Major cryptocurrency exchange Bitfinex hit by cyber attack, pauses trading


The fourth biggest cryptocurrency exchange in the world, Bitfinex, shut down briefly on Tuesday morning after a DDoS (distributed denial-of-service) attack on its trading platform.

It started in the morning when the company paused operations for an “unplanned maintenance”, assuring users that all funds were safe, after which they went back live in a couple of hours.


Two hours later, trading was once again down and the exchange tweeted that its platform was “under extreme load”.


While the first outage was caused due to an issue with one of their infrastructure providers, according to the company, the second outage followed soon after and was claimed to have been caused by a DDoS attack, causing an “extreme load on the servers”.

“We are adjusting the DDoS protection measures to fend off the attack and be able to relaunch. Currently we are running tests to make sure we can safely restart operations,” the company reported on its website after the attack.

According to data from CoinDesk, Bitcoin prices fell almost 2 percent after the attack, hitting a low of $7,373.47 a coin at one point.

According to a report by CNBC, a Bitfinex spokesperson said, "The attack only impacted trading operations, and user accounts and their associated funds/account balances were not at risk at any point during the attack.”


Data Breach leads to leak of personal details of cryptocurrency users

Researchers at Kromtech Security have discovered a MongoDB database that contains the personal details of over 25,000 users who have invested in the John McAffee-backed bezop (BEZ) cryptocurrency.

The leak exposed confidential information of investors such as full names, home addresses, email addresses, encrypted passwords, wallet information, and even scanned passports, driver's licenses, or IDs.

The leak reportedly occurred while the firm’s dev team was dealing with a DDoS attack on January 8, according to an announcement on Bezop’s Medium account.

The information stored on the database is related to a “bounty programme” that was run earlier this year where Bezop handed out tokens (about 4,045,343 Bez) to users promoting their cryptocurrency on social media.

The database reportedly contained personal and confidential details of over 6,500 ICO investors, while the rest were from users who were given tokens as part of the bounty programme.

The server has been secured, according to Bezop.


"That database has since been closed and secured," the Bezop team said this week. "Investor identity cards were also not stored on the database rather a URL link to them. This is also offline now."

Bezop also said that the team had already notified users of the breach in January.

The data was supposedly exposed online until March 30, when Kromtech researchers found the MongoDB database on a google cloud server without any authentication system in place, allowing easy access to anyone who was able to connect to it.

Google Rejecting All Cryptocurrency Mining Extensions Submitted To The Chrome Web Store

Google is taking action against all Chrome extensions that incorporate a cryptographic money mining segment and is banning them from the Chrome Web Store. Up until now, Google had permitted cryptocurrency mining extensions till mining was the extension's just reason, and clients were appropriately informed about this conduct, Google's Extensions Platform Product Manager James Wagner noted in a blog post on Monday .

While the organization has no issue listing extensions with a solitary reason for straightforwardly mining digital coins in the background rather, Google has an issue with the developers uploading and posting Chrome extensions promoting one particular functionality, and furthermore furtively mining digital coins in the background without the client's assent.

In the course of recent months, there has been an ascent in virulent extensions that seem to provide useful functionality at first glance, acknowledged Wagner and this happens he further adds, while the embedded and concealed cryptographic money mining scripts keep running in the background without the user's assent.

 These mining scripts often consume significant CPU resources and can severely impact system performance and power consumption.

"Unfortunately, approximately 90 per cent of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with the company’s policy, of adequately informing users about the full behaviour of a listed extension and have been either rejected or removed from the store," Wagner adds.

Nonetheless Google is further planning to delist every current extension that mines cryptocurrency in "late June" however extensions with "block chain-related purposes other than mining" are still permitted. The ban has nothing to do with ads running mining scripts in the background, yet rather the plans and schemes related with the "unregulated or speculative financial products.”


