Pepes Creator Under Attack: $6 Million Crypto Scam and Key Cybersecurity Updates

Here’s a translated and rewritten version of your text while maintaining its meaning:

We have gathered the most significant cybersecurity news from the past week.

Several cryptocurrency projects linked to the creator of the Pepe the Frog character, Matt Fury, have been compromised, resulting in losses exceeding $1 million, as reported by blockchain investigator ZachXBT.

The attackers siphoned off approximately $310,000 from the collections Replicandy, Peplicator, Hedz, and Zogz, which were developed by Fury’s team on the ChainSaw platform. In addition, over $680,000 was stolen from the Favrr project.

Hackers accessed smart contracts, lifted token issuance restrictions, and reminted NFTs, which they subsequently sold, effectively devaluing them.

According to ZachXBT, these attacks may be linked to developers from North Korea who were hired through freelance platforms. The investigator noted that there have been regular payments to such “employees” from various cryptocurrency projects and intends to release statistics on the matter.

The Ministry of Internal Affairs of Khakassia has concluded an investigation into two local residents involved in a series of cryptocurrency-related frauds.

According to the investigation, from 2022 to 2023 the suspects posted fake advertisements for the sale of digital assets and accepted transfers from residents across various regions. The obtained funds were laundered through bank accounts.

A total of 41 individuals were defrauded, with total damages exceeding 6 million rubles.

During searches, more than 50 SIM cards, electronic devices, and bank cards were seized from the suspects. The case has been forwarded to court.

A new Trojan, SparkKitty, is being distributed via counterfeit app store websites. It disguises itself as cryptocurrency applications and modified versions of TikTok, according to Kaspersky Lab.

Once installed, the malware requests access to the device’s gallery, tracks changes, creates a local database of stolen images, and uploads them to a remote server. The primary objective of the attackers is to capture screenshots of cryptocurrency wallet seed phrases.

Currently, the Trojan primarily targets residents of China and Southeast Asia.

The U.S. Department of Justice has outlined charges against 25-year-old British citizen Kai West, known by the hacker alias IntelBroker, and announced his arrest in February 2025 in France.

American authorities are seeking West’s extradition for conspiring to commit computer intrusions and electronic fraud.

Law enforcement tracked down West’s account on the Ramp platform and his Coinbase account through a cryptocurrency wallet address, discovering scans of personal documents in associated emails.

Additionally, this week, French authorities arrested four operators of BreachForums v2, including ShinyHunters, who served as the administrator of the hacker forum after the capture of Pompompurin. IntelBroker was also among those managing the platform following its relaunch.

In Russia, a court sentenced four members of the REvil group to five years in prison, as reported by TASS. Considering the time they’ve already spent in pre-trial detention, they were released after the verdict was delivered.

The U.S. Congress’s cybersecurity office has prohibited the use of the WhatsApp messaging app on all devices used by legislative staff, as reported by Reuters.

In the official memorandum, the app was labeled as «high-risk for users due to a lack of encryption and transparent data protection.»

Staff and Congress members are advised to switch to Microsoft Teams, Wickr, Signal, or FaceTime for messaging purposes.

Meta representatives expressed their strong disagreement with this decision, emphasizing that their platform provides a «higher level of security than other approved applications.»

Starting from July 1, scammers are preparing a large-scale attack targeting Russian citizens, exploiting the newly implemented law prohibiting the use of foreign messaging apps by government bodies. This was reported by RIA Novosti, citing experts from the Russian Presidential Academy of National Economy and Public Administration (RANEPA).

According to them, the fraudsters, posing as employees of a non-existent service called «Unified State Services Aggregator,» plan to offer registration in the new Max messenger from VK. The links they distribute are phishing attempts aimed at stealing personal data.

Additionally, scammers may intimidate victims by pretending to be from the FSB, police, and other authorities, extorting money from them.

Learn how to protect yourself when reporting stolen cryptocurrencies to the police. An expert from Shard provides insights.