Search This Blog

Showing posts with label Bitcoin. Show all posts

Extortion Emails by Bogus DarkSide Gang Targets Energy and Food Industry

 

In bogus extortion emails sent to firms in the energy and food industries, threat actors impersonate the now-defunct DarkSide Ransomware campaign. The Darkside ransomware attack first hit business networks in August 2020, asking millions of dollars in exchange for a decryptor and a pledge not to reveal stolen data. 

Following the ransomware gang's attack on the Colonial Pipeline, the country's largest petroleum pipeline, the ransomware gang was thrown into the spotlight, with the US government and law enforcement focusing their attention on the group. Because of the heightened scrutiny from law officials, DarkSide abruptly shut down its operations in May for fear of being arrested. 

Trend Micro researchers reveal in a new analysis that a new extortion campaign began in June, with threat actors imitating the DarkSide ransomware group. "Several companies in the energy and food industry have recently received threatening emails supposedly from DarkSide," explains Trend Micro researcher Cedric Pernet. "In this email, the threat actor claims that they have successfully hacked the target's network and gained access to sensitive information, which will be disclosed publicly if a ransom of 100 bitcoins (BTC) is not paid." 

The email campaign began on June 4 and has been targeting a few targets every day since then. Threatening emails were sent to the generic email accounts of a few firms. For each target, the Bitcoin wallet at the bottom of the email is the same. None of the aforementioned wallets have received or sent any Bitcoin payments. There has been no actual attack linked to the emails, and no new targets have been discovered. 

The researchers discovered that the same attacker had filled contact forms on many companies' websites in addition to sending targeted emails to them. The content of the web forms was identical to the text of the emails. They were able to obtain the sender's IP address, 205[.]185[.]127[.]35, which is a Tor network exit node. 

The threat actor appears to be exclusively interested in the energy (oil, gas, and/or petroleum) and food businesses, based on the telemetry data; in fact, all of their targets are in these industries. The campaign had the most impact on Japan, followed by Australia, the United States, Argentina, Canada, and India. China, Colombia, Mexico, the Netherlands, Thailand, and the United Kingdom are among the other countries affected.

Cryptocurrency Addiction: Here's All You Need to Know!

 

Cryptocurrency addiction is defined as compulsive cryptocurrency trading and related behaviors that have negative implications in a person's life. Cryptocurrency addiction is a behavioral addiction that disrupts or destroys personal, familial, and leisure endeavors, similar to gambling addiction. 

Many of us enjoy the occasional wager or lottery flutter – but it only becomes a problem for roughly 9 people out of 1000. However, 70 persons out of 1000 engage in dangerous behavior that could become an issue in the future. 

Cryptocurrency traders, according to experts, exhibit the same behavioral addictions as problem gamblers. Although no data exist for the number of people addicted to cryptocurrency trading, Tony Marini, the lead counselor at Castle Craig Hospital in Peebles, said they are seeing an increasing number of people in Scotland. 

"This is the crack cocaine of gambling because it is so fast," he said. "It's 24/7. It's on your phone, your laptop, it's in your bedroom." In the last few years, the clinic has treated over 100 people with cryptocurrency addictions. People come to his door because of his constant availability and severe volatility, told Mr. Marini. 

"There are so many people out there that are trading cryptocurrency that is making money," he said. "And they're telling everyone that they're making money. We are not hearing from the people that are losing money."

Jake was a cryptocurrency trader who lost millions of pounds. He does not want his true identity revealed since he is still receiving treatment at one of the UK's few hospitals dedicated to patients who are addicted to betting on the value of the virtual currency. Jake originally purchased Bitcoin, the most widely used cryptocurrency, in 2015, but it wasn't until a major win a few years later that his trading became out of control.

"I can pinpoint the exact moment it became a problem," he said. "I had been eroding the sum I put aside, but I entered a trade, and I was willing to risk that last amount I had. I ended up making back pretty much everything I lost in a single trade. The feeling was one of absolute euphoria."

The market isn't the only thing that may go wrong. The technology that powers cryptocurrency is notoriously difficult, and if you're not vigilant, you could end yourself investing in a hoax.

DeFi100, a Crypto Project, Allegedly Scammed Investors of $32 Million

 

According to reports and tweets, DeFi100, a cryptocurrency project, allegedly defrauded investors out of $32 million (roughly Rs. 233 crores). The project has now released a denial of the allegations, but some skepticism appears to still exist. After a very distasteful message appeared on their website on Sunday, rumors of people behind the project fleeing with the money began to circulate. The message on the DeFi100 website read, "We scammed you guys, and you can't do **** about it." DeFi100 has since clarified that their website has been hacked and that the hackers had placed the post, which has since been removed.

“DeFi100 coin exit scams, and runs away with $32 million, and leaves a message for all of us. Feels like the summer of 2017,” tweeted Cryptokanoon, co-founder Kashif Raza. 

DeFi100 is a cryptocurrency similar to Bitcoin, Dogecoin, and Ethereum, among others. It is, however, much less well-known than the other well-known digital assets. The website was still down at the time of publishing. “Oops, looks like the page is lost. This is not a fault, just an accident that was not intentional,” is what it says now. 

