Tag Archives: Bitcoin

How to Mitigate the Threat Cryptocurrency Mining Poses to Enterprise Security

cryptocurrency-mining-attack

The growing popularity of Bitcoin and other cryptocurrencies is generating curiosity—and concern—among security specialists. Crypto mining software has been found on user machines, often installed by botnets. Organizations need to understand the risks posed by this software and what actions, if any, should be taken.

To better advise our readers, we reached out to the security researchers at Cato Networks. Cato provides a cloud-based SD-WAN that includes FireWall as a Service (FWaaS). Its research team, Cato Research Labs, maintains the company’s Cloud IPS, and today released a list of crypto mining pool addresses that you can use as a blacklist in your firewall. (To download the list, visit this page.)

Cato Research Labs determined crypto mining represents a moderate threat to the organization. Immediate disruption of the organization infrastructure or loss of sensitive data is not likely to be a direct outcome of crypto mining.

However, there are significant risks of increased facility cost that must be addressed.

Understanding Blockchain and Crypto Mining

Crypto mining is the process of validating cryptocurrency transactions and adding encrypted blocks to the blockchain. Miners solve a hash to establish a valid block, receiving a reward for their efforts. The more blocks mined, the more difficult and resource-intensive becomes solving the hash to mine a new block.

Today, the mining process can require years with an off-the-shelf computer. To get around the problem, miners use custom hardware to accelerate the mining process, as well as forming “mining pools” where collections of computers work together to calculate the hash.

The more compute resources contributed to the pool, the greater the chance of mining a new block and collecting the reward. It’s this search for more compute resources that have led some miners to exploit enterprise and cloud networks.

Participating in mining pools requires computers run native or JavaScript-based mining software (see Figure 1). Both will use the Stratum protocol to distribute computational tasks among the computers in the mining pool using TCP or HTTP/S (technically, WebSockets over HTTP/S).

Cryptocurrency Mining Threat
Figure 1: An example of a website running JavaScript-based mining software. Typically, websites do not ask for permission.

Native mining software will typically use long-lasting TCP connections, running Stratum over TCP; JavaScript-based software will usually rely on shorter-lived connections and run Stratum over HTTP/S.

The Risk Crypto Mining Poses to the Enterprise

Mining software poses a risk to the organization on two accounts. In all cases, mining software is highly compute-intensive, which can slow down an employee’s machine. Running CPUs with a “high-load” for an extended period of time will increase electricity costs and may also shorten the life of the processor or the battery within laptops.

Mining software is also being distributed by some botnets. Native mining software accesses the underlying operating system in a way similar to how botnet-delivered malware exploits a victim’s machine. As such, the presence of native mining software may indicate a compromised device.

How To Protect Against Crypto Mining

Cato Research Labs recommends blocking crypto mining on your network. This can be done by disrupting the process of joining and communicating with the mining pool.

The deep packet inspection (DPI) engine in many firewalls can be used to detect and block Stratum over TCP. Alternatively, you can block the addresses and domains for joining public mining pools.

Approach 1: Blocking Unencrypted Stratum Sessions with DPI

DPI engines can disrupt blockchain communications by blocking Stratum over TCP. Stratum uses a publish/subscribe architecture where servers send messages (publish) to subscribed clients. Blocking the subscription or publishing process will prevent Stratum from operating across the network.

DPI rules should be configured for JSON. Stratum payloads are simple, readable JSON-RPC messages (see Figure 2).

Stratum uses a request/response over JSON-RPC:

Cryptocurrency Mining Threat
Figure 2: Detail of a JSON-RPC batch call (reference: http://www.jsonrpc.org/specification)

A subscription request to join a pool will have the following entities: id, method, and params (see Figure 3). Configure DPI rules to look for these parameters to block Stratum over unencrypted TCP.


{“id”: 1, “method”: “mining.subscribe”, “params”: []}

Three parameters are used in a subscription request message when joining a pool.

Approach 2: Blocking Public Mining Pool Addresses

However, some mining pools create secure, Stratum channels. This is particularly true for JavaScript-based applications that often run Stratum over HTTPS.

