Category: Cybersecurity

As cryptocurrency craze does not seem to let go of markets, scamsters also take an opportunity to dupe some investors and make illegal profits. In one of such latest cases, a fake MyEtherWallet app on Android has been spotted by the industry participants. These days, people are all about mobility – it seems very convenient to download an app on your smartphone and do the things on the go. However, this can lead to quite unpleasant results. This time, a fake MyEtherWallet app has tried to mislead investors on Google…

Read More

The IOTA community suffered a major setback over the weekend as several users lost an estimated total of $4 million worth of tokens in a widespread theft. Over the weekend, several IOTA users had their wallets compromised, and consequently emptied, as unknown actors loaded with seed phrases decided to make off with almost $4 million worth of the digital currency. According to a Medium post by IOTA evangelist Ralf Rottman: “On January 19th, 2018, some IOTA users lost their funds to an unknown attacker. The good news: The IOTA technology…

Read More

I’ve been reviewing the source code of a number of blockchain thingies, both for paid audits and for fun on my spare time, and I routinely find real security issues. In this post I’ll describe a vulnerability noticed a while ago, and now that Lisk finally describes it and warns its users, I can comment on its impact and exploitability. TL;DR: you can hijack certain Lisk accounts and steal all their balance after only 264 evaluations of the address generation function (a combination of SHA-256, SHA-512, and a scalar multiplication…

Read More

F5 threat researchers have discovered a new Linux crypto-miner botnet that is spreading over the SSH protocol. The botnet, which we’ve named PyCryptoMiner: Is based on the Python scripting language making it hard to detect Leverages Pastebin.com (under the username “WHATHAPPEN”) to receive new command and control server (C&C) assignments if the original server becomes unreachable The registrant is associated with more than 36,000 domains, some of which have been known for scams, gambling, and adult services since 2012 Is mining Monero, a highly anonymous crypto-currency favored by cyber-criminals. As…

Read More

A security researcher found 291 Android APKs re-packaged with CoinHive’s mining script, most of them leading to the same address. While most people get their apps from Google Play, there are some who prefer to take the risk of downloading the APKs from third-party websites that do not always audit these software packages for malware. A security researcher who goes by the name “Elliot Alderson” found that many of these applications are just fake re-packaged APKs with CoinHive’s mining script implemented in them. “I don’t think these apps are the…

Read More

With the popularity of Bitcoin and other cryptocurrencies, it’s perhaps little surprise that a number of websites have recently been discovered using visitors’ computer to do a little mining. The latest site found to be indulging in the activity is BlackBerry Mobile – but this time it’s thanks to the work of a hacker. As with other sites carrying out surreptitious mining, it was a CoinHive mining tool that was found embedded in the code of the site. The same hacker also placed the same miner on a handful of…

Read More

Quick Heal Security Labs detected an Android Banking Trojan that targets more than 232 banking apps including cryptocurrency apps. The malware is known as Android.banker.A2f8a (Previously detected as Android.banker.A9480). Like most other Android banking malware, even this one is designed for stealing login credentials, hijacking SMSs, uploading contact lists and SMSs on a malicious server, displaying an overlay screen (to capture details) on top of legitimate apps and carrying out other such malicious activities. Infection vector Android.banker.A2f8a is being distributed through a fake Flash Player app on third-party stores. This…

Read More

South Korean researchers have found that their neighbors in the north are hijacking their servers to mine Monero in an attempt to circumvent sanctions. While it’s difficult to tell whether one cryptocurrency-related hacking incident can be linked to North Korea, some of the signs are still visible, at least according to the investigative research of their neighbors in the south. A report by Bloomberg shows that a hacking unit named “Andariel” has taken over a corporate server in South Korea last year and mined 70 units of Monero through it.…

Read More

The latest version of Opera has been released with an option that allows users to block cryptocurrency mining scripts. Hackers have recently found a way to make quick profits by injecting a script by CoinHive into websites, making their visitors mine Monero for them. A new version of Opera—Opera 50—has included an option in its interface, called “NoCoin”, that intends to protect users from these types of infiltrations. “Bitcoins are really hot right now, but did you know that they might actually be making your computer hotter?… This cryptocurrency mining…

Read More

With Bitcoin’s recent surge to nearly $20,000 per coin, and with the cryptocurrency ecosystem’s value blowing past the $600 billion mark, cybercriminals are increasingly targeting bitcoin users and cryptocurrency exchanges, according to Bryce Boland, chief technology officer (CTO) for cybersecurity firm FireEye, in the Asia Pacific region. The cybersecurity expert, speaking to ZDNet, claimed extorsion victims, presumably of ransomware, are increasingly being asked to pay in cryptocurrency. Earlier this year, a Google report pointed to 34 different ransomware families earning $25 million in the last two years, making it clear…

Read More