Sly malware author hides cryptomining botnet behind ever-shifting proxy service

Botnet author appears to be successful at hiding cryptocurrency mining botnet behind reverse proxy network used by enterprises and the developer community.

Without a doubt, botnets focused on cryptocurrency mining operations have been one of the most active forms of malware infections in 2018.

New botnets are appearing left and right if we are to believe security researchers from Chinese security firm Qihoo 360, who said this week that they are discovering new instances on a daily basis.

Not all of them may be profitable, as a recent Malwarebytes report has shown, but that doesn’t stop cyber-criminals from trying.

Although most botnets are a carbon copy of one another, once in a while researchers spot one that stands out above the crowd. This week, the cryptomining botnet that took the crown in terms of creativity was one discovered by the Netlab team at Qihoo 360.

And according to the Netlab team, the thing that stood out about this botnet was that instead of letting infected bots connect to a remote server via a direct connection, its authors were using the ngrok.com service instead.

For readers unaware of ngrok, this site is a simple reverse proxy used to let Internet-based users connect to servers located behind firewalls or on local machines that don’t have a public IP address.

The service is very popular with enterprises because it allows employees a way to connect to corporate intranets. The service is also used by home users, usually freelance developers, to let customers preview applications that are under development.

In most cases, a user hosts a server on his local machine, registers with ngrok, and gets a public URL in the form of [random_string].ngrok.io that he then shares with a customer or friend to let him preview an ongoing project.

According to Netlab researcher Hui Wang, at least one cryptomining botnet operator is also familiar with this service and has been using it to host a command and control (C&C) server behind ngrok’s proxy network.

But besides anonymity, the botnet operator also appears to have indirectly gained a resilience against any attempted takedowns of his C&C server.

As Hui explains, this happens because ngrok.io URLs stay online for only around 12 hours, and by the time security researchers identify a new C&C URL, the ngrok.io link changes to a new one, hiding the botnet from researchers once more. This allows the botnet to survive more than other botnets that host C&C servers on popular hosting platforms where security firms can usually intervene via abuse requests.

But that’s where the botnet’s creativity ends. Besides the nifty C&C trick, this particular botnet uses a somewhat simple make-up for its internal structure.

Hui says the botnet consists of four major components, all which have self-explaining names. The Scanner scans the Internet for applications vulnerable to known exploits; the Reporter takes care of client-server communications; the Loader downloads and infects a host; and the Miner is the actual app installed on the server that generates cryptocurrency for the botnet operator.

Currently, Hui says the botnet is targeting an assortment of web applications and CMSs, such as Drupal, ModX, Docker, Jenkins, Redis, and CouchDB.

There’s also a module to scan for local Ethereum wallets, but this is not active. On the other hand, a module that injects the Coinhive JavaScript library in all of the server’s JS files is active, meaning the botnet will also mine Monero inside the browsers of users visiting a site hosted on the infected servers.

This particular botnet is not extremely successful when compared to other botnets that have made millions of US dollars, and according to Hui, its operator made roughly 70 XMR coins, which is around $7,800. In terms of botnet operations, this is only pocket money.


Source
Author: Catalin Cimpanu
Image Credit

Bitfi and McAfee Announce First Truly Unhackable and Open Source Crypto Wallet

Bitfi Wallet assures impenetrable security with download-free and wifi-enabled operation, allowing users to participate in the digital asset economy without any risk of loss


Join in the fun and play on the world’s First Hybrid on-line Casino with BTC and Fiat currency payments. Check on-line for latest promotions


Bitfi (https://bitfi.com/), a global payments technology company working to enable businesses and consumers to participate in the digital currency economy, today announced Bitfi Wallet – the first unhackable, open source hardware wallet with an accompanying dashboard that features wireless setup and support for many popular cryptocurrencies and crypto assets, including Monero, a fully decentralized private cryptocurrency that has previously never had a hardware wallet solution.