Cryptocurrencies Observe A Dramatic Drop; Bitcoin Slumps below the $8,000 Mark


Over the most recent 3 days, the most profitable digital currency in the market has shed over USD 600 in its unit cost. In the value of cryptocurrencies, bitcoin drooped underneath USD 8,000 on Monday.

There was around a 7% decrease from the price 72 hours back and after the decline, the bitcoin was trading at USD 7,910 as indicated by CoinMarketCap. This is the first time in the week when it went beneath that protection level.

Be that as it may, it has been realized that the bitcoin's cost has been playing with USD 8,000 level over the most recent seven days. Even the other cryptocurrencies saw the same sensational drop. Ethereum dropped more than 11 per cent and Ripple drooped by more than 10 per cent in most recent couple of days and the digital currencies were trading at USD 464 and USD 0.57 at the time of announcing.

While the current dive brings bitcoin withdraw by critical sums, its cost is still high contrasted with all the more long haul execution. The current drop evacuates every one of the gains made in December – yet it is still up 2520 per cent in the course of the most recent year, with the recent drop essentially fixing the whole inconceivably quick surge the traders saw toward the end of the last year.

In general, the worldwide cryptocurrency market lost over USD 30 billion in its market top in the previous 72 hours and presently, the market capitalisation of the worldwide digital currency advertise is affixed at USD 298 billion.


rTorrent flaw exploited in crypto-mining campaign

Researchers from F5 Networks Inc. have found that hackers are targeting a flaw in the popular rTorrent application to install crypto-mining software on computers running Unix-like operating systems. They have so far generated over $3,900.

This campaign exploits a previously undisclosed misconfiguration vulnerability and deploys a Monero (XMR) crypto-miner operation.

The attacks exploit XML-RPC, an rTorrent interface that uses XML and HTTP to access remote computers, and for which rTorrent doesn’t require any authentication. Shell commands can be executed directly on the OS rTorrent runs on.

The hackers identify the computers running RPC-enabled rTorrent apps on the internet and target them to install Monero, the digital coin mining software.

The malware downloaded doesn’t just run mining software but also scans for rival miners and removes them.

The vulnerabilities being exploited are in some respects similar to those reported through the Google Zero project in the BitTorrent client uTorrent. The difference lies in that the rTorrent flaw can be exploited without any user interaction rather than only by sites visited by the user.

The XML-RPC interface isn’t enabled by default and rTorrent recommends not using RPC over TCP sockets.

Below is an email rTorrent developer Jari Sundell wrote regarding the flaw:

There is no patch as the vulnerability is due to a lack of knowledge about what is exposed when enabling RPC functionality, rather than a fixable flaw in the code. It was always assumed, from my perspective, that the user would ensure they properly handled access restriction. No 'default behavior' for rpc is enabled by rtorrent, and using unix sockets for RPC is what I'm recommending. The failure in this case is perhaps that I've created a piece of software that is very flexible, yet not well enough documented that regular users understand all the pitfalls.

Currently, the hackers generate about $43 per day using this exploit and have already generated $3,900 combined.


Leaked US Army Cyber Protection Brigade Memorandum appears to show Privacy Solutions compromised




The picture being referred to is a leaked picture of a memorandum on image board 4chan, complete with Department of Defence letterhead, seeming, by all accounts, to be from the United States Army’s Cyber Protection Brigade.

The posted picture displays an official document brought up on a terminal screen, on one side of which is a Common Access Card or CAC, complete with picture, conventional of a Department of Defence employee. It seems, by all accounts, to be a legitimate one, however it reeks of incredulity and skepticism. Be that as it may, it's as yet not clear with respect to why somebody would want this data leaked.

However another sensible theory can be that, there might be some sort of involvement of the cryptocommunity. Nevertheless an extraordinary method to constrain utilization of privacy solutions is to convey into the environment rumours about their being anything but, a sort of scheming way of spreading trepidation, uncertainty and doubt.