On Sunday, the crypto project announced on its official Twitter account that it had not exited as previously thought. “Firstly, total supply of D100 at present is less than 4 million tokens. At the beginning of the project, total supply was 2.5 million tokens. Secondly, D100 was never a yield farming protocol, which was holding investors funds with TVL over 32 million,” it said in a tweet. 

“Thirdly, total tokens sold during IDO were 750,000 at $0.80 per token. These facts are available in public for checking their authenticity. The rumours of stealing $32 million are absolutely false and baseless," it added in the subsequent tweet. "We reiterate it again that we have not made any exit." 

Although the DeFi100 founders have stated that they did not defraud the investors, nothing can be said before the website is up and running again. The value of D100, DeFi100's native token, has dropped 25% in the last 24 hours to $0.08, according to a Coindesk article (roughly Rs. 6). 

The reports of DeFi100 developers defrauding their investors came just days after the FBI, the US's main law enforcement agency, announced that it had received a record 1 million complaints related to online scams and investment frauds in the previous 14 months.

DarkSide Affiliates Claim Gang's Bitcoin Deposit

 

Multiple associates have protested about not being charged for past services since the DarkSide ransomware operation was shut down a week ago, and have filed a petition for bitcoins in escrow on a hacker forum. Escrow systems are popular in Russian-language cybercriminal cultures to prevent scams between sellers and buyers. The deposit is a direct message from ransomware operations that they mean business. 

DarkSide is a ransomware vulnerability that has been active since at least August 2020, when it was used in a cyberattack against the Colonial Pipeline in Georgia, causing a significant fuel supply disruption along the US East Coast. The malware is distributed as a service to various cybercriminals through an affiliate scheme and, like other well-known ransomware threats, uses double extortion, combining file encryption with data theft, and is installed on compromised networks through manual hacking techniques. 

DarkSide deposited 22 bitcoins on the famous hacker forum XSS to gain the confidence of potential partners and expand the operation. The wallet is administered by the site's administrator, who also serves as a guarantor for the gang and an arbitrator in the event of a dispute. 

Many analysts believe the group used an escape scam to retain the ransom money they received from their network of affiliates. DarkSide operators, on the other hand, claim to have halted operations as a result of US government pressure following the assault on the Colonial Pipeline. 

Last year, the REvil ransomware deposited $1 million in Bitcoin to a separate hacking website in order to recruit new members. This action demonstrated that they trusted the forum administrator with the money and that there was plenty to be made. 

Researchers discovered a series of allegations made by members of a hacking forum who claimed to have played various roles in the DarkSide ransomware gang's operations. Some associates assisted in the pentesting of threats or organizational breaches. According to Elliptic, a blockchain research company, the Darkside ransomware gang has received over $90 million in ransom payments from its victims since October 2020. 

“In total, just over $90 million in Bitcoin ransom payments were made to DarkSide, originating from 47 distinct wallets.” reads the report published by the Elliptic. “According to DarkTracer, 99 organizations have been infected with the DarkSide malware – suggesting that approximately 47% of victims paid a ransom and that the average payment was $1.9 million.”

Bitcoin Sinks Below the $50,000 Mark

 

Bitcoin and other cryptocurrencies lost a lot of money on Friday when investors worried that US President Joe Biden's decision to lift capital gains taxes will discourage them from investing in digital assets. The selloff followed news that the Biden administration was considering a raft of tax reform proposals, including a measure to almost increase capital gains rates to 39.6% on those making more than $1 million.  

Bitcoin, the world's largest and most successful cryptocurrency, dropped 7% to $48,176, slipping below $50,000 for the first time since early March, while smaller rivals Ether and XRP both fell about 10%. Markets were jolted by the tax plans, forcing investors to book gains in stocks and other risk assets, which had soared in anticipation of a strong economic rebound. Investment gains levy rates are expected to rise to new highs. 

"Bitcoin headed South today after President Biden signalled that he wanted to raise capital gains tax in the US," said Jeffrey Halley, senior market analyst, Asia Pacific, at OANDA. "Now whether that happens or not, many Bitcoin investors are probably sitting on some substantial capital gains if they stayed the course over the past year." 
"I firmly believe that developed market regulation and/or taxation remain the crypto markets' Achilles Heel," he added. 

Bitcoin is set to lose 15% this week, but it is still up 65 percent from the beginning of the year. Ether fell more than 10% on the day to as low as $2,107 (roughly Rs. 1.5 lakhs), despite climbing to a new high of $2,645.97 the day before (roughly Rs. 2 lakhs). 

"I don't think Biden's taxes plans will have a big impact on Bitcoin," said Ruud Feltkamp, CEO at automated crypto trading bot Cryptohopper. "Bitcoin has only gone up for a long time, it is only natural to see a consolidation. Traders are simply cashing in on winnings." 

"There are reasons to believe the overall trend will remain bullish unless the price drops below $40k," said Ulrik Lykke, executive director at crypto hedge fund ARK36. "At the moment, we are not convinced that the trend will reverse into a bear market but we acknowledge it may take some time before the demand overtakes the supply again in the medium to short term."

Bitcoin Touches the Peak at $60,000 – Everything you Need to Know!

