Search This Blog

Showing posts with label Crypto Currency. Show all posts

Scammers in Russia Offer Free Bitcoin on a Hacked Government Website

 

The website of the Russian government was recently hacked. The fraudsters started a phoney Bitcoin (BTC) scheme, which they then re-published after being taken down several times. An unnamed gang of hackers began promoting the Free BTC Giveaway scam on the Ryazan administration's website, according to the local Russian news source Izvestia. 

Hackers had disputed the distribution of 0.025 BTC to everyone who installed the specified programme on their device in the aforementioned scam. In addition, the hackers added in the re-post that five lucky winners will each receive an extra $1,000. As of late, all messages, including the second post, have been removed. 

The Russian government has tightened its grip on all crypto-crime in the country. Last month, Russia's Federal Financial Monitoring Service in Moscow, known as Rosfinmonitoring, launched the latest cryptocurrency tracing system. This will deanonymize traders' identities by further analysing their actions and movements. The tracing system in Russia, according to Rosfinmonitoring, is focused on combating money laundering and terrorist funding rackets.

In 2021, the global volume of cryptocurrency-related fraud grew substantially. According to specialists from the IT security firm Zecurion, losses in the first half of this year were an estimated $1.5 billion, which is two to three times more than the sum recorded in the same period last year. According to a study released, the Russian Federation is responsible for 2% of the total — some $30 million, or over 2.2 billion rubles.

The Central Bank of Russia (CBR) said in July that in the first six months of the year, it had discovered 146 financial pyramid schemes. In comparison to the same period in 2020, the number is 1.5 times greater. According to the regulators, consumers with poor financial literacy are frequently duped into investment schemes involving cryptocurrency or crypto mining. According to the CBR, the increase is due to increased activity by "unfair market participants" and increased investment demand in Russia. 

The primary reasons for the increase, according to analysts, are consumers' increasing exposure to digital assets as well as a desire to earn rapid profits in a burgeoning industry with few rules amid instability in traditional financial markets. They also predict crypto fraud to continue to climb this year, with an annual increase of 15% expected.

Ukraine legalized cryptocurrency

The Verkhovna Rada of Ukraine adopted the bill "On virtual assets", which will legalize cryptocurrency and virtual hryvnia.

The bill on its legal use for settlement operations was supported by 276 deputies, six voted against, 71 deputies abstained. The document regulates the circulation of virtual assets in the country, which allows market participants to use banking services, pay taxes on income from "crypto", as well as receive legal protection in courts in case of violation of rights.

According to the Telegram channel of the Rada, the purpose of the law is a comprehensive regulation of relations arising during the circulation and conclusion of transactions with digital currency, as well as ensuring a unified approach to the organization of cryptocurrency trading.

Owners of cryptocurrencies will receive a number of benefits. Due to the fact that there will be a legislative regulation of this area, they will at least be able to protect their fortune in virtual assets if something happens.

They will also be able to legally exchange crypto assets, declare them. This process will be absolutely legal. In addition, it is expected that a whole market of intermediary services will appear for paying for goods with cryptoassets, their storage, exchange. This will expand the possibilities of their use.

The new law will make virtual assets an absolutely legal and familiar phenomenon for the authorities and society.

It should be noted that in September last year, the government of Ukraine stated that the country has the highest level of use of virtual assets by the population in the world.

Earlier, E Hacking News reported that, according to the First Deputy Chairman of the Bank of Russia, Blockchain is not a panacea, and cryptocurrency is not money. So, the Central Bank of Russia is not going to change its negative attitude to these assets.

El Salvador was the first country in the world to recognize bitcoin. The relevant law entered into force there on September 7. Now it will be possible to pay with cryptocurrency along with dollars.


SEC: Stay Vigilant Against Cryptocurrency Related Frauds

 

The U.S. Securities and Exchange Commission has released a new alert that fresh illegal schemes are targeting digital assets. 

According to security experts, individuals and organisations must be cautious against crypto-related frauds or other "get rich fast" schemes since social engineering attempts are rising. 

The SEC's Office of Investor Education and Advocacy and Division of Enforcement's Retail Strategy Task Force states in its advisory, "Fraudsters continue to exploit the increasing popularity of digital assets to entice investors into schemes, frequently leading to severe losses." 

Users should be wary of phishing or impersonation schemes that pretend to provide something innovative or cutting edge, according to the regulator. 

The SEC added, "If you are considering a digital asset-related investment, take the time to understand how the investment works and to evaluate its risks. Look for warning signs that it may be a scam." 

The SEC's advisory comes after the authority fined BitConnect, a now-defunct cryptocurrency network, with $2 billion in the alleged fraud. 

The SEC termed the scheme "one of the largest Bitcoin-related Ponzi-like schemes," stating that defendants stole almost $2 billion of investor funds using a platform - a "technology bot" - that promised extravagant profits. The cryptocurrency platform reportedly advertised itself in several countries using testimonial-style YouTube videos and other social media.

As per the SEC, BitConnect ran a pyramid scheme-style referral programme, paid investor withdrawals from incoming investor funds, and "did not trade investors' Bitcoin consistent with its representation". 

Furthermore, according to the US Department of Justice, BitConnect's major U.S. promoter, Glenn Arcaro, pleaded guilty to similar criminal charges last week. Officials say he faces up to 20 years in jail and must refund $24 million to investors gained from the scam. 

Suspicious Signs

According to the Securities and Exchange Commission, suspicious digital asset activities frequently: 
• Are unregistered/unlicensed vendors;
• Demonstrate representations of account values rising; 
• Sounds too good to be true, and it usually is; 
• Promote phoney testimonials since fraudsters frequently pay people to promote a product or service on social media or through video. 

Many security and blockchain researchers attribute these malicious practices and highly complex social engineering tactics or outright misleading advertising, contributing to bad or disastrous crypto investments. 

According to James McQuiggan, the Florida Cyber Alliance's education director and a security awareness advocate for the business KnowBe4, "Cybercriminals will always find emotional lures to exploit users through social engineering. Asking yourself the question, 'Is this too good to be true?' is the first step to determine if the organisation is worthwhile." 