Shortly after making a pre-launch introduction to a few insiders in the blockchain landscape, John McAfee, the preeminent expert on cyber security, acknowledged that Bitfi technology is indeed unhackable – a bold claim that has never before been uttered in the archives of tech history. Mr. McAfee has joined the Bitfi team as the company aims to accelerate adoption of decentralized assets by making interaction with these assets seamless and without risk. Bitfi technology is pivotal in advancing this goal.

“Of all today’s elaborate and sophisticated methods for making wallets secure and easy to use, surely none is as epic as that of the new Bitfi wallet. Several of my competitors have pioneered innovative methods to protect private keys, but Bitfi pulled out all the stops to ensure that the private key can never be obtained by illicit means. No other hardware wallet has ever been built to this level of sophistication,” said John McAfee, a foremost cyber security expert and founder of McAfee Antivirus.

The Bitfi Wallet offers more security than any other type of storage (including cold storage) without the need for technical skill, downloads or app installations to set up, requiring only a wireless connection. Once the wallet is set up, the device automatically receives the latest software updates thus completely eliminating any possibility for a user to download corrupt software or fall prey to phishing attacks. As Bitfi adds support for additional cryptocurrencies and crypto assets, they will automatically appear in the wallets of all users. In this way, a single purchase of the hardware wallet guarantees that wallet holders always have access to its latest technology and updates, making Bitfi Wallet a secure, long-term investment.

“The radically innovative Bitfi wallet, grew out of desperate need to find a completely secure and convenient storage solution so that we could drive rapid adoption of decentralized blockchain assets,” said Daniel Khesin, Co-Founder of Bitfi. “Intimately involved with the cryptocurrency revolution, we sought to develop the ultimate instrument that would be the last word for the problems of storing and interacting with cryptocurrency and other digital assets. Early prototypes so astonished various users (like John McAfee) who share our passion for cryptocurrency that, through simple word of mouth, many crypto enthusiasts were soon clamouring for a Bitfi wallet of their own. This demand led to our formation and the filing of numerous patents for over two dozen breakthrough features.”

Don’t forget to join our Telegram channel for Crypto, Business & Technology news delivered to you daily

While most wallets store a 24-word memory key to access funds, the Bitfi Wallet allows wallet holders to store an unlimited amount of funds, without possibility of loss or theft, by utilizing a proprietary and open-source Bitfi algorithm that calculates the private key with a powerful on-board CPU from the user’s own unique secret phrase. The private key only exists for a fraction of a second, just long enough to approve the transaction and is never stored anywhere. The user- created phrase is impossible for others to guess but easy for the wallet holder to memorize.

Unlike other wallets, the Bitfi wallet cannot be tampered with. If it is ever lost, stolen, taken apart and forensically analysed, the private keys cannot be retrieved, making the wallet safe to purchase from anyone within the network of authorized distribution dealers.

Because the Bitfi algorithm is completely open source, users can easily obtain their private keys without any reliance on 3rd parties, including Bitfi itself. Furthermore, instead of having to access each currency from individual folders or multiple wallets, users can view and control all of their digital currencies and assets in one place via the Bitfi dashboard.

The Bitfi Wallet enables users to view all balances at a glance and quickly switch from one cryptocurrency to another, whether for personal or business use, much like using an ATM machine. Bitfi Wallet also features native support for Ethereum, allowing users to view both their Ethereum balance and access tokens in one place rather than using third-party services.

“The Bitfi Wallet is the result of experiments with the most advanced circuit topologies, components and materials derived from state-of-the-art theory and practice in many fields,” said Khesin. “It is the result of our strenuous commitment and single-minded dedication to advancing the universal adoption of the decentralized digital asset economy in everyday life, for everyone.”

The Bitfi Wallet will go on sale for $120 USD and purchase includes a one-year limited warranty. Units will be available for purchase starting June 25th, 2018 with shipments beginning June 27th, 2018.