Detecting Stratum, in that case, will be difficult for DPI engines who do not decrypt TLS traffic at scale. (For the record, Cato IPS can decrypt TLS sessions at scale.) In those cases, organizations should block the IP addresses and domains that form the public blockchain pools.

To determine the IP addresses to block, look at the configuration information needed to join a mining pool. Mining software requires miners to fill in the following details:

  • the appropriate pool address (domain or IP)
  • a wallet address to receive equity
  • the password for joining the pool

The configuration information is usually passed via JSON or via command-line arguments (see Figure 3).
Cryptocurrency Mining Threat
Figure 3: A JSON file providing the necessary miner pool configuration

Organizations could configure firewall rules to use a blacklist and block the relevant addresses. In theory, such a list should be easy to create as the necessary information is publicly available. Most mining pools publish their details over the Internet in order to attract miners to their networks (see Figure 4).

Cryptocurrency Mining Threat
Figure 4: Public addresses for mining pools are well advertised as demonstrated by mineXMR.com’s “Getting Started” page

Despite extensive research, though, Cato Research Labs could not find a reliable feed of mining pool addresses. Without such a list, collecting the target mining pool addresses for blocking would be time-consuming.

IT professionals would be forced to manually enter in public addresses, which will likely change or increase, requiring constant maintenance and updates.

Cato Research Labs Publishes List of Mining Pool Addresses

To address the issue, Cato Research Labs generated its own list of mining pool addresses for use by the greater community. Using Google to identify sites and then employing scraping techniques, Cato researchers were able to extract pool addresses for many mining pools.

Cryptocurrency Mining Threat
Figure 5: Partial list of mining pool addresses compiled by Cato Research Labs

Cato researchers wrote code that leveraged those results to develop a mining-pool address feed. Today, the list identifies hundreds of pool addresses (see Figure 5) and should be suitable for most DPI rule engines. See here for the full list.

Final Thoughts

The combined risk of impairing devices, increasing costs, and botnet infections led Cato Research Labs to strongly recommend IT prevent and remove crypto mining from enterprise networks.

Should software-mining applications be found on the network, Cato Research Labs strongly recommends investigating active malware infections and cleaning those machines to reduce any risk to organization’s data.

Cato Research Labs provided a list of address that can be used towards that goal, blocking access to public blockchain pools. But there’s always a chance of new pools or addresses, which is why Cato Research Labs strongly recommend constructing rules using a DPI engine with sufficient encrypted-session capacity.

What will 2018 bring to the world of cryptocurrencies?

With the vast amounts of people suddenly becoming millionaires, the chances of you not hearing about Bitcoin are almost nil. The success stories are all over the internet. Even the already rich rap-star 50 Cent added his name to the ever-growing list of Bitcoin millionaires. He claims that over the last few years he has been sitting on a “forgotten” fortune of 700 virtual coins that he made selling his album back in 2014. Is he a smart investor or a lucky guy? No one knows, but the truth is that he is now worth $7 million more than last year. Cheers, 50 Cent, this is what we call a flying start to the new year!

In 2017 Bitcoin managed to become so popular that it is an absolute rarity to live in the western world and not to have at least one friend or a relative who is somehow engaged in cryptocurrency trading. User-friendly virtual money exchanges such as Coinbase started gaining speed making the purchase of cryptocurrency as easy as requesting an Uber ride. People who wanted to invest no longer had to wire money to exchange sites but use a simple app to purchase some of the crypto-gold with a credit card. Last year was also the year that saw Bitcoin increase its value 20 times and become the 6th most valuable currency in the world.

While Bitcoin’s price kept surging, there were a ton of leading economists such as Jamie Dimon, chairman and CEO of JPMorgan Chase, and billionaire investor Warren Buffett, who said the crypto-world might be doomed. Jamie called it a fraud and Warren kept warning everyone that the craze over Bitcoin and other cryptocurrencies won’t end well. Even Jordan Belfort, also known as the real Wolf of Wall Street and the man who predicted the 2008 financial crisis, called Bitcoin a “huge danger.” Things are never perfect, Bitcoin lost half of its gains but still managed to close 2017 about ten times more valuable than it started it.