Likewise, Julio Barragan, head of cryptocurrency intelligence at CipherTrace, warned about ongoing schemes in which victims are enticed by a convincing fraudster who sends them direct messages on social media or through a friend's hacked account promising big rewards. 

As per Neil Jones, a cybersecurity evangelist with Egnyte, "Significant change [in the space] will only occur when cryptocurrency platforms become subject to the same standardized IT requirements as traditional investment platforms, and when cryptocurrency exchanges no longer represent a safe haven for payments to ransomware attackers." 

Notwithstanding, Robinson stated, "There is no need for new crypto-specific regulation to handle [these events] since regulators are currently prosecuting these fraudsters under existing laws." According to him, US authorities have penalized over $2.5 billion in fines, primarily for fraud and unregistered securities offerings. 

But authorities like Sen. Elizabeth Warren, D-Mass., continue to push for extensive cryptocurrency regulation. Warren compared many cryptocurrency activities to "shadow banks" that lack standard investor safeguards in an interview with The New York Times on Sunday. 

SEC Chair Gary Gensler highlighted earlier remarks on impending cryptocurrency regulation last week, stating The Financial Times that digital assets must be safe and long-lived within a public policy framework. He also asked the congressional authority to minimize investment risks associated with virtual currencies.

Chimaera Toolkit Found on Thousands of Windows and Linux Systems Worldwide

 

AT&T's Alien Labs security branch has raised the alarm about a TeamTNT malware campaign that has gone almost totally undiscovered by anti-virus systems and is converting target machines into bitcoin miners, according to the company. TeamTNT, dubbed "one of the most active threat organizations since 2020" by Alien Labs researcher Ofer Caspi, is notorious for its exploitation - and misuse - of open-source security tools for anything from identifying susceptible targets to dumping remote-control shells. 

Last year, TeamTNT was discovered and linked to bitcoin mining malware being installed on susceptible Docker containers. Trend Micro discovered that the organization tries to steal AWS credentials in order to spread to other servers, while Cado Security discovered TeamTNT targeting Kubernetes installations more recently. 

The port scanner Masscan, libprocesshider software for running the TeamTNT bot from memory, 7z for file decompression, the b374k shell php panel for system control, and Lazagne are among TeamTNT's open-source tools. 

Palo Alto Networks' Unit 42 found Chimaera, a software repository that "highlights the expanding scope of TeamTNT operations within cloud environments as well as a target set for current and future operations," according to the company.

Now, AT&T's Alien Labs has shed additional light on Chimaera, claiming that it has been in use since July and is "responsible for thousands of infections globally" across Windows, Linux, AWS, Docker, and Kubernetes targets, all while eluding detection by anti-virus and anti-malware programmes. 

The usage of Lazagne, an open-source application developed with one goal in mind: collecting credentials from major browsers, is a significant element of the Chimaera toolkit. Another programme tries to find and exfiltrate Amazon Web Services (AWS) credentials, while an IRC bot serves as a command and control server.

"In this case, most of the used files that are placed on disk at some point lack a clear malicious purpose by themselves," Caspi told of the reason the malware could go undetected for so long. "The malicious processes injected into memory without touching the disk are harder to identify if they don't share indicators with previous malicious activity or perform any clearly malevolent activity." 

TeamTNT's primary objective is to mine Monero, a privacy-focused cryptocurrency, on victim hardware rather than harvesting credentials. "Mining cryptocurrency has always been TeamTNT's major goal," Caspi stated.

As Crypto Exchange Attacks Surge Users Must Protect Their Crypto Wallets



As cryptocurrency goes from being an academic concept to becoming a type of transaction that has the potential to significantly reduce cyber fraud, cryptocurrency crimes have seen a likewise rise with cybercriminals targeting cryptocurrency exchanges and crypto-wallets. 

Despite the global pandemic wreaking havoc on economies, cryptocurrency has continued to grow, leading to a rise in the number of crypto exchanges worldwide. Subsequently, several top crypto companies in the Bay area were seen investing in Indian exchanges as well. 

While cryptocurrencies are particularly secure, crypto exchanges are susceptible to a number of vulnerabilities as they remain largely unregulated. It has resulted in exchanges being hacked every year in large numbers. The sudden surge in the popularity of cryptocurrency has meant investments by many amateur investors who didn't take time to fully understand how the crypto scene works. The lack of knowledge has been rampantly exploited by threat actors who saw it as a chance to scam and exploit crypto space. 

Throughout 2020, attacks linked to Blockchain alone accounted for nearly a third of all time attacks targeted at blockchain. Reportedly, the total monetary losses in a total of 122 attacks were almost $3.78 billion. Ethereum (ETH) DApps were the most often targeted – costing users nearly $436.36 million in 2020 alone. There were 47 successful attacks aimed at decentralized applications based on the Ethereum smart contract. 

New-Zealand-based, Cryptopia exchange was breached in 2019 as hackers managed to siphon $11 million worth of funds from the exchange. Following the security breach, the exchange went dark citing an announcement that read: “We are experiencing an unscheduled maintenance, we are working to resume the services as soon as possible. We will keep you updated.” 

Altsbit, an Italian crypto exchange, lost $70,000 in a hack within a few months of being around. The exchange announced that it will refund the affected users and will terminate its services in May 2020. “We will refund whatever we are holding on cold storage to users and then the platform will close down, ” the company stated in an email to Cointelegraph. Though it remained unclear how the hackers pulled off the attack, reports stated that the cybercrime group 'Lulzsec' was behind the hack. 

UPbit, a popular South Korean cryptocurrency exchange lost approximately $45 million (342,000 ETH) in a 2019 crypto theft. It went on to become the seventh-largest crypto exchange hack of the year. 

Liquid Global, a Japanese crypto exchange reported suffering a massive hacking incident, which resulted in the loss of digital assets worth $97 million. It included Bitcoin, Ethereum, XRP, and stablecoins. Liquid claimed that the attacker targeted a Multi-Party Computation wallet (an advanced cryptographic technique). 

