Search Results for “Cointelegraph”


September 28, 2019
Tara Seals / Threatpost

Tara Seals / Threatpost  
New Spyware Masad Clipper and Stealer Uses Telegram Bots to Steal Cryptocurrency, Drop Additional Malware

A freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” is using Telegram bots as its command-and-control (C2) hub to harvest data, steal cryptocurrency and drop additional malware, while masquerading as a Fortnite aimbot and more, according to an analysis by Juniper Networks. The spyware targets Android and Windows users and sends the data it collects from victims to a Telegram bot that acts as its C2 server. The stolen information can include browser form data with usernames and passwords for various sites, along with contact information and credit-card data;  PC and system information; a list of installed software and processes; desktop files; screenshots; browser cookies; Steam gaming platform files; Discord and Telegram messages; and FileZilla files. It also automatically replaces cryptocurrency wallets from the clipboard with its own; and has the capability of downloading other malware.  Masad’s primary propagation mechanism is mimicking software utilities like ProxySwitcher, CCleaner, Utilman, Netsh, and Whoami. It also mimics an existing malware called Proxo Bootstrapper.

September 25, 2019
Catalin Cimpanu / ZDNet

Catalin Cimpanu / ZDNet  
Two Men Indicted for Hacking Cryptocurrency Exchange EtherDelta, One UK Suspect Already Busted for His Role in TalkTalk Hack

Authorities in San Francisco indicted two suspects for hacking cryptocurrency exchange EtherDelta in December 2017. One of the suspects indicted, UK resident Elliott Gunton, also known as “Glubz,” is better known for participating in the hack of UK telco TalkTalk. The other is a resident of New York, Anthony Tyler Nashatka, also known as “psycho.” The two men allegedly bought the phone number of an EtherDelta employee, reportedly Zachary Coburn, the company’s CEO, off the black market to steal funds from thousands of EtherDelta users. They then allegedly managed to convince a mobile telco’s operator to add a call forwarding number to Coburn’s mobile account, which they used to silently bypass two-factor authentication (2FA) on Coburn’s EtherDelta (admin) account. After modifying DNS settings in the company’s G Suite portal and redirecting email to their server, they allegedly reset the password on EtherDelta’s Cloudflare account and locked out other company employees. After that, they reportedly redirected EtherDelta’s DNS records inside the Cloudflare account to their server. It’s unclear how much currency they purportedly stole, but one victim reported losing more than $800,000. The two men face five counts each, with maximum prison penalties of up to 20 years, up to three years of supervised released, and a fine of up to $250,000.

August 26, 2019
Wang Wei / The Hacker News

Wang Wei / The Hacker News  
Binance Says Hack of 10,000 Customers’ Data Stemmed From Third-Party Vendor, Gives Affected Victims Lifetime VIP Membership, Urges Them to Apply for New I.D. Documents

Cryptocurrency exchange Binance confirmed that a breach resulting in hackers distributing the Know Your Customer (KYC) images of hundreds of its users online and to media outlets was caused one of the company’s third-party vendors.  Before leaking the images online, the alleged hacker threatened the exchange to release KYC data of its 10,000 customers if the company did not pay 300 Bitcoins worth over $3 million at today’s exchange value. Binance also said that multiple leaked images were photoshopped and did not match the KYC images in its database. The exchange began contacting potential victims with “guidance on privacy protection and restitution,” and recommended that affected users should apply for new identification documents in their respective region. Binance is also offering a lifetime VIP membership to all its users affected.

Related: The Next Web, Security Affairs, Cointelegraph, Coindesk, Binance

Tweets:@Swati_THN


August 23, 2019
Catalin Cimpanu / ZDNet

Catalin Cimpanu / ZDNet  
Ukranian Secret Service Investigating Nuclear Power Plant Breach Where Employees Were Using Network to Mine Cryptocurrency

The Ukrainian Secret Service (SBU) is investigating a potential security breach at a local nuclear power plant after employees connected parts of its internal network to the internet so they could mine cryptocurrency. Viewed as a potential breach of state secrets due to the classification of nuclear power plants as critical infrastructure, the incident might have used the mining rigs as a pivot point to enter the nuclear power plant’s network and retrieve information from its systems, such as data about the plant’s physical defenses and protections investigators fear.  The incident took place in July at the South Ukraine Nuclear Power Plant, located near the city of Yuzhnoukrainsk, in southern Ukraine. Investigators seized equipment from the power plant’s administrative offices and not from the distribution plant.