 

On Saturday 13 March, Bitcoin, the world's largest cryptocurrency, had gone up again, touching an all-time milestone. As per Coin Desk reports, it increased to $60,0,065, up from a preceding $58,330 peak on February 21, by more than 2 percent. At 12.34 GMT on 13th March, the digital monetary reached $60,197 and remained at around $60,000. "It increased almost 6% in the past 24 hours alone." On the other hand,  Ethereum was 4.7% higher at $2,173.63. 

Whereas the volatility has dropped in the crypto market following the six consecutive months of the double-digit returns on bitcoin (BTC). Experts believe that there are indications that the horizon is moving significantly. 

At first, Bitcoin reached heights of $30,000 and $40,000 in January for a couple of days. Bitcoin’s worth is over $1 trillion in circulation. It retreated to $43,000 just after the high of February 21, following uncertainties about stimulus prospects as well as its effect on the US bond returns. Later for seven days, stocks and cryptocurrencies experienced decline alongside lateral trade for weeks before re-starting. After swelling from below $1,000 in January to close to $ 20,000 in December, Bitcoin, which was launched back in 2009, hit the headlines again. 

On Saturday 13th, the record came after the huge $1.9 trillion stimulus bill signed on Thursday by US President Joe Biden. The bill would provide most Americans with a check payment of $1,400, assist the unemployed, increase public health, and raise money for vaccine programs. Kraken Intelligence reports that with April being the second most successful month on average, bitcoin could be expected to finish higher and thus to bind up for the longest winning streak since the start of the cryptocurrency. 

Historical information shows that both bitcoin and Ethereum generally achieve a positive return portion in the second quarter of the calendar year. Since 2011, BTC has, on aggregate, returned 256 percent in 2Q, while ETH, on average, returned 141 percent in 2016. 

Due to the $58,786 market price of bitcoin in the March-end, it is assumed that in the second quarter of 2021, the price will end at 256 percent higher, also it can be expected to trade around $209,000 from 1 July 2021. The world's largest crypto-currency will stand at approximately $82,000, based on an average 2nd-quarter return of 39.5%. 

In the meantime, throughout March, Bitcoin's steady upward trend led to a drop in volatility of almost 40% point a month to 63%, almost three months down. The absence of market uncertainty led to a 5 percent decrease in trade volumes and to an annual drop of about 255 billion dollars. 

It has been praised as 'digital gold' by Bitcoin proponents claiming that it will address the inflation risks posed by large central banks and government stimulus packages aimed at tackling the economic effects of the crisis from the pandemic of the Covid-19. Critics consider the rally to be just a stimulus-powered bubble that will soon explode in the same direction as during the boom period 2017-2018.

China and its Humongous Bitcoin Mining Industry has Severe Impact on the Global Climate

 

According to a new study in Nature Communications, electricity consumption and carbon emissions from bitcoin mining in China have accelerated speedily. These effects could weaken global sustainable practices without stricter regulations and policy changes. 

Bitcoin and other cryptocurrencies depend heavily on "blockchain" technology, a shared transaction database that requires confirmation and encryption of entries. Blockchain is a digital recording device that offers secure means for payments, pacts, and contracts to be documented and authenticated. But uniquely, the database is shared between a network of computers, and not in a place such as the conventional ledger book. Only a few users or hundreds and thousands of people can enter this network. However, the network is secured by people known as "miners," who use high-powered computers to check transactions. These computer systems consume huge quantities of electricity. 

Around 40% of China's Bitcoin mines are coal operated and the rest utilize renewable sources, according to the study. The coal power stations, however, are so large that Beijing's promise to peak carbon emissions by 2030 could be undermined and carbon neutralized by 2060, the study warned. 

With a simulated carbon emissions model, Dabo Guan, Shouyang Wang, and colleagues track carbon emissions streams from Bitcoin blockchain operations in China. Given recent developments in Bitcoin mining, it is estimated that this procedure will spike energy consumption at around 297 terawatt-hours by 2024 and generate approximately 130 million metric tons of carbon emissions. This exceeds the total annual emission volumes of greenhouse gas in entire mid-sized European countries, for example, Italy and the Czech Republic. 

In order to guarantee a stable supply from renewable sources it should concentrate on updating the power grid, said Wang. He further added that “Since energy prices in clean-energy regions of China are lower than that in coal-powered regions … miners would then have more incentives to move to regions with clean energy.” 

In the past year, Bitcoin's price rose five times and reached a record of $61,000 in March, presently it’s just below the mark of $60,000. Due to the available profits, Wang said carbon taxation isn’t sufficient to determiners. The research teams said the "attractive financial incentive of bitcoin mining" has triggered an arms race in the mining hardware industry. The price hike in Bitcoin was further driven by some renowned companies, including electric carmaker Tesla, implementing it as a method of payment. The Covid 19 pandemic also probably played a role, where more people shopped online and left physical currencies in their accounts.

More Businesses are Accepting Bitcoin

 

Bitcoin is turning into an undeniably well-known payment alternative among numerous organizations. Fast-food chains, large tech organizations, and major beverage organizations are accepting cryptocurrency.  

Bitcoin(₿) is a cryptocurrency created in 2008 by an obscure individual or group of people utilizing the name Satoshi Nakamoto. The currency began use in 2009 when its execution was released as open-source software. Bitcoin utilizes peer-to-peer technology to work with no central authority or banks; overseeing transactions and the issuing of bitcoins is completed on the whole by the network. Bitcoin is open-source; its design is public, no one owns or controls Bitcoin and everybody can take part. 

