VulnHub

Real-time Cybersecurity News

$3.6 Million Stolen in Bitcoin Depot Hack

SecurityWeek
Actively Exploited

Overview

A recent hack targeted Bitcoin Depot, a Bitcoin ATM operator, resulting in the theft of over 50 bitcoins, valued at approximately $3.6 million. The attacker gained access to the company’s wallets by stealing login credentials, allowing them to transfer the funds without detection. This incident raises concerns about the security of cryptocurrency operations and the potential risks associated with user credential management. As cryptocurrency continues to gain popularity, incidents like this highlight the need for stronger security measures to protect digital assets. Companies operating in the crypto space must ensure they have robust security practices in place to prevent similar attacks in the future.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Bitcoin Depot wallets
  • Action Required: Companies should implement two-factor authentication and monitor for suspicious account activity to enhance security.
  • Timeline: Newly disclosed

Original Article Summary

A hacker transferred more than 50 bitcoin from the Bitcoin ATM operator’s wallets after stealing credentials. The post $3.6 Million Stolen in Bitcoin Depot Hack appeared first on SecurityWeek.

Impact

Bitcoin Depot wallets

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Companies should implement two-factor authentication and monitor for suspicious account activity to enhance security.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Healthcare IT solutions provider ChipSoft hit by ransomware attack

BleepingComputer

ChipSoft, a Dutch healthcare software provider, has been hit by a ransomware attack that has disrupted its online services. The attack forced the company to take its website and digital services offline, affecting both patients and healthcare providers who rely on their systems for medical information and services. This incident raises concerns about the security of healthcare IT systems, especially as they handle sensitive patient data. The downtime could lead to delays in patient care and disrupt operations for healthcare professionals. As ransomware attacks continue to pose a significant threat to the healthcare sector, this incident serves as a reminder of the vulnerabilities present in digital health infrastructure.

Apr 9, 2026

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

The Hacker News

A recently patched vulnerability in the EngageLab SDK, a third-party software development kit used in many Android applications, has potentially exposed the private data of around 50 million users, including 30 million cryptocurrency wallet holders. The flaw allowed apps on the same device to bypass Android's security measures, enabling unauthorized access to sensitive information. This incident raises significant concerns about the security of users' cryptocurrency assets, as the compromised data could have led to theft or fraud. Developers using the EngageLab SDK are urged to update their applications to protect users from potential attacks. The vulnerability was identified and addressed, but users should remain vigilant about app permissions and security practices.

Apr 9, 2026

Do Ceasefires Slow Cyberattacks? History Suggests Not

darkreading

The cybersecurity community is closely observing whether Iranian hackers will adhere to a ceasefire that does not specifically mention them. Historically, ceasefires in geopolitical conflicts have not significantly impacted the frequency of cyberattacks. Experts suggest that despite a temporary halt in physical hostilities, cyber operations often continue unabated. This raises concerns for organizations and governments that might be targeted by Iranian cyber actors, as they may not feel bound by such agreements. The situation underscores the ongoing risk that cyber threats pose, irrespective of diplomatic efforts.

Apr 9, 2026

Smart Slider updates hijacked to push malicious WordPress, Joomla versions

BleepingComputer

Hackers have compromised the update system for the Smart Slider 3 Pro plugin, which is used in WordPress and Joomla websites. These attackers managed to distribute a malicious version of the plugin that contains multiple backdoors, allowing them to access and control affected sites. This incident puts users of both platforms at risk, as the malicious code can lead to data breaches and unauthorized actions on their websites. Website administrators should be particularly vigilant, as the compromised update could have far-reaching consequences if not addressed promptly. Users are strongly advised to check their installations and update to the latest secure versions to mitigate any potential damage.

Apr 9, 2026

Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’

CyberScoop

The FBI has taken significant action against the Russian hacking group APT28, which is linked to the GRU, the Russian military intelligence agency. This operation targeted routers that APT28 had compromised, allowing them to access a range of networks. According to Brett Leatherman, the FBI's cyber chief, this group's ability to propagate attacks from routers made their threat particularly concerning. By disrupting this access, the FBI aims to protect various organizations from potential espionage and data breaches. This incident underscores the persistent risk posed by state-sponsored cyber actors and highlights the importance of securing network infrastructure to prevent similar intrusions in the future.

Apr 9, 2026

Sensitive LAPD documents reportedly leaked online by World Leaks

SCM feed for Latest

Sensitive documents from the Los Angeles Police Department have reportedly been leaked online by a group known as World Leaks. The breach has exposed around 7.7 terabytes of data, which includes over 337,000 files. This incident raises serious concerns about the security of law enforcement data and the potential implications for public safety and privacy. With such a large volume of sensitive information now accessible, there is a heightened risk of misuse or further exploitation. The LAPD and other authorities will need to take immediate action to assess the extent of the breach and protect against future incidents.

Apr 9, 2026