In order to stay ahead of the crypto hackers, a few ways to secure your cryptocurrency are: ensuring the security of the Internet, using a cold wallet, changing passwords at regular periods, maintaining multiple wallets, staying wary of phishing attacks, and securing your personal device.

US Government Comes Up With A Plan to Restrict Cyberattacks

 

Ransomware attacks are at an all time high in the United States, hackers are disrupting computer systems administering crucial infrastructure and refuse to give access until the ransom is paid, generally in Bitcoin or other hard to track crypto currency (decentralised). Earlier this year, hackers cracked down one of the biggest agencies in US (Colonial Pipeline). 

In June 2021, hackers attacked a meat processing industry to shutdown nine beef plants. Cyberattacks on smaller organizations that include Baltimore City Government, Steamship Authority of Massachusetts, which get low attention, but hint towards a general scenerio of ransomware cybercrime. New York Times reports "The United States should also prohibit transactions with the American banking system by foreign banks that do not impose stricter regulations on cryptocurrency. Because access to the American financial market is vitally important to foreign banks, they, too, would have a strong incentive to comply." 

Biden government took some restrictive measures to limit the impact of these attacks. An executive order made Federal government to outline a plan for the issue. In a meeting held last week, President Biden requested leaders of Google, Apple and other organisations to come up with a plan for dealing with these attacks. However, this doesn't solve the issue root problem. Ransomware attacks happen because of monetary benefits. If it becomes hard for criminals to make profit out of these attacks, maybe they will decrease. By handling crypto currency with aggressive measures, government can limit its use for illegal purposes in anonymous payments. 

In case of ransomware attacks, hackers can seize a company's resources and assets, demand ransom safely, which lowers the risk factors. The U.S government can take some preventive measures, first being enforcement of regulations for crypto currency industry equal to regulate the traditional government industry. "Cryptocurrency exchanges, “kiosks” and trading “desks” are not complying with laws that target money laundering, financing of terrorism and suspicious-activity reporting, according to a recent report from the Institute for Security and Technology. Those laws ought to be enforced equally in the digital domain," reports the New York Times

Eastern Europe is a Hotspot for Illegal Cryptocurrency Trading

 

According to a new study, Eastern Europe is a hub for illicit cryptocurrency operations. According to Chainalysis data published on Wednesday, Eastern European cryptocurrency addresses contributed $815 million to investment ponzi scams that attract customers with false promises of large returns between June 2020 and July 2021. Ukraine, in particular, provided a large amount of traffic to fraud websites in the region, outnumbering the United States by about 20 million visits.

Eastern Europe is the region that sends the most cryptocurrency to darknet markets. This is attributable in great part to activities at Hydra Market. Hydra is the largest darknet market in the world, although it mainly serves Russian-speaking users in Eastern Europe. 

Finiko, a scam, received half of the money sent to the region. Finiko was a Ponzi scheme established in Russia that collapsed in July 2021, shortly after participants reported being unable to withdraw payments from their accounts. Finiko encouraged customers to invest with Bitcoin or Tether, promising monthly profits of up to 30%, and then established its own cryptocurrency that was sold on various platforms. 

Finiko was led by Kirill Doronin, a popular Instagram influencer who has been linked to numerous Ponzi scams, according to the Moscow Times. Finiko received approximately $1.5 billion in Bitcoin in over 800,000 distinct donations between December 2019 and August 2021.

While Eastern Europe is primarily thought of as a recipient of illicit cryptocurrency funds, the research points out that due to the region's economic instability, it is also home to an increasing number of victims. Scam payments outperformed all kinds of crime in Eastern Europe, as well as every other region analyzed by Chainalysis, despite the constant rise in ransomware assaults. 

Eastern Europe came in second place in terms of ransomware funds received, at $46 million. However, due to overlap in services, some of the $51 million in activity attributed to Western Europe could be credited to Eastern Europe, according to researchers. 

Cryptocurrency scams have also grown in popularity in the United States, which came in third in terms of scam payments after Eastern and Western Europe. Despite this, the firm discovered that fraudsters have amassed tens of millions of dollars in cryptocurrency ransomware payments.

Hacker Rewarded With $500,000 and a CSA Job by Poly Network

 

Lately, it has been a turbulence-filled time for Poly Networks. The company creates software to handle the exchange between different blockchains for cryptocurrencies and other commodities. 

The company announced last week, by leveraging its security weaknesses, that a fraudster took hundreds of millions of dollars off its network in digital tokens, worth $600 million (roughly Rs 4,462 crores). But the same company has offered a Chief Security Advisor job role plus a sum of $500,000 to the crypto hacker involved in the heist that reaped over $600 million (roughly Rs 4,462 crores) last week. 

The criminal has started handing back digital money – and at least $260m of tokens were repaid after Poly Network encouraged netizens, crypto-exchanges, and miners to disallow the transactions containing the wallet credentials of the criminal. The business claimed that they have maintained communication with the suspect, known as Mr. White Hat. 

It is believed to be the biggest crypto theft ever, overtaking the US$534.8 million in digital coins seized from the Japanese exchange Coincheck during a cyberattack in 2018 and the approximated $450 million bitcoin crypto theft from Tokyo exchange Mt. Gox in 2014. 

"It is important to reiterate that Poly Network has no intention of holding Mr. White Hat legally responsible, as we are confident that Mr. White Hat will promptly return full control of the assets to Poly Network and its users," the organization said. "While there were certain misunderstandings in the beginning due to poor communication channels, we now understand Mr. White Hat’s vision for Defi and the crypto world, which is in line with Poly Network’s ambitions from the very beginning — to provide interoperability for ledgers in Web 3.0." 

As a bug bounty prize on Ethereum Poly Network awarded him $500,000. However, he stated that he wouldn't accept the money, yet the awarded money was sent to his wallet. Additionally, the firm has advanced one step further and offered him the Chief Security Advisor position in their firm. 

