New Research Shows Massive Internet Spying, Several Crypto Sites Listed

Published at: June 27, 2020

A mammoth global spying and data theft effort currently leaves web surfing citizens at risk, with several Bitcoin and crypto domains included in the mix, according to research from Awake Security. 

At the heart of the problem — a web domain registration company named CommuniGal Communication, or GalComm. "Of the 26,079 reachable domains registered through GalComm, 15,160 domains, or almost 60%, are malicious or suspicious," Awake wrote in a June 18 blog post. 

A list of sites at risk

Although the nefarious movement uses several different methods, including malware, such activity has passed under the radar of popular security systems, thanks to various tactics, Awake wrote, posting a link to affected domains. 

The lengthy list shows a number of crypto and bitcoin-related domains, including cryptolimited.org, cryptocoiners.net, cryptomoedas.info, bitcoincompass.info and bitcoininvestmentstrategy.info, as well as others. 

The list even included binanceref.info and binanceregister.info, although it is unknown if the two sites are involved with popular exchange Binance. 

Binance confirmed to Cointelegraph that the above websites are not associated with them.

Other involved browser antics 

Awake also reported over a hundred cases of issues around GalComm-affiliated nefarious Google Chrome extensions — in just a three-month span.

"These extensions can take screenshots, read the clipboard, harvest credential tokens stored in cookies or parameters, grab user keystrokes (like passwords), etc.," Awake said in the post. 

Awake added:

"To date, there have been at least 32,962,951 downloads of these malicious extensions — and this only accounts for the extensions that were live in the Chrome Web Store as of May 2020."

The movement has its hand in essentially every category, from healthcare to oil, Awake wrote. 

Awake did not come across any large crypto sites affected by the effort, although the company did not focus on crypto or its sites during its research, Awake co-founder Gary Golomb told Cointelegraph via email correspondence. Awake also did not uncover evidence of cryptocurrency as part of the surveillance, again, however, noting crypto was not a direct part of the study, Golomb said. 

Since COVID-19 prevention measures took flight in mid-March, internet crime has risen across the board. A recent U.S. congressional hearing showed a 75% increase in cybercrime since COVID-19's beginnings.  

Tags
Technology
Hackers
Cybercrime
Cybersecurity
Security
Data
Related Posts
Cybersecurity firm uses encrypted hard drive with Bitcoin to test applicants
Researchers wishing to apply to New York-based Red Balloon Security have to complete an unusual technical interview as part of their application process: unlocking a hard drive containing crypto. According to a report from Business Insider, Red Balloon sends the hard drives to certain candidates for cybersecurity research positions at the firm. Anyone who has the “the skills and passion” to crack the encryption would be able to claim 0.1337 Bitcoin (BTC), or roughly $4,800 at the time of publication. Applicants who are able to access the coins are told to purchase a ticket to New York City for the …
Technology / Jan. 18, 2021
A Hacker is Attempting to Sell a Las Vegas Hotel Database for Crypto
The MGM Resort suffered a massive data breach in 2019 that left 142 million hotel guests exposed. A hacker is now selling the stolen database for roughly $2,900. According to the information revealed by ZDNet, a dark web marketplace claims that data from 142,479,937 MGM hotel guests are on sale. Preferred payment is denominated in Bitcoin (BTC) and Monero (XMR). MGM Resorts confirmed the data breach, stating that they’re aware of the scope of this previously reported incident from 2019. No financial data was leaked However, according to the research, the cybercriminal did not leak any sensitive data from the …
Technology / July 14, 2020
Web3 is the solution to Uber’s problem with hackers
Uber is a staple of the gig economy, for better or worse, and a disruptor that once sent shockwaves throughout the mobility space. Now, however, Uber is being taken for a ride. The company is handling a reportedly far-reaching cybersecurity breach. According to the ride-hailing giant, the attacker has not been able to access sensitive user data, or at least, there is no evidence to suggest otherwise. Whether or not sensitive user data was exposed, this case points to a persistent issue with today’s apps. Can we continue to sacrifice our data — and thereby our privacy and security — …
Defi / Oct. 1, 2022
Coinbase discloses recent cyberattack targeting employees
Crypto exchange Coinbase experienced a cybersecurity attack targeting its employees on Feb. 5. The attack came through SMS scams and involved impersonations of IT staff, according to a recent report from the company's engineering team. No customers' funds or information were impacted, the firm said. As per the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter' instructions: "While the majority ignore this unprompted message - one employee, believing that it’s an important …
Technology / Feb. 22, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023