Love it or hate it, there is no doubt, 2017 was the year of Bitcoin! Over the last 13 months, Bitcoin has been a subject of enormous attention and is rapidly changing the landscape of the financial world boldly paving the way for other cryptocurrencies such as Ethereum, Ripple, Bitcoin Cash, Litecoin, Monero, and Zcash. While Bitcoin was the primary currency making the news, it’s contenders had a good year too as almost all of them registered even better growth percentages than Bitcoin.

What about 2018?

High volatility and the lack of understanding have been scaring many investors away from the crypto-world. While governments are trying to regulate the market, it still feels like it is the wild west. Exchanges have been prone to hacks, investors have been afraid to jump in due to the lack of regulations and regular folks have been avoiding the crypto-world because of the lack of non-user friendly crypto exchanges. However, things are changing – governments from all over the world are starting to realize that instead of fighting the new currencies, they can tax the transactions and get their piece of the pie. New and stricter laws are making Initial Coin Offerings more and more transparent and regulated, and in 2018 exchanges in the US will most likely be forced to report every account trading more than $20k to the IRS. Exchanges are continually trying to increase security, and there are user-friendly exchanges like Coinbase who are allowing everyday people to participate. Cryptocurrencies will continue to be part of our lives in 2018.

What is the future of cryptocurrencies?

In 2018 we will see more and more governments trying to regulate cryptocurrencies, we will witness the creations of more altcoins, and we will see how Bitcoin’s main competitors Ethereum; Monero; ZCash; and Ripple, try to take a shot at Bitcoin. The new 2018 may be the year that will see Bitcoin being taken down from its throne. This wouldn’t be a first for the tech world – Nokia’s Symbian was the primary modern mobile OS, but later it got overshadowed by better mobile operating systems such as Android and iOS. This might be the case with Bitcoin too. The time will show!

On the other hand, Bitcoin has been known as the gold of the cryptocurrencies. It may stick around, but it won’t be the game-changer technology that will transform the financial world. The cashier at Stater Brothers won’t be happy if you try to pay for the groceries with gold bullions – you will most likely be asked to use a credit card or cash instead. This is what is happening with Bitcoin. Stripe, one of the first firms to help users do financial transactions with Bitcoin, recently announced that they would be stopping the support of Bitcoin payments saying the fees are too high. And people do not blame them for their decision, Bitcoin transaction fees can easily reach amounts of $20+, while transactions with currencies such as Ethereum and Ripple only cost a few bucks.

While governments are desperately racing each other to find ways to regulate the decentralized virtual currencies, they are also exploring opportunities of creating their national cryptocurrencies too. So the next groundbreaking virtual money might have not even been invented yet. The masses are more likely to support a government-backed cryptocurrency than the ones associated with the dark web that we see now.

If you are thinking of entering the world of crypto, or you are already in, you have to bear in mind that it is an extremely risky investment and there is no insurance for your assets. Hackers are lurking around so securing your digital wallet should be a high priority. Always make sure you have antivirus software on all your devices. Having another layer of security can prevent cybercriminals from gaining access to your digital coins. It only takes seconds for hackers to send your virtual money away from your wallet, and once it leaves your digital portfolio, there is no way of getting it back. Be prepared!

Download your Antivirus

The post What will 2018 bring to the world of cryptocurrencies? appeared first on Panda Security Mediacenter.

Read More

Not just Bitcoin: cryptocurrencies to keep an eye on

Non solo Bitcoin: le critpovalute su cui puntare

The boom over the past few months has piqued interest surrounding Bitcoin. Enthusiasts and miners have known about cryptocurrency for years, while everyone else is just now learning what it means to manage a digital portfolio, watch your loot grow, and, unfortunately, see sudden and unexpected drops in value. In just a few months, the […]

The post Not just Bitcoin: cryptocurrencies to keep an eye on appeared first on Avira Blog.

Read More

Yikes! Three armed men tried to rob a Bitcoin Exchange in Canada

cryptocurrency-exchange-robbery

As many non-tech savvy people think that Bitcoin looks like a Gold coin as illustrated in many stock images, perhaps these robbers also planned to rob a cryptocurrency exchange thinking that way.

All jokes apart, we saw one such attempt on Tuesday morning, when three men armed with handguns entered the offices of a Canadian Bitcoin exchange in Ottawa, and restrained four of its employees.

