Search This Blog

Showing posts with label Crypto Currency. Show all posts

FTX: Failed Crypto Exchange Could Owe More Than 1 Million Creditors


Following the collapse of the crypto exchange FTX, and its associated businesses, it could owe money to more than a million people and organizations, according to the bankruptcy filings. The documents filed in bankruptcy court demonstrated the extent of a corporate collapse that has stripped traders’ accounts, plunging the crypto sector into crises. 

The investigations for bankruptcy commenced last week when FTX experienced an $8 billion shortfall due to a run-on deposit. Consequently, this led to the company which was once regarded as one of the safest and most reliable institutions of the freewheeling crypto industry crumbling overnight. 

The exchange’s founder Sam Bankman-Fried reportedly transferred $10 billion of customer funds from FTX to his trading company ‘Alameda Research.’ A large amount of that total fund has since disappeared. The total amount is said to be between $1-2 billion. 

The financial hole later came to light in records shared by Bankman-Fried with other senior executives last Sunday. The records provided a real-time account of the situation, some sources said. 

The company’s sudden downfall due to the run-on deposits last week left FTX unable to fulfill its customers' demands. Consequently, Bankman-Fried struck a rescue deal to sell his firm to its largest rival exchange, Binance. 

After a lengthy online skirmish between Bankman-Fried and Changpeng Zhao, CEO of Binance, a review stating FTX’s finances revealed various problems, posing as a deal breaker and Binance pulled out of the deal. Bankman-Fried attempted to secure new financing but was unable to, and later declared bankruptcy. The Justice Department and SEC are currently looking into his management of FTX. They are apparently focusing on whether FTX inappropriately transferred customer funds to Alameda Research.  

In regards to the case, Associate Professor in Finance Technology at the University of Liverpool, Gavin Brown referred to a recent report that suggested “42% of the exchanges which failed simply disappeared without traces.” 

According to Prof Brown “In the event of exchange failure, or even bankruptcy, it is the investors who are on the hook for losses” He, along with other industry experts warned that often smaller investors often end up back of the queue, after the remains of a crypto business are divided among themselves. They doubt much money will be coming back. 

"The unfortunate news is that the money's all gone. It's just not there anymore. Investors should expect pennies on the dollar," says crypto blogger and author David Gerard.   

Metaverse: Billions Spent In The Virtual Land Grab

 

A sum of almost $2 billion was spent on the virtual land over the past year, according to research from metaverse analysts DappRadar. Digital real estate and digital plots of land are being purchased by individuals like Snoop Dogg and corporate investors like Samsung Electronics and PwC for a variety of reasons, but many of them believe that its value will rise over time. 
The virtual land is being sold via online platforms like Decentraland and Voxels (formerly Cryptovoxels), which many people consider as a primal version of metaverse – a virtual world, where the online users can live, work and play. 

Moreover, businesses and investors are building digital shops and event spaces on the virtual land they purchased in the metaverse, which often allows visitors to make purchases via cryptocurrencies. 

However, we are yet years away from the metaverse emerging as a sole immersive space online for people to live, play and work. So, is spending large sums for the land grabbing one huge gamble? 

‘Exhibiting my own work’ 


With the giant red Mohican and a permanent cigarette, the avatar of artist Angie Taylor does not quite resemble a typical land mogul. Nonetheless, she is among the growing group of people, who are laying claim to the new virtual worlds. 

“I bought my first metaverse parcel in July 2020 and paid about £1,500. I bought it for exhibiting my own work, but also for running metaverse events that would promote my art and also other people's art," she says. 

These plots, owned by Angie are about the size of a small family house (if one compares them to the size of her avatar). The tallest of them all stretches up over three floors and even comprises a roof terrace with a white-and-black-striped road crossing, and a pink taxi permanently driving back and forth just for fun. 

But one can sense the reality of the scale of this world from the air. 

"Hold down the F key and you can fly up to take a look at my neighborhood," Angie explains. Above her gallery, one can see thousands of identical boxes of land stretching to the horizon. 

Voxels is one of the many virtual worlds that identify as metaverses. People frequently refer to "the metaverse" as if there were just one, which is confusing. Companies are selling land and experiences in their own versions until one platform begins to dominate or these disparate worlds join together. 

According to DappRadar, $1.93 billion worth of cryptocurrency has been spent in order to purchase virtual lands in the past year alone, with $22m of that spent on about 3,000 parcels of land in Voxels. 

Among the many luxury fashion brands, Philipp Plein as well owns a virtual plot about the size of four football pitches, which it hopes will eventually contain a metaverse store and gallery. 

With fashion industries being most interested in taking the opportunity and risks in regards to the metaverse, Amsterdam-based digital-only fashion house, ‘The Fabricant’ only makes clothing for the avatars, designing collections and bespoke garments for users of Decentraland, Sandbox, and other crypto metaverses. 

The company just raised $14m in funding from investors betting on the idea that many of us will soon be living part of our lives in the metaverse. But since crypto metaverses are generally sparsely populated and only really used when events are held, and even then only thousands, and not millions, of people attend. Consequently, it is not certain if and when it will happen.

Google Cloud Delivers Web3 Developers for Blockchain Node Engine

The Blockchain still has more than 38 million customers in 140 countries worldwide, according to the Google Cloud website. In a news release, the business stated that the launch represents a resolve to aid Web3 developers in creating and deploying new products on platforms based on blockchain technology. 

Blockchains serve as a sort of decentralized database because they are made up of transaction data that is encrypted and permanently stored. The governing infrastructure is a node, which is a computer or server that holds the whole copy of the blockchain's transaction history in addition to depending on a central authority to confirm data.

Amit Zavery, GM and VP of engineering and platform, and James Tromans, director of cloud web3, announced the new service in a blog post that explained how difficult it is for blockchain nodes to stay in sync since they must continually exchange the most relevant blockchain data. It requires a lot of resources and data.

By providing a service model to handle node creation and a safe development environment in a fully managed product, Google Cloud aims to make it simpler. From Google's standpoint, it is far simpler to let them handle the labor-intensive tasks while you focus on creating your web3 application.

Additionally, Web3 businesses that need dedicated nodes can create effective contracts, relay transactions, read or write blockchain data, and more using the dependable and fast network architecture of Google Cloud. Organizations using Web3 benefit from quicker system setup, secure development, and managed service operations.

