On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019. According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123. The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums. Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to …

Blockchain firm Elrond has invited hackers to attack its network during its upcoming incentivized stress test. According to an announcement on Tuesday, the upcoming Elrond incentivized stress test will include a variety of different attacks on the network. Elrond's CEO, Beniamin Mincu, explained to Cointelegraph: "Anything that takes the network down is allowed, as long as it's not breaking the law or social privacy of participants. So DDoS-ing, hijacking rewards, stealing coins, double spending, minting new coins & other similar situations - we will reward every successful attempt to do any of those things.” A blockchain transformed into a cyber …

Malware team, NetWalker, launched a ransomware attack against the Austrian village of Weiz. This attack affected the public service system and leaked some of the stolen data from building applications and inspections. According to the cybersecurity firm, Panda Security, hackers managed to penetrate the village's public network through phishing emails related to the COVID-19 crisis. COVID-19 as bait to deploy the ransomware The subject of the emails — "information about the coronavirus," — was used to bait employees of Weiz's public infrastructure into clicking on malicious links, thus triggering the ransomware. Panda Security claims that the attack belongs to a …

In a May 28 virtual roundtable before the congressional Subcommittee on National Security, International Development and Monetary Policy, witnesses and congresspeople alike feared that they are not keeping up with criminals hacking the financial system. Criminals have better resumes than government agents One witness, Guillermo Christensen, a partner at law firm Ice Miller, admired the cyber talent operating illegally: “We are always playing catch up with the criminals. [...] It’s very hard to find people who are as qualified as some of these criminal hackers, frankly, to take apart their schemes and trace them.” Another issue is the overclassification of …

Microsoft's security team revealed a new ransomware that is deployed in human-operated attacks. It uses "brute force" against a target company's systems management server, and mainly has targeted the healthcare sector amid the COVID-19 crisis. According to a series of tweets published by the tech giant on May 27, the human-operated ransomware attack, named "PonyFinal", requires hackers to break the security scheme of corporate networks in order to deploy the ransomware manually. That means PonyFinal doesn't rely on tricking the users into launching the payload through phishing links or emails. A Java-based ransomware attack The Java-based Pony Final deploys a …

RMIT University, an Australian public research university, is adding two new postgraduate programs in the field of cybersecurity and blockchain technology. The university announced May 26 that it was partnering with IBM, Palo Alto Networks, and Stone & Chalk to offer a graduate certificate in cyber security and graduate certificate in blockchain-enabled business. The programs are expected to start in October 2020 and will last for nine months. Meeting demand for blockchain jobs RMIT introduced the new programs in order to meet the rising demand for industry professionals in cybersecurity and blockchain. The announcement cited reports that showed the Australian …

Yassine Elmandjra, a crypto asset analyst at ARK Invest, said in a May 24 tweet that the Bitcoin Cash (BCH) hashrate fell by 30% since its halving event, and only accounts for about 2% of the SHA-256 hashrate. Elmandjra now thinks it’s only a question of time before somebody takes advantage of the network: “Surprised we haven't seen a large scale attack yet.” According to data from BitInfoCharts, the Bitcoin Cash average daily hashrate fell by nearly 25.6% since its April 8 halving. Still, Elmandjra presumably did his calculations based on May 23 data, where the hashrate was down by …

North Korean leader, Kim Jong-un, is reportedly backing a group of hackers. Their goal? Stealing cryptocurrencies like Bitcoin (BTC) using phishing scams. Sources indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the COVID-19 crisis. A report published on May 13 by the U.K. Mirror claims that the Lazarus group, a hacking syndicate with alleged ties to the North Korean state, could be launching a cybercrime campaign of advanced persistent threat, or APT, attacks. Experts from Seoul-based firm, ESTsecurity, state that Lazarus is “increasingly engaging” in cybercrime activities in and out …

What better way to celebrate World Password Day (May 7) than with a new solution from the cryptoworld to get around insecure passwords and phishing attacks? The lnurl-auth protocol allows users to sign into various accounts by receiving a QR code with a special message. This allows them to use a public key associated with their wallets to derive a unique key that is only compatible with the domain they’re trying to access. This key would authenticate that they are the owner of the account. Podcaster Marty Bent said the system meant websites no longer had to look up your …

A survey posted to Reddit shows that most crypto holders store the majority of their Bitcoin in hardware wallets and keep a backup of the private keys on a sheet of paper. Reddit user gunnaj — real name Gunnar Lindqvist — posted the results of the survey as part of his thesis to Reddit on April 30. The undergraduate student at the The University of Skövde in Sweden asked 339 people five questions related to Bitcoin (BTC) security, focusing on how crypto holders handle their private keys. When participants were asked where they stored the majority of their BTC, nearly …

Google recently removed 49 phishing Google Chrome web browser extensions after receiving reports about their activity. Harry Denley, director of security at cryptocurrency wallet startup MyCrypto, explained in an April 14 Medium post how he got the extensions removed from Chrome’s store within 24 hours with the help of phishing-specialized cybersecurity firm PhishFort. The removed extensions include ones that targeted the owners of hardware wallets produced by Ledger, Trezor and KeepKey, and users of software wallets Jaxx, MyEtherWallet, Metamask, Exodus and Electrum. The extensions triggered the users to enter the credentials needed to access the wallet — such as mnemonic …

Singapore-based unicorn startup Acronis released its latest cybersecurity survey on March 31 today, highlighting that 86% of IT professionals are concerned about cryptojacking. According to the 2020 World Cyber Protection Week Survey, there is a growing fear among IT experts in the face of cryptojacking attacks, as the study shows that 30% of personal users and 13% of professional users wouldn't know if their data or computer's resources were modified unexpectedly, as such threat does. The report also stresses that awareness and concerns about cyber-threatening methods like cryptojacking have been increasing in the last two years, surging by 33% since …