Computer analysts at cybersecurity firm Zscaler ThreatLabZ have found a new type of trojan that targets cryptocurrency users. In a blog post published on Aug. 8, the company reveals that it identified a new remote-access trojan (RAT) that is able to capture administrative control of the targeted computer, retrieve browser history and look for activities involving cryptocurrency, credit cards, business, social media and others. The malware is called Saefko and is written in .NET, a software framework developed by Microsoft and used to develop a wide range of applications. The post further explains: “RATs are usually downloaded as a result …
The security team at cryptocurrency exchange Coinbase has revealed how it countered a sophisticated phishing attack aiming to exfiltrate private keys and passwords. In a blog post published on Aug. 8, the exchange outlined its discovery and reporting of the incident, which involved the exploitation of two 0-day vulnerabilities on Mozilla’s web browser Firefox. A “highly-targeted and thought-out” attack The first steps of the phishing scam, Coinbase reveals, date back to late May of this year, when over a dozen exchange employees received an email from an innocuous-seeming University of Cambridge “Research Grants Administrator.” Coming from a legitimate Cambridge academic …
Cryptocurrency ransomware, botnets and backdoors seem to have replaced cryptocurrency mining malware as the tool of choice for cybercriminals, according to a recent report from computer security firm Skybox Security. In its report dubbed “2019 Vulnerability and Threat Trends: Mid-Year Update,” Skybox reviews software vulnerabilities and newly developed exploits, as well as malware and attacks, among other related issues. Cloud services vulnerabilities are on the rise When it comes to digital currencies, the report notes that in 2018, cryptocurrency mining malware was the most popular tool for cybercriminals. However, following the decline in cryptocurrency values, attackers reportedly turned to ransomware, …
Eliyahu Gigi, a 31-year-old from Tel Aviv, has been charged with stealing over $1.7 billion in a variety of cryptocurrencies. Gigi allegedly stole Bitcoin (BTC), Ethereum (ETH), and Dash (DASH) from users in the Netherlands, Belgium, and Germany. Lawyer Yeela Harel of the cyber department in the State Attorney's Office filed charges against Gigi on July 17, according to a report published the same day by Israeli business outlet Globes. Gigi has reportedly been charged with crimes including theft, fraud, and money laundering, among others. According to the report, Harel’s indictment claims that Gigi set up a network of scam …
Cybersecurity firm ESET has detected what it describes as an unusual and persistent cryocurrency miner distributed for macOS and Windows since August 2018. The news was revealed in a report from ESET Research published on June 20. According to ESET, the new malware, dubbed “LoudMiner,” uses virtualization software — VirtualBox on Windows and QEMU on macOS — to mine crypto on a Tiny Core Linux virtual machine, thus having the potential to infect computers across multiple operating systems. The miner itself reportedly uses XMRig — an open-source software used for mining privacy-focused altcoin monero (XMR) — and a mining pool, …
The cybersecurity company behind major antivirus software NOD32, ESET, reported on June 17 that new Android malware sidesteps Google’s SMS permissions restrictions to get hold of two-factor authentication (2FA) codes received via SMS. Per the report, some malicious apps are capable of accessing one-time-passwords sent to users via SMS by circumventing the restrictions recently implemented by Google. Furthermore, the same technique reportedly also allows for accessing email-based codes. According to the author, the apps in question impersonate Turkish cryptocurrency exchange BtcTurk and phish for login details to the service. The malware, “instead of intercepting SMS messages to bypass 2FA protection …
Cybersecurity company Trend Micro claims to have detected a web address spreading a botnet featuring a monero (XMR) mining component alongside a backdoor. The malware was described on Trend Micro’s official blog on June 13. Per the report, the firm attributes the malware to Outlaw Hacking Group, as the techniques employed are almost the same used in its previous operations. The software in question also holds Distributed Denial of Service (DDoS) capabilities, “allowing the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.” Trend Micro also believes that the creators of the malware in question are …
This article has been updated to correct that BitMEX is not Hong Kong-based. Peer-to-peer (P2P) cryptocurrency exchange BitMEX has reported an influx of attacks on user account credentials, according to an official blog post on June 11. In addition to covering a litany of best practices for user security, the cryptocurrency exchange stressed the importance of using two-factor authentication (2FA) in particular. The report summarizes 2FA as follows: “2FA, sometimes referred to as ‘two-step verification’ or ‘multi-factor authentication’, adds an additional layer of security to your account by requiring not only your username and password at login, but also the …
Coming every Sunday, the Hodler’s Digest will help you track every single important news story that happened this week. The best (and worst) quotes, adoption and regulation highlights, leading coins, predictions, and much more — a week on Cointelegraph in one link. Top Stories This Week Mt. Gox’s Karpeles: “Press Rumors About My Blockchain Plans Are False” Mark Karpeles, the former CEO of long-defunct Japanese cryptocurrency exchange Mt. Gox, denied press claims this week that he is returning to blockchain. Karpeles said that his activities with Tristan Technologies will not involve the cryptocurrency sector, as previously reported, and that the …
Cybersecurity firm Trend Micro has detected a major uptick in monero (XMR) cryptojacking malware targeting China-based systems this spring. The news was revealed in an official Trend Micro announcement on June 5. As previously reported, cryptojacking is an industry term for stealth crypto mining attacks that work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The XMR-focused malware — which wields malicious PowerShell scripts for illicit mining activities on Microsoft-based systems — reportedly surged against Chinese targets in mid-May. Hitting a peak on May 22, the wave of cryptojacking …
Twitter user and malware researcher Fumik0_ has discovered a new website that spreads cryptocurrency malware, according to a report by Bleeping Computer on June 5. According to the report, the host for transmitting these viruses is a website that imitates the website for Cryptohopper, a website where users can program tools to perform automatic cryptocurrency trading. When the scam site is visited, it reportedly automatically downloads a setup.exe installer, which will infect the computer once it runs. The setup panel will also display the logo of Cryptohopper in another attempt to trick the user. Running the installer is said to …
Coming every week, the Hodler’s Digest will help you track every single important news story that happened this week. The best (and worst) quotes, adoption and regulation highlights, leading coins, predictions, and much more — a week on Cointelegraph in one link. Top Stories This Week Kik Launches $5 Million Crypto Funding Campaign for Lawsuit Against U.S. SEC Kik, a Canadian tokenized social media startup, has launched a $5 million crypto initiative in order to fund a lawsuit against the United States Securities and Exchange Commission (SEC). Kik CEO Ted Livingstone, also the founder of Kik’s crypto project the Kin …