The goal of Google's blockchain service is to deploy nodes with the security of a virtual private cloud firewall that restricts networking and communication to vetted users and computers. The ability to access the notes from processes like distributed denial of service assaults will be restricted by other services like Google Cloud Armor.

Gains from Node Engine

The majority will adopt this method after Ethereum, which will employ it first. The following are some advantages that businesses could gain from using this Google Cloud Node Engine.

It takes a significant amount of time to manually node, and it can prove difficult for a node to sync with the network. However, the developers can deploy nodes using Google Cloud's Node Engine in a single transaction, simplifying and speeding up the procedure.

In the realm of cryptocurrency, data security is of utmost importance. The developers will benefit from the Engine Node's assistance in protecting their data and preventing illegal access to the nodes. Additionally, Google Cloud shields the nodes from DDoS assaults, just like Cloud Armor.

This development seeks to "assist enterprises with a stable, easy-to-use blockchain node web host so they can focus their efforts on developing and scaling their Web3 apps," according to Google Cloud's official website.

An approved group fully manages the Google Cloud Engine Node. The staff will administer the system during an outage, therefore you will have no concerns about availability. Nodes need to be restarted and monitored during an outage; the group will take care of it for clients.

Hong Kong Will Legalize Retail Crypto Trading to Establish a Cryptocurrency Hub

 


A plan to legalize retail cryptocurrency trading has been announced by Hong Kong to create a more friendly regulatory regime for cryptocurrencies. There has been an opposite trend over the last few years in the city, with skeptical views, as well as China's ban on the practice. 

According to sources familiar with the matter, an upcoming mandatory licensing program for crypto platforms scheduled to take effect in March next year will allow retail traders access to crypto platforms. There has been a request not to name these people since they are not authorized to release this information publicly.

There have been reports that the regulators are planning to allow the listing of higher-value tokens in the coming months but will not endorse specific coins such as Bitcoin or Ether, according to the people. They noted that the details and timeframe are yet to be finalized since a public consultation is due first.

At a fintech conference that starts on Monday, the government is expected to provide more details regarding its recently announced goal of creating a top crypto hub in the region. To restore Hong Kong's reputation as a financial center after years of political turmoil and the aftermath of Covid curbs sparked a talent exodus, the marketing campaign comes amid a larger effort to put Hong Kong back on the map.

Gary Tiu, executive director at crypto firm BC Technology Group Ltd, said that, while mandatory licensing in Hong Kong is one of the most effective things regulators can do, they cannot forever satisfy the needs of retail investors who are investing in crypto assets. 

Criteria for listing 

According to people familiar with the matter, the upcoming regime for listing tokens on retail exchanges is likely to include criteria such as the token's market value, liquidity, and membership in third-party crypto indexes to determine eligibility for listing. Their approach resembles the one they used when it came to structured products such as warrants, they continued. 

Hong Kong's Securities and Futures Commission spokesperson did not respond to a request for comment regarding the details of the revised stance adopted by the agency. 

Several crypto-related Hong Kong companies that are listed on the stock exchange increased their share prices on Friday. In the same report, BC Technology climbed 4.8% to its highest in three weeks during the third quarter, whilst Huobi Technology Holdings Ltd. rose slightly. 

In a world where more and more regulators are grappling with how to manage the volatile area of digital assets. This area has gone through a $2 trillion rout, following a peak in early November 2021. The sector is finding it difficult to regain its previous strength. Firms that dealt in cryptocurrency were crushed by the crash because their leverage grew without limit and their risk management methods were exposed.

It is widely believed that Singapore has tightened up its digital-asset rules to curb retail trading in digital assets to deal with the implosion that has hit Hong Kong. 

There was a proposal earlier this week by Singapore to ban the purchase of leveraged retail tokens on the retail market. There was a ban on cryptos in China a year ago because it was largely illegal. 

Michel Lee, executive president of digital-asset specialist HashKey Group, said that Hong Kong is trying to frame a crypto regime that extends beyond the retail token trading market to incorporate all types of digital assets, including cryptocurrencies. 

Bringing the ecosystem to the next level 

Among other things, Lee believes that tokenized versions of stocks and bonds could become a much more significant segment in the future as time passes on. Lee said, "Just trading digital assets on its own is not the goal". According to Lee, digital assets are not intended to be traded on their own but the ecosystem must grow as quickly as possible.”

A big exchange such as Binance and FTX once had their base in Hong Kong. Their attraction was the reputation of a laissez-faire regime and their strong ties to China. A voluntary licensing regime, that was introduced by the city in 2018, limited crypto platforms' access to clients with portfolios exceeding HK$8 million ($1 million) to those with portfolios of less than that amount. 

It has been confirmed that only two firms have been approved to operate under the license, BC Group and HashKey. FTX successfully managed to turn away the more lucrative consumer-facing business to the Bahamas last year as a result of the signal of a tough approach. 

However, the plan to attract crypto entrepreneurs back to Hong Kong seems to be a bit short of what is needed to usher them back. Among other things, it remains to be seen if mainland Chinese investors would be able to trade in tokens through Hong Kong if that were to be permitted. 

Leonhard Weese, the co-founder of the Bitcoin Association of Hong Kong, expressed a fear that there might be a very strict licensing regime in the future. "The conversations I have had indicate that people still fear it will be very stressful," he said. The company claims that it is not competitive on the same level as overseas platforms. Therefore, it will not be as attractive to customers as it would be if it dealt directly with retail users. 

According to blockchain specialist Chainalysis Inc., the volume of digital-token transactions in Hong Kong through June declined less than 10% from a year earlier, the most modest increase in the region outside of a slump in China, in the 12 months through June. It has fallen two positions from its global ranking of 39 in 2021 to 46 in 2022 when it comes to crypto adoption throughout the city. 

The Securities and Futures Commission of Hong Kong's Fintech Department has also suggested that the city could take further steps in this area, including the establishment of a regime to authorize exchange-traded funds seeking exposure to mainstream virtual assets. 

It shows that the one country, two systems principle is being put into action in financial markets, Wong said at an event last week. He said that the fact that the city can introduce a cryptocurrency framework distinct from China's indicates how far it has come.

