LIVE
Tether CEO Says USDT Adds 30M+ New Wallets Each QuarterGrant Cardone's Firm Adds 10.5 BTC, Tops 2,700 BTC HoldingsBitPay Gets Dutch MiCA License for Stablecoin PaymentsT. Rowe Price Launches Active Crypto ETF: Key DetailsSBI Group Partners With Ondo Finance for Tokenized FinanceRipple CLO Stuart Alderoty Backs CLARITY Act Before Key TestSouth Korea May Bring Crypto Under 76-Year-Old Asset Law: ReportBitcoin ETFs See $107.7M Inflows as IBIT LeadsStrategy Pauses Bitcoin Buys Until Preferred Shares RecoverBitcoin Held Inverse U.S. Dollar Correlation in Q2 2026Tether CEO Says USDT Adds 30M+ New Wallets Each QuarterGrant Cardone's Firm Adds 10.5 BTC, Tops 2,700 BTC HoldingsBitPay Gets Dutch MiCA License for Stablecoin PaymentsT. Rowe Price Launches Active Crypto ETF: Key DetailsSBI Group Partners With Ondo Finance for Tokenized FinanceRipple CLO Stuart Alderoty Backs CLARITY Act Before Key TestSouth Korea May Bring Crypto Under 76-Year-Old Asset Law: ReportBitcoin ETFs See $107.7M Inflows as IBIT LeadsStrategy Pauses Bitcoin Buys Until Preferred Shares RecoverBitcoin Held Inverse U.S. Dollar Correlation in Q2 2026
Homepage/News/GreedyBear Cybercrime Group Accused of $1 Million Crypto Heist
NEWS

GreedyBear Cybercrime Group Accused of $1 Million Crypto Heist

BY Vladimir C.·2 MIN READ·AUGUST 10, 2025

GreedyBear, a cybercrime group, has reportedly stolen over $1 million in crypto assets using advanced tactics, according to cybersecurity researchers on August 10, 2025.

KEY FINDINGS - EVIDENCE LEVEL: MULTI-SOURCE
1Key sections mapped in this report
0Internal references connected to related coverage
4External source domains cited in the article
2 minEstimated time to read the full report
Key Points:
  • GreedyBear uses advanced tactics to steal $1M in crypto.
  • Impacted cryptocurrencies include ETH, TRX, and ERC-20 tokens.
  • Attacks involve malicious browser extensions exploiting user credentials.
MAGA

The incident highlights vulnerabilities in digital wallets, prompting security reviews and discussions across developer platforms about improving extension verification and user awareness.

The cybercrime group GreedyBear has been accused of conducting a sophisticated campaign stealing over $1 million in cryptocurrency assets. Researchers at Koi Security identified this heist involving malicious tools and AI-generated code targeting crypto wallets.

GreedyBear employs a range of tactics including browser extensions imitating leading wallet brands. Their actions highlight a shift in cyber tactics from protocol breaches to credential theft targeting crypto holders’ private keys.

The theft primarily affected ETH, TRX, and various ERC-20 tokens stored in popular browser-wallets like MetaMask. This highlights the vulnerability of user-controlled wallets against sophisticated credential-harvesting attacks.

No significant impacts on institutional treasuries or major DeFi protocols were reported. The attack caused financial disarray for retail users storing assets in prone wallet services as their credentials were exploited.

GreedyBear’s strategy includes releasing over 650 malicious tools aimed at deceiving users. This signals a potential escalation in future technological sophistication as groups harness AI for generating complex cyber threats.

Koi Security‘s analysis suggests an amplification in credential-phishing tactics compared to past events like the 2024 Chrome scams. The ongoing threat urges developers to fortify extension security and user awareness efforts. In the words of Tuval Admoni, a researcher at Koi Security, “GreedyBear is leveraging over 650 malicious tools and AI-generated code to significantly enhance their cyberattack capabilities.”

Disclaimer:

The content on The CCPress is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions.
SOURCE TRANSPARENCY
  • External Source - Referenced domain: buy.magacoinfinance.com
  • External Source - Referenced domain: ainvest.com
  • External Source - Referenced domain: cryptohead.io
  • External Source - Referenced domain: gbhackers.com
  • Byline - Reported by Vladimir C.
  • Coverage Desk - Primary editorial category: News
GreedyBear Cybercrime Group Accused of $1 Million Crypto Heist | TheCCPress