Connect with us


Meet Clipsa: The New Cryptocurrencies Malware




Clipsa is one of the most sophisticated pieces of cryptocurrency and financial malware out there. This malicious software is capable of stealing/replacing cryptocurrency keys, wallet.dat files, stealing bank account credentials, social security numbers and installing a CPU cryptocurrency miner XMRig in victims’ PCs.

Clipsa is one of the most sophisticated pieces of cryptocurrency malware out there. This malicious software is capable of stealing/replacing cryptocurrency keys, wallet.dat files, stealing locally saved passwords, social security numbers and installing a CPU cryptocurrency miner XMRig in victims’ PCs. Clipsa is also cable of launching bruteforce attacks against poorly configured wordpress websites.

Clipsa steals cryptocurrency by using information which is stored on a clipboard of the infected system. It simply replaces cryptocurrency wallet addresses that are saved in the clipboard with other addresses that are owned by people who spread the Clipsa password stealer. It aslo searches for cryptocurrency wallets “wallet.dat” fies and send it to the bad actors behind Clipsa.

According to a recent Avast anti-virus report, Clipsa highest infection rate is in India, Brazil and Philipines.

Because Clipsa installs XMRig CPU miner,PCs that are infected with Clipsa start working slower or do not respond at all. Having a miner installed on the operating system might also cause hardware overheat, unexpected system crashes and other problems. Typically, infected computers consume more power which leads to higher electricity bills.

Clipsa targets Windows based PCs and it’s being distrubuted through malicious codec pack installers for media players (Ultra XVid Codec Pack.exe or Installer_x86-x64_89006.exe).

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at [email protected]


How To Protect Yourself from Common Crypto Scams





With the recent failures of traditional banks, an increasing number of individuals are turning to cryptocurrencies in search of enhanced financial security. With the potential for financial gains, it is essential for individuals who are investing in cryptocurrencies to be aware of the various scams prevalent in the crypto world and take proactive measures to protect themselves. In this article, we will discuss practical steps you can take to safeguard your investments and avoid common crypto scams.

Avoiding Investment Opportunity Scams

For crypto enthusiasts interested in venturing into investments, it is imperative to be informed and exercise caution, as investment scams can take on numerous disguises. Many scammers will approach individuals, presenting enticing investment opportunities promising significant returns.

When considering investment opportunities, it is crucial to be wary of websites that guarantee zero risks, promise exorbitant profits, or contain misspelled words and suspicious links. If you choose to explore investment possibilities, remember to only invest funds that you can afford to lose.

Guarding Against Social Media Scams

Scammers often exploit the presence of crypto users on social media platforms. They may reach out via private messages, offering investment opportunities, romantic relationships, or giveaways. Some of these crypto scammers may impersonate reputable crypto companies, influential figures in the cryptocurrency space, or even celebrities.

If you receive a message on social media from someone whom you suspect to be a crypto scammer, the best course of action is to ignore it. Check the profile for signs of fakeness, such as a low follower count or an unverified account, and report it.

It is also essential to be aware that certain crypto influencers can be hazardous, as they may promote unregulated forms of cryptocurrency and tokens that can result in financial losses for users.

Steering Clear of Rug Pulls

Rug pulls are another perilous form of crypto scam. In a rug pull scenario, developers promote their new crypto tokens, artificially inflating their prices to entice investors. Once the price plummets to zero, the developers vanish with investors’ funds, leaving them empty-handed.

The most effective way to avoid a rug pull is to refrain from investing in tokens developed by unknown or anonymous individuals. Exercise caution with tokens that lack locked liquidity, external audits, or offer unrealistically high yields to investors

Stay Vigilant Against Phishing Attacks

Phishing scams are the most prevalent and hazardous types of scams in the cryptocurrency world. These scams trick users into clicking on links that lead to fake websites, where they are prompted to enter their passwords. Once scammers obtain a user’s password, they can gain access to personal information, including crypto keys, account details, and assets.

To ensure users do not fall victim to phishing scams, it is crucial to access information directly from the official website. Refrain from clicking on unknown links in texts or emails, and only enter passwords on reliable and trusted sites.

Preventing Cryptojacking

Cryptojacking occurs when malicious actors utilize another person’s laptop, phone, tablet, or servers to mine cryptocurrencies without the victim’s knowledge. This typically happens when users click on malicious links in emails or texts, infecting their devices and allowing the perpetrators to mine cryptocurrencies using the victims’ computing power. While cryptojacking often goes unnoticed, victims may experience slower device performance, increased fan activity, or higher electricity bills.

To prevent cryptojacking on your devices, consider installing a reliable cybersecurity program or using browser extensions on platforms like Firefox, Chrome, or Opera that actively block mining activities. Also make sure to install browser extensions from a trusted place.

Trust Your Instincts

If an investment opportunity or offer sounds too good to be true, it probably is. Trust your instincts and exercise caution. Take your time to make informed decisions and never succumb to pressure tactics or fear of missing out (FOMO). Seek advice from trusted experts or consult with a financial professional before making any significant investment decisions.

