Smartphone users are just as vulnerable to cryptocurrency mining hijacks as their PC counterparts, and sometimes on a dramatic scale.

Malwarebytes has detailed a "drive-by" mining campaign that redirected millions of Android users to a website that hijacked their phone processors for mining Monero. While the exact trigger wasn't clear, researchers believed that infected apps with malicious ads would steer people toward the pages. And it wasn't subtle -- the site would claim that you were showing "suspicious" web activity and tell you that it was mining until you entered a captcha code to make it stop. 

Malware hunters from US security firm Forcepoint have stumbled across a new strain of Point of Sale (PoS) malware, the second such type of PoS malware that hides stolen credit/debit card information inside DNS requests.

The first PoS malware that was first seen employing this technique was a lesser known version of the NewPosThings PoS malware, named MULTIGRAIN, discovered in April 2016 by fellow US cyber-security firm FireEye. But while MULTIGRAIN had been used in real-world attacks, Forcepoint says it did not find any evidence suggesting this new strain of PoS malware, named UDPoS, has made any victims as of yet.

The odds are about one in four that the crypto fanatic in your office is involved in illegal activities. After conducting a study of historical Bitcoin transaction data an Australian research group concluded:

We find approximately one-quarter of Bitcoin users and one-half of Bitcoin transactions are associated with illegal activity. Around $72 billion of illegal activity per year involves Bitcoin, which is close to the scale of the US and European markets for illegal drugs. And that $72 billion? Here’s a bone for you conspiracy theory types: Business Insider reports Bitcoin has lost $72 billion in value since the beginning of 2018. Coincidence? Probably.

A massive cryptocurrency mining botnet has taken over half a million machines and may have made its cybercriminal controllers millions of dollars - and the whole operation is powered by EternalBlue, the leaked NSA exploit which made the WannaCry ransomware outbreak so destructive.

The Smominru miner botnet turns infected machines into miners of the Monero cryptocurrency and is believed to have made its owners around $3.6 million since it started operating in May 2017 - about a month after EternalBlue leaked and around the same time as the WannaCry attack. 

A computer security exploit developed by the US National Security Agency and leaked by hackers last year is now being used to mine cryptocurrency, and according to cybersecurity experts the number of infections is rising.

Last April, a hacking group called the Shadow Brokers leaked EternalBlue, a Windows exploit that was developed by the NSA. Less than a month later, EternalBlue was used to unleash a devastating global ransomware attack called WannaCry that infected more than 230,000 computers in 150 countries. A month later, in June, the EternalBlue exploit was again used to cripple networks across the world in an even more sophisticated attack. 

YouTube is turning passive viewers into cryptocurrency miners, and Google isn't happy. The issue became apparent earlier in the week as complaints surfaced on social media claiming that YouTube ads were raising red flags in anti-virus software.

A service called Coinhive was hijacking a viewer's CPU and using its power to mine crypto. A Friday blog post from Trend Micro, an international cybersecurity company, confirmed the sharp uptick in Coinhive use earlier in the week, pinning it to a "malvertising campaign" that subverted a Google ad service used on YouTube. 

Researchers have uncovered four malicious extensions with more than 500,000 combined downloads from the Google Chrome Web Store, a finding that highlights a key weakness in what's widely considered to be the Internet's most secure browser.

Google has since removed the extensions. Researchers stumbled on the find after detecting a suspicious spike in outbound network traffic coming from a customer workstation. They soon discovered it was generated by a Chrome extension called HTTP Request Header as it used the infected machine to surreptitiously visit advertising-related Web links. 

Basically, phishing is a type of fraud that aims to extract personal data: logins, passwords, wallet numbers, and so forth. It’s essentially digital social engineering.

There’s a variety of phishing known as spear phishing. What distinguishes spear phishing from other types of phishing is that it targets a specific person or employees of a specific company. That targeting makes spear phishing more dangerous; cybercriminals meticulously gather information about the victim to make the “bait” more enticing. A well-produced spear phishing e-mail can be very difficult to distinguish from a legitimate one. So, spear phishing makes it easier to hook the victim.

The Securities and Exchange Commission has charged Canadian crypto company PlexCorp with violating securities laws by selling up to $15 million in an initial coin offering (ICO).

ICOs have seen explosive growth over the past year as fledgling companies have used them to raise more than $3 billion in capital through various cryptocurrencies. However, experts have warned they can present several dangers to unsuspecting investors hoping to get into a hot new market as regulations are pretty loose. Called PlexCoins, PlexCorp allegedly used this cryptocurrency to scam would-be investors hoping to cash in early on the company’s growth.

The holidays are upon us, and so it is to remind ourselves once again of just how much cyber criminals enjoy playing on the very fears of consumer fraud they elicit.

If the last thing you want interrupting your time with friends and loved ones is a slew of fraudulent bank charges, you’ll need to keep your wits about you. As you read this, an illicit campaign is underway to deceive PayPal users into believing recent transactions they’ve made “could not be verified.” In emails bearing PayPal’s logo, consumers are warned that PayPal has detected suspicious activity on their accounts and that the company requires updated information to avoid fraudulent charges.