Its costs on the trading stock exchanges plunged around Thanksgiving a year ago – only to turn back the clock and set an unsurpassed high of $ 19,857 on November 30: a 177% increment since the beginning of the despicable year up 14% of the S&P 500, as Insider recently reported. Then, a month ago, the cryptocurrency hit an all-time high, with costs moving to $ 60,000. A quirk of the increment implied that two pizzas purchased by crypto legend Laszlo Hanyecz would have really been valued at $ 613 million. 

Restaurant Brands International is one of the world's biggest fast-food holding organizations. It is the parent organization of Burger King, Tim Hortons, and Popeyes. A year ago, Burger King Venezuela declared that it would begin accepting bitcoin and other cryptocurrencies. It has worked with Cryptobuyer, a platform that generates the conversion of cryptocurrencies into normal currency, Yahoo Finance reported. Yum Brands, which operates KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill, likewise accept cryptocurrencies. Yum Brands has additionally collaborated with CryptoBuyer to commence the launch of encrypted payment methods, according to Nasdaq. 

After briefly suspending acceptance of cryptocurrency as a legitimate payment method because of its volatility, Xbox accepts bitcoin payments for Xbox store credits. Coca-Cola Amatil is one of the world's biggest bottlers and distributors of non-alcoholic and ready-to-drink beverages in the Asia-Pacific area. A year ago, the organization declared in a press release that it was partnering with an online asset platform, Centrapay, to permit bitcoin as an official payment method.

$571 Million to be Paid over Bitcoin Scam

 

The Commodity Futures Trading Commission on 26th March 2021 declared that the U.S. District Court for the Southern District of New York entered a default judgment against Benjamin Reynolds, purportedly of Manchester, England, finding that he worked a fake plan to request bitcoin from members of the public and misappropriated customers of bitcoin. This case was brought in connection with the Division of Enforcement's Digital Assets Task Force. 

The Commodity Futures Trading Commission (CFTC) is an independent agency of the US government made in 1974, that controls the U.S. derivatives markets, which incorporates futures, swaps, and certain kinds of options. The expressed mission of the CFTC is to promote the integrity, strength, and energy of the U.S. derivatives markets through sound guidelines. After the financial crisis of 2007–08 and since 2010 with the Dodd-Frank Wall Street Reform and Consumer Protection Act, the CFTC has been changing to carry more transparency and sound regulation to the multi-trillion dollar swaps market. 

Between May 2017 and October 2017, Reynolds utilized a public site, different social media accounts, and email communications to request at least 22,190.542 bitcoin, esteemed at around $143 million at that point, from in excess of 1,000 clients around the world, including at least 169 people living in the U.S. 

In addition to other things, Reynolds dishonestly addressed to clients that Control-Finance exchanged their bitcoin deposits in virtual currency markets and utilized particular virtual currency dealers who created ensured trading benefits for all clients. He likewise developed a detailed affiliate marketing network that depended on deceitfully encouraging to pay outsized referral profits, rewards, and bonuses to urge clients to allude new clients to Control-Finance. Truth be told, Reynolds made no trades for clients' benefit, procured no trading benefits for them, and paid them no referral rewards or bonuses. While Reynolds addressed that he would return all bitcoin deposits to clients of Control-Finance by late October 2017, he never did and rather held the deposits for his very own utilization. Clients lost most of the entirety of their bitcoin deposits because of the scheme.

The court's March 2, 2021 order expects Reynolds to pay almost $143 million in compensation to defrauded clients and a civil monetary penalty of $429 million.

A 38-Year-Old Indian Professor, Lost Rs 10 Lakh to a Scammer in Cryptocurrency Trading

 

A Bengaluru-based 38-year-old professor new to the cryptocurrency world lost Rs 10 lakh in bitcoins to a scammer, who assured to manage his cryptocurrency account. This Palace Gutahalli resident and a private university lecturer brought a complaint on Saturday to the Central CEN Police. The incident took place on 22 February, after attempting to register to a cryptocurrency trading platform, as per the complainant.

“As he was unaware of how to handle cryptocurrency, he had visited certain groups on Telegram, where discussions on the same took place. As he (the victim) had doubts regarding how to use CoinSwitch Kuber, the trading platform, the hacker approached him promising to help in handling bitcoins to ensure high returns,” the police said. CoinSwitch Kuber is a simple and safe platform for Indian users, which allows them to purchase more than 100 cryptocurrencies, including Bitcoin, Ethereum, Ripple, etc. 

The victim posted a query on a Telegram group following failure to effectively add Rs 90,000 to his account. He also registered into a couple of crypto-currency rooms of the mobile app, Telegram – to understand the trade process and share their views. Later a scammer told the victim himself that he could manage the bitcoins that the latter purchased and make high returns from it. The alleged scammer pursued his credentials, including a one-time password (OTP), and then the Bitcoins worth Rs 10 lakh were transferred from the wallet of the victim to some other wallet in the following few minutes. 