Missing Cryptoqueen: Leaked Police Files May Have Alerted the OneCoin Fraudster Ruja Ignatova

 

Best known as the “Missing CryptoQueen,” convicted fraudster Ruja Ignatova who was included on the most wanted list by the US Federal Bureau of Investigation (FBI) is assumed to be receiving the information of the investigation before her disappearance. 
 
The 42-year-old fraudster, based in Bulgaria is convicted of her suspected involvement in the $4 billion OneCoin cryptocurrency fraud. The details of the scam were uncovered in a BBC podcast ‘The Missing Cryptoqueen’ devoted to the infamous fraudster. 

The police documents related to the case were apparently shown in the podcast by Frank Schneider, a former spy and trusted adviser to Ignatova. Following the allegations, Schneider is now facing extradition to the US for his role in the OneCoin fraud. 

While the metadata on the files suggests that Ignatova acquired the said documents through her own contacts in Bulgaria, Schneider denies the claims of obtaining the documents himself, which he says were obtained on a USB memory stick by Ignatova. 
 
Ignatova disappeared on October 25th, 2017, after being made aware of the police investigation into her OneCoin cryptocurrency. Following this, in June 2022 she was included in the FBI's most wanted list.
 
In an interview with the BBC, Schneider informed about the police files containing presentations made at a Europol meeting named ‘Operation Satellite.’ The meeting was attended by officials from Dubai, Bulgaria, the UK, Germany, and the Netherlands along with the FBI, the US Department of Justice, and the New York District Attorney five months before the disappearance of Ignatova. 
 
The said documents contained details of US authorities having a “high-placed confidential informant”, bank accounts from OneCoin receiving investor funds, and failed attempts of the UK's City of London to interview Ignatova. 

On being asked about the aforementioned files, Schneider said "When the Bulgarians participated at certain Europol meetings, it only took hours for her to get a complete rundown and get the minutes of what was said in those meetings.” “I can only deduce that it came from the circles that she was in and the she had through a variety of influential personalities.”

E1 Salvador Hosting Promotional conference "Adopting Bitcoin"

 



The first nation to embrace bitcoin as authorized cash in the year 2021 is El Salvador. There is no evidence in recent years that suggest that the country El Salvador will renounce crypto accord. The country will be hosting the conference “adopting Bitcoin” which will aim to encourage the adoption of 
Bitcoin. 

The conference “Adopting Bitcoin” will include an examination of technology and financial inclusion will be done. Approximately 110 speakers will be joining from 30 countries, one of the notable personalities is Senator India Kempis of Mexico.

In the 3rd week of November from 15th to 17th, the Bitcoin Beach conference will take place in San Salvador and the surrounding area. There is no event like the Bitcoin Conference that brings together the entire Bitcoin ecosystem for the purposes of collaboration, networking, and education.

E1 Salvador hosting a crypto-adopting conference

Bitcoin Beach Wallet, a bitcoin wallet developed and operated by Galoy Inc., is being rolled out in El Salvador through the platform that powers Bitcoin Beach Wallet. The bitcoin exchange Bitfinex will also be the primary sponsor of the event, which is taking place in November. In order to develop a financial technology platform for the issuance and trading of Volcano Tokens, Bitfinex is collaborating with the government of El Salvador to create a platform that will be used by both parties throughout the process.

It was impossible to have anticipated in 2021 that a sovereign government would be using Bitcoin as their official legal tender. A significant shift was observed in the public's perception of the nation as well as its currency as a result of the action. Currently, El Salvador is making progress on its way to becoming one of the first financial inclusion models in Central America and becoming the Singapore of Central America.

Nonetheless, Bitcoin has proven to be a very convenient exchange medium that can support millions of transactions each day, proving to be a very successful exchange medium. This conference will take place at the Crowne Plaza convention center in Orlando, Florida over the first two days. During the presentation, speakers will discuss the most recent advancements in the Bitcoin ecosystem from a technological and economic perspective.

Among the most significant presentations of the conference will be that of the Bitcoin Core engineer Jon Atak. Atak recently won a $50,000 grant from the Human Rights Foundation, and his presentation will be an important contribution to the technology field.

Another significant speaker at the economic conference will be Senator Indira Kempis of Mexico who is scheduled to deliver the keynote address. Kempis is known in the past for her advocacy for central bank digital currencies (CBDCs), which have been in the news for quite some time. Her effort to legalize bitcoin in Mexico, which made headlines globally, was another remarkable achievement. 

The Crypto Environment After Conference


The cryptocurrency market is presently undergoing a turbulent phase. As far as market conditions are concerned, the current market environment is by far the most severe crypto winter in history. As risk assets declined overnight, bitcoin (BTC) reached new weekly lows on September 28 as the price declined throughout the entire week.

There is a strong correlation between the value of digital currencies and the stock market in the U.S., which has prompted investors to pay close attention to monetary policy for this year. There has been a surge in interest rates along with pressure applied to the S&P 500 and the tech-heavy Nasdaq, which has influenced other risky assets, such as cryptocurrencies, as well as others in general.

As a result of this year's interest rate hikes, the United States Federal Reserve has not made any commitments to stop them yet, although this year's rate hikes have exerted pressure on risk assets such as cryptocurrency in general.

At the same time, investors are closely watching the U.S. dollar in order to determine how it will perform. It has been estimated that the dollar index, which measures how the greenback is performing against a basket of currencies, has increased by more than 18% so far this year. 

Hacked Devices Generated $53 for Every $1 Cryptocurrency Through Crypto Jacking

 


The team of security researchers evaluated the financial impact of crypto miners affecting cloud servers. They stated that this costs cloud server victims about $53 for every $1 of cryptocurrency mined by threat actors through crypto-jacking. 

Cryptojacking refers to the illegal method of extracting cryptocurrency from unauthorized devices, including computers, smartphones, tablets, and even servers with an intent of making a profit. Its structure allows it to stay hidden from the victims. The malicious actors generate income through hijacking hardware, as the mining programs use the CPUs of hijacked devices.  

The mining of cryptocurrency through the hijacked devices was primarily an activity of financially motivated hacking groups, especially Team TNT. It was responsible for most of the large-scale attacks against vulnerable Doctors Hub, AWS, Redis, and Kubernetes deployments.  

