Search This Blog

Showing posts with label Crypto Currency. Show all posts

Worst Plunge Since March Shakes Faith in Bitcoin

 

Bitcoin ride took another twist on Monday, as the worst two-day tumble in the digital currency since March stirred up worry that the polarizing crypto-currency boom may run out of steam. Bitcoin slid as much as 21% over Sunday and Monday in the greatest two-day slide since March. While the digital token recuperated a portion of the misfortunes during the European meeting, it was still down for most of the time.

"Time to take some money off the table," Scott Minerd, chief investment officer with Guggenheim Investments, said in a tweet from his Twitter account. "Bitcoin's illustrative ascent is impractical in the near term." In late December, Minerd anticipated Bitcoin could at last reach $400,000. 

Bitcoin has more than quadrupled in the previous year, bringing out recollections of the 2017 mania that originally made cryptocurrencies a commonly recognized name before costs fell just as quickly. Costs nearly came to $42,000 on Jan. 8 with retail traders and Wall Street investors clamoring for a slice of the pie. 

"It's to be determined whether this is the beginning of a bigger correction, but we have now seen this parabola break so it may very well be," said Vijay Ayyar, head of business development with crypto exchange Luno in Singapore.

People who believe in Bitcoin contend the rally this time is not quite the same as past win fail cycles in light of the fact that the asset has matured with the passage of institutional investors and is progressively seen as authentic support against dollar weakness and inflation risk. Others stress that the rally is untethered from reason and powered by huge swathes of fiscal and monetary related boost, with Bitcoin improbable to actually fill in as a feasible currency alternative. 

"Putting resources into crypto assets, or investments and lending linked to them, for the most part, includes facing extremely high challenges with investor’s money," the Financial Conduct Authority said in a statement. The FCA's concerns incorporate price volatility, the multifaceted nature of items offered, and the absence of customer protection regulation around a significant number of the products. 

With such countless investors wanting to get rich on Bitcoin, the asset is drawing the attention of regulators. On Monday, the UK's financial watchdog gave a distinct admonition for consumers hoping to benefit from crypto: be prepared to lose everything.

New Self-Spreading Golang Worm Dropping XMRig Miner on Servers

 

Security researchers at Intezer have found a new self-spreading worm written in GoLang. The malware variant has been actively targeting both Windows and Linux servers, predominantly since December 2020. Researchers noted that the worm developed by China-based hackers attempts to mine Monero, an open-source cryptocurrency launched in 2014 which gained immense popularity and wide acceptance for its privacy-oriented features.
 
GoLang's rich library ecosystem makes it a top preference for malware developers, who can infiltrate the systems without being detected while working with GoLang's smooth malware creation process. The language makes it easier for hackers to bypass security as the malware written in GoLang is large-sized and scanning large files is beyond the capabilities of most of the antivirus software.

The 'GoLang' malware that has been dropping XMRig cryptocurrency miners on Windows and Linux servers, has worm-like capabilities that let it propagate itself to other systems through brute-forcing. 

The worm attacks application servers, non-HTTP services, and web application frameworks; it has targeted public-facing services rather than "the end-users". MySQL, Tomcat admin panel, and Jenkins are some of its latest victims. Besides, these public-facing services with weak passwords, the malware operators have also tried to compromise Oracle WebLogic Server by exploiting its remote code execution vulnerability – CVE-2020-14882, in an older variant.

Attack Execution 

The worm on the Command and Control (C&C) server was periodically updated by the operators, signifying the current "active" status of the malware. Once the target is being successfully compromised, the attack proceeds with deploying the loader script, a Golang binary worm, and an XMRig Miner – three files hosted on the aforesaid C&C server.

While giving insights into the matter, Chad Anderson, Senior Security Researcher at DomainTools said, “While it’s certainly alarming that there were no detections for this worm’s initial sample, that’s not surprising as Golang malware analysis tooling has still been playing a bit of catch up in the automation space,” 
 
“We would expect that with the rise in cryptocurrency prices over the last few weeks that actors looking to cash in for a few extra dollars would cause a surge in mining malware,” he further added. 
 
“The fact that the worm’s code is nearly identical for both its PE and ELF malware—and the ELF malware going undetected in VirusTotal—demonstrates that Linux threats are still flying under the radar for most security and detection platforms,” the report by Intezer read.