Nevertheless, the business stated it completely acknowledges the intentions of Mr. White Hat to deny the cash and transfer it to people who strive to enhance the technology of Blockchain. “We will still transfer this $500,000 bounty to a wallet address approved by Mr. White Hat so that he can use it for the cause of cybersecurity,” Poly Network added. 

It is not known if the so-called Mr. White Hat will accept the employment offer or not. It doesn't appear probable right now, making judgments on the messages included in Ethereum transactions made between the two parties. He is still yet to give up $238 million to their knowledge, though he says he is not prepared to give the keys back to the wallet that stores the cash. He also stated earlier that Poly Network was targeted for fun and that its programming was fragile. 

“We are counting on more experts like Mr. White Hat to be involved in the future development of Poly Network since we believe that we share the vision to build a secure and robust distributed system,” it said in a statement. “Also, to extend our thanks and encourage Mr. White Hat to continue contributing to security advancement in the blockchain world together with Poly Network, we cordially invite Mr. White Hat to be the Chief Security Advisor of Poly Network.”

The Hacker Behind the Biggest Crypto Heist is Refusing to Return the Remaining Funds

 

The Poly Network attack took place two weeks ago, but the narrative is far from finished. Mr. White Hat, an unknown hacker, was able to extract $614 million in cryptocurrencies, according to the Poly Network team. They are now declining to assist and delaying the Poly Network team after returning a portion of the cash. 

The hack is regarded as the largest crypto theft to date, and the Poly Network team appears to have fewer options other than to ask the hacker to restore the stolen funds peacefully. The attacker/ attackers are interacting with the Poly Network team via the Ethereum blockchain's transaction data field. The unknown hacker is known as "Poly Network Exploiter 1," as per blockchain-tracking service Etherscan. 

“Your essays are very convincing while your actions are showing your distrust, what a funny game. You don’t [sic] even think to unlock my USDT account,” Poly Network Exploiter 1 wrote on the Ethereum blockchain. 

The attacker is referencing a USDT account with $33 million in stablecoins. The funds have been frozen by Tether, which irritates the offender. The hacker's conversation suggests that he has no issues with keeping the stolen money for an undetermined period. 

The Poly Network team replied, "We still hope you can provide the key to us this week because thousands of people are eager to get their assets back." 

In the response, Poly Network Exploiter 1 replied, “I am not ready to publish the key in this week [sic]… Here is one thing that you can always trust me: [sic] Holding BTC and ETH is better than trading them.” 

On August 10, the Poly Network was hacked, and the intruder returned $256 million worth of coins the next day. As a gesture of cooperation, the hacker produced a token labeled 'The hacker is ready to surrender' and sent it to the assigned Polygon address. 

The Poly Network team has given a $500,000 bounty for identifying the exploit to make things easier for the attacker. It is willing to pay 160 ETH ($500,000) to the hacker's address, a gesture that the hacker has turned down. The attacker has also been given the opportunity to become a consultant for the DeFi initiative (decentralized finance). 

Mr. White Hat, as the hacker is called by Poly Network, is a reference to ethical hackers that look for flaws and assist organizations to patch them. It's unclear why the hacker is preventing the final part of assets from being accessed. Poly Network is in charge of roughly $330 million in stolen funds, while Tether, a stablecoin operator, has frozen $33 million pending legal action. Because the blockchain is transparent, putting every transaction data out in the open, hackers find it difficult to get away from their crime or encash it, according to Chainalysis. 

The company mentioned in its report, "With the inherent transparency of blockchains and the eyes of an entire industry on you, how could any cryptocurrency hacker expect to escape with a large cache of stolen funds?" 

"In most cases, the best they could hope for would be to evade capture as the funds sit frozen in a blacklisted private wallet." 

It's hard to determine whether the hacker was attempting an ethical assault or committing a heist. The underlying reason, however, does not appear to be a concern for the Poly Network team at this time. 

As the pressure from thousands of victims grows, recovering the stolen funds is a prime concern. The attack serves as a reminder to governments and authorities that cryptocurrency legislation must be taken seriously. There is currently near to zero accountability, posing a significant danger to the future of DeFi. 

“Regardless of their intentions, we’re of the belief that this sort of publicity stunt hurts the perception of the virtual asset economy in the eyes of the public,” said AnChain.AI founder and CEO Victor Fang. 

DeFi-related thefts are on the upsurge, the first seven months of the year represented 54% of overall crypto fraud volume, compared to 3% for the entire year last year, according to CipherTrace.

Google Play is Infested with Fake Crypto Mining Apps

 

Google has deleted eight bogus mobile apps from the Play Store that pretend to be bitcoin cloud-mining apps but are actually designed to trick users into paying for pricey subscription services and engaging in other unlawful acts. Although they may have been removed, Trend Micro researchers discovered that when searching Google Play for the keywords "cloud mining," several problematic applications of the same sort remain. 

“Cloud mining introduces both convenience and cybersecurity risks. Because of the simplicity and agility of cloud computing, it is quick and easy to set up a realistic-looking crypto mining service that is really a scam,” said Ioannis Gasparis, a mobile application security researcher at Lookout, in a report released in July. 

These phoney Android apps target those who want to make money online by persuading them to invest in a cloud-mining company. All eight recently removed apps were found to be infected with one of two malwares: FakeMinerPay and FakeMinerAd. 

“These apps were able to fly under the radar because they don’t actually do anything malicious,” said Ioannis Gasparis. “They are simply shells set up to attract users caught up in the cryptocurrency craze and collect money for services that don’t exist. Purchasing goods or services online always requires a certain degree of trust — these scams prove that cryptocurrency is no exception.”

According to Cifer Fang, a researcher at Trend Micro, these malicious apps merely fool victims into watching adverts, make them pay for subscription services with an average monthly charge of $15, and also encourage them to pay for greater mining capabilities without getting anything in return. 

According to Trend Micro's findings, the apps don't actually mine anything; instead, "fake mining activity on the apps' user interface (UI) is carried out via a local mining simulation module that comprises a counter and certain random operations."

