Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label cryptocurrency. Show all posts
VPN
Bitcoin BTC Chivo Wallet Code Leak cryptocurrency Cyberattacks CyberCrime Cybersecurity El Salvador Privacy Security Breach Technical Breach VPN

Cryptocurrency Chaos: El Salvador's Bitcoin Wallet Code Leaked, Privacy at Risk

 


There was a security breach with El Salvador's state Bitcoin wallet, Chivo, after hackers from the group CiberInteligenciaSV leaked a part of its source code to a hacking forum. In the earlier leak of personal data belonging to nearly all of El Salvador's adults, the code from Chivo Wallet ATMs as well as VPN credentials had been exposed. According to the wallet administration, there has been no compromise with the security of the wallet's data. 

Chivo Wallet had several challenges since it was revealed that it would be the official Bitcoin storage tool after its launch, so this event has become another blight on the Chivo Wallet. President Nayib Bukele set Bitcoin (BTC) as legal tender in El Salvador in 2021 to make digital payments more convenient. However, security breaches and technical issues have made the adoption of Bitcoin (BTC) difficult. 

The Chivo Wallet has been criticized by consumers for its slow operation, app crashes, vulnerabilities to exploitation, and lack of official backing, despite its official backing. The Chivo Wallet company has responded to allegations that it was linked to a data breach in which over 5 million Salvadorans' personal information was allegedly exposed. 

In addition to full names, unique identifiers, dates of birth, addresses, phone numbers, emails, and photographs, all of this data was leaked. The data had been rumoured to be related to the KYC processes that the Salvadoran government required its citizens to complete before they could be offered incentives, such as $30 in Bitcoin at the wallet’s launch, by the Salvadoran government. 

On April 6, the hacker group CiberInteligenciaSV compromised 5.1 million Salvadoran data. Recently, the same hackers leaked the source code for Chivo Wallet and the VPN credentials for the ATM network. The Chuvo Bitcoin wallet, backed by the government, has caused controversy among peer-to-peer money enthusiasts and crypto punks alike for its custodial status. 

In a press release published on X (formerly Twitter) on April 24, the company commented on the matter, describing it as “fake news.” Furthermore, a group of individuals from the Salvadoran community who downloaded the wallet have released over 144 GB of data containing their personal information. Even though it was available for purchase on various channels since August, it was only leaked for download on April 5. 

This data includes a user's full name, unique identifier, date of birth, address, and a high-definition picture of their face, as well as their full name, unique identifier, and date of birth. Also included in this week's leaked information was the file Codigo.rar, which contained information on El Salvador's Chivo ATM network, including the code and VPN credentials for the network.

Government officials have yet to come out with a formal statement regarding either of the hacks that took place this month. As a result of the leak of the code and VPN details of the source, the Chivo wallet system is at risk of being compromised, making hackers able to gain access to users' accounts or control them unauthorizedly. 

The particularity of the data exposed previously affects almost the entire adult population of El Salvador, which makes them fear identity theft and fraud as a result of the exposure of personal data previously exposed. In light of these breaches, security experts advise users to be vigilant and to monitor their accounts for any suspicious behaviour if they see anything strange. 

El Salvador is a country where incompetence is prevalent and there is a good chance that this will have a significant impact on the financial ecosystem as well, as trust in the government's digital solutions might wane as a result. In the beginning, the Chivo software was plagued with numerous software bugs and technical glitches as users reported numerous problems with the software. 

Despite the President's promise to give them $30 for downloading the Chivo wallet, some people were not able to withdraw money from Chivo because some had trouble getting it. The Salvadoran government announced last year that over 100 ATMs across the country will be equipped with lightning network technology in Q4 2024. 

Over 100 ATMs across the country will be equipped with this technology. In theory, this technology could allow Salvadorians to withdraw and deposit Bitcoins in an easier and faster manner with a lower fee. It was reported in October by a Salvadoran newspaper that only about 2% of the Salvadoran population was making remittance payments through the wallet, which had been its main selling point for a long time. 

It has yet to be decided whether or not the Salvadoran government will declare a policy on this issue or formally address the issue. The state of El Salvador has become the first in the world to adopt Bitcoin as a legal tender in 2021, promoting the Chivo wallet as one of the official mediums used to engage with Bitcoin by its citizens. 

The fact that these security issues exist in addition to the absence of communication from the authorities leaves the Salvadorans with an uncomfortable sense of uncertainty as to whether or not their personal information is safe and if this digital wallet offered by the state is reliable.
Read more »
Threat Researchers
Cheat cryptocurrency Cyberattacks CyberCrime Cyberthreats GitHub Info-stealing JIT malware McAfee Passwords Threat Researchers

Information Stealer Malware Preys on Gamers via Deceptive Cheat Code Baits

 


There is a new info-stealing malware that appears as a cheat on a game called Cheat Lab, and it promises downloaders that if they convince their friends to download it too, they will receive a free copy. It is possible to harvest sensitive information from infected computers by using Redline malware, including passwords, cookies, autofill information, and cryptocurrency wallet information, which is one of the most powerful information-stealing malware programs. 

As a result of the malware's popularity among cybercriminals and its widespread distribution channels, it has become widespread. According to McAfee threat researchers, the new malware leverages Lua bytecode to evade detection. This makes it possible to inject malicious code into legitimate processes for stealth, while also benefiting from Just-In-Time compilations (JIT). 

Using a command and control server associated with the malware, the researchers link this variant to Redline, which has been linked to the malware for a long time. The tests BleepingComputer conducted revealed that the malware does not exhibit the typical behaviour associated with Redline, such as stealing browser information, saving passwords, and stealing cookies. 

Through a URL linked to Microsoft's 'vcpkg' GitHub repository, the malicious Redline payloads resemble demonstrations of cheating tools named "Cheat Lab" and "Cheater Pro". When the malware is executed, it unpacks two files, compiler.exe and lua51.dll, once the MSI installer is installed.  The malicious Lua bytecode is also dropped in a file called 'readme.txt'. 

The campaign uses an interesting lure to spread the malware even further by telling victims that if they convince their friends to install the cheating program, they will receive a free, fully licensed copy of the cheating program. As an added layer of legitimacy, the malware payload is distributed in the form of an uncompiled bytecode rather than an executable to avoid detection. 

To make sure that the malware is not detected, it comes in the form of an activation key included. Upon installation of the compiler.exe program, Lua bytecode is compiled and executed by it, and it also creates scheduled tasks that execute during system startup when the program is installed. The same executable also sets up persistence by creating scheduled tasks. 

McAfee reports that a fallback mechanism is used by the malware to persist the three files, copying them to a long random path under the program directory that the malware is active on the infected system, it will communicate with a C2 server and send screenshots and system information to the server, then wait for commands to be executed by the server on the host system. 

Even though it is unknown exactly how information thieves first infect computers, they are typically spread through malvertising, YouTube video descriptions, P2P downloads, and deceptive software download sites that can lead to infection. The Redline virus is a highly dangerous one, which is why users are urged not to use unsigned executables or download files from unreliable websites. 

As a result of this atta seemingly trustworthy programs, such as those found on Microsoft's GitHub, are at risk of infection by the Even though BleepingComputer contacted Microsoft about the executables that were distributed via its GitHub URLs, the company had not respond to the publication date.
Read more »
North Korea Hackers
Crypto Hacking cryptocurrency cryptocurrency theft Cyber Security Finance North Korea Hackers

The Week of Crypto Platform Breaches: Prisma Finance Incident Highlights

 

The past week witnessed a series of bewildering events in the realm of cryptocurrency, marked by breaches on two prominent platforms that left the crypto community grappling with perplexing motives and unexpected outcomes. 

