White House A.I. and Crypto Czar David Sacks discusses the ‘Winning the AI Race’ summit, how the U.S. can be the leader on the technology and the signing of the GENIUS Act into law.
Category: cryptocurrencies
3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics
A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by the likes of CoinHive.
Although the service has since shuttered after browser makers took steps to ban miner-related apps and add-ons, researchers from the c/side said they found evidence of a stealthy miner packed within obfuscated JavaScript that assesses the computational power of a device and spawns background Web Workers to execute mining tasks in parallel without raising any alarm.
More importantly, the activity has been found to leverage WebSockets to fetch mining tasks from an external server, so as to dynamically adjust the mining intensity based on the device capabilities and accordingly throttle resource consumption to maintain stealth.
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
The attack chains begin when one of these adversary-controlled accounts messages a victim through X, Telegram, or Discord, urging them to test out their software in exchange for a cryptocurrency payment.
Should the target agree to the test, they are redirected to a fictitious website from where they are promoted to enter a registration code provided by the employee to download either a Windows Electron application or an Apple disk image (DMG) file, depending on the operating system used.
On Windows systems, opening the malicious application displays a Cloudflare verification screen to the victim while it covertly profiles the machine and proceeds to download and execute an MSI installer. Although the exact nature of the payload is unclear, it’s believed that an information stealer is run at this stage.
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ digital assets at risk.
“These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox,” Koi Security researcher Yuval Ronen said.
The large-scale campaign is said to have been ongoing since at least April 2025, with new extensions uploaded to the Firefox Add-ons store as recently as last week.
Open House
Have you heard about the crazy guys who bought an entire tower to convert it into a vertical village? Yes, that’s us.
Do you want to walk the 16-floor tower and explore the space? Still on the fence, if you should become a citizen? Do you have questions about how you can get involved and co-create? Wanna hear updates on what happened in the last 2 weeks? This event is for you! 👩🚀
About us: We are transforming a 16-floor tower in the heart of San Francisco into a self-governed vertical village —a hub for frontier technologies and creative arts. 8 themed floors will be dedicated to creating tier-one labs, spanning AI, Ethereum, biotech, neuroscience, longevity, robotics, human flourishing, and arts & music. These floors will house innovators and creators pushing the boundaries of human potential in a post-AI-singularity world.
AT&T rolls out “Wireless Lock” feature to block SIM swap attacks
AT&T has launched a new security feature called “Wireless Lock” that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled.
This new feature has been available for some customers for almost a year and has now been rolled out to all AT&T customers.
SIM swap attacks are when cybercriminals port, or move, a targeted phone number to a device under their control. This allows them to intercept the target’s calls, texts, and multi-factor authentication codes to breach further accounts, such as email, banking, and cryptocurrency wallets.
Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects
Europol dismantled a crypto fraud syndicate laundering $540M from 5,000 victims worldwide.
Malware on Google Play, Apple App Store stole your photos—and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices.
The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected devices.
When installing crypto wallets, the installation process tells users to write down the wallet’s recovery phrase and store it in a secure, offline location.