Crypto Trading App Voyager Hit By Cyberattack, Company Shuts Down Website

 

Cryptocurrency brokerage platform Voyager stopped its operations on 28th December after it suffered a  cyberattack that disrupted its DNS configuration. Voyager Digital LLC is a cryptocurrency is a brokerage platform where an investor can trade their assets with the help of the Voyager mobile app. The company has shown rapid growth in the year 2020, increasing its growth by 40x times in the last 12 months. Not only this, Voyager currently holds under management $200 million in assets. On 28th December, Voyager's online platform had to shut down due to, as per the press release "currently undergoing maintenance." 

The company later revealed that it had suffered a cyberattack which led to the closing and canceling of all limit orders. Steve Ehrlich, Co-founder, and CEO of Voyager said in a press release that "customer funds and security are of the utmost importance to Voyager. Whilst all funds and crypto are secure we have had to temporarily halt trading on the platform and we sincerely apologize for the inconvenience and thank our clients for their patience." 

The team at voyager had no trouble finding the intrusion, the moment it was detected, the team shut down the systems to save client information and assets.  After the cyberattack, the Voyager app is now online, and all the tradings on the website are now back to normal. To assure cybersecurity, Voyager signed out all its users from the app and has advised them to change their login credentials and reset 2-step verification (2fa). As of now, there is not much detail about how the cyberattack happened other than a tweet that mentioned that it was a DNS attack. 

"With a highly experienced team that has previously built successful online brokerages, we know the importance of having robust and highly secure systems to counter cyber attacks. With our rapid growth to date bringing the business into the spotlight, we are fully prepared for such events and in this case, have acted swiftly to prevent any impact on the business," says Voyager press release. 

First Deputy Chairman of the Bank of Russia: Blockchain is not a panacea, and cryptocurrency is not money


First Deputy Chairman of the Bank of Russia Olga Skorobogatova said that blockchain is perfect for letters of credit and guarantees because it solves the problem of trust. However, this is not a universal technology for all occasions.

According to her, many people overestimate the advantages and prospects of blockchain technologies. As negative aspects of cryptocurrencies, the banker noted their high level of volatility, lack of guarantees for saving investments, and the possibility of their use for money laundering and terrorist financing.

This position of the Central Bank of the Russian Federation was one of the reasons for the delay in the adoption of the bill on digital financial assets, which should become the main legislative act regulating the cryptocurrency industry. Recently it became known that the adoption of the law is being postponed due to the coronavirus pandemic.

Despite the rejection of cryptocurrencies, Olga Skorobogatova spoke positively about stablecoins.
“We believe that this is a more reliable type of crypto-assets since they are provided with real assets and give users certain guarantees,” she said, adding that in order to protect consumers, it is necessary to effectively regulate this sector at the global level.

The Central Bank is actively collaborating with other regulators regarding stablecoins and coins such as Libra. According to Skorobogatova, many Central Banks are actively studying the possibility of creating a national digital currency, and the Central Bank of the Russian Federation is no exception in this regard, but at this stage, the authorities have more questions than answers.
In particular, she does not yet see what real benefits the digital currencies of the Central Banks (CBDC) will bring to the economy, people and business.

It is worth noting that the beginning of the pandemic of coronavirus infection served as a kind of trigger for the introduction of remote voting. This was recently stated by the political party United Russia" For this purpose, an electronic voting system based on blockchain technology has been developed. Experts believe that this will reduce the negative effect of the quarantine regime, which has somehow slowed or stopped the political activities of most other parties, not only in Russia but also in the world.

The issue and circulation of cryptocurrencies will be banned in Russia


On March 16, a Representative of the Bank of Russia, Alexey Guznov, announced a possible ban on the issue and organization of cryptocurrency circulation in the territory of the Russian Federation. As noted in the bill on digital financial assets, the issue and circulation of cryptocurrencies in Russia carry an unjustified risk. The bill prohibits the issue and circulation of cryptocurrency in Russia and introduces responsibility for violating the ban.

Mister Guznov noted: "The position of the Bank of Russia remains unchanged. We believe that there are great risks when legalizing the circulation of cryptocurrencies." Risks arise for financial stability and the anti-money laundering system, and consumer protection will also suffer.
The Central Bank objected to legalizing cryptocurrency as a "tool" and an object of circulation, said mister Guznov.

Some experts suggested that cryptocurrency should be treated as a foreign currency and its issuance and circulation should be regulated in the same way.

The authorities replied that they did not intend to ban the ownership of the digital currency. The bill only prohibits the issuance and circulation of cryptocurrencies and introduces liability for violation of this ban.