The first incident unfolded on Tuesday evening when the Munchables blockchain-based game fell victim to an attack, resulting in the theft of approximately $62 million worth of cryptocurrency. Initial speculation pointed towards North Korea-linked hackers, given the country's history of targeting cryptocurrency platforms for financial gain. However, the situation took an unexpected turn when the alleged perpetrator voluntarily returned the stolen funds without any ransom demands. 

In a surprising twist, Munchables shared that the individual behind the attack had relinquished access to the private keys containing the stolen funds, expressing gratitude for their cooperation. Despite this resolution, questions lingered about the circumstances surrounding the incident, including the attacker's identity and motives, prompting calls for enhanced security measures within the crypto community. Shortly thereafter, another breach occurred on Thursday evening, this time affecting Prisma Finance, a popular decentralized finance (DeFi) platform, which suffered a loss of approximately $11.6 million. 

However, the aftermath of this breach was marked by cryptic messages from the hacker, who claimed the attack was a "white hat" endeavour aimed at highlighting vulnerabilities in the platform's smart contracts. The hacker, whose identity remained undisclosed, reached out to Prisma Finance seeking to return the stolen funds and engaging in a discourse about smart contract auditing and developer responsibilities. 

Despite the hacker's apparent altruistic intentions, the incident underscored the importance of rigorous security measures and comprehensive audits in the DeFi space. Prisma Finance later released a post-mortem report detailing the flash loan attack that led to the breach, shedding light on the exploitation of vulnerabilities in the platform. The report emphasized ongoing efforts to investigate the incident and ensure the safety of users' funds, highlighting the collaborative nature of the crypto community in addressing security breaches. 

These breaches come against the backdrop of heightened scrutiny of cyberattacks on cryptocurrency platforms, with a recent United Nations report identifying North Korean hackers as key perpetrators. The report highlighted a staggering $3 billion in illicit gains attributed to North Korean cyberattacks over a six-year period, underscoring the persistent threat posed by state-sponsored hackers in the crypto space. 

As the investigation into these breaches continues, the crypto community remains vigilant, emphasizing the importance of robust security measures and proactive collaboration to safeguard against future threats. While the motives behind these breaches may remain shrouded in mystery, the incidents serve as a stark reminder of the ever-present risks associated with digital assets and the imperative of maintaining heightened security protocols in the evolving landscape of cryptocurrency.
Read more »
ransomware attacks
cryptocurrency cryptocurrency scam Cyber Crime FBI Identity Fraud ransomware attacks

FBI Reports Surge in Cryptocurrency Scams, Highlighting Growing Threat of Confidence Scams

 

The FBI has recently brought attention to a concerning trend in cybercrime: the rise of cryptocurrency scams, particularly through romance and confidence schemes, which have outpaced ransomware attacks in terms of financial losses. According to the FBI's data, individuals fell victim to cryptocurrency scams amounting to a staggering $4.57 billion in 2023, marking a significant 38% increase compared to the previous year's losses of $3.31 billion. 

These scams typically unfold over a period of several weeks, with fraudsters assuming false identities, often posing as attractive individuals, to establish relationships with their targets. As the relationship progresses, the scammers introduce the idea of joint cryptocurrency investments, recommending fake platforms or apps under their control. Victims are manipulated into making substantial investments, with the scammers fabricating gains to maintain the illusion of profitability. 

When victims attempt to withdraw their funds, the fraudsters employ various tactics, including impersonating customer support representatives and demanding additional fees, resulting in further financial losses for the victims. In contrast, ransomware attacks, a prevalent form of cyber extortion, generated comparatively minor losses of $59.6 million. 

However, the FBI acknowledges that this figure may not fully reflect the true extent of ransomware-related losses, as it fails to account for indirect costs such as business downtime. Moreover, the reported losses only encompass ransomware incidents reported to the Internet Crime Complaint Center (IC3), suggesting that the actual financial impact of ransomware attacks could be significantly higher. The discrepancy in reported losses between cryptocurrency scams and ransomware attacks underscores the evolving landscape of cyber threats and the shifting tactics employed by cybercriminals. 

While ransomware attacks continue to pose a significant threat to businesses and organizations, the surge in cryptocurrency scams highlights the effectiveness of social engineering techniques in deceiving individuals and extracting substantial sums of money. To combat these threats effectively, individuals and businesses must remain vigilant and exercise caution when engaging in online interactions. It is essential to verify the authenticity of investment opportunities and platforms, especially those related to cryptocurrencies, and to refrain from disclosing sensitive information or transferring funds without proper verification. 

Additionally, organizations should implement robust cybersecurity measures, including regular employee training and the deployment of advanced threat detection technologies, to mitigate the risk of falling victim to cyber scams and attacks. As cybercriminals continue to exploit vulnerabilities and devise increasingly sophisticated schemes, collaboration between law enforcement agencies, cybersecurity professionals, and the public is crucial in combating cybercrime and safeguarding against financial losses and data breaches. By raising awareness of emerging threats and adopting proactive security measures, individuals and organizations can better protect themselves against the pervasive threat of cybercrime in today's digital landscape.
Read more »
Technology
Bitcoin cryptocurrency CyberCrime Digital Money Finance Sector Technology

Is Bitcoin Changing? Big Shifts and What It Means for Us

 


On the financial front, traditional powerhouses like Grayscale, BlackRock, and Fidelity are diving into Bitcoin, earning them the moniker 'Bitcoin whales.' These heavyweights are injecting billions into the digital currency, holding a sizable chunk of the finite 21 million bitcoins available.

Out of the 19 million bitcoins currently in circulation, an estimated 3.5 million are lost, either due to forgotten digital wallet details or lingering criminal proceeds. Concerns arise over the 2.3 million bitcoins held by cryptocurrency exchanges, acting as crypto-banks, sparking debates about reliance on centralised systems.

Adding to the mystery are 'unknown whales,' individuals or entities owning over 10,000 bitcoins, accounting for roughly 8% of the total. The remaining 7% of bitcoins are yet to be mined, with the last one expected in 2140. Meanwhile, Satoshi Nakamoto, Bitcoin's enigmatic creator, sits on an estimated 1.1 million bitcoins, securing a spot among the world's wealthiest.

Regulated investment firms, given the green light by US financial authorities, are now in the game. Grayscale, BlackRock, and Fidelity collectively hold about 4.5% of all bitcoins, signalling a significant shift.

Law enforcement's involvement introduces another layer, with nearly 200,000 bitcoins awaiting auction from cyber-crime seizures. MicroStrategy and Tether emerge as noteworthy Bitcoin holders, with MicroStrategy leading as the single largest organisation owner, holding around 193,000 Bitcoins. Tether, recognized for its stablecoin, claims an estimated 67,000 bitcoins.

Publicly listed Bitcoin miners, including Marathon and Hut8, contribute significantly, holding around 40,000 bitcoins collectively. Well-known investors like the Winklevoss Twins, Tim Draper, and companies like Tesla and Block add further diversity to the landscape.

Approximately 10.5 million bitcoins are believed to be held by the general public, constituting roughly 50% of the existing supply. However, the actual number of individual Bitcoin owners remains a mystery.

