Major Web Browser Firefox by Mozilla Now Blocks Web-Based Cryptojacking

Protections Against Fingerprinting and Cryptocurrency Mining

Major open-source browser Mozilla Firefox has launched new protections against crypto mining malware in its new browser versions, according to a blog post published on April 9. In its latest Firefox Nightly 68 and Beta 67 versions, Mozilla has enabled a new level of protection against crypto mining and fingerprinting hack attacks in a part of the browser’s Content Blocking suite of protections. The new browsing feature has been developed in collaboration with privacy and security software firm Disconnect, and represents a collection of blacklists of malware domains associated with…

Read More

New York rejects Bittrex Bitlicense application

New York

According to the press, the New York Department of Financial Services (NYDFS) decided to reject the BitLicense application from the Bittrex exchange. According to the New York Tax Office’s official report sent to Bittrex CEO Bill Shihare, New York, Bittrex Bitlicense rejects the lack of stock exchange policies and controls against AML, Know Your Customer (KYC), and Office of Foreign Asset Control (OFAC) ). Bittrex ranked 54th in the CoinMarketCap list of digital currency exchanges in terms of adjusted trading volume. The Bittrex case in brief BitLicense is a set…

Read More

Google Deletes Crypto Malware Targeting Blockchain.com

Crypto Malware

A Google Chrome browser extension tricking users into participating in a fake airdrop from cryptocurrency exchange Huobi claimed over 200 victims, a security researcher reported in a blog post on March 14. The extension for Chrome web browser, with the name NoCoin, gained 230 downloads before Google deleted it, according to Harry Denley, who runs cryptocurrency scam database EtherscamDB. Denley noted that hackers had purposely disguised the malicious extension to look like a tool protecting users from cryptocurrency malware or so-called cryptojacking. “From the start, it looked like it did…

Read More

Businesses Increasingly See Crypto Mining Attacks in Cloud Infrastructures

cloud crypto mining

Cryptocurrency mining is reportedly one of the most observed objectives of hackers attacking businesses’ cloud infrastructures, according to a report by AT&T Cybersecurity on March 14. The cybersecurity wing of United States telecoms firm AT&T stated that organizations of all sizes continue to face major crypto mining attacks despite the ongoing bear market. In the new report, AT&T examined the most significant forms of cryptojacking associated with mining attacks on organizations’ cloud infrastructure. AT&T outlined four major cryptojacking tactics used by hackers such as compromising container management platforms, control panel…

Read More

Major crypto brokerage Coinmama reports 450,000 users affected by data breach

Coinmama security

Israel-based crypto brokerage Coinmama — which allows users to purchase Bitcoin (BTC) and Ethereum (ETH) using a credit card — has suffered a major data breach affecting 450,000 of its users. The incident was disclosed in an official company announcement on Feb. 15. The breach is reportedly part of a mammoth, multi-platform hack that affected 24 companies and a total of 747 million records — among them gaming, travel booking and streaming sites. Coinmama says a list of around “450,000 email addresses and hashed passwords” of users who registered on…

Read More

Vulnerability Is Found in Constantinople

Constantinople Hard Fork Postponed

Ethereum’s (ETH) Constantinople hard fork faces a delay over a newly discovered security vulnerability allowing a reentrancy attack. The critical issue was detected by smart contract audit firm ChainSecurity and reported in a blog post Jan. 15. According to the company’s report, the Constantinople upgrade introduces cheaper gas cost (transaction fees) for some operations on the Ethereum network. As an unexpected side effect, this allegedly enables reentrancy attacks via the use of certain commands in ETH smart contracts. A reentrancy vulnerability allows a potential attacker to steal cryptocurrency from a…

Read More

Cryptopia goes offline after hack

Cryptopia

A New Zealand-based crypto-currency trading company went offline after it was hacked at the weekend. Cryptopia, based in Christchurch, announced on Twitter that on January 14, it suffered a security breach that resulted in significant losses. “Once identified, the exchange was put into maintenance while we assessed damages,” it added. The exchange has not disclosed the value of the losses, the tokens and currencies affected or any measures to refund users. But Whale Alert, which tracks large crypto transactions, reported that 19,391 ether (ETH) tokens worth nearly $2.44 million, and…

