Search This Blog

Showing posts with label cryptocurrency. Show all posts

UNICEF won't convert Bitcoin and Ethereum : will accept donations in cryptocurrency


UN's children's agency UNICEF has launched a Cryptocurrency Fund Programme, in this all donations will be made through cryptocurrency- limited to Bitcoin and Ether. According to this new Cryptocurrency Fund Programme, when the organization receives a donation in Bitcoin or Ether, it will not convert it to fiat currency rather distribute it in the same form. This is part of UNICEF's project with blockchain technology and to fund open source technology projects through cryptocurrency.


"This is a new and exciting venture for UNICEF. If digital economies and currencies have the potential to shape the lives of the coming generations, we must explore the opportunities they offer. That's why the creation of our Cryptocurrency Fund is a significant and welcome step forward in humanitarian and development work," Henrietta Fore, Director, UNICEF, said in a statement. This approach by UNICEF, couldn't have come at a better time, as Henrietta Fore, Director UNICEF says, "Humanitarian and development work cannot continue without contributions in whichever format people are most comfortable with".

And this would also assist cryptocurrencies, giving them a positive boost. Cryptocurrency, that is virtual money is the only form of global money presently, and is believed could be the currency of the future. Bitcoin continues to influence the macroeconomy and more and more industries and businesses are incorporating this technology into their functionality. Now, UNICEF is also amongst one such organization with its Cryptocurrency Fund Programme. In this program, UNICEF supports donations in only Bitcoin and Ethereum as these are the leading cryptocurrencies in the global market.

Depending on the success of the program, more currencies would probably be added in due time. The first donation to the UNICEF Cryptocurrency Fund Programme will be made by Ethereum Foundation to fund three grantees of the UNICEF Innovation Fund, as well as a project coordinated by the GIGA Initiative to connect schools to the Internet globally. It is unsure which amounts will change hands but the contribution will be done through the French National Committee for UNICEF. It is a big boon for cryptocurrencies, and collaboration between charitable organizations and cryptocurrency can be a big step forward into the new era of change and technology.

Bitcoin No More the World's Most Used Cryptocurrency, as Tether Takes Over

If someone were to ask you "what's the world's most used cryptocurrency?” you'd probably say "Bitcoin," which accounts for 70% of the world's market value digital assets. But in reality its Tether, which is now the world's most used cryptocurrency.

Although precise numbers on trading measures are arduous to get in this misty business environment, statistics from CoinMarketCap.com point that the Tether is the highest daily and monthly valued cryptocurrency, even though its market capitalization is 30% less.



In April, Tether's profit outdid Bitcoin for the first time, and since early August, it has steadily exceeded it at the rate of $21 billion per day, says CoinMarketCap.com. With its steadily trading volume nearly 18% greater than Bitcoin, Tether has no doubt become one of the most significant coins in the crypto sector.

It's also the leading cause why governors view cryptocurrencies with skepticism and have set a halt on crypto exchange-traded supplies among distress of business administration.

"Without Tether, we would have suffered a heavy cost of the regular amount -- about $1 billion or higher depending on the information reference, ” says Lex Sokolin, co-head, global financial technology at ConsenSys, which extends blockchain technology services.

"Few concerning possible tappings of dealing in the business may begin to drop off,” says Lex.

The reason being is Tether is the most accepted steady coin around the globe, as it avoids price fluctuations through stocks. Tether is also a road to the crypto market for most of the world's existing businesspeople. 'For instance, in China, a trading giant where cryptocurrency is outlawed, people can comfortably spend for cash with tethers on the tables without any uncertainty or mistrusts,' says Lex 'and furthermore they can swap it for bitcoins and distinct cryptocurrencies.'

Is it safe? 

However, many people don't truly rely on Tether, says Thaddeus Dryja, a research scientist at the Massachusetts Institute of Technology. People think of Tether as some money in their account, without actually realizing that they are using it, he says.

'Some trades unspecified their folios, to send the idea that customers are holding money rather than Tethers,' said Thaddeus.

Russia planning to introduce tax on cryptocurrencies


The Russian Banking Community has found a way to legalise cryptocurrencies. To do this, it is necessary to legally recognise the mining of digital money as an analogy of the occupation of property or treasure.

"Legally, it could be argued that the first owner of the cryptocurrency "found them", because the receipt from an anonymous system can be conditionally considered a finding,”— EhakingNews quoted the ARB report on «The Concept of Decentralized Cryptocurrency Turnover». Discussion of this document is scheduled for 8 October.

However, the acquirer of digital money does not just seize or find them as a ready-made object. Cryptocurrency arises as a result of mining, that is, human activity. In fact, he creates it himself, explained Anatoly Kozlachkov, the author of the report, Vice-President of ARB.