In response to a complaint from the victim, a case was also registered by the Central CEN police, in compliance with the appropriate sections of the Information Technology and Indian Penal Code (IPC). A senior police officer said that this is their first-of-a-kind case and that they are examining how they want to verify. 

“We are exploring options on how to conduct the investigation. To begin with, we will approach CoinSwitch Kuber as there are no other regulators that can be communicated to take this forward,” the officer added. 

In response to the incident, CoinSwitch Kuber said in a statement: “It is unfortunate that one of our users has been subjected to fraud by a third party. We will cooperate with the investigating authorities and provide them all possible assistance. We request all our users to be extremely careful in handling their OTPs and account details.” 

Further, the company warned its users by stating that, the credentials are just as sacrosanct as the credentials of one's bank and therefore it should not be shared with any third party. Customers also need to note that CoinSwitch Kuber and its staff never demand for their login credentials.

A Crypto Mining Botnet is Abusing Bitcoin Blockchains

 

Security experts from Akamai have detected another botnet utilized for illegal cryptocurrency mining exercises that are abusing Bitcoin (BTC) transactions to remain under the radar. This procedure permits botnet operators to make their infrastructure resilient to takedown led by law enforcement. 

“A recent piece of malware from a known crypto mining botnet campaign has started leveraging Bitcoin blockchain transactions in order to hide its backup C2 IP address. It’s a simple, yet effective, way to defeat takedown attempts.” reads the post published by Akamai. “Recent infection attempts against Akamai SIRT’s custom honeypots uncovered an interesting means of obfuscating command and control (C2) infrastructure information. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.” 

The infection chain starts the exploitation of Remote Code Execution (RCE) vulnerabilities affecting Hadoop Yarn, Elasticsearch (CVE-2015-1427), and ThinkPHP (CVE-2019-9082). Botnet operators utilized Redis server scanners to discover installs that could be undermined to mine cryptocurrencies. The experts assessed that botnet operators have mined more than $30,000 in Monero in public pools since 2018. Experts distinguished various variations over time, using different techniques and tools. 

The more seasoned variants were utilizing a shell script to do the main functions, for example, disabling security features, killing off competing infections, establishing persistence, and in some cases, propagating within the compromised network. Newer variations of the shell script leverage binary payloads for handling more system interactions, like killing off competition, disabling security features, modifying SSH keys, downloading, and starting the miners. Botnet operators use cron jobs and rootkits to accomplish persistence and re-infect with the most recent rendition of the malware. 

In December 2020, the researchers found a BTC wallet address that was included in new variations of the miner, alongside a URL for a wallet-checking API and bash one-liners. The experts found that the wallet information was being fetched by the API and used to figure an IP address used to maintain persistence. By fetching addresses through the wallet API, botnet operators are able to obfuscate and backup configuration data on the blockchain. Experts noticed that by pushing a modest quantity of BTC into the wallet, operators can recuperate infected systems that have been orphaned.

Bitcoin Surpasses $50,000 Mark For The First Time Ever

 

The cost of Bitcoin on Tuesday hopped above $50,000, carrying its year-to-date gain to 74%. Ongoing interest from Wall Street institutions has added to the momentum. Bitcoin rose by as much as 4.9%, to $50,547.70. The cryptocurrency at that point pared gains slightly, exchanging at $48,853.99 as of 9 a.m. ET. After ending last year with a fourth-quarter surge of 170% to around $29,000, Bitcoin token leaped to $40,000 seven days after the fact. It took just nearly a month and a half to breach the latest threshold, buoyed by endorsements from the likes of Paul Tudor Jones, Stan Druckenmiller, and Elon Musk. Bitcoin exchanged for a few cents for quite a long while after its introduction more than a decade ago. 

Tesla Inc's. declaration that it added $1.5 billion in Bitcoin to its balance sheet was the most noticeable recent impetus, sending the cost up 16% on Feb. 8, the greatest one-day acquire since the Covid-19 inspired financial markets volatility in March. Optimism grew after Mastercard Inc. furthermore, Bank of New York Mellon Corp. moved to make it simpler for clients to utilize cryptocurrencies, while Bloomberg reported on Saturday that Morgan Stanley may add Bitcoin to its rundown of possible bets. 

Sustained interest from organizations decidedly affects Bitcoin's value, pushing it on an upward bend. In December of 2020, it touched an all-time high crossing $24,000 in valuation. This was a 224% expansion from where it began its excursion toward the start of the year. By the start of 2021, BTC had leaped to a $40,000 valuation. In the second seven-day stretch of May 2020 Bitcoin saw its third halving occurred since its inception, in this way getting a further drop in its assessed future supply, Sumit Gupta, CEO, and Co-Founder, CoinDCX said. 

The interest from huge players has upheld the narrative that institutional investors are increasingly interested in Bitcoin. This conviction has been a critical driver of the bewildering rally in the cost of Bitcoin. It has likewise helped other cryptocurrencies, for example, ether, the coin on the Ethereum network. Its cost was roughly flat on Tuesday, at $1,793, in the wake of hitting a record high above $1,870 over the course of the weekend.

