Tokyo-based security software manufacturer Trend Micro has found Bitcoin (BTC) automated teller machine (ATM) malware available for purchase online, according to a blog post published August 7. In the blog post, Trend Micro cites an advertisement posted by an “apparently established and respected” user on a darknet forum. For the price of $25,000, criminals could purchase Bitcoin ATM malware accompanied by a ready-to-use card with EMV and near-field communication (NFC) capabilities. EMV chips were originally developed by leading credit card providers to store data on integrated circuits rather than magnetic stripes, while NFC enables two electronic devices to wirelessly exchange …
Valve Corporation has removed a game from its video game marketplace Steam that allegedly hijacked users’ computers to mine cryptocurrency, Motherboard reported July 30. The Steam game store has delisted Abstractism, an indie game accused of deceptive practices and cryptojacking, and has banned its developer from the platform. Steam took action following complaints from a number of users saying that the game setup file seemed to include a Trojan virus and malware disguised as steam.exe processes and launcher. Further investigation conducted by different players found that the programs were crypto miners that infected users’ computers to mine Monero. Game developer …
Interest in cryptojacking is potentially waning among cybercriminals in response to lower cryptocurrency market valuations, according to a report from MalwareBytes Labs released July 17. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The data and analysis laid out in Malwarebytes Labs’ “Cybercrime Tactics and Techniques: Q2 2018” report shows that while cryptojacking remains popular, decreases in detections of the activity across the board suggest that the trend may be beginning to decline: “We are not certain which [cybercrime] threat is going to take over as the top …
Security engineers of the Philippine community of major multiplayer video game League of Legends (LoL) have removed Coinhive crypto mining code from its Garena client June 11, according to an official statement from the group’s Facebook. On July 9, Monero (XMR) mining malware Coinhive was first detected on the LoL client by a player who posted about the issue on the League of Legends subreddit. According to the group’s Facebook statement, the recent case of Coinhive cryptojacking was caused by “unauthorized modification of the League of Legends PH client lobby where a certain javascript code was inserted.” Garena noted that …
Kaspersky Lab’s security experts have found that cyber criminals were able to steal more than 21,000 in Ethereum (ETH) (worth around $10 million) through social engineering schemes over the past year, Cointelegraph auf Deutsch reports Thursday, July 12. According to a July 9 report, cyber criminals have triggered more than a hundred thousand alarms altogether on security software in connection with cryptocurrencies since the beginning of 2018. Kaspersky Lab notes that scammers particularly single out investors interested in Initial Coin Offerings (ICO), using fake websites and phishing emails containing an e-wallet number to trick their targets out of money. The …
20 suspects have been arrested in China in a major cryptojacking case allegedly affecting over one million computers and generating 15 million yuan (about $2.2 million) in illicit profits, local news source Legal Daily reports today, July 9. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. According to local sources, investigation of the case began in January 2018, after the security team at Tencent –– the tech giant that developed WeChat –– alerted the Weifang City Public Security Bureau about a mining script hidden in freely-downloadable plugins. The …
Security researchers have discovered MacOS malware attacks targeting Slack and Discord users talking about cryptocurrencies, SC Media UK reports July 2. Remco Verhoef, founder of network security firm DutchSec, posted about the malware on June 30th in a blog post for the information security and cybersecurity training Sans Institute. According to Verhoef, the attacks impersonate administrators or “key people” in crypto-related chats, and then share “small snippets” that are downloaded and execute a malicious binary. SC Media UK notes that the malware can steal user passwords and store them on the local machine as well, which Verhoef identifies as German …
A new attack on Bitcoin users which gains control of Windows clipboard to swap out addresses is already monitoring 2.3 million targets, sources reported June 30. The malware, part of a family of threats known as “clipboard hijackers,” secretly gains control of memory, running in the background to ensure users do not notice its presence. It then replaces the Bitcoin address that the user has copied into the clipboard with the address of the attacker, which the user later unknowingly pastes and sends their coins to. “Unless a user double-checks the pasted address, they will have no idea that this …
Cryptojacking malware activity rose a staggering 629 percent in the first quarter of 2018, according to a new report published by cyber security firm McAfee Labs June 27. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The McAfee Labs Threats Report for June detected over 2.9 million known samples of coin miner malware in Q1 2018 – a 629 percent rise from around 400,000 samples the previous quarter. As per the report: “This suggests that cybercriminals are warming to the prospect of monetizing infections of user systems without …
A June 11 report by network and enterprise security company Palo Alto Networks has found that around 5 percent of all Monero (XMR) in circulation was mined maliciously. According to the research, the mining has been done via cryptojacking, the practice of using other users’ computers’ processing power to mine for cryptocurrencies without the owners’ permission. Josh Grunzweig of the Unit 42 threat research team collected data - around 470,000 unique samples - on how many cryptojacking miners have been identified within the Palo Alto Network WildFire platform. The report finds 3,773 emails connected with mining pools, 2,995 mining pools …
Cybersecurity company Carbon Black announced that roughly $1.1 bln worth of digital currency has been stolen in the first half of 2018, CNBC reported June 7. The security company said that criminals take advantage of the dark web to facilitate large-scale cryptocurrency theft. Estimates reportedly show that there are 12,000 marketplaces and 34,000 offerings associated with cryptotheft hackers can take advantage of. The dark web can be only accessed with the application of special software and allows users to stay anonymous and mostly untraceable. Carbon Black Security strategist Rick McElroy, who was interviewed by CNBC, said that basic malware costs …
The GuardiCore security team has discovered a malicious traffic manipulation and cryptocurrency mining campaign, according to an announcement published June 6. The campaign infected over 40,000 machines across various industries, including finance, education, and government. The campaign called Operation Prowli used various techniques like exploits and password brute-forcing to spread malware and take over devices, such as web servers, modems, and Internet-of-Things (IoT) devices. GuardiCore found that the attackers behind Prowli were focused on making money rather than ideology or espionage. According to the report, the compromised devices were infected with a Monero (XMR) miner and the r2r2 worm, a …