Read More

Two Thirds of Korean Crypto Exchanges Fail Government Security Check

crypto fail

Only a third of cryptocurrency exchanges inspected got a full pass in a recent government security audit. The Ministry of Science and ICT, the Korea Internet & Security Agency and the Ministry of Economy and Finance inspected a total of 21 crypto exchanges from September to December 2018, examining 85 different security aspects. Notably, only 7 of them – Upbit, Bithumb, Gopax, Korbit, Coinone, Hanbitco, and Huobi Korea – cleared all the tests, CoinDesk Korea reported Thursday. The remaining 14 exchanges are “vulnerable to hacking attacks at all times because…

Read More

Coinbase suspended Ethereum Classic (ETC) trading after a successful 51% attack

Ethereum Classic attack

The cryptocurrency exchange Coinbase suspended the trading of Ethereum Classic (ETC) after double-spend attacks worth $1.1 Million. The cryptocurrency exchange Coinbase has suspended the trading of Ethereum Classic (ETC) after double-spend attacks that consist in spending digital coins twice. Ethereum Classic (ETC) is the original unforked Ethereum blockchain, the attacks resulted in the loss of $1.1 million worth of the digital currency. 51% attack refers to an attack on a blockchain by a group of miners that controls over 50% of the network’s mining hashrate. “On 1/5/2019, Coinbase detected a…

Read More

Vulnerability on Ethereum enables malicious GAS Minting

GasToken

A newly discovered vulnerability on Ethereum allowing for malicious GasToken Minting was found. The development team already acknowledged the issue and informed most of the affected users on November 13, 2018, via private disclosure. The Attack Crypto exchanges usually allow the withdrawal of Ethereum to arbitrary addresses with no gas usage limit; since this executes a fall back function, attackers can use this to make exchanges pay for arbitrary computation, allowing them to force exchanges to burn their own Ethereum on high transaction costs. Moreover, this even gives attackers the…

Read More

Crypto-miner steals your password and disables antivirus

Linux.BtcMine.174

Malware targeting Linux users may not be as widespread as the strains targeting the Windows ecosystem, but Linux malware is becoming just as complex and multi-functional as time passes by. The latest example of this trend is a new trojan discovered this month by Russian antivirus maker Dr.Web. This new malware strain doesn’t have a distinctive name, yet, being only tracked under its generic detection name of Linux.BtcMine.174. But despite the generic name, the trojan is a little bit more complex than most Linux malware, mainly because of the plethora…

Read More

Google hacked to promote Bitcoin scam on Twitter

Google hacked

In the latest in a string of cryptocurrency-related hackings on Twitter, attackers have breached an official Google account to promote a Bitcoin giveaway scam to its over 800,000 followers. The official G Suite Twitter account just blasted the following message to hundreds of thousands of users: Hard Fork has yet to confirm for how long the tweet remained on G Suite’s feed, but it was no less than 11 minutes (as you can notie on the screenshot. (Update 19:52 UTC, November 13: Ernst Mulders, who provided the screenshot above, told…

Read More

Swiss report shows trojan malware attacking crypto exchanges

Trojan Dridex malware

A Swiss report has unearthed that a virus that mines Monero is responsible for one of the largest attacks on the Swiss crypto industry this year. Trojan malware that was once used for hacking into large-scale banks is now being used to attack crypto-asset exchanges. Swiss Researchers Uncover Cybersecurity Threat The news of the computer virus attacking Swiss crypto exchanges comes from Switzerland’s Reporting and Analysis Centre for Information Assurance (MELANI). Malware has long been used by cyber-criminals to break into major banking systems but has now evolved to attack…

Read More

Security system for IoT

OAS Blockchain Renaissance Project

The Dubai Silicon Oasis-based firm, Next Big Idea Technology (NBIT), a group of Harvard-graduate blockchain professionals, is all set to develop and launch the state-of-the-art security system for IoT and blockchain with plans to reach the global market through the Middle East and Africa as its starting point. Sang Soo Lee, the CEO of NBIT said, his firm, on the basis of US and Korean technology, has come up with an OAS Blockchain Renaissance Project that blockchain technology applies beyond cryptocurrency. He said, “It is unfortunate that the general population…

Read More

200,000 routers in Brazil were secretly hijacked to mine cryptocurrency

censys

Affected users have been unknowingly mining Monero. Brazil has been hit by an elaborate cryptocurrency mining attack that infected hundreds of thousands of routers across the country. The attack, which is still ongoing, affects MikroTik routers specifically. In this instance, over 200,000 machines have been affected, creating a massive XMR-mining botnet across Brazil. The perpetrators were able to infect devices with malicious code, surreptitiously running CoinHive in the background. For those unfamiliar, CoinHive is a popular Monero mining script which has become widely used to pool processing power to mine…

Read More