“The app called Daily Bitcoin Rewards – Cloud Based Mining System prompts its users to upgrade their crypto-mining capacity by ‘buying’ their favorite mining machines to earn more coins at a faster rate,” Fang noted. 

Two of the phoney crypto mining apps (Bitcoin [BTC] – Pool Mining Cloud Wallet and Bitcoin 2021), according to Trend Micro's analysis, bombarded their users with adverts with the primary purpose of enticing victims to click.

Cyber Criminals Using a New Darknet Tool to Escape Detection

 

There has been an ongoing war between criminals and authorities in cyberspace for years. Although cryptocurrencies are anonymous in nature, new techniques for tracking funds around the cryptocurrency blockchain have led to the arrest of dozens of cyber-criminals in the previous two years. 

But recently a new website has surfaced on the darknet that allows criminals to assess how "clean" their digital currencies are. 

Dr. Tom Robinson, chief scientist and founder at analysis provider Elliptic, who discovered the website explained, "We're seeing criminals start to fight back against blockchain analytics and this service is a first." 

"It's called Antinalysis and criminals are now able to check their own Bitcoin wallets and see whether any association with criminal activity could be flagged by authorities." 

According to Elliptic, the finding demonstrates how complex cybercrime networks are becoming and how concerned criminals are about being detected. 

"It's a very valuable technique. If your funds are tainted, you can then do more laundering and try to remove that association with a criminal activity until you have clean coins," he said. 

According to Dr. Robinson, this new trend is concerning that could make their work and law enforcement difficult. However, as per the researchers who examined it, the service isn't functioning very well right now. 

"It actually wasn't very good at identifying links to criminal sites. However, it will inevitably improve over time. So I think this is going to be a significant capability for criminals and money launderers in the future." 

Authorities all across the world, including China, the United Arab Emirates, and the United Kingdom, are attempting to address the rising problem of money laundering using cryptocurrencies. Cryptocurrency monitoring has resulted in several high-profile arrests, such as US teenager Graham Ivan Clark, who is presently in prison for plotting one of the largest-ever social media hacks. 

Last year, on July 15, Clark hacked into the accounts of dozens of celebrities, including Kim Kardashian, Elon Musk, Bill Gates, and Joe Biden, on Twitter.

"Everyone is asking me to give back," Mr. Gates stated in a tweet purportedly sent from his account. "You send $1,000, and I send you $2,000 back." After that, Clark and his hacking team tweeted an ad for a cryptocurrency fraud, which resulted in hundreds of transfers from people wanting to profit from the fraudulent giveaway. 

Clark gained more than $100,000 (£72,000) in only a few hours and began the process of transferring the money around to cover his tracks. He is now 18 years old, pleaded guilty, and is currently serving a three-year sentence in a Florida jail. 

The growing usage of so-called privacy coins is another trend that authorities are concerned about. Cryptocurrencies like Monero, for example, provide more secrecy than popular coins like Bitcoin. 

Hackers are now urging victims to pay with these currencies in return for a discount in some extortion incidents. This is a trend that is yet to completely take off, and Kim Grauer, director of research at bitcoin monitoring firm Chainalysis, believes that this technique offers disadvantages for criminals. 

"Privacy coins haven't been adopted to the extent that one may expect. The primary reason is they aren't as liquid as Bitcoin and other cryptocurrencies. Cryptocurrency is only useful if you can buy and sell goods and services or cash out into mainstream money, and that is much more difficult with privacy coins."

Swedish Crypto Scammer Jailed for 15 Years in Gold-Backed Fraud

 

A citizen of Sweden was sentenced to 15 years in prison for manipulating a cryptocurrency scam claiming to pay investors based on the value of gold reserves.

Roger Nils-Jonas Karlsson, 47, and his firm, Eastern Metal Securities (EMS), were charged with a securities fraud, wire fraud, and money laundering in March this year after being prosecuted in the United States following his arrest in Thailand in 2019. Later, he was extradited. 

Karlsson claimed to operate an investment service based on cryptocurrency and investors who participated in EMS from 2012 to 2019 were offered a plan to buy stocks for less than $100 and ultimately realize a return equivalent to 1.15 kilograms of gold. In 2019, 1.15 kg of gold was worth more than $45,000. Today, its worth could be over $58,000.

To participate in the scheme, investors were asked to buy shares through cryptocurrencies: Bitcoin (BTC) and Ethereum (ETH). Moreover, merchants had been instructed that in case of the ‘unlikely’ occasion wherein the shares fail to attain their promised worth, participants would have 97% of their initial investment returned.

Karlsson ensured that EMS remained functional for the longest possible duration, he did so via frequent rebranding and issuing updates offering asset statements. Additionally, he misleadingly argued that paying out an unlimited sum all of sudden, would have a damaging impact on international monetary methods, and the company worked with the US Securities and Exchange Commission (SEC) to explain payment delays.

However, as is commonly the case with extreme return on investment, the promise was too good to be true. Investors found no profit, and instead, Carlson, who also used online aliases such as Steve Hayden, Euclid Deodoris, and Joshua Millard, sucked up cryptocurrencies and used the money to buy properties and a resort in Thailand. US prosecutors estimate that investors have been fooled for more than $16 million.

"Karlsson admitted he had no way to pay off the investors. Karlsson's fraud targeted financially insecure investors, causing severe financial hardship for many of them,” the US Department of Justice (DoJ) said.

In addition to the 15-year sentence, Karlsson has been ordered to forfeit the resort in Thailand, different properties, accounts, and has obtained a financial judgment of $16,263,820. Prosecutors also hope to secure restitution for past EMS investors and an order is expected in court within 90 days. 

Thousands of PS4s Seized, Employed in Mining Cryptocurrency Illegally

 

In Vinnytsia city located along the Southern Bug river, a large-scale electricity theft was revealed and recorded by the SBU. In one of the JSC Vinnytsiaoblenerho's old premises, the culprits mined cryptocurrency illegally. Nearly 5000 computers were confiscated by Ukrainian law enforcement. This underground crypto farm is the largest. 