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author Bitfi 
Image Credit

In 2018, $4,243.83 Of Cryptocurrency Is Stolen Per Second

BITCOIN

$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do.


Join in the fun and play on the world’s First Hybrid on-line Casino with BTC and Fiat currency payments. Check on-line for latest promotions


• $1.1 billion worth of cryptocurrency was stolen in the first half of 2018, and it’s relatively easy to do, according to cybersecurity company Carbon Black.

• “It’s surprising just how easy it is without any tech skill to commit cybercrimes like ransomware,” Carbon Black Security strategist Rick McElroy says

• The necessary malware, which even occasionally comes with customer service, costs an average of $224 and can be as cheap as $1.04 on the “dark web.”

Roughly $1.1 billion worth of cryptocurrency was stolen in the first half of 2018, and unfortunately for owners, it’s pretty easy to do, according to cybersecurity company Carbon Black.

Criminals use what’s known as the dark web to facilitate large-scale cryptocurrency theft.

There are now an estimated 12,000 marketplaces and 34,000 offerings related to cryptotheft for hackers to choose from, the company said in a study released Thursday.

“It’s surprising just how easy it is without any tech skill to commit cybercrimes like ransomware,” Carbon Black Security strategist Rick McElroy told CNBC. “It’s not always these large nefarious groups, it’s in anybody’s hands.”

The necessary malware, which McElroy said even occasionally comes with customer service, costs an average of $224 and can be priced as low as $1.04. That marketplace has emerged as a $6.7 million economy, according to the study.

The dark web is a part of the World Wide Web accessible only through special software. It lets users remain anonymous and largely untraceable.

“You just have to able to log in and be able to buy the thing — you can call customer support and they’ll give you tips,” McElroy said.

Thefts can come from organized cartels or crime groups extorting exchanges and companies. But it is often as simple as a highly trained but unemployed engineer looking to make extra cash.

You have nations that are teaching coding, but there’s no jobs,” McElroy said. “It could just be two people in Romania needing to pay rent.”

As the price of bitcoin skyrocketed more than 1,300 percent last year, new buyers flooded the market. Unlike banks, cryptocurrency is typically not protected or insured by a third party, which first-time investors might not know.

“Usually we rely on banks, the tools are out there but investors need to know how to do this,” McElroy said. “A lot of people are unaware in this new gold rush, people are using cloud wallets and not securing their money.”

Don’t forget to join our Telegram channel for Crypto, Business & Technology news delivered to you daily

Exchanges were the most popular target for cybercriminals, making up 27 percent of attacks this year.

Tokyo-based Mt.Gox, the largest bitcoin exchange at the time, was the first high-profile hack in cryptocurrency history. It filed for bankruptcy in 2014 and said it lost 750,000 of its users’ bitcoins and 100,000 of the exchange’s own. This January, hackers stole $530 million worth of a lesser-known cryptocurrency called NEM from Japanese exchange Coincheck. In December, a South Korean cryptocurrency exchange called Youbit lost 17 percent of its digital assets and its parent Yapian later filed for bankruptcy.

Businesses were the second most vulnerable group, making up 21 percent of those hacked.

In many cases, criminals hack the internal system of these companies and demand cryptocurrency as a ransom. Carbon Black said it could not provide company names because some of the incidents were not public. In the U.S. companies don’t have to report a ransomware incident because it does not involve a loss of personal data.

Hackers often demand payment in cryptocurrency yet bitcoin does not seem to be the top choice. It accounted for only about 10 percent of the targeted cryptocurrencies, while ethereum made up 11 percent.

Criminals appear to prefer Monero. The lesser-known cryptocurrency was used in 44 percent of all attacks because of its privacy and its difficulty to trace compared with bitcoin, Carbon Black said. It also has relatively low transaction fees.

The United States was the most vulnerable country, with 24 crypto-related attacks. China was next with 10, and the U.K. came in third with eight.


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author Kate Rooney
Image Credit