Discord Cryptoscam: Scammers Lure Players to Fake Cryptocurrency Exchange Site

 

Experts at Kaspersky have issued a warning alarming that hackers are attacking Discord users, with a scam that focuses on counterfeit cryptocurrency transactions and using the bait of free Ethereum cryptocurrency or Bitcoins to steal user data and money. The cyber scam fools victims on cryptocurrency servers of Discord by sending users a message that looks like a legit ad of an upcoming trading platform that is doing cryptocurrency giveaway. The scammer then deploys social engineering techniques to generate sign-ups, as per the Kaspersky report.  

Experts believe that the ad offers such generous offers to get user interest, the offer depends on the message to message. However, the gist always remains the same, for instance, if the exchange will help the traders in dire times or is it just trying to lure new users. In this case, says Kaspersky, there'll be a lucky user who'd be chosen for the reward of free Ethereum cryptocurrency or Bitcoins. As we all know, the Discord platform was built solely for gamers, but various users, varying from study groups to cryptocurrency enthusiasts, use Discord's handy servers, channels, and private messages for communication. 

The user diversity becomes an easy target for hackers to scam. In this particular incident, the scammer first tried to send the victim a fake message with emojis and added details that contained a code to free cryptocurrency gifts. The message contained a malicious link that led the user to a fake cryptocurrency exchange domain. When the victim clicks the given link, he's redirected to a website (fake of course). The cryptocurrency exchange site has details like trading info, charts, and trading history (to make it look more genuine). 

"The attention to detail even extends to offering victims two-factor authentication to secure their accounts, plus antiphishing protection. Here, of course, the purpose is purely to add plausibility; the site’s true purpose is to transfer money from victim to criminal," reports Kaspersky. "The scammers claim to need a top-up — in our case, 0.02 BTC or an equivalent amount in Ethereum or US dollars. The scammers appear to be collecting a database to sell; many legitimate services, including financial ones," it further says.

DDoS Attacks increase by 154% in 2020 states Neustar

 

DDoS- Distributed Denial of Service is a cyber attack on a specific server or network. It attempts to disrupt the normal functioning of operations. DDoS attacks do all this by flooding the targeted network or server with constant traffic, such as fraudulent requests which overwhelm the system, causing a disruption or denial of service to legitimate traffic. 

In the past few years, the DDoS attacks have doubled showing a significant hike in the attempts by the attackers to threaten the victim of such attacks unless the required ransom is paid to them. Security analysts in Neustar (a global information services and technology company and leader in identity resolution) studied cyber threats and illegal activities and it was found that the number of DDoS attacks between 2019 and 2020 rose by 154 percent. The areas that took a major hit are financial services, telecommunications, and government departments. This figure indicates the rising number, frequency, and severity of cyber-attacks of network sort as remote operations moved companies and grew employee dependency on the internet.

DDoS attacks are emerging, even more frequently now. One important factor why the DDoS attacks have become more common is that even for low-level cybercriminals they are fairly easy to carry out. The rise in smaller DDoS attacks has been largely linked with the rising attack sophistication and intensity. 

Instead of relying on ransomwares or other viruses to take a network-related hostage, DDoS attackers literally threaten DDoS victims if the payment – usually requested in bitcoin –is not received in time. In order to convince the victim to pay, offenders frequently present an assessment of what could come with a short-lived DDoS attack. All that the DDoS attackers require is a botnet to flood traffic to target networks – which can be recruited at cheap underground forums.

"Organisations should avoid paying these ransoms. Instead, any attack should be reported to the nearest law enforcement field office, as the information may help identify the attackers and ultimately hold them accountable," said Michael Kaczmarek, vice president of security product management at Neustar. 

Yet amid warnings of going off-line, it is advised to refrain from reacting to the demands of cybercriminals, so that ransom-led DDoS attacks can be contained to some extent.

3 Unique Procedures to Counter Money Laundering in India

 

The main weapon used by money launders to launder cash is bitcoin and other cryptocurrencies alternatives. India’s cryptocurrency exchanges deployed their own KYC regulations and anti-money laundering protocols for users.

Nishal Shetty, CEO of India’s largest cryptocurrency exchange WazirX said we follow all the necessary protocols such as asking users for ID and address proof like Aadhar and PAN Card. Our platform also emphasizes that money must come from the concerned customers' bank account and not from the third party bank account.

Cryptocurrency exchanges use various procedures to conduct KYC, one such method is penny drop. Penny drop method helps in verifying the user’s personal information and bank details, for example, a token of 10 rupees is transferred to the user’s account to confirm bank account details. This method confirms the account holder’s name as registered with the bank, to the transferor.

Neeraj Khandelwal, co-founder of CoinDCX stated that “for corporate clients who are given higher trading limits, more documents like articles of association, board resolutions authorizing crypto investment, etc. are needed”.

Chainlink is one of the most familiar software among cryptocurrency exchanges which helps in identifying rogue addresses. Khandelwal further stated “we use a globally renowned crypto AML tool to check for blacklisted crypto addresses. If a legitimate user has got crypto from such an address, maybe through peer-to-peer and he or she wants to transact on our exchange, we ask for additional KYC such as source of funds and profession”.

Bitcoins and other cryptos are not held in bank or demat accounts contrary to other financial assets such as stocks, bonds, and FDs. The cold wallet is the method that can be used for holding on to the bitcoins and other cryptos, it is the hardware device or even paper that is not linked to the internet. Therefore, cold wallets cannot be easily seized by law enforcement authorities.