The intruders then struck one of the employees in the head with a handgun, asking them to make an outbound transaction from the cryptocurrency exchange.

A fifth employee in another cabin, who remained unseen in an office, called the police before any assets could be taken, and the robbers left empty-handed.

One of the suspects arrested later Wednesday after arriving police officers saw him run into a ravine north of Colonnade Road and deployed “extensive resources,” including K-9 unit officers, to find him, CBC News reports.

“Police are looking for two additional suspects, both described as black males,” the police says. “Investigators are also interested in identifying and speaking to a person of interest that was inside the premise as the suspects arrived. That person did not remain at the scene.”

The suspect in custody, identified as 19-year-old Jimmy St-Hilaire, has been charged with the following offences:

  • 5 counts of robbery with a firearm
  • 5 counts of point a firearm
  • 5 counts of forcible confinement
  • Wear disguise
  • Conspiracy to Commit an indictable offence
  • Carry concealed weapon
  • Possess firearm while prohibited
  • Possess weapon for committing an offence
  • Possess loaded regulated firearm
St-Hilaire is set to appear in court on January 24, 2018. Ottawa police are now looking for the remaining two suspects.


The authorities have not revealed the name of the cryptocurrency exchange.

A similar incident happened last month when armed robbers kidnapped a top executive at UK-registered crypto-exchange EXMO Finance and allegedly stole more than $1.8 million of Ether for releasing him.

The New York District Attorney’s Office charged New Jersey native Louis Meza for the kidnapping and robbery, claiming Meza held “demanded that the victim turns over his cell phone, wallet, and keys while holding the victim at gunpoint.”

Bitcoin: definition, hacks and frauds

Despite being around for several years, Bitcoin is suddenly all over the news. You probably already know it is something to do with money, so this article will help to explain what this cyrptocurrency is, why it matters, and how to use it safely.

What is Bitcoin?

Bitcoin works pretty much like every other currency – people can buy goods and services, and money can be traded on the foreign exchange market too. Coins are held in a digital wallet – and encrypted set of files on your computer – and act just like cash when making a payment.

There are some key differences however:

  • Bitcoin is entirely digital – there are no bank notes or coins – so all transactions take place electronically.
  • It is not managed by a central bank like the US Federal Reserve, instead its users maintain a shared control.
  • It uses heavy encryption to verify “money” is genuine, and to protect the identities of buyers and sellers making a transaction.

Why does Bitcoin matter?

Free from the control of central banks Bitcoin is, theoretically, affected less by interest rate rises, or ‘quantitative easing. This makes it very attractive to foreign currency investors.

The fact that this cryptocurrency works exactly like cash makes it very attractive to criminals. Police cannot trace a payment made with a physical £5 in a physical store – and the same is true of its transactions. This is why ransomware demands typically specify payment in Bitcoin.

Bitcoin – a valuable target for theft

Currently this digital currency is not widely used by consumers – but with the increased level of attention being given to the currency, more of us may be tempted to get on board. But there are some important security issues you need to be aware of first.

The digital wallet used to store Bitcoin acts just like your real-world wallet. So if someone steals your digital wallet from your computer, they also steal all the contents – your Bitcoins. Because it is virtually untraceable, there is little chance that the thief will be caught, which is why its theft and fraud is becoming increasingly popular.

On the 7th December, hackers were able to steal 4700 Bitcoin (worth £56 million!) from an online exchange. The criminals were able to break into an employee’s computer and steal crucial data that allowed them to make off with the money – early indications suggest that malware installed on the PC provided the necessary access.

In November, another Bitcoin banking service, Tether, was compromised. Hackers managed to steal nearly $31 million worth of Bitcoin belonging to service users from the bank’s virtual account. The bank has not released details of how the attack was carried out, but again it appears that the issue was caused by one of their computers being compromised.

How to protect yourself

Your digital wallet is key to protecting your digital money. If cybercriminals can steal your digital wallet, or trick you into handing over user names, passwords or encryption keys, you could be robbed.