Interestingly, the recent surge in Bitcoin's value is credited not to individual retail investors but to Bitcoin whales, including major banks. Analysts suggest that these influential entities are steering both the price and demand, reshaping the once peer-to-peer digital cash dynamics.

As big financial players gather more and more bitcoins, it's making us rethink what Bitcoin was supposed to be. Originally, it was all about being decentralised and not controlled by big institutions. Now, with these financial giants holding a lot of bitcoins, we're wondering where Bitcoin is headed and if it's staying true to its roots. The world of cryptocurrency is changing, and it's not just affecting digital money – it's making waves in a much bigger way.


Read more »
Twitter
bankruptcy cryptocurrency Cyber Security Earn Program Gemini Twitter

Winklevoss Crypto Firm Gemini to Return $1.1B to Customers in Failed "Earn" Scheme

‘Earn’ product fiasco

Gemini to return money

As part of a settlement with regulators on Wednesday, the cryptocurrency company Gemini, owned by the Winklevoss twins, agreed to repay at least $1.1 billion to consumers of its failed "Earn" loan scheme and pay a $37 million fine for "significant" compliance violations.

The New York State Department of Financial Services claims that Gemini, which the twins started following their well-known argument with Mark Zuckerberg over who developed Facebook, neglected to "fully vet or sufficiently monitor" Genesis, Gemini Earn's now-bankrupt lending partner.

What is the Earn Program?

The Earn program, which promised users up to 8% income on their cryptocurrency deposits, was canceled in November 2022 when Genesis was unable to pay withdrawals due to the fall of infamous scammer Sam Bankman-Fried's FTX enterprise.

Since then, almost 30,000 residents of New York and over 200,000 other Earn users have lost access to their money.

Gemini "engaged in unsafe and unsound practices that ultimately threatened the financial health of the company," according to the state regulator.

NYSDFS Superintendent Adrienne Harris claimed in a statement that "Gemini failed to conduct due diligence on an unregulated third party, later accused of massive fraud, harming Earn customers who were suddenly unable to access their assets after Genesis Global Capital experienced a financial meltdown." 

Customers win lawsuit

Customers of Earn, who are entitled to the assets they committed to Gemini, have won with today's settlement.

“Collecting hundreds of millions of dollars in fees from Gemini customers that otherwise could have gone to Gemini, substantially weakening Gemini’s financial condition,” was the unregulated affiliate that dubbed Gemini Liquidity during the crisis.

Although it did not provide any details, the regulator added that it "further identified various management and compliance deficiencies."

Gemini also consented to pay $40 million to Genesis' bankruptcy proceedings as part of the settlement, for the benefit of Earn customers.

"If the company does not fulfill its obligation to return at least $1.1 billion to Earn customers after the resolution of the [Genesis] bankruptcy," the NYSDFS stated that it "has the right to bring further action against Gemini."

Gemini announced that the settlement would "result in all Earn users receiving 100% of their digital assets back in kind" during the following 12 months in a long statement that was posted on X.

The business further stated that final documentation is required for the settlement and that it may take up to two months for the bankruptcy court to approve it.

The New York Department of Financial Services (DFS) was credited by Gemini with helping to reach a settlement that gives Earn users a coin-for-coin recovery.

More about the lawsuit

Attorney General Letitia James of New York filed a lawsuit against Genesis and Gemini in October, accusing them of defrauding Earn consumers out of their money and labeling them as "bad actors."

James tripled the purported scope of the lawsuit earlier this month. The complaint was submitted a few weeks after The Post revealed that, on August 9, 2022, well in advance of Genesis's bankruptcy, Gemini had surreptitiously taken $282 million in cryptocurrency from the company.

Subsequently, the twins stated that the change was made to the advantage of the patrons.

The brothers' actions, however, infuriated Earn customers, with one disgruntled investor telling The Post that "there's no good way that Gemini can spin this."

In a different lawsuit, the SEC is suing Gemini and Genesis because the Earn program was an unregistered security.

The collapse of Earn was a significant blow to the Winklevoss twins' hopes of becoming a dominant force in the industry.

Gemini had built its brand on the idea that it was a reliable player in the wild, mostly uncontrolled cryptocurrency market.

Read more »
Phishing Attacks
Android Apple cryptocurrency Cyberattacks CyberCrime Cybersecurity Data Breach Threat FCC iOS Phishing Attacks

Sophisticated Phishing Tactics Unveiled in Targeted FCC Cybersecurity Breach

 


Several phishing campaigns targeting employees of cryptocurrency platforms such as Binance and Coinbase and the Federal Communications Commission (FCC) have been discovered, including one dubbed CryptoChameleon, which targets cryptocurrency platforms and employees. Based on an analysis from Lookout, the victims of this attack primarily use Apple iOS and Google Android devices with SSO solutions, such as Okta, Outlook, and Google, with their Apple and Google accounts with single sign-on. 

Several days ago, Lookout, a company focused on cloud security, announced that it had discovered an "advanced phishing kit" that targeted cryptocurrency exchanges, revealing techniques similar to what was expected. The phishing kit, which has been dubbed CryptoChameleon, can also be used to cheat the Federal Communications Commission (FCC) by using mobile devices. 

Most of the intended targets are crypto traders, single sign-on (SSO) services in the U.S., Binance staff, and Coinbase employees, with a small minority being Bitcoin traders and SSO service users. The kit seeks to trick victims into sharing sensitive information, including usernames, passwords, password reset URLs, and photo IDs, by sending carbon copies of SSO pages, phishing emails, SMS messages, and call-in scams via email, SMS, and voice mail, mainly aimed at US users.  

A suspicious new domain registration for the domain fcc-oktacom led researchers to discover a suspicious phishing kit. Cryptocurrency platforms and SSO services, including Coinbase, are most commonly targeted by this phishing kit, which is capable of impersonating a variety of company brands, with Coinbase being the most frequently targeted service.

Other websites were using the kit, and the majority of these websites used a subdomain of official-servercom as their C2 instead of their main domain. A recent blog post by Lookout states that the attack has been successful in phishing over a hundred people, many of whom remain active today. It is noteworthy that the C2 server URL, the client-side logic, and the style sheets were included in the kit. 

Most cybercriminals host their sites on RetnNet hosting. To prevent automated analysis tools from identifying the site, victims must first complete a captcha, known as hCaptcha, which provides the site with credibility. It appears CryptoChameleon is replicating the fashions used by Scattered Spider, specifically through its impersonation of Okta and the use of domain names previously assumed to be associated with the organization by Lookout. 

It is important to remember that the phishing kit has significantly different capabilities and C2 infrastructure than the phishing kit, even though the URL and spoofed pages look similar to what Scattered Spider might create. It is common for threat actors to copy one another's tactics and procedures when the tactic or procedure has been so publicized that it has become widely accepted. 

Furthermore, it remains unclear if this is the work of a single threat actor or a tool that is being used by many different groups at the same time. This is what has made the threat actors so successful in stealing high-quality data, according to Lookout, as high-quality phishing URLs, login pages that perfectly match the look and feel of legitimate websites, a sense of urgency, and consistent communication via SMS and voice calls have enabled them to steal data so efficiently. 

