Cybersecurity Highlights: Ethereum Theft Cheat, Smishing on Binance, and More Recent Threats

Here is an English translation of your text, rewritten with unique phrasing while preserving its meaning:

We have compiled the most significant cybersecurity news from the past week.

In the description of a video advertising game cheats on YouTube, cybercriminals have included links to download an archive that leads to the installation of the infostealer Arcane. This issue has been brought to light by experts from Kaspersky Lab.

Among its other malicious functions, the malware targets cryptocurrency wallets including Armory, Jaxx, Exodus, Electrum, Atomic Wallet, Guarda, Coinomi, and others. It also steals system information and user data from browsers, VPN clients, networking tools, messaging apps, email, and gaming services.

Currently, the highest number of infections is reported in Russia, Belarus, and Kazakhstan.

The cryptocurrency exchange Binance has warned its users about a new wave of smishing — fraudulent SMS messages sent under the guise of the platform’s administration.

The scammers send fake notifications regarding suspicious activity on the user’s account and then attempt to persuade the customer to contact them under various pretexts and transfer funds to a “secure” wallet.

The exchange reminds users that it never asks for phone calls and does not pressure them to move their assets.

Additionally, Binance cautioned about the spread of trojans disguised as legitimate software. For example, cryptocurrency holders have recently fallen victim to an application called Bom, which masquerades as a mining tool.

Once installed, it requests access to local files and scans them for information regarding private keys or seed phrases. This malicious campaign has resulted in the theft of over $650,000 across multiple blockchains.

Researchers from Pillar Security have uncovered a new attack vector targeting AI models like GitHub Copilot and Cursor, wherein the generated code is compromised.

Malicious commands are injected into the configuration files of these tools using invisible Unicode characters. This manipulation causes the AI models to produce code containing backdoors and other vulnerabilities that bypass standard checks.

GitHub and Cursor have stated that it is the users’ responsibility to verify the code suggested by their AI models.

Representatives from WhatsApp confirmed in a comment to Bleeping Computer that the company has fixed a zero-day vulnerability exploited to install the Graphite spyware from Paragon.

This fix was applied in late 2024 without requiring any additional actions from users.

The service reached out directly to potential victims, including journalists and civil society members.

On March 20, many Russian users experienced issues accessing popular websites and services, including YouTube, Twitch, and TikTok. Reports on this were documented by Sbay.rf and Downdetector.

According to their information, several Russian providers faced challenges, with disruptions also occurring among mobile operators in various regions.

In a comment to RBC, representatives from Roskomnadzor stated that the outages were connected to «the use of foreign server infrastructure that is experiencing technical failures.» The agency recommended that Russian companies shift to local hosting platforms.

Meanwhile, participants in the technical forum ntc.party reported on the inaccessibility of the American CDN service Cloudflare. They suggested that the fact that not all service providers experienced access issues points to a Roskomnadzor blockade rather than server malfunctions.

The UK’s National Cyber Security Centre (NCSC) has called on critical organizations to adopt post-quantum cryptography (PQC) by 2035.

The guidance primarily targets government bodies, large enterprises, operators of critical national infrastructure, as well as technology and software providers with proprietary IT systems. They are all expected to ensure the full migration of their systems, services, and products within the specified timeframe.

NCSC has outlined the risks associated with falling behind the proposed roadmap.

The US has established a similar timeline for transitioning to PQC in the Memorandum on National Security No. 10.

In a discussion with Vladimir Menaskop, we explore the significance of consensus and its role in preventing breaches.