VulnHub

Real-time Cybersecurity News

New Torg Grabber infostealer malware targets 728 crypto wallets

BleepingComputer
Actively Exploited
UpdateMalwareCritical

Overview

A new type of malware called Torg Grabber is targeting users by stealing sensitive information from around 850 browser extensions, with over 700 specifically linked to cryptocurrency wallets. This malware is designed to capture private keys, passwords, and other critical data, posing a significant risk to individuals who manage their digital assets online. The widespread nature of this attack means that many popular wallet extensions could be compromised, leaving users vulnerable to financial theft. Researchers are urging users to be cautious about which extensions they install and to regularly update their security practices. This incident highlights the ongoing challenges in keeping digital assets safe from evolving cyber threats.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: 850 browser extensions, 700+ cryptocurrency wallets
  • Action Required: Users should uninstall any suspicious extensions, enable two-factor authentication for their wallets, and regularly monitor their accounts for unauthorized transactions.
  • Timeline: Newly disclosed

Original Article Summary

A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets. [...]

Impact

850 browser extensions, 700+ cryptocurrency wallets

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should uninstall any suspicious extensions, enable two-factor authentication for their wallets, and regularly monitor their accounts for unauthorized transactions.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Update, Malware, Critical.

Read Original Article

Related Coverage

Blame Game: Why Public Cyber Attribution Carries Risks

darkreading

The article discusses the complexities and potential risks associated with publicly attributing cyberattacks to specific entities. It emphasizes that organizations should carefully weigh the consequences of making such accusations, as it can lead to diplomatic tensions, retaliation, or even misdirected blame. The authors argue that while public attribution can help raise awareness about threats, it also carries the risk of escalating conflicts or damaging reputations without solid evidence. Companies must consider the potential fallout before announcing their findings, especially in an environment where cyber warfare is increasingly common. Overall, the piece serves as a cautionary note for organizations navigating the challenging waters of cyber incident attribution.

Mar 25, 2026

5 telltale signs that your phone has been compromised (and how to combat them)

Latest news

The article outlines five key signs that your smartphone may have been compromised. These signs include unusual battery drain, unexpected data usage, unfamiliar apps, strange text messages, and poor performance. It advises users to be vigilant for these indicators and provides secret codes that can help diagnose potential issues. Recognizing these signs early can help users take action to secure their devices and protect personal information. Understanding how to spot a compromised phone is crucial in today’s digital landscape, where cyber threats are increasingly common.

Mar 25, 2026

Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam

darkreading

Phishing scammers have been impersonating recruiters from Palo Alto Networks to trick job seekers since August. These fraudsters have used psychological tactics and personal information gleaned from LinkedIn profiles to create convincing fake job offers. Victims are often led to believe they are in the running for legitimate positions, only to be scammed out of money or personal information. This ongoing scheme not only targets job seekers but also potentially damages the reputation of the real company. It's crucial for job candidates to verify the authenticity of job offers and be cautious when sharing personal details online.

Mar 25, 2026

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

Security Affairs

TP-Link has addressed a significant security vulnerability in its Archer NX router series, identified as CVE-2025-15517, which has a CVSS score of 8.6. This flaw allows attackers to bypass authentication measures, potentially enabling them to install malicious firmware on affected devices. The vulnerability affects several models, including the Archer NX200, NX210, and NX500, among others. Users of these routers are urged to update their firmware promptly to protect against potential exploits. This incident is particularly concerning as it highlights the risks associated with consumer-grade networking equipment, which often lacks robust security measures.

Mar 25, 2026

SANS: Top 5 Most Dangerous New Attack Techniques to Watch

darkreading

The SANS Institute has identified five new attack techniques that all utilize artificial intelligence. These techniques pose significant risks as they can automate and enhance cyber attacks, making them more effective and harder to detect. Organizations across various sectors should be aware of these emerging threats, as they could lead to data breaches, system compromises, and other serious security incidents. The report emphasizes the need for companies to adapt their security measures and stay informed about advancements in AI that could be exploited by attackers. As AI continues to evolve, it is crucial for cybersecurity professionals to understand these techniques to better protect their systems.

Mar 25, 2026

RSAC 2026: 5 ways AI is our worst enemy, and 3 ways to make it SOC’s best friend

SCM feed for Latest

At the RSAC 2026 conference, keynotes from Splunk and the SANS Institute discussed the dual nature of artificial intelligence in cybersecurity. On one hand, AI poses significant risks, such as enabling more sophisticated cyberattacks and automating malicious activities. On the other hand, it can enhance security operations centers (SOCs) by improving threat detection and response times. Experts emphasized the need for organizations to balance these aspects, recognizing that while AI can be a powerful tool for attackers, it also has the potential to bolster defenses. This conversation is crucial as businesses increasingly integrate AI into their security strategies, highlighting the importance of understanding both its risks and benefits.

Mar 25, 2026