As soon as the attackers get access to the victim, they use their credentials to log in, and based on information that has been provided by the MFA service, they direct them to the appropriate page.  In addition to employees of the Federal Communications Commission (FCC), this phishing kit targets cryptocurrency users of Binance, Coinbase, and various other platforms that provide cryptocurrency services like Binance, Coinbase, Gemini, Kraken, ShakePay, Caleb & Brown, and Trezor. 

There have been over 100 successful phishing attacks on victims so far. As a result, automated analysis tools are not able to flag the sites because the fake login screen is displayed only after the victim completes a CAPTCHA test using hCaptcha, thus preventing them from being flagged. 

By mimicking a company's customer service team with the pretence that it is protecting a person's account after a purported hack, these pages can be distributed via unsolicited phone calls and text messages. As a result, the victim's phone number and the choice of six- or seven-digit code can be customized on the phishing page. 

Cryptocurrency platforms and Single Sign-On services are the most frequently targeted services by phishing kits that impersonate various company brands, with Coinbase being the most commonly targeted.  

Further, victims are also lured through phone calls, emails, and text messages, when phishing emails are disguised as legitimate messages from cryptocurrency platforms or the Federal Communications Commission (FCC) with malicious links, while SMS messages are disguised as legitimate notifications from cryptocurrency platforms or the FCC. 

Lookout customers have been protected against these phishing sites since the beginning of January 2024 due to the similarity of infrastructure and the similarity of previous attacks.
Read more »
user data security
cryptocurrency Dark Web Data Breach Identity Theft Information Security user data security

Binance Data Breach Sparks Concerns: Dark Web Sale Rumors Surface

 

In a surprising development, cryptocurrency giant Binance finds itself facing the looming threat of a potential data breach, as claims circulate on the dark web suggesting the sale of sensitive user information. This occurrence has sent shockwaves throughout the cryptocurrency community, prompting apprehension about the security of one of the world's leading digital currency exchanges. 

Renowned for its extensive selection of digital assets and user-friendly interface, Binance has not been impervious to the escalating menace of cyberattacks targeting the cryptocurrency sector. Reports indicate that an individual or a group of hackers is asserting possession of a significant amount of user data from Binance, purportedly offering it for sale on the dark web. 

The alleged data breach has cast a spotlight on Binance's security infrastructure, compelling the company to initiate a comprehensive investigation to verify the authenticity of the claims. Users anxiously await official statements from the exchange detailing the extent of the breach, identifying potential vulnerabilities, and outlining measures taken to mitigate the repercussions. 

Should the dark web sale prove to be true, it could expose sensitive information, including user account credentials, email addresses, and other personally identifiable details. This not only raises concerns about individual privacy but also the potential exploitation of this data for illicit activities, such as phishing attempts and identity theft. 

Despite Binance's proactive approach to security, incorporating measures such as two-factor authentication and cold wallet storage, the dynamic nature of cyber threats poses an ongoing challenge for even the most robust security protocols. 

Users are strongly advised to exercise vigilance and adopt precautionary measures, including password updates, enabling two-factor authentication, and regular monitoring of their accounts for any signs of suspicious activity. Binance has reassured users that it is treating the situation seriously and is diligently working to validate the extent of the alleged data breach. 

This potential breach at Binance also prompts broader inquiries into the overall security stance of cryptocurrency exchanges. As the digital asset landscape continues to expand, the imperative to secure user data and assets becomes increasingly paramount. Regulatory bodies and industry stakeholders are expected to scrutinize such incidents, emphasizing the necessity for stringent cybersecurity measures across the cryptocurrency ecosystem. 

In summary, the potential data breach at Binance and the accompanying dark web sale claims underscore the persistent challenges confronting cryptocurrency exchanges in safeguarding user information. This incident serves as a poignant reminder for users to prioritize security best practices, while exchanges must continually reassess and fortify their cybersecurity measures to counter evolving cyber threats. The cryptocurrency community awaits further updates from Binance regarding the investigation and any actions taken to address this disconcerting situation.
Read more »
Mexican banks
AllaKore RAT BlackBerry Research and Intelligence Team C2 Server Crypto Platform cryptocurrency Financial Fraud IMSS malware Mexican banks

AllaKore RAT: Malware Target Mexican Banks and Crypto Platforms


Mexican financial institutions are suffering attacks by a new spear-phishing campaign, spreading a modified version of an open-source remote access trojan named ‘AllaKore RAT’.

The activity was attributed by the BlackBerry Research and Intelligence Team to an unidentified financially motivated threat actor operating in Latin America. The campaign has been active since 2021, at least.

"Lures use Mexican Social Security Institute (IMSS) naming schemas and links to legitimate, benign documents during the installation process," the Canadian company said in an analysis published earlier this week. "The AllaKore RAT payload is heavily modified to allow the threat actors to send stolen banking credentials and unique authentication information back to a command-and-control (C2) server for the purposes of financial fraud."

The attacks are specifically intended to target big businesses with annual sales of more than $100 million. Retail, agriculture, the public sector, manufacturing, transportation, commercial services, capital goods, and banking are among the industries targeted.

The attack begins with a ZIP file that is either distributed through phishing emails or a drive-by compromise. This file contains an MSI installer file that launches a.NET downloader, which verifies the victim's geolocation in Mexico and retrieves the modified AllaKore RAT, a Delphi-based RAT that was first discovered in 2015.

"AllaKore RAT, although somewhat basic, has the potent capability to keylog, screen capture, upload/download files, and even take remote control of the victim's machine," BlackBerry said.

An additional feature added to the malware comprises support for commands from the threat actors regarding banking frauds, targeting banks and crypto trading platforms, launching a reverse shell, extracting clipboard content, and fetching and executing additional payloads.

The campaign's use of Mexico Starlink IPs and the insertion of Spanish-language instructions to the modified RAT payload provide the threat actor with ties to Latin America. Moreover, the lures used are only effective for businesses big enough to submit reports directly to the Department of the Mexican Social Security Institute (IMSS).

"This threat actor has been persistently targeting Mexican entities for the purposes of financial gain[…]This activity has continued for over two years, and shows no signs of stopping," the company stated.

This research comes with a report by IOActive, revealing it has discovered three vulnerabilities (CVE-2024-0175, CVE-2024-0176, and CVE-2024-0177) in the Lamassu Douro bitcoin ATMs that might provide physical access to an attacker the ability to take complete control of the machines and steal user data.  

Read more »
Cybersecurity
Bitcoin cryptocurrency Cyber Attacks CyberCrime Cyberhackers Cybersecurity

Crypto Enthusiasts Embrace New Frontier: Investing in Bitcoin ETFs Explained

 


This was the first time the Securities and Exchange Commission approved an exchange-traded fund that contained bitcoin, but the Commission stressed that its decision does not mean it endorses or approves Bitcoin, but that it remains deeply sceptical about cryptocurrencies. 

Despite a deadline for just one application, the SEC stated that it had given the green light to 11 exchange-traded funds for Bitcoin. The agency said that this would provide a level playing field and competitiveness for all. 

As part of its approval process, the government has approved spot Bitcoin exchange-traded funds (ETFs), which can be bought by pension funds and ordinary investors. In the wake of the announcement by the head of the Securities and Exchange Commission, cryptocurrency fans reacted with glee - and memes about becoming rich. 

However, the warning was tempered by an explanation of the risks associated with the asset. A previous attempt for approval by the US financial watchdog had been repeatedly rebuffed due to concerns about potential fraud and manipulation, as well as the lack of any transparency. ETFs are an excellent way to invest in something or a group of things, like gold or junk bonds, without actually owning those items themselves.