Bitcoin Scammers Tricked People by Using Elon Musk’s Name

 

Security researcher MalwareHunter team exposed a cryptocurrency scam through which scammers were targeting the users on Twitter, this scam was running in the name of TESLA CEO Elon Musk. Scammers were tricking people by hacking verified Twitter accounts and swapping the name to ‘Elon Musk’ and responding to the tweets of real Elon Musk.

The scammers were successful in tricking the users on Twitter by requesting them to send cryptocurrencies in exchange for collecting a huge amount later. The threat actors have managed to earn $587,000 in bitcoin through a scam promoting fake Elon Musk cryptocurrency giveaway.

MalwareHunter team stated that scammers hacked the inoperative accounts, “big % but not all. At least 2-3 was active within a few weeks to few days, of those one looked possible the last activities were not from the original owner but of course couldn’t verify”. This is not the first time that scammers have tricked Twitter users in the name of Elon Musk giveaway, in 2018 scammers successfully managed to earn $180,000 by running an Elon Musk giveaway promotion. 

Cybersecurity organization Adaptiv assembled the data in June 2020 which showed that Bitcoin scammers have managed to earn nearly $2million over a period of two months and no surprise, scammers have used the name of Elon Musk. Elon Musk gave concerning remarks on these scams in February 2020 by stating “the crypto scam level on Twitter is reaching new levels, this is not cool”.

Threat actors targeted the verified Twitter accounts and took advantage of Twitter’s new protocol as Twitter shut down the feature to verify an account in July due to the company was targeted by the scammers in a major cryptocurrency scam.

Worst Plunge Since March Shakes Faith in Bitcoin

 

Bitcoin ride took another twist on Monday, as the worst two-day tumble in the digital currency since March stirred up worry that the polarizing crypto-currency boom may run out of steam. Bitcoin slid as much as 21% over Sunday and Monday in the greatest two-day slide since March. While the digital token recuperated a portion of the misfortunes during the European meeting, it was still down for most of the time.

"Time to take some money off the table," Scott Minerd, chief investment officer with Guggenheim Investments, said in a tweet from his Twitter account. "Bitcoin's illustrative ascent is impractical in the near term." In late December, Minerd anticipated Bitcoin could at last reach $400,000. 

Bitcoin has more than quadrupled in the previous year, bringing out recollections of the 2017 mania that originally made cryptocurrencies a commonly recognized name before costs fell just as quickly. Costs nearly came to $42,000 on Jan. 8 with retail traders and Wall Street investors clamoring for a slice of the pie. 

"It's to be determined whether this is the beginning of a bigger correction, but we have now seen this parabola break so it may very well be," said Vijay Ayyar, head of business development with crypto exchange Luno in Singapore.

People who believe in Bitcoin contend the rally this time is not quite the same as past win fail cycles in light of the fact that the asset has matured with the passage of institutional investors and is progressively seen as authentic support against dollar weakness and inflation risk. Others stress that the rally is untethered from reason and powered by huge swathes of fiscal and monetary related boost, with Bitcoin improbable to actually fill in as a feasible currency alternative. 

"Putting resources into crypto assets, or investments and lending linked to them, for the most part, includes facing extremely high challenges with investor’s money," the Financial Conduct Authority said in a statement. The FCA's concerns incorporate price volatility, the multifaceted nature of items offered, and the absence of customer protection regulation around a significant number of the products. 

With such countless investors wanting to get rich on Bitcoin, the asset is drawing the attention of regulators. On Monday, the UK's financial watchdog gave a distinct admonition for consumers hoping to benefit from crypto: be prepared to lose everything.

Pavel Durov's team advised the Ministry of Finance of Ukraine on cryptocurrencies.

 The Minister of Digital Transformation Mikhail Fedorov said that his department is in contact with the team of the developer of the Telegram messenger Pavel Durov.

According to Fedorov, he is familiar with Durov's team. Employees of the Ministry of Digital Transformation received advice on bills related to virtual assets and cryptocurrency

"I know Durov's team. I know all its management, we communicate, consult even on bills related to cryptocurrency, virtual assets, and so on."

The Minister said that he actively uses the Telegram messenger for fast communications. However, the information exchanged by officials is protected as much as possible, and all documents pass through electronic document management.

"Of course, questions of national importance do not need to be sent in messengers, this is understandable," added Mikhail Fedorov.

Answering the question about which of the messengers is the safest for him, the head of the Ministry of Digital Transformation noted that he most often uses Telegram and WhatsApp.

Recall that on December 2, the Verkhovna Rada of Ukraine in the first reading adopted as a basis the draft law "On virtual assets" regulating operations with cryptocurrencies in the country. The bill classifies virtual assets (VA) as an intangible good.

The function of the market regulator is assigned to the Ministry of Digital Transformation, and in some cases to the National Bank and the National Commission on Securities and Stock Market.

According to experts, the daily volume of cryptocurrency transactions in Ukraine is about $150-200 million. One of the authors of the document, Deputy Oleksiy Zhmerenetsky, noted that the bill will allow cryptocurrency companies to pay taxes and allow specialized foreign firms to cooperate with Ukrainian banks and invest in the industry.

