Connect with us

Security

Nightmare Market Security Breach

M. Ali

Published

on

Nightmare Market had a security breach and it’s users funds were stolen through SQL injection. Nightmare Market is an online darkweb marketplace and is considered the second largest active darknet market, was founded in 2018.

Nightmare marketplace offers a variety of illegal contents such as drugs, stolen data and counterfeit items, all using the Bitcoin, Bitcoin Cash, Monero, Litecoin, Dash, and Zcash cryptocurrencies.

A screenshot of Nightmare Marketplace at the time of writing

The hacker could breach into Nightmare Market through SQL injection and stole unknown amount of cryptocurrencies. Nightmare market disabled all withdrawals and lots of it’s users complained about missing BTC funds.

The hacker posted screenshots of Nightmare Market backend on Dread (Darkweb’s Reddit).

Nightmare Market Admin Section
Nightmare Market sale stats

At the time of writing, Nightmare Market has resumed operation and it’s website is back online.

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT consultant.

Continue Reading
Advertisement
Comments

Bitcoin

A Backdoored Tor Browser is Being Used to Steal Bitcoin From Tor Users

June G. Bauer

Published

on

Tor-Browser-Backdoor

A trojanized version of the Tor Browser is currently targeting Russian users to steal their Bitcoin funds. This was discovered by ESET security researchers.

When victims try make any Bitcoin transactions, the Backdoored Tor browser will automatically replace the original destination address with another address controlled by criminals.

The attackers are promoting their trojanized version of the Tor Browser through posting spam message on some popular Russian cryptocurrency websites to encourage victims to download and use the infected browser. Two domain names are used to distrubute the infected browser tor-browser[.]org and torproect[.]org

At the moment of publishing, the cryptocurrency wallets controlled by the attackers received 863 transactions worth of $40,000 in Bitcoin cryptocurrency.

Example of spam message promoting tor-browser[.]org . Image credit: welivesecurity.com

Continue Reading

Bitcoin

Malicious WordPress Plugins Used to Mine Cryptocurrencies

June G. Bauer

Published

on

WordPress Plugins Used to Mine Cryptocurrencies

Security researchers at Sucuri have discovered a number of fake and malicious WordPress plugins that are being used not just to maintain access on the compromised websites but also to mine cryptocurrencies.

WPframework is a commonly used WordPress malicious plugin that hides itself to be a legitimate plugin, but its a PHP backdoor that will allow attackers to maintain their access even after the initial infection vector has been cleaned up.

The plugin will download Linux executable binary files to mine cryptocurrencies in the background.

What is WordPress?

WordPress is a widely used open source content management system (CMS) written in PHP with back-end MySQL database. WordPress is considered to be the easiest and most powerful blogging and website content management system in existence today. Right now, there are around 75,000,000 websites are using WordPress.

Continue Reading

Altcoins

A Major European Airport Hit By a Monero Mining Malware

M. Ali

Published

on

By

Monero-Mining-Malware

Unnamed major European airport was hit by a Monero mining malware that infected more than half of the airport’s workstations to secretly mine Monero cryptocurrency.

Cyberbit, a cyber security firm revealed in a blog post that the malware mining attack was discovered by Cyberbit’s Endpoint Detection and Response team while deploying their security solution that detected suspicious activity on some airport systems.

The malware used Reflective Dynamic-Link Library (DLL) loading to inject malicious DLLs into a host process running in memory without using the Windows loader and completely bypassing the infected systems’ hard drives.

The malware installed xmrig Monero miner to stealthy mine cryptocurrency on the infected machines.

Continue Reading

Popular