The ETFs trade much like stocks, which allows them to be purchased and sold throughout the day, as opposed to traditional mutual funds. Since Bitcoin was launched, anyone who wanted one had to purchase it. That means either that one would have to learn about cold wallets or that one would have to open an account on a crypto-trading platform like Coinbase or Binance, which is not an easy task to learn about. 

Many new investors who are not inclined to go through all the extra steps to invest in Bitcoin could benefit from a spot Bitcoin ETF. In anticipation of the SEC approval, Bitcoin prices have soared, with the price trading at $45,280 on Wednesday, up from around $27,000 at the beginning of the month. 

A crypto exchange called FTX filed for bankruptcy in November 2022, resulting in a price drop of $16,000 in November 2022. A major concern of investors who are considering buying an ETF in this area is the volatility of bitcoin's price. 

Even though Bitcoin has not caught on as a replacement for fiat currency in November 2021, it soared to nearly $68,000 in November. The bitcoin price dropped below $20,000 one year after investors retreated from riskier assets and several company scandals eroded confidence in the crypto market.

Although regulators and law enforcement are cracking down on some bad actors in the crypto industry, such as Sam Bankman-Fried of FTX, the industry still feels like it is a Wild West. During this week's hack on the SEC's X account, in which a fake tweet claimed ETFs were approved, prices skyrocketed and raised questions about the SEC's ability to protect itself from scammers manipulating the market and whether they would be able to stop them. 

ETFs linked to Bitcoin can change in price rapidly and without warning or explanation, so investors will have to weigh that up before purchasing a digital coin ETF. But ETFs are generally sold as high-risk, high-reward products anyway. In addition, there is also the possibility of cybercrime which has taken place in the past few years. 

Almost every crypto company has been wiped out of the cash market overnight as a result of huge and costly attacks on bitcoins and other cryptocurrencies. When Blackrock, for instance, becomes a major Bitcoin holder, their cyber-security will be tested in ways they are not accustomed to due to the complexity of the blockchain. 

In addition to the negative environmental impact, there is also a cost associated with it. It is no secret that the Bitcoin blockchain relies on thousands of powerful computers all around the world to process transactions and create coins. It is expected that the use of renewable energy will increase going forward, but it remains to be seen how investment companies will process the potential costs associated with Bitcoin against buyers concerned about compliance with environmental, social, and corporate governance (ESG) regulations.
Read more »
TechCrunch
Crypto Hack cryptocurrency Cyber Security DeFi Hackers TechCrunch

Hackers Stole Cryptocurrency Worth $2 Billion in Year 2023


For another year, crypto-stealing cases made headlines. However, as per crypto security firms, this was the first time since 2020, that the trend has been declining. 

Based on dozens of cyberattacks and thefts this year, hackers stole over $2 billion in cryptocurrency, according to De.FI, the web3 security company that manages the REKT database. 

The site ranks the worst-ever crypto hacks, ranging from the Ronin network breach in 2022—the largest event in history—where hackers took over $600 million in cryptocurrency—to this year's hack against Mixin Network, which brought in almost $200 million for the criminals.

DeFi, in its report, wrote, “This amount, though dispersed across various incidents, underscores the persistent vulnerabilities and challenges within the DeFi ecosystem[…]2023 stood as a testament to both the ongoing vulnerabilities and the strides made in addressing them, even as interest in the space was relatively muted by the ongoing bear market in the first half of the year.”

In an estimate, published by blockchain intelligence firm TRM, the total amount of cryptocurrency that hackers have stolen this year was also made public earlier in December. As of mid-December, the business reported that the total amounted to around $1.7 billion.

Among the other crypto thefts conducted this year, one of the worst ones was a hack against Euler Fianance, where threat actors stole $200 million. Other notable hacks include those against Multichain ($126 million), BonqDAO ($120 million), Poloniex ($114 million), and Atomic Wallet ($100 million), among hundreds of other targets.

Last year, blockchain monitoring firm Chainalysis reported that cybercriminals purloined a record-breaking $3.8 billion in cryptocurrency. Of those, the Lazarus Group, a group of North Korean government hackers who are among the most active in the cryptocurrency space, took $1.7 billion in an attempt to finance the regime's authorized nuclear weapons program.

In 2021, Chainalysis reported hacks that compromised crypto worth $3.3 billion.

It is rather not possible to predict what the figures will be in 2024, but given the failures witnessed in cyber security by several crypto and web3 initiatives, as well as the significant financial potential of both sectors—discussed at TechCrunch Disrupt earlier this year—we should anticipate that hackers will continue to target this expanding market.  

Read more »
Trojan
Bandook Malware cryptocurrency Cyber Attacks CyberCrime Cybersecurity RAT Trojan

Unveiling 'Bandook': A Threat that Adapts and Persists

 


The Bandook malware family, which was thought to be extinct, is back and may be part of a larger operation intended to sell offensive hacking tools to governments and cybercriminal groups to attack them. Several recent research papers have been released by Check Point Research, which indicate that Bandook is regaining popularity across a wide range of targeted sectors and locations despite being a 13-year-old bank, Trojan. 

It has been observed that dozens of variants of the malware have been used in attacks in the United States, Singapore, Cyprus, Chile, Italy, Turkey, Switzerland, Indonesia and Germany over the past year in attacks against organizations. Government, finance, energy, food, healthcare, education, IT, and legal are some of the sectors targeted by the software. 

In 2007, Bandook malware was discovered as a remote access trojan (RAT) that has been active for several years. It has been reported that Bandook malware has evolved into a new variant that injects its payload into msinfo32.exe to distribute the malware and allow remote attackers to take control of the system if it is infected. As a result, this remote access trojan poses a significant threat to users privacy, as it is capable of performing various tasks allowing cybercriminals to gather various types of personal data. 

Therefore, my recommendation would be to avoid installing it if people are gaming their system and its usage can lead to several problems. Originally developed as a commercial RAT written in both Delphi and C++, Bandook RAT eventually evolved into several variants over the years, and this malware became available for download from the internet. Formerly a commercial RAT, Bandook was originally developed by a Lebanese named Prince Ali as a commercial RAT. 

It is common for remote access trojans to be used to remotely manage infected computers, without the consent of the users. In addition to keylogging, audio capture (microphone) and video capture (webcam), screenshot capture and uploading to a remote server, and running various command shell programs, this malware is capable of performing a variety of malicious activities. 

Cybercriminals could take advantage of this situation to gain access to personal accounts (for example, social networks, emails, banks, etc.). To gain as much revenue as possible, these people will use hijacked accounts for various purposes such as online purchases, money transfers, asking the victim's friends to lend them money, etc. Consequently, they are likely to make misuse of hijacked accounts. 

Moreover, thieves can use hijacked accounts to spread malware, sending malicious files and links to all contacts in the account. They can also utilize Bandook to launch several Windows shell commands, which could result in a significant loss of savings and debt. A Trojan horse is often used to spread infections, such as ransomware and crypto miners since they can modify system settings as well as download (inject) additional malware. 

Trojan horses are also often used to spread viruses and malware. There is a risk that this infection will result in significant financial loss, serious privacy issues (such as identity theft), as well as additional infections of the computer system. The last time Bandook was spotted was in 2015 as part of the "Operation Manul" campaign, while the last time it was spotted was in 2017-2018 as part of the "Dark Caracal" campaign. 