Related: TechNadu, Infosecurity Magazine, Security Affairs, SecurityWeek, fossBytes, Unian, Forbes, The Next Web, RT, CoinTelegraph, NewsBTC

Tweets:@kimzetter @el33th4xor @campuscodi

TechNadu: Ukrainian Nuclear Power Plant Employees Have Been Caught Mining Cryptocurrency
Infosecurity Magazine: Ukrainian Nuke Plant Workers Tried to Mine Cryptocurrency
Security Affairs: Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency
SecurityWeek: Illegal Cryptocurrency Mining at Ukraine Nuclear Plant Exposed Sensitive Data
fossBytes: Ukranian Employees Connect Nuclear Plant To Internet To Mine Cryptocurrency
Unian: SBU busts cryptocurrency miners at Ukrainian power plantForbes: Bitcoin Hackers Charged As Nuclear Power Plant Security Compromised
The Next Web: Thief jeopardizes state secrets by using nuclear power plant to mine cryptocurrency
RT: Ukrainian nuclear power plant used to mine cryptocurrency, putting state secrets at risk
CoinTelegraph: Ukraine: Crypto Miners Arrested for Compromising Nuclear Plant Security
NewsBTC: Ukrainian Power Plant Officials Accused of Unauthorised Cryptocurrency Mining

@kimzetter: This one is going to be a staple in security conference slidedecks for years. Thank you, Ukraine.
@el33th4xor: I hope we don't have a second Chernobyl because some idiot connected a nuclear power plant to the Internet just so he can mine a PoW coin. https://zd.net/33S7Emh via @ZDNet & @campuscodi
@campuscodi: -incident happened at the South Ukraine Nuclear Power Plant -mining rigs found in administrative office -rigs also found in nearby military barracks used by the Ukranian National Guard -also not the first incident of its kind (see photo below)https://zdnet.com/article/employees-connect-nuclear-plant-to-the-internet-so-they-can-mine-cryptocurrency/


June 19, 2016
JP Buntinx / NewsBTC

JP Buntinx / NewsBTC  
Second “Attacker” Siphons Funds from DAO in Apparent Effort to Test Waters

A second “attacker” has implemented the same measure, known as a recursive split, to steal 22 ether from Ethereum, a cryptocurrency fund on the DAO exchange worth about .35 bitcoin or around $266, a small enough amount that experts are judging it as an effort to further test the waters. Meanwhile, DAO’s founder has laid out steps to stop the theft or minimize the gains to the attacker.

June 26, 2019
Max Boddy / Cointelegraph

Max Boddy / Cointelegraph  
Six Dutch, UK Residents Busted for Allegedly Stealing Over $27 Million in Cryptocurrency By Swiping Account Credentials via Typosquatting

Europol, in conjunction with the United Kingdom’s South West Regional Cyber Crime Unit, the Dutch police, Eurojust, and the U.K.’s National Crime Agency (NCA), has coordinated the arrests of six people based in the UK and The Netherlands suspected of stealing over $27 million in cryptocurrency. The hackers were reportedly involved in typosquatting and then recording login data that allowed them to gain access to cryptocurrency account holders’ wallets.

Related: SC Magazine, SecurityWeek, NL Times, Cryptovibes, DataBreachToday.com, HotforSecurity, New Europe, ComputerWeekly.com, SC Magazine, Europol

Tweets:@gcluley


June 7, 2019
Ana Alexandre / Cointelegraph

Ana Alexandre / Cointelegraph  
Hackers Stole $9.5 Million in XRP From 80 to 90 Victims on Wallet Service GateHub

Cryptocurrency wallet service GateHub announced that hackers have reportedly compromised nearly 100 XRP Ledger wallets stealing about  23,200,000 XRP worth around $9.5 million from 80–90 victims. The company became suspicious when it discovered increased application programming interface (API) calls coming from a small number of IP addresses. GateHub is still conducting an investigation.

Related: The Register – Security, Security Affairs, The Next Web, Infosecurity Magazine, CCN, ZDNet, Finance Magnets, AMB Crypto, Gatehub, XRP Forensics


April 30, 2019
Ana Alexandre / Cointelegraph

Ana Alexandre / Cointelegraph  
Around $4.6 Million Stolen Via Fraudulent Electrum Bitcoin Wallet Updates, DDoS Botnet Attacking Electrum Infrastructure Climbs to 152,000 Machines

The amount of funds stolen from the popular Electrum Bitcoin wallet due to a fraudulent and malware-laden update has increased to USD $4.6 million, and the DDoS botnet that is flooding the Electrum infrastructure is rapidly growing, according to researchers at Malwarebytes. The DDoS attacks are targeted at developers who try to protect their users and has grown from under 100,000 machines to as high as 152,000 machines. The team at Malwarebytes have been able to correlate two distribution campaigns (RIG exploit kit and Smoke Loader) that are fueling the botnet by dropping malware detected as ElectrumDoSMiner. They also identified a previously undocumented loader they call Trojan.BeamWinHTTP that is also involved in downloading ElectrumDoSMiner (transactionservices.exe).

June 19, 2016
Andrew Quentson / Crypto Coin News

Andrew Quentson / Crypto Coin News  
Alleged DAO Hacker: I Didn’t Hack, I Took Advantage of The System in Place

The alleged hacker of the DAO cryptocurrency exchange told Crypto Coin News that he is not a hacker but simply took advantage of the smart contracting system to make money — namely he took advantage of something called the “Recursive Call Exploit.” Currency miners who oppose a “fork,” i.e. a move to roll back the transaction, will share in one million ether and 100 bitcoin.

July 15, 2016
Gautham / Bitcoin News Service

Gautham / Bitcoin News Service  
Blockchain-Based Social Media Network Steemit Hacked, $85,000 Lost

A Reddit-like blockchain-based social media network Steemit says it has been hacked with over 260 user accounts affected. In the process the platform lost $85,000 in its native cryptocurrencies Steem Dollars and Steem.

[expand title=”More”]

[/expand]