In reality the principles for staying safe when using cryptocurrency are exactly the same as shopping online. Never give a stranger your Bitcoin account details. And always ensure that your computer is properly protected against hacking and malware using a security solution like Panda Gold Protection. Ready to learn more? Check out our Bitcoin archive.

Download your Antivirus

The post Bitcoin: definition, hacks and frauds appeared first on Panda Security Mediacenter.

Read More

Largest Crypto-Mining Exchange Hacked; Over $70 Million in Bitcoin Stolen

bitcoin-hacked

Bitcoin is breaking every record—after gaining 20% jump last week, Bitcoin price just crossed the $14,800 mark in less than 24 hours—and there can be no better reason for hackers to put all of their efforts to steal skyrocketing cryptocurrency.

NiceHash, the largest Bitcoin mining marketplace, has been hacked, which resulted in the theft of more than 4,700 Bitcoins worth over $57 million (at the time of breach).

And guess what? You’ll be surprised to know that the stolen BTC now worth over $70 million—in less than 24 hours.

Founded in 2014, NiceHash is a cloud-based crypto-mining marketplace that connects people from all over the world to rent out their spare computing power to other in order to create new coins.

On Wednesday, several NiceHash users reported that their BTC wallets had been emptied, which was later confirmed by NiceHash after its service went offline claiming to be undergoing maintenance.

At the time of writing, the NiceHash service is still offline with a post on its website, confirming that “there has been a security breach involving NiceHash website,” and that hackers stole the contents of the NiceHash Bitcoin wallet.

nicehash-bitcoin-mining

The company did not provide any further details about the security incident, but it did say that NiceHash has paused its operations for next 24 hours while it figures out exactly how many numbers of BTC were swiped from its website and how it was taken.

Although NiceHash has not confirmed the number of bitcoins stolen from its virtual wallet, some of its customers have circulated a wallet address that suggests around 4,736 BTC—worth more than $70 million based on today’s price—in total were drained from the company’s wallet.

NiceHash has initiated an investigation into the matter, and has reported the incident to the “relevant authorities and law enforcement” and has been “co-operating with them as a matter of urgency.”

The company also assured its customers that it is “fully committed to restoring the NiceHash service with the highest security measures at the earliest opportunity,” but it’s still unclear how the company will manage to settle everything if it is unable to compensate the total loss.

“We understand that you will have a lot of questions, and we ask for patience and understanding while we investigate the causes and find the appropriate solutions for the future of the service. We will endeavor to update you at regular intervals,” the company says.

Following the security incident, NiceHash is recommending its customers to change their passwords—both on NiceHash and other services, if they are using the same credentials.

NiceHash is the latest cryptocurrency company to suffer a significant blow in recent months. Another major hack took place last month due to a flaw in Parity’s wallet that caused over $160 million in ETH (Ether) to be frozen, while nearly $32 million in ETH was stolen by hackers in July.

Learn Ethereum Development – Build Decentralized Blockchain Apps

ethereum-blockchain-development

As of today — 1 Bitcoin = $7300 USD (Approx 471,000 INR)

At the beginning of this year, 1 Bitcoin was approximately equal to $1000, and now it has surged to a new height, marking its market capitalization at over $124 billion.

Is it really too late to invest in Bitcoin or other cryptocurrencies like Ethereum?

For those wondering if they have missed the money-making boat, the answer is—NO, it’s never too late to invest.

In case you are new to cryptocurrency trading, we have a simple step-by-step guide on our deal store that explains how to invest in cryptocurrencies.

However, the blockchain, the revolutionary technology behind Bitcoin and other digital currencies, is not always about cryptocurrencies.

Though it is a decentralized public database which ensures that all transactions are properly conducted and recorded, Blockchains can be used for a wide variety of applications, such as for digital identity management, smart assets, digital voting, distributed cloud storage, and so on.

While Bitcoin has long been dominant in the cryptocurrency market, the second largest cryptocurrency—Ethereum—offers much faster data processing than Bitcoin.

Moreover, Bitcoin was designed to be used as a currency only, whereas the Ethereum blockchain facilitates the development of all sorts of next-generation decentralized applications.

Organisations are recognizing Ethereum potential to make processes more efficient and secure, and programmers are opting for Ethereum development.