The cyber attackers updated the OS image by distributing the network traffic across servers that contained XMRig. It is a CPU miner for a privacy-oriented hard-to-trace cryptocurrency that has recently been considered the most profitable CPU mining.   

As opposed to ransomware, software that blocks access to systems until the money is paid, and includes aggressive law enforcement, rouge crypto mining is less risky for the cyber attackers.  

The Sysdig researchers used "Chimaera", a large campaign of TeamTNT for estimating the financial damage caused by crypto miners. The research revealed that over 10,000 endpoints were disclosed to unauthorized persons. 

In order to hide the wallet address from the hijacked machines and make tracking even harder, the cyber-attackers used XMRig-Proxy but the analysts were still able to discover 10 wallet IDs used in the campaign. 

Later the researchers disclosed that the 10 wallets held a total of 39XMR, valuing $8,120. However, they also mentioned that the estimated cost to victims incurred from mining those 29 XMR is $429,000 or $11,000 per 1 XMR. 

Moreover, they explained that, according to their estimates, the amount does not include amounts that are stored in unknown older wallets, the damage suffered by the server owner as a result of hardware damage, the potential interruptions of online services caused by hogging processing power, or the strategic changes firms had to make to sustain excessive cloud bills as a result of hogging processing power.

North Korean Hackers Target CryptoJob Seekers To Evade Western Countries Against Sections

North Korean state sponsors hackers are victimizing cryptocurrency workers with a new phishing campaign on LinkedIn and Indeed to plagiarize resumes and other people’s profiles to land remote work at crypto firms, security researchers at Mandiant said. 

Malwarebytes cyber security researcher, Hossein Jazi, published details of the attack on Twitter. Research analysis shows that the hackers leveraged a PDF containing information about the non-existent role of “engineering manager, product security” at crypto giant Coinbase. 

The objective behind this campaign is to get access to these firms’ internal operations, and projects and gather data about upcoming trends, including Ethereum network development, potential security lapses, and non-fungible tokens (NFTs). 

This information reportedly serves North Korean threat actors to launder cryptocurrencies that can later be used by the Pyongyang government to answer Western sanctions. 

Joe Dobson, a principal analyst at Mandiant, told the press that “It comes down to insider threats If someone gets hired onto a crypto project, and they become a core developer, that allows them to influence things, whether for good or not.” 

This phishing campaign also shares similarities with Operation In(ter)caption, in which hackers used LinkedIn phishing messages that were containing job offers for target working audiences in relevant sectors. Malicious files and data were sent either via email or LinkedIn in a OneDrive link, it was first exposed by ESET in June 2020. 

“Once the recipient opened the file, a seemingly innocent PDF document with salary information related to the fake job offer was displayed. Meanwhile, the malware was silently deployed on the victim’s computer. In this way, the attackers established an initial foothold and reached a solid persistence on the system,” ESET reported. 

Although, the government of North Korea denied its involvement in any cyber-related theft, however, the U.S. government federal agencies, such as the Department of State and the FBI, earlier this year released warnings to the organizations against randomly hiring freelancers from North Korea, as they were potentially misleading businesses with their true identities and state's (DPRK) backing in their activities. 

LockBit 3.0: Launch of Ransomware Bug Bounty Program

 

The "LockBit 3.0" ransomware update from the LockBit ransomware organization features the first spyware bug bounty program, new extortion methods, and Zcash cryptocurrency payment choices. After two months of beta testing, the notorious gang's ransomware-as-a-service (RaaS) operation, which has been operational since 2019, recently underwent an alteration. It appears that hackers have already employed LockBit 3.0.

Bug bounty plan for LockBit 3.0 

With the launch of LockBit 3.0, the organization launched the first bug bounty program provided by a ransomware gang, which asks security researchers to disclose bugs in exchange for incentives that can go as high as $1 million. In addition to providing bounties for vulnerabilities, LockBit also pays rewards for "great ideas" to enhance the ransomware activity and for doxing the operator of the affiliate program, identified as LockBitSupp, which had previously posted a bounty plan in April on the XSS hacking site.

"We open our bug bounty program to any security researchers, ethical and unethical hackers worldwide. The compensation ranges from $1,000 to $1,000,000," reads the page for the LockBit 3.0 bug reward. The notion of initiating the criminal operation would be against the law in many nations, however, makes this bug reward scheme a little different from those frequently utilized by respectable businesses.

LeMagIT claims that version 3.0 of LockBit includes several other improvements, such as new methods for data recovery and monetization, as well as the option for victims to choose to have their data destroyed, and the ability for victims to make payments using the Zcash cryptocurrency in addition to Bitcoin and Monero. 

LockBit is producing outcomes. In May, LockBit 2.0 succeeded Conti as the leading provider of ransomware as a service. The gang's previous ransomware, LockBit 2.0, was to be blamed for 40% of the attacks that NCC Group observed in the preceding month. Moreover, according to Matt Hull, worldwide lead for strategic threat intelligence at NCC, The most prolific threat actor of 2022 is Lockbit 2.0,  In times like these, it's imperative that businesses become familiar with their strategies, methods, and processes.

It is unclear how this new extortion technique will operate or even whether it is activated because the LockBit 3.0 data leak site currently does not have any victims. With its public-facing manager actively interacting with other malicious actors and the cybersecurity community, LockBit is one of the most prolific ransomware campaigns.

Three Malware Fileless Phishing Campaigns: AveMariaRAT / BitRAT /PandoraHVNC

 

A phishing effort that was distributing three fileless malware onto a victim's device was detailed by cybersecurity experts at Fortinet's FortiGuard Labs. AveMariaRAT, BitRAT, and PandoraHVNC trojan viruses are spread by users who mistakenly run malicious attachments delivered in phishing emails. The viruses are dangerously capable of acquiring critical data from the device.
 
Cybercriminals can exploit the campaign to steal usernames, passwords, and other sensitive information, such as bank account numbers. BitRAT is particularly dangerous to victims because it can take complete control of infected Windows systems, including viewing webcam activity, listening to audio through the microphone, secretly mining for cryptocurrency that is sent to the attackers' wallet, and downloading additional malicious files.