Use Secure Exchanges

When trading or buying cryptocurrencies, use reputable and secure exchanges. Research the exchange’s reputation, security measures, and user reviews. Look for exchanges that employ advanced security features like cold storage, two-factor authentication, and withdrawal confirmations. Avoid sharing your personal information or login credentials with anyone and be cautious of fake exchange websites designed to steal your funds.

Final Thoughts

By educating yourself, conducting thorough research, securing your wallets, and staying vigilant against potential scams, you can significantly reduce the risk of falling victim to losing your investments. Good luck!.

Continue Reading


Outdated Yearn Finance Contract Hacked, $11.6 Million Stolen in Stablecoins

Lorna Udinese



On Thursday, a hacker exploited an outdated contract from Yearn Finance, a decentralized finance (DeFi) platform, and stole $11.6 million worth of stablecoins. The attacker managed to create a quadrillion yUSDT stablecoins by exploiting a vulnerability in the code of an old Yearn Finance contract. The tokens were then swapped for various other stablecoins, including USDP, TUSD, BUSD, USDT, USDC, and DAI.

DeFi platforms have been particularly vulnerable to hacking attacks, and Yearn Finance is just one of the many platforms that have suffered such attacks. The hacker in this case managed to take advantage of an outdated contract, highlighting the importance of regularly updating and auditing smart contracts to prevent such incidents.

As reported by PeckShield , after the successful theft, the hacker transferred the funds to other DeFi platforms, such as Aave, where they locked 1.5 million TUSD as collateral to borrow 634 Ether worth $1.26 million. The hacker also sent at least 1,000 Ether to Tornado Cash, a mixing service that is sanctioned by the U.S. Treasury. Tornado Cash is a tool that allows users to anonymize their Ethereum transactions, making it difficult for authorities to track the flow of funds.

Image credit PeckShield Inc.

The theft is just one of the many incidents of crypto theft that occurred in 2022, with blockchain forensics firm Chainalysis reporting that hackers stole at least $3.8 billion in cryptocurrencies throughout the year, the highest recorded total. DeFi platforms suffered more than 82% of the losses, highlighting the need for improved security measures in the DeFi space.

This incident is a stark reminder that the DeFi space is not immune to cyberattacks and that there is a need for continued innovation in security measures to safeguard users’ funds. The rise of DeFi has brought about exciting new opportunities in finance, but it has also created new risks that need to be addressed. Regular security audits, code reviews, and bug bounties are just some of the measures that DeFi platforms can implement to improve their security posture.

Continue Reading


How Blockchain Technologies Can Improve Cybersecurity




The increasing prevalence of cyber threats has made cybersecurity a critical concern for businesses and organizations across the globe. In this digital age, sensitive data such as medical records, financial information, and confidential business data must be protected against malicious attacks. Fortunately, blockchain technology has emerged as a powerful solution to enhance cybersecurity measures and protect against cyber threats.

Blockchain technology can create a more secure and resilient network by distributing data and processing power across multiple nodes. This makes it harder for attackers to compromise the network because they would need to compromise most of the nodes to make changes to the blockchain. Additionally, the decentralized nature of blockchain can reduce the risk of a single point of failure, a common vulnerability in centralized networks. By creating a distributed ledger of data, blockchain technology provides an additional layer of security that can mitigate the risk of cyber attacks.

One of the key benefits of blockchain technology is its ability to create a tamper-proof record of data. By using cryptographic algorithms to secure transactions and blocks of data, blockchain ensures that sensitive data is only accessible to authorized users and cannot be tampered with. Each block in the blockchain contains a unique cryptographic hash generated based on the contents of the block. Any attempt to modify the contents of a block will result in a new hash value, which will break the chain of hashes that links all the blocks together. This makes it extremely difficult for an attacker to modify data stored in a blockchain without detection.

Furthermore, blockchain’s transparency and audibility can help organizations to identify the source of security incidents and track data flow in the event of a breach. By creating an immutable record of security incidents, organizations can better understand the nature of cyber threats and develop more effective strategies for responding to them. Additionally, blockchain can enable users to authenticate themselves without relying on a third-party identity provider, reducing the risk of identity theft and ensuring better cybersecurity.

In a digital era, blockchain can also help secure and manage digital identities in a decentralized manner. Individuals can have more control over their personal information by creating a distributed ledger of identity data. Organizations can also have a more secure way to verify the identity of their users. Blockchain can enable a secure and transparent system for tracking who has accessed sensitive data and when, helping organizations to detect and respond to potential data breaches more quickly.

In conclusion, blockchain technology can enhance cybersecurity measures and provide greater peace of mind for those handling sensitive information. By creating a tamper-proof record of data, distributing data and processing power across multiple nodes, and providing an immutable record of security incidents, blockchain technology can help organizations to better protect sensitive data against malicious attacks. As cyber threats continue to evolve and become more sophisticated, the adoption of blockchain technology is becoming increasingly important to safeguard against potential cyber attacks.

Article source: TheHackerWire

Continue Reading