Also, since Ethereum technology is still in the early adopter stage, you can get in at ground level and become proficient before it blows up.

How to Become An Ethereum Developer?

blockchain

So are you considering to learn blockchain technology and Ethereum development?

The Hacker News is making things easier for you by providing you an amazing deal on “The Complete Ethereum Blockchain Mastery Bundle,” at a discount of 95 percent.

The Complete Ethereum Blockchain Mastery Bundle includes four online courses:

1. Ethereum Blockchain Developer: Build Projects Using Solidity—This course will help you get your hands on development practice with solidity and successfully build a complex, real-world, Ethereum-based distributed app using core development tools such as Mist, Geth & Ethereum Studio.

2. Blockchain Technology: A Guide To The Blockchain Ecosystem—This course will help you understand the blockchain ecosystem and the technology that surrounds it.

3. Ethereum Developer: Build A Decentralized Blockchain App—This course will help you build your own decentralized blockchain application.

4. Ethereum Developer Masterclass: Build Real-World Projects—This is the last course in The Complete Ethereum Blockchain Mastery Bundle that will help you launch an initial coin offering (ICO) and at the same time will help you build a decentralized exchange on the blockchain.

At THN Deals Store, you can get all of the above four courses offered in The Complete Ethereum Blockchain Mastery Bundle for just $29 (after 95% discount on its actual price $610).

So, what are you waiting for?

Sign up for The Complete Ethereum Blockchain Mastery Bundle now.

Hackers demand nude images instead of money

We thought that we’d seen everything but hackers managed to hit a new low. Last month the news about a new ransomware that demands nude photos instead of the usual cryptocurrency started circulating the online world. The new ransomware is called nRansomware and works very similar to Locky – it is a malicious software that infects your device and locks some of the files on your system. Luckily the new threat is not a state of the art malicious software. While Locky encrypts your data, nRansomeware is known only to lock your screen. It is unfortunate enough but not absolutely devastating.

Up until now, when a PC was infected with ransomware, the cybercriminals behind it were after immediate monetary gain. However, hacker’s shady techniques are continually evolving. Online troublemakers are starting to realize that Bitcoin and most of the virtual cryptocurrencies are not as secure and untraceable as they initially thought. Payments can easily be tracked, so they decided to get creative by releasing ransomware that demands ten nude photos from the victims to “unlock” their computer.

The new ransomware feels like a yet another episode of the modern-day nightmares described in the hit TV series Black Mirror. When infected, your computer displays the text below instead of your desktop. The ruthless message from the hackers is placed on a background containing offensive language and multiple images of Thomas the Tank Engine.

Your computer has been locked. You can only unlock it with the special unlock code. Go to protonmail.com and create an account. Send an email to 1_****_yourself_1@protonmail.com. We will respond immediately. After we reply, you must send at least ten nude pictures of you. After that, we will have the verify that the nudes belong to you. Once you are verified, we will give you your unlock code and sell your nudes on the deep web.

It does sound gross, doesn’t it? The last thing you want is perverts bidding over imagery of your naked body. Hackers have been stealing intimate images from celebrities for a long time. Sadly, now they are starting to realize that they can make a buck by extorting regular people too. You no longer have to be rich or famous to attract hackers’ attention.

Is it a prank or a sign of the new way hackers will be making money out of the innocent? The time will show. One is for sure, cryptocurrencies are not untraceable, and cyber bullies with twisted minds exist out there. They are not afraid to pray on the weak by continuously finding new ways to avoid being caught. The chances of becoming a victim of such ransomware are rare to impossible if you are protected and follow our tips for staying out of trouble.

The post Hackers demand nude images instead of money appeared first on Panda Security Mediacenter.

Read More

Cryptocurrencies: Valuable because someone says they are

Cryptocurrencies: They’re valuable because someone says they are

Cryptocurrencies are poised to be the next big thing, potentially replacing those cumbersome Dollars, Euros, and gold. Not only are they digitally cool and easier to carry than a metal bar, they also provide users with the potential ability to circumvent some very uncool government regulationswhen it comes to money laundering. Money 101 Money has […]

The post Cryptocurrencies: Valuable because someone says they are appeared first on Avira Blog.

Read More