According to recent reports, scores of crypto users were hit last week by SIM-swapping attacks in what appears to have been a coordinated wave of attacks. SIM swapping, also known as SIM jacking, is a form of account takeover (ATO) attack, where hackers use techniques like social engineering to transfer a victim's phone number to their own SIM card in order to reset passwords or obtain two-factor verification codes to access protected accounts. Victims of the recent attacks were reportedly all members of the crypto community living in the United States, with one victim admitting to losing over $100,000 of cryptocurrency.

A China-based malware campaign dubbed the "Nansh0u campaign" has been in progress since February, reportedly breaching more than 50,000 servers across the world and infecting more than 700 new victims a day with crypto-mining malware. According to reports, most of the firms affected are in the healthcare, telecom, media and IT sectors, and the malware packages were written using sophisticated Chinese language tools and placed on Chinese language servers.

According to recent reports, a new malware called BlackSquid employs at least eight of the most dangerous exploits currently available to hackers to infect servers and install Monero coin mining software on them. The majority of BlackSquid attacks so far apparently have occurred in Thailand and the United States, with the last week of May having been the most active period for the malware yet. Another recently reported crypto-mining malware campaign involves a fraudulent website impersonating the Cryptohopper trading platform. When visited, the malicious website reportedly executes an attack that installs crypto-mining malware and a "clipboard hijacker."

A popular crypto exchange unexpectedly shut down its services in April and has allegedly disappeared with customer funds. Though the exact amount involved in the alleged fraud by Coinroom, the Polish crypto exchange, is not yet known, customers with deposits ranging from around $79 to $15,660 recently reported the theft. Founded in 2016, Coinroom was one of the most widely used digital asset exchanges in Poland and offered fiat-based crypto trading to its clients.

A recent report by blockchain analytics firm Chainalysis found that upwards of 64% of ransomware attack cash-out strategies use crypto exchanges to launder funds. The report also indicated a shift in how ransomware attacks are carried out. According to the report, while the tendency before had been to conduct wide and shallow attacks, infecting myriads of random victims and demanding small amounts to decrypt the files, criminals are beginning to home in on targets with legally or politically sensitive data and demanding larger payments to ransom the data.

For more information, please refer to the following links:

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.