. They exploit a lack of security in ClawHub, using deceptive documentation to trick users into executing harmful commands. The campaign relies on a centralized C2 infrastructure for data theft, with multiple skills still available online.

https://opensourcemalware.com/blog/clawdbot-skills-ganked-your-crypto

More Than 40 Countries Impacted by North Korea IT Worker Scams, Crypto Thefts

Over 40 countries affected by North Korea IT worker scams and crypto thefts; U.S. urges UN to enforce sanctions against North Korea. Report details North Korea's schemes to fund weapons programs, including identity theft and laundering via Chinese banks. U.S. accuses China and Russia of harboring North Korean operatives. Discussions at UN highlighted challenges in identifying North Korean workers amidst growing AI integration in scams. North Korea criticized the U.S. for its actions at the UN.

https://therecord.media/40-countries-impacted-nk-it-thefts-united-nations

Illicit Crypto Economy Surges as Nation-States Join the Fray

Illicit cryptocurrency transactions surged in 2025, reaching at least $154 billion, driven by sanctioned countries like Russia, Iran, and North Korea using digital currency to evade financial blockades. The rise of stablecoins, pegged to national currencies like the US dollar, facilitated these transactions, with 84% of illicit money flows transacted in stablecoins. This growth in cryptocurrency transactions has also fueled the maturation of cybercriminal services, posing challenges for law enforcement.

https://www.darkreading.com/cyber-risk/illicit-crypto-economy-surges-nation-states

Crypto Investors Face Violent Home Robberies

Surging cryptocurrency interest has led to a spike in violent home invasions and kidnappings targeting small-time investors. Julia Goodwin, a wealthy retiree, faced a harrowing experience when armed intruders broke into her home, demanding access to her crypto assets after initially losing a significant amount in a cyber hack. These crimes reflect a broader trend where criminals transition from digital hacks to physical attacks, often employing brutal tactics. Reports indicate over 215 physical crypto-related assaults since 2020, highlighting a shift towards targeting everyday individuals rather than just high-profile figures. The landscape is changing, as thieves adapt to the unique vulnerabilities that come with digital asset ownership.

https://www.bloomberg.com/features/2026-crypto-thieves-kidnappers/?accessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb3VyY2UiOiJTdWJzY3JpYmVyR2lmdGVkQXJ0aWNsZSIsImlhdCI6MTc2NzM3MDQ4OCwiZXhwIjoxNzY3OTc1Mjg4LCJhcnRpY2xlSWQiOiJUODhWNEFLR0lGU0kwMCIsImJjb25uZWN0SWQiOiJFN0UyN0Q2RDgyQjc0MEQzQTQzNkUzN0Y2ODE5MUNEMyJ9.gyY_IKMmtzAFYwqMBE48BWey6a0cRDPgL2J3QHfIvmU

Trust Wallet Links $8.5 Million Crypto Theft to Shai-Hulud NPM Attack

Trust Wallet links $8.5M crypto theft to November's Shai-Hulud NPM attack, where an exploit of their Chrome extension enabled unauthorized access to over 2,500 wallets. Attackers used stolen GitHub secrets to inject malicious code into the browser extension's update. Trust Wallet has since revoked API access and started compensating affected users while repelling ongoing impersonation scams. The Shai-Hulud malware campaign compromised numerous npm packages, exposing 400,000 developer secrets.

https://www.bleepingcomputer.com/news/security/trust-wallet-links-85-million-crypto-theft-to-shai-hulud-npm-attack/

Multiple Crypto Packages Hijacked, Turned Into Info-stealers

Multiple npm cryptocurrency packages hijacked to steal sensitive information, including environment variables. Malicious scripts found in recent versions of longstanding packages have exfiltrated user data. The hijack is suspected to involve compromised maintainer accounts. Organizations urged to enhance supply chain security to prevent malware in open-source dependencies.

https://www.sonatype.com/blog/multiple-crypto-packages-hijacked-turned-into-info-stealers

New Web3 Attack Exploits Transaction Simulations to Steal Crypto

New Web3 attack, “transaction simulation spoofing,” steals crypto, exemplified by a $460,000 theft of 143.45 ETH. Attackers exploit transaction simulation flaws in wallets, luring victims to fake sites showing deceptive transaction previews. A delay allows attackers to change transaction outcomes, leading victims to authorize transactions draining their wallets. Users should be cautious of “free claims” on unverified sites, as trust in wallet simulations can be misleading. Solutions include adjusting simulation refresh rates and adding warnings for users.

https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/

Scroll to Top