During the last few years, the malware had all but disappeared from the threat landscape, but it appears it has begun to resurface again. An infected computer will receive a malware chain consisting of three stages. The first stage is to download two files into the local user folder using a lure document, which contains malicious VBA macro code encoded with an encryption algorithm. 

First, there is a PowerShell script file that gets dropped into the user's folder, and the second file is a JPG file which contains a base64 encoded PowerShell script that is saved in the JPG file. Its second stage will be the decoding and executing of the base64 encoded PowerShell scripts stored in the JPG file, which will render a zip file containing four files from cloud services, then download the zip file containing the files in the zip file. 

Among the four files, three of them are PNG files with hidden RC4 functions encapsulated in the RGB values of the pixels that belong to the RGB file. As a result of the existence of these files, an executable that acts as a Bandook loader will be constructed. 

After the creation of the Internet Explorer process, the bandook loader will inject the malicious payload into the process and then proceed to the final stage of the process. It is the payload that makes contact with the command and control server, and it waits for the server to give additional commands.
Read more »
Vulnerabilities
Crypto Currency cryptocurrency Cyberattacks Cybersecurity Data Breach database Gokumarket Vulnerabilities

Massive Data Breach at Gokumarket: Over a Million Users' Information Exposed

 


Several days before the leak, the GokuMarket team found an unprotected MongoDB instance, which was storing information about its users, namely those who bought and sold crypto on the exchange. In GokuMarket's case, it is the details of more than a million customers and admin users of the company that are stored in MongoDB in the form of large chunks of document-oriented information. 

Several users of GokuMarket, the centralized crypto exchange owned by ByteX and operated by its staff, have had their records revealed thanks to an open instance, according to a Cybernews investigation. 

With offices in Canada, the European Economic Area, and India, ByteX is a licensed and regulated CeDeFi platform that offers its services in those countries. It is ByteX's goal to bridge the best of both worlds by providing a KYC-verified platform with a compliant DeFi architecture, thus enabling a smooth transition from traditional to crypto credit infrastructure by reinventing it with transparency. 

The Gokumarket cryptocurrency exchange, one of the world's leading crypto exchanges, recently suffered a massive data breach, resulting in the disclosure of sensitive information belonging to over a million users. This is quite a significant and alarming development. 

In light of this breach, significant concerns are raised regarding the security infrastructure of the platform and the potential implications of the breach on the affected users. As a result of GokuMarket's decision, which had around a million users, denying users the option to withdraw their funds in mid-2022, which was a disastrous year for the crypto markets at the time, the company almost went bankrupt. 

GokuMarket faced the harsh reality of insolvency and financial bankruptcy as a result of the crypto market crash that occurred in early 2018. To assist users in safeguarding and protecting their interests, ByteX provided alternative solutions that were in comparison to what ByteX had originally offered. 

There has been considerable turbulence in the market in the aftermath of the recent collapse of several giants, which has also affected the stability of GokuMarket. In acquiring the platform's custodial users, we are making a conscious decision to safeguard and protect both its assets and its users from further challenges. 

It has been discovered that GokuMarket has a database that has been exposed on the web for a considerable period, which is why it was only detected in October 2023 and secured the next day after researchers sent a responsible disclosure note. However, the database could have been accessed by anyone for a considerable amount of time. 

An extensive user base, encompassing an estimated one million people, has been able to access a substantial repository of sensitive data, previously kept in a secure environment. In addition to IP addresses and geographical locations, the information compiled includes information about the users' dates of birth, their first and last names, as well as their mobile phone numbers. 

The encrypted passwords, the crypto wallet addresses, as well as their cryptocurrency wallet addresses, are all compiled in this study. Concern over the security and privacy of the affected individuals is significant in light of this breach of data. 

A persistent attacker could easily use this information to develop a spear-phishing campaign, which would likely involve draining the user's crypto funds, as the researchers believe that there is more than enough information to do so. There was also a revelation that the database, which had full-admin access, held 35 accounts that contained all sorts of sensitive information, including private Telegram channel IDs, secret exchange tokens, passwords and other highly sensitive information. 

A far more dangerous can of worms arises when attackers exploit admin access details to scam users of other platforms, with the ability to steal en-masse and transfer money to their accounts that would otherwise not be there. This is all possible through credential stuffing attacks, which can take advantage of individual user data to target exposed users. 

Using official Telegram channels for malicious purposes, attackers can manipulate the market if a leak of this nature arises. Although the official GokuMarket Telegram channel has not been active since September 2022, scammers are still attempting to impersonate brands within the crypto community to gain their attention.
Read more »
Tokens
Blockchain Crypto cryptocurrency Decentralized Digital Assets digital currency Fintech NFTs Smart Contracts Technology Tokens

The United States is Monitoring Vulnerabilities in Bitcoin

 

The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022. The National Vulnerability Database (NVD), overseen by the National Institute of Standards and Technology (NIST), a branch of the U.S. Department of Commerce, has brought attention to this issue for public awareness. This underscores the growing focus of government agencies on the security dimensions of cryptocurrencies.

The vulnerability at the core of this development is specific to certain versions of Bitcoin Core and Bitcoin Knots. It enables the bypassing of the datacarrier limit by disguising data as code. In practical terms, this vulnerability could result in the Bitcoin network being inundated with non-transactional data, potentially causing congestion in the blockchain and affecting performance and transaction fees. This concern is not merely theoretical, as evidenced by the exploitation of the Ordinals inscriptions in 2022 and 2023.

The Ordinals gained prominence in late 2022, involving the embedding of additional data onto a satoshi, the smallest Bitcoin unit, similar to the concept of nonfungible tokens (NFTs) on the Ethereum network. However, the increased usage of Ordinals transactions has led to heightened network congestion, resulting in elevated transaction fees and slower processing times. For blockchain enthusiasts, these issues are not just technical glitches but critical challenges that could influence the future trajectory of Bitcoin.

Luke Dashjr, a Bitcoin Core developer, has been outspoken about this vulnerability, likening it to receiving a flood of junk mail that obstructs essential communications. This metaphor aptly encapsulates the essence of the vulnerability, disrupting the otherwise streamlined process of Bitcoin transactions.

In response to these concerns, a patch has been developed in Bitcoin Knots v25.1. However, Dashjr notes that Bitcoin Core remains vulnerable in its upcoming v26 release. He expresses hope that the issue will be addressed in the v27 release next year. The implications of this vulnerability and its subsequent patching are substantial. Rectifying the bug could limit Ordinals inscriptions, although existing inscriptions would persist due to the immutable nature of the network.

This situation underscores a broader theme in the cryptocurrency world: the constant evolution and the need for vigilance in maintaining network security. The involvement of U.S. federal agencies in tracking and cataloging these vulnerabilities may signify a step toward more robust and secure blockchain technologies. While the identification of Bitcoin's vulnerability by the NVD serves as a cautionary tale, it also presents an opportunity for growth and improvement in the cryptocurrency ecosystem.
Read more »
Tether
Bitcoin Citizenship cryptocurrency Cyber Security El Salvador El Salvador Government Tether

El Salvador to Offer Citizenship for a $1 Million Bitcoin ‘Investment’


Last week, the El Salvador government, along with the stablecoin company Tether, joined in an initiative called ‘Adopting El Salvador Freedom,’ which will enable foreigners to obtain a Salvadoran passport in exchange for a million dollars in Bitcoin.  