 “The success we have had with Tor, I2P, and VPN, cannot be replicated with those currencies that do not rely on nodes. There is a growing trend in the employment of Stealth addresses and ring signatures that will require additional R&D.” reads the document.

the memo's first line uncovers a unit required with the National Security Administration (NSA) and Cyber Protection Team (CPT) encouraging all the more financing for "new contracts and extra subsidizing to meet GWOT and drug interdiction targets aimed in July's Command update brief," Global War On Terror (GWOT) being a go-to pretext for about two decades of obtrusive military and law enforcement action.

“In order to put the CPT back on track, we need to identify and employ additional personnel who are familiar with the Crypto Note code available for use in anonymous currencies,” the memo stressed.
Crypto Note which is likewise the application layer for privacy tokens, for example, Bytecoin (BCN), Monero (XMR), utilizes a memory bound function which is hard to pipeline, that the pertinent agencies entrusted with monitoring and tracking internet solutions, and now coins, needs outside help with Crypto Note may say a lot about where the different government divisions are in terms of their security keenness.

The picture was distributed among Steemit, Veekly, and even Warosu exactly five months back, yet outlets, for example, Deep Dot Web may claim to have broken news. The document but is as yet worth dissecting, assuming its legitimacy.


As far as concerns its, Deep Dot Web claims to have contacted "a Monero developer, who spoke on state of obscurity," and the dev "said that the vast majority of the Monero engineers who have seen the leak trust it to be true. A few sources who were some time ago in the Armed force have additionally said they trust the report to be genuine." Offering ascend to the way that the contents of the document do give off an impression of being totally conceivable.

Japan cryptocurrency exchange to refund stolen assets worth $400m

Coincheck, one of Japan’s major cryptocurrency exchange, has promised to refund to its customers about $423m (£282m) stolen by hackers two days ago in one of the biggest thefts of digital funds.

The hack occurred on Friday, when the company detected an “unauthorised access” of the exchange and suspended trading for all cryptocurrencies apart from bitcoin.

The attackers were able to access the company’s NEM coins, which are a lesser known but still the world’s 10th biggest cryptocurrency by market capitalisation. The losses went up to about $534m (£380m).

The company has stated that it will reimburse the affected customers to nearly 90% of their loss using cash.

Over 260,000 are reported to have been affected by the hack.

According to Coincheck, the hackers were able to steal the NEM coins because they were kept in online “hot wallets” instead of the more secure and offline “cold wallets.”

The company claims that it is aware of the digital address where the coins have been transferred and believes the assets are recoverable.

Kodak Launches Own Cryptocurrency KODAKCoin — Stocks Surge

In a tie-up with WENN Digital, a blockchain development firm, Kodak photo-centric cryptocurrency, KODAKCoin, causing a 60 percent stock rise after the surprise announcement.

This is a part of a larger initiative called KODAKOne which will reportedly give photographers a new revenue stream and a secure work platform. The blockchain-powered image management system will supposedly create a digital ledger of rights ownership that photographers can use to register and license new and old work.

Kodak CEO Jeff Clarke said in a statement, “For photographers who’ve long struggled to assert control over their work and how it’s used, these buzzwords [“blockchain” and “cryptocurrency”] are the keys to solving what felt like an unsolvable problem.”

Kodak’s choice to move towards blockchain rather than introduce a new social media platform to serve the same purpose has sparked some discussions that the company is trying to capitalise on the current cryptocurrency fad.

KODAKCoin’s initial coin offering opens on January 31st, under SEC guidelines as a security token, and it’s open to US, UK, Canadian, and other investors.

Further information can be obtained on their website.

A Mysterious Malware That Holds The Power To Critically Damage One’s Phone

It wouldn't be wrong to state that Hack forums isn't the most "world class"  or elite gathering of cybercriminals as many of  its members as of now appear to be relative novices, and furthermore it's probable that some post about hacking methods they've never really endeavoured. In spite of the fact that experts do state that with the current buyer showcase in cryptocurrencies, even the refined hacking groups are increasingly getting into undercover or in other words clandestine mining, and once in a while running such operations close by more customary and traditional  cybercrime like data theft and dissent of service attacks.

