ChainCatcher news, according to CoinDesk, Kaspersky has discovered that hackers are using GitHub for "GitVenom" attacks, which have been active for at least two years and are on the rise. Hackers create GitHub repositories disguised as legitimate projects, such as Telegram bots for managing Bitcoin wallets or computer game tools, but they hide malicious code within them.Attackers use Python and JavaScript code to implant Trojan viruses, which steal passwords, encrypted wallet information, and hijack Bitcoin transaction addresses after infecting victims' devices. In November 2024, a developer lost over $400,000 in Bitcoin due to this attack. GitVenom primarily affects countries such as Russia, Brazil, and Turkey, and continues to spread globally.Kaspersky advises developers to carefully review the authenticity of projects before running code, and to be wary of overly optimized README files and suspicious code commit histories.

ChainCatcher news, according to Cointelegraph, cybersecurity company Kaspersky Labs has stated that a malware development kit used to create applications on the Google Play Store and Apple App Store is scanning user images for cryptocurrency wallet recovery phrases in order to steal funds.Kaspersky Labs reported that once the malware named SparkCat infects a device, it uses optical character recognition (OCR) tools to search images for specific keywords in different languages. The intruders steal the recovery phrases of cryptocurrency wallets, which are sufficient for them to gain full control over the victim's wallet and further steal funds.The flexibility of this malware allows it not only to steal secret phrases but also to extract other personal data from the photo gallery, such as message content or passwords that may be left on screenshots. The report advises against storing sensitive information in screenshots or mobile photo galleries and recommends using password managers. Additionally, it suggests deleting any suspicious or infected applications. The report states that the source of the malware is unclear and cannot be attributed to any known organization, but it is similar to an activity discovered by ESET researchers in March 2023.

ChainCatcher message, Kaspersky has detected a cyber fraud activity aimed at exploiting popular topics such as web3, cryptocurrency, artificial intelligence, and online gaming to steal cryptocurrency and sensitive information. It is reported that this activity is orchestrated by Russian-speaking cybercriminals, and Kaspersky has named the cybercriminals behind this operation "Tusk." They have created fake websites that mimic legitimate services, involving imitation of cryptocurrency platforms, online role-playing games, and AI translation websites to obtain sensitive information such as credentials, while clipboard managers monitor clipboard data to replace copied cryptocurrency wallet addresses with malicious ones.

ChainCatcher message, the antivirus software Kaspersky officially stated, "A very serious vulnerability has been found again in the Apple operating system. Attackers can gain root access, which may jeopardize user asset security. These several very serious security vulnerabilities in iOS and macOS have been exploited by attackers. To address these vulnerabilities, Apple has quickly released updates for several previous versions. These vulnerabilities are critical, please update promptly." (source link)

ChainCatcher news, Russian cybersecurity and antivirus provider Kaspersky revealed that cryptocurrency phishing attacks increased by 40% year-on-year in 2022. The company detected a total of 5,040,520 cryptocurrency phishing attacks throughout the year, compared to 3,596,437 in 2021. A typical phishing attack involves contacting investors through fake websites and communication channels that mimic official companies, then prompting users to share personal information such as private keys, ultimately providing attackers with unauthorized access to cryptocurrency wallets and assets. (source link)