The first phishing mail appears to be a payment report from a reputable source, with a brief request to view a linked Microsoft Excel document. This file contains dangerous macros, and when you open it, Microsoft Excel warns you about using macros. If the user disregards the warning and accepts the file, malware is downloaded. The malware is retrieved and installed onto the victim's computer using Visual Basic Application (VBA) scripts and PowerShell. For the three various types of malware that can be installed, the PowerShell code is divided into three pieces. This code is divided into three sections and employs the same logic for each virus: 
  • A dynamic mechanism for conducting GZip decompression is included in the first "$hexString." 
  • The second "$hexString" contains dynamic PowerShell code for decompressing the malware payload and an inner.Net module file for deploying it. 
  • The GZip-compressed malware payload is contained in the "$nona" byte array. The following PowerShell scripts are retrieved from the second $hexString and are used to decompress the malware payload in $nona and to deploy the malware payload into two local variables using the inner.Net module. 
The study doesn't explain as to why the phishing email contains three malware payloads, but it's conceivable that with three different types of malware to deploy, the cybercriminals will have a better chance of gaining access to whatever critical information they're after. 

Phishing is still one of the most prevalent ways for cyber thieves to deliver malware because it works – but there are steps you can take to avoid being a victim. Mysterious emails claiming to offer crucial information buried in attachments should be avoided, especially if the file requires users to allow macros first. Using suitable anti-spam and anti-virus software and training workers on how to recognize and report phishing emails, businesses may help workers avoid falling victim to phishing emails.

Analysis of Cryptocurrency Fundraising

 

A cryptocurrency is a form of digital currency meant to make internet transactions extremely safe. Investors and authorities are paying attention to the unexpected increase in the value of cryptocurrencies. The digital era has surely aided in the advancement of our understanding and use of money. We are also on the verge of a new financial revolution, which is linked to the fourth industrial revolution. There are currently 9,271 distinct cryptocurrencies available, with Bitcoin, Ethereum, Tether, BNB, and USD being the most renowned ones.  

Cryptocurrencies, despite being older than the iPad, have just entered the public sphere, with their impact being predominantly felt in the last three or four years. The aspect of digital currencies has spread to numerous banks, including JP Morgan and Wells Fargo, which are developing their own cryptos. Blockchain, AI, IoT, and a slew of other technologies are making inroads into our daily lives as more traditional concepts and technologies are scrambling to stay up or risk becoming obsolete. 

Bitcoin, one of the most popular cryptocurrencies, was launched in 2009 and employs peer-to-peer technology to enable rapid transactions without the involvement of institutional bodies such as banks or governments. A password or a private key is required to access the received cryptocurrency in the wallet. Furthermore, the transaction is safeguarded by blockchain technology when it is sent from one wallet to another.

Physical currency serves as a universal measure of worth as well as a quick means of transmitting it. The switch to such a system would very certainly be tough, as cash may become incompatible in the blink of an eye if the crypto world advance at the current pace. Established banking institutions would almost certainly have to hustle to adapt. Governments across the world are now accepting blockchain and cryptocurrency. According to the Gartner report, 83 nations are currently experimenting with or deploying as such Central Bank Digital Currencies, or CBDCs, which account for 90 percent of global GDP. While many businesses initially offered to accept Bitcoin during its first boom, this list has progressively reduced, reinforcing doubt about the cryptocurrency's potential as a medium of trade. 

In India, cryptocurrency boomed relatively late when it already cost millions of rupees, as a result, Indians have few Satoshis (small units of a bitcoin) but this isn't the case in every situation. People are dealing in smaller units such as milli or micro bitcoins as the worth of cryptocurrency. 

Furthermore, the price of a cryptocurrency varies between exchanges, which is a clear breach of the legislation of one price.

While bitcoin performs admirably as a wealth vault, its volatility makes it riskier and exposes it to increased danger of loss. Several variables influence the price of a single bitcoin, like supply and demand, competition, and regulation. Investor perceptions of cryptocurrency are also influenced by recent news events.

The lack of other traits for crypto in India is typically associated with modern physical currencies; they cannot be deposited in a bank and must be held in digital wallets, which are costly and risky due to the possibility of hacking, staff corruption, public IP addresses, and ransomware. In many aspects, government supervision over central currency is essential for regulation, and cryptocurrencies would function with far less government oversight. Bitcoin's supply is set; there is an absolute limit of 21 million units.

In order to maintain steady price levels, the money supply must be able to rise in lockstep with macroeconomic activity, otherwise, the problem can only be solved by raising the velocity of money or by a substantial drop in prices. This might put the economy in jeopardy. 

For investors, bitcoin's artificial scarcity is a benefit: increased demand combined with inelastic supply leads to a greater price. The lack of a central regulator renders investor protection untenable and raises the likelihood of greater instability. People engage in these markets expecting the cryptocurrencies would grow in the future; this presumption fuels speculative behaviours, and a quick shift in the presumption may cause the market to crash, injuring many naive investors. 

The magnitude of economic harm is influenced by the connectivity between crypto-assets and the traditional banking industry. According to economists, direct exposure from cryptocurrencies to the financial system might be transmitted, and indirect repercussions could expand to other asset classes. Crypto assets, according to the RBI financial stability report (2021), offer long-term risks for capital control management, financial and macroeconomic stability, and monetary policy transmission.

China has taken the toughest stance on cryptocurrencies, going from allowing crypto mining to outright prohibiting it as of June 2021. Regulations are divided between the federal and state governments in the United States and India. Most EU draught Markets in Crypto-Assets Regulation (MiCA) legislation was announced by the European Commission in September 2020. The UK  is currently supervised by the Financial Conduct Authority (FCA). It's worth noting that the South American nation was the first to declare Bitcoin to be legal cash.

If we look at the evolution of crypto as a currency, it has virtually achieved its goal of decentralisation, and is now one of the main firms such as Tesla, Microsoft, and Meta are investing in it. On the other hand, the emerging cryptocurrency has the issue of being hackable. In the long run, if cryptocurrency continues to develop at its current rate, it may eventually replace fiat currency, resolving the issues of hacking and extreme volatility.