SBU officials found that in the JSC Vinnytsiaoblenerho's abandoned warehouse in the industrial park of the facility the citizens of Kyiv and Vinnytsia towns established illegal crypto-farm. 

The criminals stole JSC Vinnytsiaoblenerho's electricity for mining. They exploited electricity meters to cover up their actions that showed no real consumption of energy. 

After being found in an abandoned warehouse, operated illegally for bitcoin, thousands of PlayStation 4 Gaming systems have been confiscated. 

There were approximately 3,800 game consoles, which were trimmed together and housed on metal racks, with more than 500 graphics cards and 50 processors. The hardware was supposed to make it easier to extract cryptocurrencies while those who are presumably responsible stole the electricity needed from the town. 

Current estimates show somewhere between $186,200 and $259,300 a month of electricity that has been stolen. 

Raids occurred on the Cryptocurrency farm, and Ukrainian police said investigations were also carried out at "offender's residences," which reportedly captured drafting notes on the use of power, notebooks, mobile phones, and USB storage devices. 

In a statement, JSC Vinnytsiaoblenergo said that "our company has nothing to do with any illegal activity," and "cryptocurrency mining equipment has never operated in the premises owned by our company." 

Furthermore, the utility firm said that there was no proof of electricity theft. The inquiry took place under the supervision of the Prosecutor General's Office by the Ukrainian law enforcement agencies. 

Chinese law enforcement detected wires in fish ponds used to link to an electric power grid on an oil system, in a separate but remarkable bitcoin farm plot in 2019. After drones were dispatched to track the criminal, Active Bitcoin (BTC) rigs were found in a shed. Currently, further investigation is underway.


Experts: the volume of cryptocurrency fraud in the world has reached $1 billion in a year

In the last year, at least $1 billion worth of digital currency was stolen worldwide. The number of extortion cases since the beginning of 2021 has already exceeded 1000. The reason is the rise in the value of digital money and its popularity. The average amount of extortion now is about $250,000, but it can reach $5-10 million. According to analysts, in the future, the number of such crimes will grow.

In 2021, the Binance cryptocurrency exchange recorded more than 5,000 appeals to law enforcement agencies of different countries with complaints of fraud and extortion. This is twice as much as during the same period last year.

According to Alexander Gostev, Chief Technology Expert at Kaspersky Lab, there have been more incidents involving encryption ransomware. The growth is also due to the introduction of legal regulation of digital assets in many countries. For example, since January 1, 2021, cryptocurrency has been assigned the status of the property in Russia. Russians need to declare income from it, and the state will receive taxes on profits from digital assets.

Denis Voskvitsov, director of Exantech blockchain technology company, believes that the increase in the number of frauds related to cryptocurrency is caused by its growing popularity and increasing use in everyday life. Despite the hidden circulation of digital money, in the end, it still needs to be withdrawn into regular currency. And now the state is trying to identify the digital assets of citizens. This provokes people to hide their actions, which is what attackers use.

Vladimir Ulyanov, head of Zecurion Analytics, expects an increase in both the volume of transactions with tokens and crimes with them in Russia and the world. Even services and platforms related to cryptocurrency circulation may face restrictions and blockages, as many tokens are illegal in Russia.

Fraudsters are Mailing Modified Ledger Devices to Steal Cryptocurrency

 

Scammers are mailing fraudulent replacement devices to Ledger customers who were recently exposed in a data breach, which are being used to steal cryptocurrency wallets. 

With increased cryptocurrency values and the use of hardware wallets to secure crypto funds, Ledger has become a frequent target for scammers. After receiving what appears to be a Ledger Nano X device in the mail, a Ledger user published a devious fraud on Reddit. The gadget arrived in authentic-looking packaging with a sloppy letter claiming that it was sent to replace their existing device as their customer information had been leaked online on the RaidForum hacker community. 

"For this reason for security purposes, we have sent you a new device you must switch to a new device to stay safe. There is a manual inside your new box you can read that to learn how to set up your new device," state the fake letter from Ledger. 

"For this reason, we have changed our device structure. We now guarantee that this kinda breach will never happen again." 

Despite the fact that the letter contained numerous grammatical and spelling issues, the information for 272,853 persons who purchased a Ledger device was published on the RaidForums hacking site in December 2020. This provided a slightly convincing reason for the new device's arrival. 

A shrinkwrapped Ledger Nano X box was also included in the package, containing what appeared to be a genuine device. After becoming skeptical of the device, they opened it and posted photos of the printed circuit board on Reddit, which clearly indicated the modification of devices. 

Mike Grover, a security researcher, and offensive USB cable/implant expert informed BleepingComputer that the threat actors added a flash drive and hooked it to the USB port based on the photos. 

Grover told BleepingComputer in a conversation about the photographs, "This appears to be a simple flash drive slapped on to the Ledger with the purpose of being for some form of malware delivery." 

"All of the components are on the other side, so I can't confirm if it is JUST a storage device, but.... judging by the very novice soldering work, it's probably just an off-the-shelf mini flash drive removed from its casing." 

As per the image examining, Grover highlighted the flash drive implant connected to the wires while stating, "Those 4 wires piggyback the same connections for the USB port of the Ledger." 

According to the enclosed instructions, it instructs people to connect the Ledger to their computer, open the drive that appears, and execute the accompanying application. The person then enters their Ledger recovery phrase to import their wallet to the new device, according to the guidelines. 

A recovery phrase is a human-readable seed that is used to produce a wallet's private key. Anyone with this recovery phrase can import a wallet and gain access to the cryptocurrency contained within it. After entering the recovery phrase, it is sent to the attackers, who use it to import the victim's wallet on their own devices to steal the contained cryptocurrency funds. 

This fraud is acknowledged by Ledger and they issued warnings about it in May on their dedicated phishing website. 

