all InfoSec news
Tornado Cash Theft Uncovered: Malicious Code Drains Funds for Months
Feb. 26, 2024, 4:35 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Key Points
Sophisticated Supply chain attack: The Tornado Cash open source project was compromised with malicious JavaScript code inserted by a developer.
Impact: Users who conducted transactions using the targeted Tornado Cash project through IPFS gateways were unknowingly impacted for a couple of months.
Discovery: The compromise, discovered by Security researcher Gas404, marks the second major security issue for Tornado Cash within a year, emphasizing the importance of community vigilance in decentralized finance.
Ongoing risks in decentralized …
attack cash code compromise compromised developer discovery funds gateways impact ipfs javascript key key points malicious open source points project security supply supply chain supply chain attack theft tornado tornado cash transactions uncovered
More from malware.news / Malware Analysis, News and Indicators - Latest topics
New Redline Version: Uses Lua Bytecode, Propagates Through GitHub
1 day, 1 hour ago |
malware.news
Showcasing Artwork by Max for Autism Awareness Month
1 day, 15 hours ago |
malware.news
Kaiser Permanente notifies 13.4M patients of potential data exposure
1 day, 15 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Officer Hospital Laguna Beach
@ Allied Universal | Laguna Beach, CA, United States
Sr. Cloud DevSecOps Engineer
@ Oracle | NOIDA, UTTAR PRADESH, India
Cloud Operations Security Engineer
@ Elekta | Crawley - Cornerstone
Cybersecurity – Senior Information System Security Manager (ISSM)
@ Boeing | USA - Seal Beach, CA
Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas
@ Goldman Sachs | Dallas, Texas, United States