Financier Diakonov Called Russia the Future Cryptocurrency Center of the World

 

Mr. Diakonov predicted the future of cryptocurrency and called it a possible alternative to traditional money. "Time will tell how it will be built into the system of international payments and trade," he said.
The financier also stated that Russia can become a cryptocurrency world center since it has the necessary knowledge, capabilities and technologies to create this product. However, it is difficult to guess when this scenario will come to life,since the concepts of cryptocurrencies proposed by the Ministry of Finance and the Central Bank do not reflect the current situation. 

"If the task is to transfer part of the international settlements into the "new currency," in case this instrument will acquire the scale, then sanctions measures from the West may affect it as well. And we may see the next prohibitive measures of an international nature," he explained. 

According to Mr. Diakonov, China, as Russia's largest business partner, is not yet ready to switch to cryptocurrency trading. However, he suggested that the country would start using the digital yuan. "Here we see great prospects for creating new synthetic products that will become a growth point for the economy," he concluded. 

Earlier, the founder and CEO of the world's largest cryptocurrency exchange Binance, Changpeng Zhao, said that next year there will be more transparency in the regulation of crypto-assets, and this is a positive signal for the market. In addition, there will be new options for their use. But the crypto market moves cyclically, and an upturn is followed by a downturn. Whether it happens next year or later is hard to predict. Asset volatility will continue regardless of who comes to the market. "Our personal goal for next year is to get as many licenses around the world as we can; we expect to get 10 to 20 more licenses next year." 

In addition, there will be new ways to use them. But the crypto market moves cyclically, and a period of recovery is followed by a recession – it will happen next year or later, it is difficult to predict. Asset volatility will continue regardless of who comes to the market. "Our personal goal for next year is to get as many licenses around the world as possible. We expect to get another 10-20 licenses next year." 

Earlier, the Ministry of Finance submitted to the government a bill on the legalization of cryptocurrencies. According to the document, Russians will have the right to legally invest up to 600 thousand rubles ($7,600) in cryptocurrency annually. However, this will require special testing.

The Ministry of Finance Proposed to Test Russians Before Buying Cryptocurrencies

 

On February 18, the Ministry of Finance submitted a bill on the regulation of cryptocurrencies to the government. At the same time, public discussions began. On Monday, February 21, the agency published details of the document on its official website. 

According to the proposal of the Ministry of Finance, the use of digital currencies as a means of payment in Russia will continue to be prohibited. However, the Ministry of Finance suggests leaving cryptocurrencies only as a tool for investment. The bill defined the requirements for exchanges and exchangers that will deal with cryptocurrencies. 

Foreign cryptocurrency exchanges will have to register in Russia in order to obtain a license. The Ministry of Finance proposes to allow transactions with the purchase or sale of cryptocurrencies only if the client is identified. The deposit and withdrawal of cryptocurrencies will be possible only through banks using a bank account. 

Exchanges must inform citizens about the high risks associated with purchasing digital currencies. Citizens will undergo online testing before purchasing cryptocurrencies, which will determine the level of knowledge of the specifics of investing in digital currencies and awareness of possible risks. 

According to the official website of the Ministry of Finance, "with successful testing, citizens can invest up to 600 thousand rubles in digital currencies annually. If the testing is not passed, then the maximum amount of investment will be limited to 50 thousand rubles (about 0.015 bitcoins at the time of writing the news). Qualified investors and legal entities will make transactions without restrictions." 

The agency also proposes to consolidate the definition of digital mining as an activity aimed at obtaining cryptocurrency. The Ministry of Finance noted that they had received proposals from the Bank of Russia on the introduction of a ban on the organization of the issuance and circulation of digital currencies. 

Last week it became known that the Central Bank proposes to ban not only the organization of the issuance of cryptocurrencies and their circulation but also the dissemination of information about them. Also, the Central Bank prohibits banks and other financial market participants from owning private digital currencies. 

In addition, on February 18, the Central Bank proposed to introduce fines of up to one million rubles ($12,700) for the issue of private cryptocurrency. If the bill is adopted, individuals may face fines in the amount of 300 ($3,800) to 500 ($6,300) thousand rubles, and organizations from 700 thousand ($8,800) to one million rubles ($12,700). 

Earlier, CySecurity News reported that the Kremlin and the Russian government have estimated the Russian cryptocurrency market at $214 billion.

The Ministry of Finance of Russia Named the Main Threat of Cryptocurrency Ban in Russia

Deputy Finance Minister Alexei Moiseev said that the ban on cryptocurrencies and mining could slow down the development of new technologies and services, lead to the outflow of highly qualified specialists abroad, and the loss of tax revenues. 
Mr. Moiseev recalled that the relevance of cryptocurrency regulation is due to the growing popularity of citizens' investments in such assets. 

"We need to create clear and transparent rules for the participation of citizens and businesses in the financial instruments of the crypto market. The concept provides for the traceability of cash flows and crypto transactions, as well as the identification of users," the official stressed. 

He added that the only legal participant in the crypto market will be banks and exchanges that will oblige to comply with all the requirements of anti-money laundering legislation. "As for investors, they will be divided into qualified and unskilled, that is, those who do not have the necessary knowledge in working with digital financial instruments," he recalled. 

According to him, clear regulation excludes the possibility of a parallel financial system appearing in Russia, introduces clear rules of the game for market participants, and creates tools to protect investors' rights. In the case of a ban, all of them could automatically become violators of the law, and these are millions of people. 

Last week, the Bank of Russia stressed that it was in favor of reducing the interest of Russians in the cryptocurrency market. Elvira Nabiullina, head of the regulator, noted that the concept of regulating digital assets, which was proposed by the Ministry of Finance and approved by the government, does not allow to mitigate the risks, which the Central Bank warned about. 

In January, the Bank of Russia published a report "Cryptocurrencies: Trends, risks, measures", in which, in order to reduce threats, it proposed to ban the issuance, mining and circulation of cryptocurrencies in Russia. The central bank proposed to introduce a ban on the organization of the issuance or circulation of cryptocurrencies on the territory of Russia, to establish responsibility for its violation. 

The concept of the Ministry of Finance provides for the regulation of cryptocurrencies in Russia without their prohibition. The Ministry believes that the complete absence of regulation or prohibition of cryptocurrencies will destabilize the industry, increasing the share of the shadow economy and the growth of fraud, and law enforcement will not be able to effectively respond to crimes using such instruments. 

