Here are the biggest cybersecurity stories of the week:

• ZachXBT exposed widespread thefts from Coinbase

• Trojanized version of DogWifTools drained meme coin holders’ wallets

• Massive operation shut down hacker forums Cracked and Nulled

• ChatGPT’s security filter failed the “time travel” test

ZachXBT: Over $150M Stolen from Coinbase Users

A malicious actor used social engineering to steal 110 cbBTC (~$11.5M) from a Coinbase user on the Base network. According to on-chain detective ZachXBT, the attack happened in December 2024.

The stolen funds were withdrawn in three transactions, swapped for Ethereum, laundered through flash swaps, and merged with other stolen assets.

ZachXBT reported that social engineering scams on Coinbase have led to over $150M in losses over the past year. Hackers exploited data leaks, email spoofing, and SIM-swaps.

The investigator promised to reveal more details on other recent large-scale thefts soon.

Trojanized DogWifTools Drains Users’ Wallets

Meme coin promotion platform DogWifTools on Pump.fun suffered a supply chain attack. Hackers breached the project’s GitHub and replaced versions 1.6.3 – 1.6.6 with Trojanized software, gaining access to users’ hot and cold wallets. According to Bleeping Computer, estimated losses exceeded $10M.

Developers confirmed the incident in Discord and are working to enhance security.

Community members on X accused DogWifTools of a potential rug pull, arguing that the platform does not restrict scam meme coin launches.

insane work by the @dogwiftools team (easily the most popular bundling tool)

they scammed the scammers for $10m+

their tool asked for very intrusive permissions on your computer

now they are using ID pics stored on computers of scammers locally to cash out users funds lmao… pic.twitter.com/eeUunlZM3K
— solboy (@0x5OLBOY) January 28, 2025

Some users also pointed out excessive permission requests from the platform, suggesting that attackers may have accessed ID photos to compromise exchange accounts.

Hacker Forums Cracked and Nulled Shut Down in Global Crackdown

Authorities from eight countries dismantled two of the largest hacking forums, Cracked and Nulled, which had over 10 million users combined.

During Operation Talent, law enforcement seized 17 servers and 12 domains and arrested two suspects in Spain. Authorities confiscated €300,000 in cash and cryptocurrencies.

According to the US Department of Justice, these forums facilitated the sale of stolen credentials, fraudulent documents, and hacking tools.

• Nulled had been active since 2016, posting 43M illegal listings and generating $1M in revenue annually.

• Cracked, launched in 2018, hosted 28M listings, making $4M in revenue. The site victimized at least 17M people in the US.

Additionally, associated services SellIX (payment processor) and StarkRDP (hosting service) were also taken down.

One of the arrested individuals was 29-year-old Argentine citizen Lucas Son, allegedly the admin of Nulled. He faces up to 30 years in prison.

Italy Bans DeepSeek

Italian data regulator Garante blocked access to DeepSeek, citing the developers’ failure to provide information on user data handling.

Authorities deemed the submitted details “completely insufficient.” Meanwhile, DeepSeek claimed it does not operate in Italy and is not subject to European law.

According to Reuters, DeepSeek was removed from App Store and Google Play in Italy on January 29.

Facebook Flags Linux as Malware

Facebook started blocking Linux-related topics, websites, and groups, labeling them as “malware” and “cybersecurity threats.”

The issue was highlighted by DistroWatch, which was blocked from running ads promoting its open-source software platform.

Facebook began enforcing this policy on January 19, and DistroWatch’s appeal was rejected.

Ironically, Facebook’s own infrastructure runs on Linux, and the company regularly posts job listings for Linux developers.

ChatGPT Exploit: “Time Travel” Attack Bypasses Security Filters

Cybersecurity researcher David Kushmar discovered the Time Bandit exploit, which tricks ChatGPT into bypassing security restrictions.

According to Bleeping Computer, manipulating the chatbot’s perception of time disables its content filtering system.

Journalists successfully convinced “a programmer from 1789” to provide instructions for creating modern malware.

The CERT Coordination Center confirmed that Time Bandit was most effective when tested with time frames from 1800 to 1900.

OpenAI has since patched the vulnerability.

EU Sanctions Russian GRU Hackers

The European Council imposed sanctions on three Russian GRU operatives for their involvement in hacking Estonian government institutions in 2020.

Authorities claim that officers from Unit 29155 stole thousands of confidential documents, including trade secrets and medical records.