Recovery phrases for Ledger devices should never be shared with anybody and should only be input directly on the Ledger device the user is trying to recover. The user should only use the Ledger Live application downloaded straight from Ledger.com if the device does not allow to enter the phrase directly. 

Ledger customers flooded with scams: 

In June 2020, an unauthorized person gained access to Ledger's e-commerce and marketing databases, resulting in a data breach. 

This information was "used to send order confirmations and promotional mailings — largely email addresses, but with a subset that also included contact and order details including first and last name, postal address, email address, and phone number." 

Ledger owners began getting several of the phishing emails directing them to fraudulent Ledger apps that would fool them into inputting their wallet's recovery codes. After the contact information for 270K Ledger owners was disclosed on the RaidForums hacker community in December, these scams became more common. 

The leak resulted in phishing operations posing as new Ledger data breach notifications, SMS phishing texts, and software upgrades on sites imitating Ledger.com.

Kubeflow: The Target of Cryptomining Attacks

 

Microsoft has discovered a new, widespread, ongoing threat that aims to infect Kubernetes clusters running Kubeflow instances with malicious TensorFlow pods that mine cryptocurrencies. Kubeflow is a popular open-source framework for conducting machine learning (ML) tasks in Kubernetes, while TensorFlow is an end-to-end, open-source ML platform. 

Microsoft security experts cautioned on Tuesday that they noticed a rise in TensorFlow pod deployments on Kubernetes clusters at the end of May — pods that were running legal TensorFlow images from the official Docker Hub account. However, a closer examination of the pods' entry point revealed that they are used to mine cryptocurrency. 

In a post on Tuesday, Yossi Weizman, a senior security research software engineer at Microsoft's Azure Security Center, said that the "burst" of malicious TensorFlow deployments was "simultaneous," implying that the attackers scanned the clusters first, kept a list of potential targets, and then fired on all of them at the same time. The attackers used two distinct images, according to Weizman. The first is the most recent version of TensorFlow (tensorflow/tensorflow:latest), and the second is the most recent version with GPU support (tensorflow/tensorflow:latest-gpu). 

According to Weizman, using TensorFlow images in the network "makes a lot of sense," because “if the images in the cluster are monitored, usage of a legitimate image can prevent attackers from being discovered.” Another rationale for the attackers' decision is that the TensorFlow image they chose is an easy way to conduct GPU activities using CUDA, which "allows the attacker to optimize the mining gains from the host," according to him. 

The newly found vulnerability is comparable to a cryptocurrency mining attack revealed by Microsoft in June. That previous campaign also targeted Kubeflow workloads, launching a broad XMRIG Monero-mining campaign by exploiting misconfigured dashboards. The most recent campaign includes the following changes: According to Weizman, the attackers abused their access to the Kubeflow centralized dashboard to establish a new pipeline this time.

Kubeflow Pipelines is a framework for creating machine learning pipelines based on Argo Workflow, an open-source, container-native workflow engine for coordinating parallel jobs. A pipeline is a collection of steps, each of which functions as its own container, that together creates an ML workflow. 

Users of Kubeflow should ensure that the centralized dashboard is not insecurely exposed to the internet, according to Microsoft.

Cryptocurrency Addiction: Here's All You Need to Know!

 

Cryptocurrency addiction is defined as compulsive cryptocurrency trading and related behaviors that have negative implications in a person's life. Cryptocurrency addiction is a behavioral addiction that disrupts or destroys personal, familial, and leisure endeavors, similar to gambling addiction. 

Many of us enjoy the occasional wager or lottery flutter – but it only becomes a problem for roughly 9 people out of 1000. However, 70 persons out of 1000 engage in dangerous behavior that could become an issue in the future. 

Cryptocurrency traders, according to experts, exhibit the same behavioral addictions as problem gamblers. Although no data exist for the number of people addicted to cryptocurrency trading, Tony Marini, the lead counselor at Castle Craig Hospital in Peebles, said they are seeing an increasing number of people in Scotland. 

"This is the crack cocaine of gambling because it is so fast," he said. "It's 24/7. It's on your phone, your laptop, it's in your bedroom." In the last few years, the clinic has treated over 100 people with cryptocurrency addictions. People come to his door because of his constant availability and severe volatility, told Mr. Marini. 

"There are so many people out there that are trading cryptocurrency that is making money," he said. "And they're telling everyone that they're making money. We are not hearing from the people that are losing money."

Jake was a cryptocurrency trader who lost millions of pounds. He does not want his true identity revealed since he is still receiving treatment at one of the UK's few hospitals dedicated to patients who are addicted to betting on the value of the virtual currency. Jake originally purchased Bitcoin, the most widely used cryptocurrency, in 2015, but it wasn't until a major win a few years later that his trading became out of control.

"I can pinpoint the exact moment it became a problem," he said. "I had been eroding the sum I put aside, but I entered a trade, and I was willing to risk that last amount I had. I ended up making back pretty much everything I lost in a single trade. The feeling was one of absolute euphoria."

The market isn't the only thing that may go wrong. The technology that powers cryptocurrency is notoriously difficult, and if you're not vigilant, you could end yourself investing in a hoax.

Ex-SEC Enforcer: Crypto Investors are Enabling Hackers

 

The founder of the Securities and Exchange Commission's internet enforcement bureau warned Thursday that investors in bitcoin and other digital currencies are helping online hackers. 

“Ransomware is hitting everywhere and they’re all collecting it in bitcoin because there’s no way they’re going to get caught. So you’re also enabling it,” John Reed Stark, now head of his own cybersecurity firm told in an interview to CNBC. 

Stark stated cryptocurrencies have almost no practical use, in contrast trading them to the speculation that previously boosted AMC Entertainment and other meme stocks like GameStop to great heights. Cryptocurrencies also require registration and other procedures that would improve the visibility of U.S. capital markets, he added. 

“At least with GameStop and AMC you’re not necessarily hurting anyone. ... But with crypto, you are really hurting a lot of people, and that sort of risk I don’t think is a good one for society,” Stark said. 

He also called crypto the essence of ransomware, a type of malicious software that can disrupt and even block computer networks. 