At the end of January, Russian President Vladimir Putin called on the government and the Central Bank to come to a consensus on the regulation of cryptocurrencies and report on the results. So, by February 18, the Ministry of Finance, together with the Bank of Russia, should prepare a bill on the regulation of cryptocurrencies.

Russian Man and his Wife Arrested in U.S. for Stealing Record $4.5 billion in Bitcoins

Russian citizen Ilya Lichtenstein and his wife Heather Morgan were arrested in the United States on Tuesday. The U.S. Justice Department in a statement called them the largest Internet fraudsters in history. 

The spouses are suspected of hacking the Hong Kong cryptocurrency exchange Bitfinex in 2016 and withdrawing 120,000 bitcoins from its accounts, which is $4.5 billion at current prices. Intelligence agencies managed to confiscate $3.6 billion worth of bitcoins stored in the Russian's e-wallets. 

On Tuesday night, after the arraignment in the Court of the Southern District of New York, Magistrate Judge Debra Freeman decided to release the suspects on bail of $8 million for two. However, the spouses were unable to leave federal prison as the judge's decision was put on hold by Washington. 

According to the prosecution, the couple should remain in custody because "they are sophisticated cybercriminals and money launderers, and there is a serious risk of their escape." Prosecutors admit that the couple may have passports in other names. 

In particular, agents found a file named Passport_ideas on Liechtenstein's computer. And a plastic container with disposable phones was found under the bed in the apartment of the defendants. Under American law, Ilya Lichtenstein and Heather Morgan face up to 25 years in prison. 

A few years ago, 34-year-old Ilya Lichtenstein unsuccessfully tried to create a technology startup and become an investor. He came to the United States from Russia at the age of six, when his family was granted asylum for religious reasons. 

His wife, Heather Morgan, called herself an economist, a journalist, and a "Crocodile of Wall Street", was a freelance writer for Forbes magazine and even performed as a rapper under the name Razzltkhan. According to the New York Times, giant billboards with her image decorated Times Square. 

According to the investigation conducted by the FBI and the US Internal Revenue Service, Lichtenstein and Morgan hacked the Bitfinex protection system and made about 2 thousand illegal transactions, transferring funds from the accounts of the exchange's clients to their electronic wallet. 

In subsequent years, the suspects managed to launder about 25 thousand bitcoins through third-party exchanges and online services on the darknet. A new hearing on Lichtenstein and his wife's bail application will be held in Washington on February 11.

North Korea Stealing Millions in Cyber Attacks

 

A recent report of UN experts on cybersecurity threats has revealed that North Korea has not stopped stealing hundreds of millions of dollars from financial institutions and cryptocurrency organizations and exchanges. Illegally obtained money plays a very important role in North Korean nuclear and missile programs, U.N. experts said in a report quoting cyber specialists. 

The state-sponsored cybercriminals often use prevalent methods of attacks including phishing lures, malware, code exploits, and advanced social engineering to siphon funds out of these organizations’ internet-connected ‘hot’ wallets into DPRK-controlled addresses. 

The panel of experts has also said that according to an unnamed government, North Korean “cyber-actors stole more than $50 million between 2020 and mid-2021 from at least three cryptocurrency exchanges in North America, Europe, and Asia, probably reflecting a shift to diversify its cybercrime operations.” 

The experts further added that the “Cyber-actors stole a total of $400 million worth of cryptocurrency through seven intrusions into cryptocurrency exchanges and investment firms". 

The panel of experts monitoring sanctions on North Korea said that the cryptocurrency funds that have been stolen by the state-sponsored threat actors go through a very protective money laundering process in order to be cashed out.

A year ago, the panel quoted an unidentified country saying North Korea’s “total theft of virtual assets from 2019 to November 2020 is valued at approximately $316.4 million.” 

In the same year, North Korea had advanced its nuclear weapons and ballistic missiles even after United Nations sanctions. Further, for its funding, the state uses malicious actors' help and continues to seek material and technology overseas for its arsenal including in Iran, said, experts. 

“Cyberattacks, particularly on cryptocurrency assets, remain an important revenue source for the state government, and the experts are monitoring the implementation of sanctions against the North,” experts said in the new report.

The Moscow Kremlin and the Russian Government Have Estimated the Russian Cryptocurrency Market at $214 Billion

 

Bloomberg claims, citing its own sources that the Kremlin and the Russian government have estimated the Russian cryptocurrency market at $214 billion. This assessment is used during the development of a plan to regulate the industry. 

The volume of cryptocurrency held by Russians was calculated in January 2022 by analyzing the IP addresses of major cryptocurrency exchange users and other information. The agency writes that the estimate may be an underestimate because many traders hide their activities. 

In November 2021, the Central Bank of Russia estimated the annual volume of transactions of Russians with digital assets at $5 billion. The data were obtained based on the results of a survey of large banking organizations in July 2021. The Central Bank also noted that Russian users are among the most active participants in the digital currency market. Russia is among the leaders in the number of visits to digital currency exchanges. 

Later, during the parliamentary hearings, Anatoly Aksakov, head of the State Duma Committee on Financial Market, estimated investments of Russian residents in cryptocurrencies at $194 million. Aksakov stressed that unqualified investors are also interested in digital assets, so the authorities need to determine the position on digital assets and legislate it. 

It is interesting to note that on January 20, the Central Bank published a report for public discussion, in which it proposed to ban the issuance, circulation, and exchange of cryptocurrencies in Russia, as well as the organization of these operations. The regulator also considers it necessary to ban the mining of digital assets and start monitoring the investments of Russians in cryptocurrency on foreign trading platforms. 

However, after the Central Bank report, Deputy Prime Minister Dmitry Chernyshenko approved a roadmap on cryptocurrencies, which proposes the regulation of cryptocurrencies, rather than their prohibition, identification of customers, responsibility for illegal trafficking of digital assets, as well as the development of a methodology for assessing the value of cryptocurrencies. 

Representatives of the Ministry of Finance, the Ministry of Economic Development, the Prosecutor General's Office, Rosfinmonitoring, the FSB, the Ministry of Internal Affairs, the Federal Tax Service, the Ministry of Finance, and the Bank of Russia participated in the development of the roadmap. 

