30s Summary

Ambient Finance, a decentralized trading platform, suffered a cyber hack on 17 October, prompting the team to advise users to avoid interacting with the site. However, all contracts and funds are secure. The platform was targeted with a hacking tool ‘Inferno Drainer’ 24 hours after the attack. Notably, Ambient Finance was previously exposed to malware ‘Cthulhu Stealer’ masking as a macOS program, and ‘SpyAgent’, targeting Android systems. Cybersecurity firm Facct has also uncovered malware distributed via automated emails installing altered XMrig mining software.

Full Article

Ambient Finance, a decentralized trading platform, recently fell victim to a hacking event on Oct. 17. As a result, the team running the platform has advised users not to interact with the site, link wallets or authorize any transactions at the moment.

Whilst the website was hijacked, Ambient Finance maintains that this is a one-off situation. They’ve also confirmed that all contracts and funds held with Ambient Finance remain safe and secure.

Following the hack, they’ve managed to regain control of the domain and are currently waiting for DNS to update and spread. Users are advised to hold off until they get the green light to continue using the site.

Blockaid, a security firm, has identified the cyber attack tool used in the ambush as a well-known digital asset stealing software known as Inferno Drainer. The command server responsible for launching the attack was established a mere 24 hours before the incursion took place.

Unfortunately, this is not the first time we’ve witnessed an attack of this nature on Ambient Finance, as hackers’ tricks become more sophisticated. It’s long been held that Apple’s macOS systems are pretty much impervious to malware. Still, recent shenanigans reveal a surge in malware attacks aimed at macOS systems.

A recent case in point is when a new malware, dubbed “Cthulhu Stealer,” was identified back in August 2024. This sneaky software masquerades as a legitimate macOS program that’s installed on the desktop and then helps itself to sensitive data and private keys, thereby clearing out crypto wallets.

In another case, security experts at McAfee Labs found a malware named “SpyAgent” aimed at Android operating systems in September. SpyAgent uses optical recognition software to scan images and steal sensitive data held within those images.

The malware tends to spread as innocent-seeming apps downloaded through texts. On investigation, researchers at McAfee have discovered over 280 phony apps, all with ties to the malicious SpyAgent.

Facct, a cybersecurity firm, has also recently exposed a unique malware distribution method using automated emails to install altered XMrig mining software. The result is hacked devices that are used by the baddies to mine cryptocurrencies.

Source: Cointelegraph