Labubu, dangerous torrents and major cyberattacks of the week
Date: 2025-08-18 Author: Gabriel Deangelo Categories: BUSINESS
This week, security experts have recorded a number of serious incidents affecting cryptocurrency users, corporate systems and even infrastructure. One of the most notable was the loss of $1.6 million due to the "poisoning" of crypto addresses. According to ScamSniffer, on August 15, one user copied an infected address and lost 140 ETH (about $636,500). The attack mechanism consists of creating addresses that are visually identical to real ones, where the attackers first send small amounts, misleading the victim. Similar cases have occurred before: over $1.6 million was stolen in five days. Users also lost funds by signing phishing requests approve, increaseAllowance and permit, including an incident with BLOCK and DOLO tokens for $165,000.
Another major case affected Labubu fans. On August 11, F6 identified a fraudulent scheme targeting Russians. Users were lured to a fake toy marketplace with the promise of free Labubu cryptocurrency. After connecting the wallet, the site requested access to the balance and transactions, and then the malware transferred funds to the fraudsters' accounts. This brand was previously used to steal Telegram accounts: through fake promotions, users shared confirmation codes, losing access to the messenger.
Malicious Trojans distributed through movie torrents also pose a serious threat. Kaspersky Lab has detected a massive Efimer attack, which disguises itself as the xmpeg_player.exe player and replaces crypto wallet addresses in the clipboard. The malware collects credentials and is capable of working through Tor, self-healing. From October 2024 to July 2025, more than 5,000 users in India, Spain, Russia, Italy and Germany encountered Efimer.
Critical infrastructure was also attacked. In April, pro-Russian hackers gained access to the Norwegian dam system in Bremanger and opened the release valves, releasing more than 7.2 million liters of water. The incident was only reported in August; according to police, the goal was to demonstrate capabilities, not to cause damage.
Another alarming case was discovered in the automotive industry. Harness researcher Eaton Zweare discovered a vulnerability in a major automaker’s dealer portal that allowed customer data to be exposed and vehicles to be controlled remotely via a mobile app. The expert showed that it was possible to access more than 1,000 dealerships and link cars to personal accounts.
This week has clearly shown that cyber threats continue to evolve and affect both private users and corporate systems and critical infrastructure.
The word Labubu, Efimer and other events highlight how important it is to be careful when dealing with digital assets and online services.