This initiative, which has a 1,000-participant annual cap, seeks to attract high-net-worth individuals by providing them with residency and eventual citizenship in exchange for their investment. 

The initiative will require the ‘participant’ to make a $1 million investment in BTC or USDT, and successful applicants will be eligible for a Salvadoran passport and citizenship. According to a Bitcoin news source, Adriana Mira, El Salvador's Vice Minister of Foreign Affairs, emphasized the program as a critical step for anyone hoping to contribute to El Salvador's economic future. 

However, Tether needed to make it clear where the funding will take place.  

In September, El Salvador became the first nation to accept Bitcoin as a legal tender. The country required companies to accept the popular cryptocurrency as payment and launched a digital wallet named "Chivo" to encourage its citizens to use it by offering a $30 sign-up bonus in Bitcoin.

However, this plan evoked controversies among the Salvadoran public, with them protecting against the action – and President Nayib Bukele's alarming shift towards autocracy ensued – a vast majority of them continuing the use of cash. According to Fortune, Bitcoin's price fell from an all-time high of over $69,000 in November 2021—when Bukele announced the building of a “Bitcoin City”— to less than $17,000 by the start of 2023 as a result of Bukele's disastrous use of tens of millions of federal funds on the cryptocurrency.

How Did Bitcoin Boost The El Salvador’s Tourism

Despite the controversy revolving around the initiative, the country has gained popularity among Bitcoin enthusiasts worldwide. The country’s tourism minister announced in May that travellers were coming to the nation in unprecedented quantities because of its dedication to cryptocurrency. This included a huge number of the most well-known “Bitcoin maxis” in the world, such Swan Bitcoin, a powerful business that established a home in El Zonte, a surf town that is primarily responsible for sparking the nation’s Bitcoin experiment.  

Read more »
Technology
Blockchain cryptocurrency Data Safety E-Commerce Efficiency Revolution Security Tech Tech Companies Technology

Exploring Blockchain's Revolutionary Impact on E-Commerce

 

The trend of choosing online shopping over traditional in-store visits is on the rise, with e-commerce transactions dominating the digital landscape. However, the security of these online interactions is not foolproof, as security breaches leading to unauthorized access to vast amounts of data become increasingly prevalent. This growing concern highlights the vulnerabilities in current network structures and the need for enhanced security measures.

Blockchain technology emerges as a solution to bolster the security of online transactions. Operating as a decentralized, peer-to-peer network, blockchain minimizes the risk of malicious activities by eliminating the need for trusted intermediaries. The technology's foundation lies in automated access control and a public ledger, ensuring secure interactions among participants. The encryption-heavy nature of blockchain adds a layer of legitimacy and authority to every transaction within the network.

Initially designed as part of bitcoin technology for decentralized currency, blockchain has found applications in various sectors such as public services, Internet of Things (IoT), banking, healthcare, and finance. Its distributed and decentralized nature inherently provides a higher level of security compared to traditional databases.

As the demand for secure communication methods in e-commerce grows, blockchain technology plays a pivotal role in ensuring the security, efficiency, and speed of transactions on online platforms. Unlike traditional transactions that rely on third-party validation, blockchain integration transforms industries like e-commerce, banking, and energy, ushering in new technologies at a rapid pace. The distributed ledger technology of blockchain safeguards the integrity and authenticity of transactions, mitigating the risks associated with data leaks.

The intersection of blockchain and e-commerce is particularly crucial in the context of a data-driven world. Traditional centralized entities often control and manipulate user data without much user input, storing extensive personal information. Blockchain's decentralized and secure approach enhances the safety of conducting transactions and storing digital assets in the e-commerce landscape.

The transformative impact of blockchain on e-commerce is evident in its ability to optimize business processes, reduce operational costs, and improve overall efficiency. The technology's applications, ranging from supply chain management to financial services, bring advantages such as transparent business operations and secure, tamper-proof transaction records.

The evolution of the internet, transitioning from a tool for educational and military purposes to a platform hosting commercial applications, has led to the dominance of e-commerce, a trend accelerated by the global COVID-19 pandemic. Modern businesses leverage the internet for market research, customer service, product distribution, and issue resolution, resulting in increased efficiency and market transparency.

Blockchain, as a decentralized, peer-to-peer database distributed across a network of nodes, has significantly reshaped internet-based trade. Its cryptographic storage of transaction logs ensures an unchangeable record, resilient to disruptions in the digital age. Blockchain's current applications in digitizing financial assets highlight its potential for secure and distributable audit trails, particularly in payment and transaction systems.

The e-commerce sector, facing challenges since its inception, seeks a secure technological foundation, a role poised to be filled by blockchain technology. The decentralized nature of blockchain enhances operational efficiency by streamlining workflows, especially with intermediaries like logistics and payment processors. It introduces transparency, recording every transaction on a shared ledger, ensuring traceability and building trust among participants.

Cost-effectiveness is another advantage offered by blockchain in e-commerce, as it enables sellers to bypass intermediaries and associated transaction fees through cryptocurrencies like Bitcoin. The heightened security provided by blockchain, built on Distributed Ledger Technology (DLT), becomes indispensable in an industry where data breaches can lead to significant revenue losses and damage to brand reputation.

Blockchain's applications in e-commerce span various aspects, including inventory control, digital ownership, loyalty reward programs, identity management, supply chain tracking, and warranty management. These applications set new standards for online businesses, promising a more secure, efficient, and customer-centric e-commerce world.

As blockchain continues to evolve, its potential impact on the e-commerce sector is expected to grow. The technology holds the promise of unlocking more innovative applications, fostering an environment where trust, efficiency, and customer satisfaction take center stage. The future of e-commerce, driven by blockchain, transcends mere transactions; it aims to create a seamless, secure, and user-centric shopping experience that adapts to the evolving needs of businesses and consumers in the digital age.
Read more »
The Simpsons
Bitcoin Bored Ape NFT cryptocurrency NFT NFT Market Technology The Simpsons

What is up with the NFTs?


In the latest episode of the infamous The Simpsons, the hapless father Homer turns himself and later his son Bart into an NFT, in an attempt to gain millions.

However, things take a different turn when he finds out (from a pizza cat), that the NFT ‘craze’ is over. 

This episode is gaining wide recognition from the NFT fans and sceptics for the Simpsons makers for creating a parody related to the crypto industry and how it peaked a few years ago but has since quieted down. 

Are NFTs Really Dead? 

According to an analysis of the issue, the famous Non-Fungible Token market witnessed its biggest low recently, with October being labelled as a “Floptober.”

According to researchers at Dapp Radar, the NFT value has hit its lowest since the NFT market peaked. 

The overall amount of money sold in the sector, or trading volume, has decreased by 89% since the start of 2022.

It was $12.6 billion (£10.4 billion) in the first quarter of 2022, and as of the third quarter of 2023, it is only $1.39 billion.

Additionally, the sector is shrinking. The makers of the infamous Bored Ape NFTs, Yuga Labs, revealed an undisclosed number of layoffs last month.

Among its most well-known series is Bored Ape Yacht Club. Millions of dollars were once paid for NFTs, which were driven by wealthy customers such as talk show presenter Jimmy Fallon and media sensation Paris Hilton.

Since October 2022, Paris Hilton has not posted on X (formerly Twitter) about the NFTs, despite the fact she has posted almost daily from January and February 2022 to promote her collections. 