It is absolutely impossible to ban cryptocurrencies and mining, said Yuri Brisov, a member of the Commission for the Legal Support of the Digital Economy. He is sure that such measures will become an obstacle to the development of the blockchain industry in the Russian Federation.

"The ban on mining and cryptocurrencies will lead to the complete decline of the blockchain industry. For this reason, all developed countries, although they understand the risks associated with money laundering, tax evasion, do not ban cryptocurrencies and mining; to ban today means to limit the potential for economic growth and technological development of their country," said Brisov.

It is important that legal regulation in Russia does not hinder the development of new technologies.
Earlier EhackingNews reported that Russian law enforcement agencies, together with the Ministry of Internal Affairs, to prepare proposals for the arrest of cryptocurrencies by 2021.

Recall that in 2018, President Vladimir Putin said that Russia should "carefully and cautiously" monitor the sphere of cryptocurrencies. At the same time, the position of the Central Bank of Russia was that electronic money can not be a means of payment.

Kaspersky Lab reports North Korean Hacker group Lazarus stealing cryptocurrencies using the Telegram messenger


A group of hackers calling themselves Lazarus modified their previous scheme to steal cryptocurrency which was used in 2018. Hackers use more effective tactics and act more carefully. According to Kaspersky Lab, now, not only users of the macOS operating system are at risk but also users of Windows.

Presumably, Lazarus hackers use malware that runs in memory and not on hard drives allowing it to remain undetected. The researchers believe that the group uses Telegram to spread the virus.

The new Lazarus attack was named Operation APpleJeus Sequel, which follows APpleJeus attack conducted in 2018. Principle of cryptocurrency theft remains the same as before: fake cryptocurrency companies are used to attract investors. The websites of these companies contain links to fraudulent

Telegram trading groups, through which malware that infects Windows computers is distributed.
Once the system is infected, attackers can gain remote access to it and steal the cryptocurrencies stored on the device. So far, researchers have been able to identify many victims of the new fraud across Europe and in China. A representative of Kaspersky Lab reports that it is known about the victims from Russia, China, Poland and the UK. At the same time, they include both individual traders and companies whose activities are related to cryptocurrency.

Kaspersky noted that currently, hackers from Lazarus have suspended their campaign using the messenger, but researchers suggested that in the future, attackers will use even more advanced methods.

Earlier, a closed UN report reported that North Korea finances the development of weapons through digital and Fiat currencies stolen from banks and cryptocurrency exchanges. Last fall, Group-IB said that a North Korean group of hackers stole $571 million in cryptocurrencies.

Upbit suffers $52M loss in a Cryptocurrency Heist


One of the globe's largest cryptocurrency transactions is being forced to cease account debits and credits when it was hit by a huge online theft worth $52M. UpBit, a South Korean cryptocurrency market, announced the provisional stay declaration on Wednesday accompanied by a letter from CEO Lee Seok-woo, Dunamu. "The heist took place on Wednesday in the afternoon. Around $50 million in Ethereum currency were sent from an UpBit account via an anonymous beneficiary," says Lee Seok-woo.


The victims of the robbery will have their damages satisfied by the firm, which has sent additional crypto-currencies into the firm's cool account for advanced safety. “It is expected that our company will take around 2 weeks more until the transaction gets active again. As soon as it is done, we'll inform the public,” stated Lee. UpBit’s toils are the newest in a lengthy series of victorious cyberattacks attacking cryptocurrencies markets in recent times. Other victims involve United States company Coinbase, which faced charges whopping $1million, Bitpoint, of Japan, that suffered $32million, Singapore firm Bitrue, that was stripped of $4.5million and Binance, whose headquarters are in Malta.

"The newest heist is a serious lesson to account holders concerning the value of working only on safe and secure exchanging forums," argues Peter Wood, CEO CoinBurp, a cryptocurrency exchange. He further continues, "it is especially critical in the case of cryptocurrency because it can't be traced virtually and, no regulatory authority is present to look over this problem." “But, possible account holders are ensured that they shouldn't be concerned as attacks like these have happened before. However, the individuals must examine the safety contracts and measures carefully while working on any cryptocurrency exchanging program,” says Lee Seok-woo.

At the beginning of this year, the United Nations accused North Korea of utilizing its increasing hacking abilities to attack crypto markets in an attempt to fulfill the country's treasures. North Korea is accused of storing $2 Billion from the cryptocurrency hacks. Upbit was originally started as a business among Bittrex and Dunamu, a South Korean app maker, that supports messenger colossal Kakao. Other cryptocurrency exchanges have warned their users about the heist.