In the same way as many other people, the hackers on the message board Hack Forums are presently exchanging tips on the most proficient method to make profit with cryptocurrencies. Be that as it may, they're not simply hoping to purchase low and offer high they are only swapping approaches to surreptitiously tackle other people's phones and PCs to further generate digital coins for themselves.

A month ago, F5 networks, a Seattle security firm reported a "sophisticated multi-stage attack" hijacking networks of computers to mine cryptocurrencies.

The assailants have been known to utilize the vulnerabilities in common server softwares, combined with Windows exploits leaked from the National security Agency, to effortlessly infiltrate the victim's systems and migrate through their networking systems.

Despite the fact that it's difficult to know how much these current crypto jacking attacks have earned altogether, yet the addresses connected to the malware variations seemed to have gotten a sum of $68,500 in the cryptographic money (cryptocurrency) monero.

In any case, in the previous year, monero-mining malware has been spotted on an extensive variety of sites, mining the currency as people streamed videos from Showtime and Ultimate Fighting Championship or only browsed the web on compromised Wi-Fi systems at Starbucks cafes. Albeit, some program expansions have been found mining the currency while the users do other things, and monero-mining malware has as of late been spotted proliferating through links on Facebook Messenger also.

Hi @Starbucks@StarbucksAr did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer’s laptop? Feels a little off-brand... 

— Noah Dinkin (@imnoah) December 2, 2017

If you remember the IoT botnets, Mirai in the past, we’ve actually seen one variant this year which was mining monero coins on routers and hard disk recorders as well,” says Candid Wueest, principal threat researcher at Symantec and contributing author on a report the security company released on cryptojacking last month.

Creators of some monero-mining software argue that in-program (browser) mining can have a true blue use, letting people intentionally exchange computer power for access to articles, videos, or premium application features, when sites are looking past publicizing or advertising as an income and revenue stream. "I don't agree with anybody's computer being mishandled or abused without their insight," says Spagni, the monero core developer.

"However the technology that is being manhandled presents a completely new approach for monetizing a service on the web." He contends this could empower a "free" version of Netflix or provide another subsidizing stream for journalism.

Coinhive one of the most well-known web miners, even offers a mining-based captcha alternative, aimed at making it less attainable for spammers to play out specific activities on a website, and a version of the software called AuthedMine which requires the users to unequivocally opt in before mining begins. Makers of other mining tools put forth comparable expressions about user consent, maybe with changing degrees of sincerity.

Nevertheless a tool called Monero Quiet Excavator, available for $14, mines in the background on Windows PCs. It doesn't launch a visible window that users can recognize or detect as fast as possible, keeps the gadgets from going into sleep mode, and can "bypass firewalls," as indicated by its website. In any case, its developer states that it is intended just for "legitimate users". Those could incorporate individuals who possess various PCs and need to utilize them to mine monero "transparently for the end user or client of the PC"

Ripple passes Ethereum to become World’s Second-Largest Cryptocurrency

Ripple has overtaken Ethereum as world’s second-largest cryptocurrency. Its XRP token climbed more than 50% on Saturday.

In just 24 hours, Ripple rose to as much as $2.20.

Ripple has had one of the biggest growth amongst digital tokens this year, going from less than a cent ($0.006523) in January, to $2.24 on Saturday, which represents a surge of almost 350 times in value.

This could be because of the increase in interest by speculators, as is the case of most cryptocurrencies, but various experts claim that Ripple is worth looking into.

The advantage of ripple, according to its backers, is that it is not just a cryptocurrency but is also used as a digital protocol that acts as a bridge to other currencies and doesn’t discriminate against peers, whether they are using digital money, fiat currencies, or even mobile minutes.

Unlike bitcoin and other cryptocurrencies, Ripple follows a centralised system and its owners are known.

