all InfoSec news
Tornado Cash Theft Uncovered: Malicious Code Drains Funds for Months
Feb. 26, 2024, 4:35 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Key Points
Sophisticated Supply chain attack: The Tornado Cash open source project was compromised with malicious JavaScript code inserted by a developer.
Impact: Users who conducted transactions using the targeted Tornado Cash project through IPFS gateways were unknowingly impacted for a couple of months.
Discovery: The compromise, discovered by Security researcher Gas404, marks the second major security issue for Tornado Cash within a year, emphasizing the importance of community vigilance in decentralized finance.
Ongoing risks in decentralized …
attack cash code compromise compromised developer discovery funds gateways impact ipfs javascript key key points malicious open source points project security supply supply chain supply chain attack theft tornado tornado cash transactions uncovered
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 9 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 12 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)