On January 26, Russian President Vladimir Putin called on the government and the Central Bank to come to a consensus on the regulation of digital assets. The Head of state said that he was familiar with the discussion concerning the regulation of cryptocurrencies. 

Earlier, CySecurity News reported that the Russian billionaire Oleg Deripaska criticized the Central Bank for allegedly “infantilely closing his eyes to the growing cryptocurrency market.” As an argument, the billionaire cited the actions of the US Treasury, which, according to him, invests in the crypto industry.

Russia may prohibit payment of cryptocurrency with bank cards

In Russia, it may be prohibited to pay for the purchase of electronic currencies with bank cards. The Central Bank s currently being discussing such an idea.

Experts talk about blocking payments with a specific MCC code. Banks assign such codes automatically when processing card payments. This four-digit code identifies the merchant's business.

For example, grocery stores receive the code 5411. And crypto exchangers and crypto exchanges usually receive the code 6051. The regulator can oblige banks to block such transfers.

Experts say that even if such a ban is introduced, it will not be difficult to buy cryptocurrency. Firstly, there are intermediaries. And secondly, people can open an account in a bank of Belarus or Kazakhstan, in these countries investments in cryptocurrency are allowed.

According to biotech entrepreneur, miner Pyotr Kondaurov, it is impossible to ban the crypt, it is decentralized, it is distributed, people will use it anyway, the crypt is not controlled by the Central Bank. That is, people can send each other as much money as they want and not pay taxes for it and not report for it at all. That is, a monetary system appears that does not belong to the state.

Earlier, the head of the Central Bank, Elvira Nabiullina, said that the regulator is against using the Russian financial system for operations with cryptocurrencies. According to her, the Central Bank cannot welcome investments in such currencies because of their volatility, as well as the risks they entail for retail investors.

The Ministry of Finance, according to Forbes, does not advocate a complete ban on cryptocurrencies, but for limiting the purchase of such digital assets by unqualified investors. Earlier, the Central Bank estimated the annual volume of transactions of Russians with digital assets at $5 billion.


QNAP : New Crypto-Miner Targeting the NAS Devices

 

A new variant of crypto-mining malware is affecting QNAP's network-attached storage (NAS) devices, as per a new security advisory posted by the Taiwanese hardware firm QNAP. 

The firm did not reveal how the devices were infected, but it did state that once the malware had established a grip on affected systems, it would build a process called [oom reaper] that would consume about 50% of the CPU's entire use. 

QNAP stated, “This process mimics a kernel process but its PID is usually greater than 1000.” 

While the infections are being examined, QNAP advised customers to protect themselves by updating their devices' operating systems (known as QTS or QuTS) and all QNAP add-on software. Furthermore, the business advised users to change all of their NAS account passwords because it was unclear whether the attackers leveraged a vulnerability or just brute-forced an internet-connected device that used a weak password. 

QNAP advised customers to reboot their devices and download and install the company's "Malware Remover" tool from the device's built-in App Center to eliminate the infection. The company's advisory provides step-by-step instructions on how to complete all three procedures above. 

Malware attacks on QNAP systems in the past 

However, in retrospect, the Taiwanese corporation is being utilized by malware gangs to attack its devices. Ransomware strains such as Muhstik, Qlocker, eCh0raix, and AgeLocker have all targeted QNAP devices in recent years, with hackers obtaining access to client NAS systems, encrypting data, and then demanding minor ransom payments. 

Crypto-mining malware has been uncommon, however, it has been seen in the past. QNAP NAS devices were targeted by the Dovecat crypto-mining malware in late 2020 and early 2021, which exploited weak passwords to gain access to QNAP systems. In 2019 and 2020, the QSnatch malware targeted the company's NAS devices, infecting roughly 62,000 systems by mid-June 2020, as per CISA and the UK NCSC. 

QSnatch did not have crypto-mining functionality, but it did have an SSH password stealer and exfiltration capabilities, which were the primary reasons that national cybersecurity agencies in the United States, the United Kingdom, Finland, and Germany became involved and issued national alerts about the botnet's operations.

Tor2mine Crypto Miner Evolves to be a More Dangerous Threat

 

As cryptocurrencies have grown in popularity among netizens, cryptocurrency mining campaigns have taken center stage in the threat landscape. Crypto mining campaigns have proven to be financially rewarding for cybercriminals, thus they continue to develop new TTPs and malware strains. Sophos discovered that one such miner variant has resurfaced, only stronger. 

Tor2Mine is a Monero miner that has been operating since at least 2019 and is capable of utilizing huge networks of worker devices. Most of these miners carry out these campaigns against Monero. The altcoin appeals to hackers due to its private and untraceable nature. It employs Microsoft's PowerShell scripting language to disable pre-existing malware security on a server and execute a miner payload, which is a stealthy malware designed to farm system resources. 

Tor2Mine also collects Windows credentials, which it uses to distribute and re-infect other PCs on the compromised network. Other systems are not protected if it is not totally removed. Sophos also reported that, while there was a surge in Tor2Mine infections in early 2021, the fall has been accompanied by the development of new variants. These are most likely the result of minor changes made by separate sets of operators or by the same actors between campaigns.

The presence of miners in a network implies the possibility of more potentially harmful intrusions. Furthermore, Tor2Mine appears to be more aggressive than its competitors. Once it has established persistence, it can only be eliminated using endpoint protection and other anti-malware software. Tor2Mine would continue infecting systems even if the C2 server went down due to its lateral movement feature. 

With the spread of cryptocurrency enthusiasm, illicit mining has become a well-established method of obtaining digital assets illegally. According to a new Google cyber security report, 86% of compromised Google Cloud accounts are used for illegal cryptocurrency mining, as well as monitoring and assaulting other prospective targets. 

Interestingly, according to a June research by Kaspersky, crypto-jacking has declined from its peak in 2017-18 during the initial crypto-boom. The total number of users who encountered miners on their devices, on the other hand, grew to 200,045 in March from 187,746 in the first quarter of this year. 

According to Sophos, firms that quickly fix vulnerabilities on internet-facing systems are less likely to be targeted by crypto miners. As threats evolve, it is critical for enterprises to stay ahead of the game by deploying strong cybersecurity protections.