Tatkal Ticket Scam Uncovered, CBI Official Arrested

Ajay Garg, an assistant programmer at the Central Bureau of Investigation (CBI), has been arrested by his own agency for developing a software that exploits the vulnerabilities of the IRCTC railway ticketing system to book over 1000 Tatkal tickets at a time.

Ajay joined CBI in 2012 and had been working with IRCTC previously for five years (2007-2011).

Rather than reporting the vulnerabilities found by him, Garg instead used them for his own gain and amassed a huge wealth by making his software available to travel agents through his accomplice Anil Gupta, who can then easily book Tatkal tickets for clients for a fee using the software.

As seats are limited, by the time the users fill in their details, the Tatkal quota is already booked. So the users turn to travel agents who can book these tickets using the software. These tickets are genuine and the payments of the tickets go to the railways, according to officials.

However, in addition to the cost of the software, there is a charge on every ticket booked using the software, which is paid to Garg using a complex system of Indian and foreign servers, online masking, and cryptocurrencies like bitcoin.

“Use of such software is illegal as per rules and regulations of IRCTC and also under the Railways Act,” Abhishek Dayal, CBI spokesperson, said.

Garg and Gupta, along with 13 others including Garg’s family members and travel agents, have been arrested.

According to Dayal, the CBI has carried out searches at 14 locations in Delhi, Mumbai, and Jaunpur during which it recovered Rs 89.42 lakh in cash, gold jewellery valued at Rs 61.29 lakh, 15 laptops, 15 hard disks, 52 mobile phones, 24 SIM cards, 10 notebooks, 6 routers, 4 dongles, and 19 pen drives.

Both Garg and Gupta have been sent to a five-day CBI custody by a court.


Bitcoin Exchange Files for Bankruptcy After Being Hacked Again

Earlier this week, a major South Korean bitcoin exchange, Youbit, was hacked for the second time in less than 8 months. It has since filed for bankruptcy after releasing that the hackers had stolen 17% of its digital currency reserves.

The exchange trades ten virtual currencies, including bitcoin and ethereum.

Youbit says that the hackers had attacked its “hot-wallet”, which is an account kept online for holding crypto assets, and that its offline, cold-storage holdings are safe and still accessible, adding that all customers will be able to withdraw 75% of their assets once the bankruptcy proceedings are settled.

Allegedly, this attack is an addition to the series of cyberattacks in South Korea, all credited to North Korean hackers targeting the growing market of cryptocurrencies in South Korea.

This hack accentuates the growing concern in the market for the safety of digital currency and holdings.

While with traditional banking, people feel safe with their finances and there is less risk for the customers, cryptocurrencies are highly risky and are increasingly targeted by hackers.

South Korean Newspaper Reports North Korean Hackers Behind Attacks on Cryptocurrency Exchanges

Chosun Ilbo, a major South Korean newspaper, on Saturday reported that according to a South Korean spy agency, North Korean Hackers were behind the theft of about $6.99 million (7.6 billion won) worth of cryptocurrencies this year, which now amount to almost $82.7 million (90 billion won).

The report said that these attacks included the theft of cryptocurrencies from accounts at exchanges Yapizon (now called Youbit), and Coinis, in April and September.

According to the report by the newspaper, the leaks of the personal information of about 36,000 accounts from Bitthumb, a major cryptocurrency exchange, in June were also connected with North Korean hackers, as discovered by the country’s National Intelligence Service (NIS).

Again citing NIS, Chosun Ilbo also reported that these hackers had demanded around $5.5 million (6 billion won) in return for deleting the stolen information.

These hackers were also responsible for another attack on about 10 other exchanges in October which was stopped by Korea Internet Security Agency (KISA), as per the report.

The newspaper also reported that according to NIS, the malware used in the emails to hack the exchanges were made with a similar method to the one used in hacking Sony Pictures in 2014 and the Central Bank of Bangladesh in 2016 and that the email ids used in the attacks were also North Korean.