Category: Cybersecurity

I’ve been reviewing the source code of a number of blockchain thingies, both for paid audits and for fun on my spare time, and I routinely find real security issues. In this post I’ll describe a vulnerability noticed a while ago, and now that Lisk finally describes it and warns its users, I can comment on its impact and exploitability. TL;DR: you can hijack certain Lisk accounts and steal all their balance after only 264 evaluations of the address generation function (a combination of SHA-256, SHA-512, and a scalar multiplication…

Read More

F5 threat researchers have discovered a new Linux crypto-miner botnet that is spreading over the SSH protocol. The botnet, which we’ve named PyCryptoMiner: Is based on the Python scripting language making it hard to detect Leverages Pastebin.com (under the username “WHATHAPPEN”) to receive new command and control server (C&C) assignments if the original server becomes unreachable The registrant is associated with more than 36,000 domains, some of which have been known for scams, gambling, and adult services since 2012 Is mining Monero, a highly anonymous crypto-currency favored by cyber-criminals. As…

Read More

A security researcher found 291 Android APKs re-packaged with CoinHive’s mining script, most of them leading to the same address. While most people get their apps from Google Play, there are some who prefer to take the risk of downloading the APKs from third-party websites that do not always audit these software packages for malware. A security researcher who goes by the name “Elliot Alderson” found that many of these applications are just fake re-packaged APKs with CoinHive’s mining script implemented in them. “I don’t think these apps are the…

Read More

With the popularity of Bitcoin and other cryptocurrencies, it’s perhaps little surprise that a number of websites have recently been discovered using visitors’ computer to do a little mining. The latest site found to be indulging in the activity is BlackBerry Mobile – but this time it’s thanks to the work of a hacker. As with other sites carrying out surreptitious mining, it was a CoinHive mining tool that was found embedded in the code of the site. The same hacker also placed the same miner on a handful of…

Read More

Quick Heal Security Labs detected an Android Banking Trojan that targets more than 232 banking apps including cryptocurrency apps. The malware is known as Android.banker.A2f8a (Previously detected as Android.banker.A9480). Like most other Android banking malware, even this one is designed for stealing login credentials, hijacking SMSs, uploading contact lists and SMSs on a malicious server, displaying an overlay screen (to capture details) on top of legitimate apps and carrying out other such malicious activities. Infection vector Android.banker.A2f8a is being distributed through a fake Flash Player app on third-party stores. This…

Read More

South Korean researchers have found that their neighbors in the north are hijacking their servers to mine Monero in an attempt to circumvent sanctions. While it’s difficult to tell whether one cryptocurrency-related hacking incident can be linked to North Korea, some of the signs are still visible, at least according to the investigative research of their neighbors in the south. A report by Bloomberg shows that a hacking unit named “Andariel” has taken over a corporate server in South Korea last year and mined 70 units of Monero through it.…

Read More

The latest version of Opera has been released with an option that allows users to block cryptocurrency mining scripts. Hackers have recently found a way to make quick profits by injecting a script by CoinHive into websites, making their visitors mine Monero for them. A new version of Opera—Opera 50—has included an option in its interface, called “NoCoin”, that intends to protect users from these types of infiltrations. “Bitcoins are really hot right now, but did you know that they might actually be making your computer hotter?… This cryptocurrency mining…

Read More

With Bitcoin’s recent surge to nearly $20,000 per coin, and with the cryptocurrency ecosystem’s value blowing past the $600 billion mark, cybercriminals are increasingly targeting bitcoin users and cryptocurrency exchanges, according to Bryce Boland, chief technology officer (CTO) for cybersecurity firm FireEye, in the Asia Pacific region. The cybersecurity expert, speaking to ZDNet, claimed extorsion victims, presumably of ransomware, are increasingly being asked to pay in cryptocurrency. Earlier this year, a Google report pointed to 34 different ransomware families earning $25 million in the last two years, making it clear…

Read More