The value of the cheapest NFT in the collection, Bored Ape NFTs, peaked in the beginning of May 2022 and cost approximately $268,000 (144 Ethereum tokens), according to the NFT Price Floor website. It is now only $56,000.

Due to increasingly poor bids, US collector and artist Taylor Whitley was compelled to sell six of his seven highly valued Bored Ape NFTs.

"I haven't really wanted to sell, but the market is really bad, so it's the smart thing for me to do. I think the NFT market could even go lower," states Taylor in a talk with BBC.

Taylor rejected many better offers for his most prized Bored Ape in the past, but last month he sold it for $212,000 dollars.

If he had sold at the peak, he could have received at least ten times more for his NFTs. Even though it hurt, he was an early investment and still made huge gains. He made 1,000 times more money on his most recent transaction than on his original $200 investment.

For every Bored Ape NFT, there are several other smaller brands and artists that are aiding the NFT industry.

Angie Taylor, a Scottish artist, used to receive up to $8,000 for every NFT piece, but these days she only makes about $600.

She was forced to return to her part-time tutoring work before to NFT.

She says, "I'm still selling bits and pieces here and there, but I am having to do a day job as well. I can't make a living off this anymore with nothing else."

However, she was aware that the bubble would eventually burst. 

"I kind of budgeted for this to happen, because I thought, this is a boom and bust type of situation," she says.

Obviously, this is a buyers' market, and many contented purchasers are taking advantage of the slump.

Recently, Adam, also known online as Little Fish, made $663,000 for his crypto-punk artwork NFT.

Although the European full-time cryptocurrency investor recognizes that the sum is substantial, he believes he received a good deal on his CryptoPunk #36009./ After all, its seller turned down a $1.18 million offer a year ago.

"The downturn is exactly why I bought it. People are desperate. In the winter time you can buy summer clothes for cheap," he says.

Adam further says that he believes that summer will come again for NFTs, and he will “enjoy it,” whenever it does.  

Read more »
VPN
Anonymous Hacker Crypto cryptocurrency Data Breach. Decentralization Digital Tokens IP Address Online Data Server User Privacy VPN

Nym's Decentralized VPN: A Game-Changer for Online Privacy


Nym, a privacy technology company, is getting ready to introduce a decentralized VPN (Virtual Private Network) that aims to completely change how we safeguard our online data and preserve our privacy in a quickly changing digital environment where online privacy is getting harder to define. An industry game-changer in the field of online security, this breakthrough is scheduled to launch in early 2024.

Nym's ambitious project has garnered significant attention from the tech and cryptocurrency community. With concerns about surveillance, data breaches, and cyberattacks on the rise, the need for robust online privacy solutions is more critical than ever. Traditional VPNs have long been a popular choice for protecting one's online identity and data. However, Nym's decentralized VPN takes privacy to the next level.

One of the key features of Nym's VPN is its decentralized nature. Unlike traditional VPNs that rely on centralized servers, Nym's VPN leverages a decentralized network, making it far more resistant to censorship and government intervention. This feature is particularly important in regions where internet freedom is limited.

Furthermore, Nym's VPN is powered by a privacy-centric cryptocurrency called NYM tokens. Users can stake these tokens to access the VPN service or earn rewards for supporting the network. This innovative approach not only incentivizes network participation but also ensures a high level of privacy and security.

The decentralized VPN is designed to protect users from surveillance and data harvesting by hiding their IP addresses and routing their internet traffic through a network of anonymous servers. This means that users can browse the web, communicate, and access online services without revealing their true identity or location.

In addition to its privacy features, Nym's VPN is being developed with a strong focus on speed and usability. This means that users can enjoy the benefits of online privacy without sacrificing their internet connection's speed and performance.

Since Nym is a big step toward a more secure and private internet, the IT industry is excited about its impending introduction. Users seeking to protect their online activity will have access to a cutting-edge, decentralized solution as 2024 draws near.

Nym's decentralized VPN stands out as a ray of light in a world where threats to internet privacy are omnipresent. Its distinctive approach to privacy, robust security features, and intuitive design have the power to revolutionize the way we safeguard our personal information and identities online. When Nym launches in early 2024, it will surely be a turning point in the continuous struggle to protect internet privacy in a connected society.

Read more »
StripedFly
cryptocurrency Cryptominer EternalBlue Kaspersky malware Monero Miner StripedFly

StripedFly: Cryptomining Tool Infects 1 Million Targets Worldwide


Security firm Kaspersky Lab has revealed that a cryptominer, which never really generated a hefty crypto amount for its operators, is now a part of a bigger digital espionage campaign. Since 2017, the platform, known as StripedFly, has infected over a million Windows and Linux targets worldwide. StripedFly was most likely developed as a component of a well-funded state espionage program rather than a cybercriminal operation because it is modular and has several components for infiltrating targets' devices and gathering various types of data. Additionally, it has an update system that allows attackers to add new features and upgrades to the malware. 

Among other malware, StripedFly can steal access credentials from targeted systems, and take capture screenshots, obtain databases, private files, movies, or other relevant data, and record audio in real time by breaking into a target's microphone. Interestingly, StripedFly conceals communication and exfiltration between the malware and its command-and-control servers using a novel, proprietary Tor client. 

Additionally, there is a ransomware component that has occasionally been used by attackers. Using a modified version of the infamous EternalBlue exploit that was published by the US National Security Agency, it first infects targets.

While StripFly can steal Monera cryptocurrency, that is only a portion of what it is capable of. The researchers found this out last year and thoroughly examined it before making their results public.

Kaspersky researchers Sergey Belov, Vilen Kamalov, and Sergey Lozhkin wrote in the post, "What we discovered was completely unexpected; the cryptocurrency miner was just one component of a much larger entity."

According to the researchers, the platform is essentially "a hallmark of APT malware" since it has update and delivery capabilities via reliable services like Bitbucket, GitHub, and GitLab—all of which use specially encrypted archives—as well as an integrated Tor network tunnel for communication with command-and-control (C2) servers./ The researchers further notes that discovering the breadth of StripedFly is ‘astonishing,’ taking into account its successful evasion from getting detected in six years. 

How Does StripedFly Operates? 

The main structural component of the malware is a monolithic binary code that could be expanded by the attackers through different pluggable modules. Every module, whether for added functionality or to offer a service, is in charge of setting up and maintaining its own callback function in order to communicate with a C2 server.

The platform initially emerges on a network as a PowerShell that seems to leverage a server message block (SMB) attack, which looks to be a modified variant of EternalBlue. EternalBlue was first discovered in April 2017 and is still a danger to unpatched Windows systems.

Depending on the availability of its PowerShell interpreter and certain privileges made available in the process, the malware uses a variety of methods for persistence. The researchers notes that, "typically, the malware would be running with administrative privileges when installed via the exploit, and with user-level privileges when delivered via the Cygwin SSH server," the researchers wrote.

The functionality modules are wide and varied, giving attackers a range of options that enable them to continuously monitor a victim's network activity. The modules include the Monero cryptominer mentioned earlier, as well as a variety of command handlers, a credential harvester, repeatable tasks that can record microphone input, take screenshots, and carry out other tasks on a scheduled basis, a reconnaissance module that gathers a lot of system data, and SMBv1 and SSH infectors for worming and penetration capabilities.

Read more »
Subscribe to: Posts (Atom)