Cybersecurity firm Trend Micro has detected a major uptick in monero (XMR) cryptojacking malware targeting China-based systems this spring. The news was revealed in an official Trend Micro announcement on June 5. As previously reported, cryptojacking is an industry term for stealth crypto mining attacks that work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The XMR-focused malware — which wields malicious PowerShell scripts for illicit mining activities on Microsoft-based systems — reportedly surged against Chinese targets in mid-May. Hitting a peak on May 22, the wave of cryptojacking …
Cybersecurity firm Trend Micro announced that it found a malware dubbed BlackSquid that infects web servers employing eight different security exploits and installs mining software. The findings were announced in a blog post published on June 3. Per the report, the malware targets web servers, network drives and removable drives using eight different exploit and brute force attacks. More precisely, the software in question employs “EternalBlue; DoublePulsar; the exploits for CVE-2014-6287, CVE-2017-12615, and CVE-2017-8464; and three ThinkPHP exploits for multiple versions.” While the sample acquired by Trend Micro installs the XMRig monero (XMR) Central Processing Unit-based mining software, BlackSquid could …
As many as 50,000 servers worldwide have allegedly been infected with an advanced cryptojacking malware that mines the privacy-focused open source cryptocurrency turtlecoin (TRTL). The news was revealed in an analysis by international hacker and cybersecurity expert group Guardicore Labs on May 29. As reported, cryptojacking is an industry term for stealth crypto mining attacks which work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. Having first detected the campaign in April and traced its origins and progress, Guardicore Labs believes the malware has infected up to 50,000 Windows …
Sean Coonce, engineering manager at cryptocurrency custodian BitGo, announced that he has fallen victim to a SIM swapping hack in a Medium post published on May 20. According to the post, Coonce had over $100,000 siphoned out of his account on cryptocurrency exchange Coinbase in under 24 hours. In his post, Coone details SIM swapping, a practice that sees the attacker maliciously requesting a telecommunications carrier to redirect the traffic of a mobile phone number to a device over which they have control. This device is then used to obtain two-factor-authentication (2FA) codes which grant control over the victim’s online …
Ledger Vault, the custody arm of hardware wallet manufacturer Ledger, will provide its services to Canadian cryptocurrency broker Voyager Digital, according to a press release shared with Cointelegraph on May 21. Per the release, Voyager Digital will integrate Ledger Vault’s multi-authorization cryptocurrency wallet management system into its trading platform with the aim to increase its overall cybersecurity. Voyager CEO Steve Ehrlich said that Ledger Vault ensures “security of our customer assets on the Voyager platform without compromising the speed and liquidity they’ve come to expect from Voyager. It's also a crucial step in our efforts to deliver crypto wallet transfers.” …
Figures published by bitcoin core developer Luke Dashjr show that more than half of the full nodes in the bitcoin network are still running client software vulnerable to the inflation bug discovered in September 2018. This revelation poses some danger to the network, as software vulnerabilities are a clear and present danger to the fidelity of bitcoin (BTC). Now that the top-ranked cryptocurrency is in the midst of a positive price run, it is perhaps important that steps are taken to eradicate the inflation bug problem for good. Most bitcoin full nodes still vulnerable to the inflation bug As reported …
Digital asset finance firm BitGo announced the launch of its off-chain clearance and settlement service in a press release published on May 14. Per the announcement, the service will be available to clients of qualified custodian BitGo Trust Company, and assets are not moved from custody while reportedly allowing fast, compliant and secure settlement. The company explains that — since the funds never leave the custodian’s wallet — this method eliminates counterparty risk: “Until now, in a digital asset trade, one party needed to assume all of the risk and act on the counterparty’s good faith, and this doesn’t really …
Proceedings from yesterday’s hack of cryptocurrency exchange Binance have been moved to seven addresses, crypto news outlet The Block reports on May 9. The breach resulted in about 7,074 bitcoins (BTC) — worth nearly $42.8 million at press time — being stolen from the exchange’s hot wallet. The transaction had 44 outputs, 21 of which were native Segregated Witness addresses, and those addresses received 99.97% of the funds. According to The Block, the funds from those 44 addresses have been reportedly since moved to seven addresses, six of which hold 1,060.6 BTC, while one holds 707.1 BTC. Previously, anti-money laundering …
An Ethereum (ETH) 2.0 Proof-of-Stake (PoS) testnet beacon blockchain is now live. Preston Van Loon, co-founder of sharding development firm Prysmatic Labs, announced the development in a Medium post on May 7. Ethereum 2.0 is an upcoming new Ethereum chain featuring improvements in security, scalability, and decentralization. Ethereum 2.0 would not be introduced to the current Ethereum network by means of a hard fork. Instead, users will be able to transfer value from the current Proof-of-Work (PoW) chain via a one-way smart contract. The announcement also notes that shards are a core concept behind Ethereum 2.0. Shards are individual chains …
Cybercriminals are now reportedly exploiting known vulnerability CVE-2019-3396 in the software Confluence, a workspace productivity tool made by Atlassian, according to a report by security intelligence firm Trend Micro Inc. on May 7. The exploit that has been developed allows cybercriminals to stealthily install and run a monero (XMR) miner on a vulnerable computer, as well as covering up the mining activity by using a rootkit to hide the malware’s network activity and toll on the host’s central processing unit (CPU). According to an Atlassian security advisory, the vulnerability in question only applies to some older versions of Confluence. The …
MakerDAO, the Decentralized Autonomous Organization (DAO) behind the DAI stablecoin, announced a critical security update to its governance contract in a Reddit thread published on May 6. Per the announcement, during the second round of security audits part of the DAO’s partnership with crypto exchange Coinbase and smart contract security startup Zeppelin, a critical vulnerability had been discovered in the governance smart contract. Zeppelin also released an independent critical vulnerability notice. While the announcement claims that the tokens of users who have staked MKR tokens in the contract are not in danger, it also advises users to move them. Still, …
The Tron Foundation disclosed a fixed critical vulnerability which could have crashed its blockchain on vulnerability disclosure platform HackerOne on May 2. The disclosure explains that with enough malicious requests, an attacker could have filled up all the available memory and effectively perform a Distributed Denial of Service attack on the TRX network by employing malicious code in a smart contract. The disclosure further explains the impact of such an attack: “Using a single machine an attacker could send DDOS attack to all or 51% of the SR node and render Tron network unusable or make it unavailable.” The cybersecurity …