Brazil's JBS, the world's largest meatpacker, has resumed most production after a weekend ransomware attack, the latest in a line of hacks. JBS blames hackers to have links with Russia.

In May, Colonial Pipeline, the largest US fuel pipeline, paid ransomware demands last month after its operations were shut down for nearly a week. The FBI estimates the attack on Colonial Pipeline was carried out by DarkSide, which is a Russian-linked group that demanded $5 million to restore service. DarkSide eventually shut down after receiving $90 million cryptocurrency payments and last year, roughly $406 million in crypto payments were made to cyberattackers. 

“The country is kind of falling apart from ransomware all because of crypto, and the main reason people own crypto is because they think someone else will buy it and make the price higher,” said Stark, who spent 18 years at the SEC’s Enforcement Division. “There’s no other reason to invest in it,” he stated.

Who Could be Behind the Whale Address that Owns Dogecoin Worth $12 Billion?

 

After the sudden spike in cryptocurrency this year, news outlets and various traders have been thinking about who might be behind the famous and exceptional Dogecoin with the whale address DH5yaieqoZN36fDVciNyRueRGvGLR3mr7L, which is worth 12 billion dollars. It has mined 36.7 billion Dogecoins since 2019 and has a world demand of dogecoin of around 28%. 

Although it's fun to speculate that the aforementioned address belongs to a single person who suddenly accrued billions of dollars of the same meme cryptocurrency, Dogecoin. While Patrick Lodder, a dogecoin core creator, said that it more likely seems that the cryptocurrency address resembles some cryptocurrency exchange. 

Dogecoin is a crypto-monetary developed by Billy Markus and Jackson Palmer, software developers, who wanted to build a payment system like a prank, using wild speculation in cryptocurrencies at the time. Some regard this a valid investment opportunity, despite its humorous existence. 

Dogecoin's value has dropped significantly in recent days as China has imposed a ban on cryptocurrency trading, which is one of the primary reasons for the drop. Tesla and SpaceX's CEO Elon Musk, who mostly supports it on his social media pages, was primarily responsible for the development of the spike. 

While it’s no doubt that the story behind this meme cryptocurrency – Dogecoin must be the most interesting one but with the ongoing tweets from Elon Musk, his fans would connect the most to it. 

Lodder, who has worked with Dogecoin since 2014, has explained that everyone can deliver Doge to a publicly listed address so cash entering an address is no "clue" in the identification of the address unless its value increases significantly. 

"These are all jokers, that probably has nothing to do with the operator of the wallet, that's just people having fun," he said. 

CoinDesk's research head claimed that the inert activities could also state that the whale is not an exchange but simply a person. However, Lodder said that this form of operation implies that the address is cold storage for an exchange. An exchange that takes care of several Dogecoin probably will not keep it on the server and rather will discharge its assets into a more secure offline warehouse like a cold storage wallet. 

"This looks like somebody getting a lot of money into custody and putting that into a cold storage wallet so that it's more secure," Lodder told Business Insider. 

Many assumptions to whom the address may belong have indeed been published on various online forums. Similarly One of the Reddit accounts suspects this whale address could be one of the several dogecoin addresses of Robinhood. The user tracks data mostly on-chain and assumes that the address is one of the cold storage wallets of Robinhood. Whereas some believe that the address belongs to the father of dogecoin- Elon Musk. 

Such rumors', Lodder said, may theoretically be dangerous for a doge-like cryptocurrency. He added that there indeed is speculation that a whale might make people sell their doge in a hope that the whale would also dump all their doge. 

He said that if the address were part of an exchange, it would be helpful if the exchanges were to take place. Most cryptocurrency exchanges do not reveal their dogecoin or various other cryptographic addresses. 

"It would be helpful for the dogecoin community, not even just doge but all crypto, if there was a good way to either independently verify that the books of a custodial exchange are in order, or to have an audit report from a professional firm that does the audit and certifies that everything is fine," said Lodder.

DeFi100, a Crypto Project, Allegedly Scammed Investors of $32 Million

 

According to reports and tweets, DeFi100, a cryptocurrency project, allegedly defrauded investors out of $32 million (roughly Rs. 233 crores). The project has now released a denial of the allegations, but some skepticism appears to still exist. After a very distasteful message appeared on their website on Sunday, rumors of people behind the project fleeing with the money began to circulate. The message on the DeFi100 website read, "We scammed you guys, and you can't do **** about it." DeFi100 has since clarified that their website has been hacked and that the hackers had placed the post, which has since been removed.

“DeFi100 coin exit scams, and runs away with $32 million, and leaves a message for all of us. Feels like the summer of 2017,” tweeted Cryptokanoon, co-founder Kashif Raza. 

DeFi100 is a cryptocurrency similar to Bitcoin, Dogecoin, and Ethereum, among others. It is, however, much less well-known than the other well-known digital assets. The website was still down at the time of publishing. “Oops, looks like the page is lost. This is not a fault, just an accident that was not intentional,” is what it says now. 

On Sunday, the crypto project announced on its official Twitter account that it had not exited as previously thought. “Firstly, total supply of D100 at present is less than 4 million tokens. At the beginning of the project, total supply was 2.5 million tokens. Secondly, D100 was never a yield farming protocol, which was holding investors funds with TVL over 32 million,” it said in a tweet. 

“Thirdly, total tokens sold during IDO were 750,000 at $0.80 per token. These facts are available in public for checking their authenticity. The rumours of stealing $32 million are absolutely false and baseless," it added in the subsequent tweet. "We reiterate it again that we have not made any exit." 

Although the DeFi100 founders have stated that they did not defraud the investors, nothing can be said before the website is up and running again. The value of D100, DeFi100's native token, has dropped 25% in the last 24 hours to $0.08, according to a Coindesk article (roughly Rs. 6). 

The reports of DeFi100 developers defrauding their investors came just days after the FBI, the US's main law enforcement agency, announced that it had received a record 1 million complaints related to online scams and investment frauds in the previous 14 months.