Ukraine did not follow the Russian path of banning virtual assets, because this market is a growth point for Ukraine's GDP and an opportunity to become one of the world's technology leaders. In addition, it makes no sense to prohibit something that is technically impossible to control, as we have already seen in the case of blocking Telegram in Russia.

Recall that Roskomnadzor has added the site of the Binance crypto exchange to the list of banned sites in Russia.

New Wave of Cryptocurrency Misappropriation, Hacking, Theft and Fraud Targeting Users Massively in 2020


Crypto criminals have ramped up cryptocurrency theft, hacking, and fraud by a significant margin in the year 2020. They have amassed a sum of $1.36 billion in ill-gotten crypto from January 2020 to May 2020, according to the blockchain analytics firm. The year 2020 is recorded being on the track to become the second-costliest year of all in the history of crypto; only behind 2019’s record of $4.5 billion. The largest contribution in the year’s ongoing standings came from Chinese scam ‘WOTOKEN’ that allegedly scammed more than 700,000 users and stole over $1 billion worth of cryptocurrencies – 46,000 bitcoin, 2.04 million ethereum, 56,000 bitcoin cash, 292,000 litecoin, and 684,000 EOS.

Cryptocurrency is a virtual or digital currency that uses cryptographical functions to make financial transactions. In order to gain transparency and immutability, it makes use of blockchain technology. It is decentralized in nature as there is no central authority controlling or interfering in the processes that include making cryptocurrency exchanges directly between two parties using private and public keys. Equating to money in the real-world it attracts a large possibility of cyber fraud.

On June 2, 2020, CipherTrace released its Cryptocurrency Crime and Anti-Money Laundering Report covering the global trends and latest developments to fight money laundering, terrorism financing, and sanctions evasion. It highlighted the need for regulation and compliance while reporting that 74% of bitcoin in exchange-to-exchange transactions was the cross border and 88% of funds sent to exchanges in 2019 by US Bitcoin ATMs were offshore. Researchers also noted that phishing sites are the most popular COVID-19 related products marketed on the dark web.

“While only 9.8% of the dark market’s one-hop (direct) interactions went directly to exchanges, 30.7% of its two-hop (once removed) interactions went to exchanges—more than tripling the risk exposure to exchanges,” the report read.

In addition, cryptocriminals are also employing several new malware to target cryptocurrencies, an undocumented Trojan called ‘KryptoCibule’ has been found targeting various cryptocurrencies by replacing wallet addresses and stealing cryptocurrency-related files. Previously reported P2P botnet, FritzFrog attempted to brute-force SSH servers of government, education and medical institutions, and telecom players, with an objective of mining cryptocurrency via XMRig miner. Over two weeks ago, a new botnet, dubbed as TeamTNT was observed stealing AWS credentials from affected servers.

With the old techniques being upgraded and the new ones being continually introduced to mine illicit financial gains, cryptocurrencies have become one of the most increasingly targeted areas at present. Users are advised to stay perceptive to indicatives of criminal behavior.

The Blue Mockingbird Malware Group Exploits Vulnerabilities in Organizations' Networks


Another notorious crypto-currency mining malware has surfaced which allegedly has been infecting the systems of countless organizations. The group with the control of operations goes by the code name of “Blue Mockingbird”.

The researchers who discovered it have reasons to believe that the Blue Mockingbird has been active since 2019’s last month. Per them, it also targets “public-facing servers” that run “ASP.NET” apps that use the “Telerik framework” for their User Interface (UI) aspect.

Reportedly, the vulnerability that the hackers exploit in the process is the “CVE-2019-18395” vulnerability which is then employed to embed a web shell on the target’s server. Per the same report, later on they employ a version of “the Juicy Potato technique” to obtain the admin-access and alter the server settings to get access to the “(re)boot persistence”.

After having obtained complete access to a system, sources mention, the malware group installs a version of XMRRig which is a famous crypto-currency mining application particularly for the “Monero (XMR)” crypto-currency.

As per reports, if the public-facing IIS servers are linked with a company’s internal network, the malware group has a probability of trying to expand internally through an improperly-secured Server Message Block (SMB) connections or Remote Desktop Protocol ((RDP).

The exact number of infections that the botnet has caused isn’t all too clear but if an estimate was to be made the operations include 1,000 infections at the least. There also doesn’t seem to be a way to find the intensity of the threat.

Not many organizations out of the ones that were being observed by the researchers have been hit with this particular threat. And over a really little amount of time that they were tracked the above-mentioned number of infections surfaced.

Nevertheless, all companies alike are susceptible to this attack, even the ones that think they are safe and the number of infections could be more than estimated.

As per sources, the Telerik UI component which is allegedly vulnerable is a part of ASP.NET applications that run on their latest versions, even then the Telerik component may have versions that are out-dated but harmful to organizations, nonetheless. This component could exist in the applications used by a company and they might not even know about it leaving them endangered.

The Telerik UI CVE-2019-18935 vulnerability, per reports, has been widely let known as the one that is employed to embed web shells on servers. Another mentioned that this vulnerability is the most exploited and organizations need to better their firewalls to fight it. If for some reason the organizations don’t happen to have a web firewall they could always look for warning precursors in the server and workstation, reports cite.