Based on this, cryptocurrency can be introduced into Russian law as “newly created” (includes property independently produced by a citizen).

Then it can be used in barter transactions and taxed, said Anatoly Kozlachkov.

This is a fair approach, said Andrey Ermolaev, partner of KPMG. According to him, it is impossible to equate cryptocurrencies with ordinary money because it is an investment, and the growth of the value of the paper is always considered as a taxable base.

According to a legal expert Elena Avakyan, an example is a German model involving the payment of tax in the cryptocurrency in which the income is received.

Yuri Brisov, founder of LFCS (Legal Support), called the ARB proposal "the biggest mistake in the list of initiatives of all the time".

"Cryptocurrency received as a result of mining is a payment of remuneration, but not a finding," explained Brisov.

Synergy Research Group Deputy Director-General for Legal Issues and Technologies, Peter Lyalin, also sharply criticized the proposal of the Association of Russian Banks (ARB). He proposed to equate mining to the production of goods, as is practiced, for example, in Australia and Canada.

"I consider the initiative unworked and superficial. It seems that such a proposal was made without taking into account the specifics of the mining as a cryptocurrency mining activity," the expert suggested.

Experts agreed that the initiative of the Association of Russian Banks (ARB) requires further refinement.

Skidmap, Linux Malware Mining Cryptocurrency in Disguise



A new strain of Linux malware has been discovered by security researchers, which is configured to carry out a multitude of malicious activities besides just illegally mining cryptocurrency; by using a "secret master password" it provides hackers the universal access to the system.

Skidmap, Linux malware demonstrates the increased convolutions in Cryptocurrency mining malware and prevalence of the corresponding threats.

In order to carry out its cryptocurrency mining in disguise, Skidmap forges CPU-related statistics and network traffic, according to TrendMicro's recent blog on the subject.

Highlighting the advanced methods used by Skidmap, researchers at TrendMicro said, "Skidmap uses fairly advanced methods to ensure that it and its components remain undetected. For instance, its use of LKM rootkits — given their capability to overwrite or modify parts of the kernel — makes it harder to clean compared to other malware."

“Cryptocurrency-mining threats don’t just affect a server or workstation’s performance — they could also translate to higher expenses and even disrupt businesses especially if they are used to run mission-critical operations,” reads the blog.

How the infection takes place?

It starts in 'crontab', which is a standard Linux process responsible for periodically scheduling timed tasks in Unix-like systems. After that, Skidmap installs various malicious binaries and then the security settings of the affected machine are being minimized to start the cryptocurrency mining smoothly.

As the cryptocurrency miners generate digital money for the hackers, they are being monitored by some additional binaries put into the system for the same.

To stay guarded against the aforementioned Cryptocurrency mining malware, admins are advised to update and patch their servers and machines ,and be alert to unverified repositories.

Electroneum enables third-party mobile top ups for the top four network operators in Brazil


Electroneum users can now top up Claro, TIM, Vivo and Oi mobile airtime and data with ETN. This is the first time 95% of a country can top up airtime and data with ETN. Brazil currently represents the fastest growing Electroneum community. The expansion unlocks new opportunities to partner with other major corporations, retailers and businesses.

After great success in Brazil with the launch of Claro mobile phone top ups via a third-party operator, Electroneum’s Brazilian community, the fastest growing in the world, can now purchase airtime and data with the four largest mobile networks that service 95% of the mobile phone users in the country.

Electroneum users can now use their ETN rewards to top up Claro, Vivo, Oi and TIM. These four networks combined provide service to circa 220 million of the 231 million mobile phone subscriptions in Brazil, according to a report.

As of November of 2018, Vivo reportedly has 72.6 million mobile subscribers; Claro, 58.8 million subscribers; TIM, 56 million, and OI, 37.4 million.

“This is the first time ETN users can top up their mobile phones with airtime and data with mobile network operators that cover 95% of the service in a country,” Electroneum CEO Richard Ells said. “It is exciting to offer this service to our fastest growing community.”

Brazil represents Electroneum's fastest-growing community. Thousands of new users are signing up daily as more people are finding out how easy it is to use their mobile app that rewards them with up to US$3 a month in ETN.

In August 2019, Electroneum launched the third-party mobile top-up service in Brazil to allow thousands of Electroneum users to top up airtime and data with Claro. That led to further agreements with the third-party mobile top-up provider to enable Electroneum users to purchase airtime and data with the other three largest MNOs in Brazil.

Electroneum continues to expand and prove there is a real utility for cryptocurrency users. Their next step in their push for ETN cryptocurrency mass adoption is to broker new deals with more corporations, retailers, organisations, and governments.


The guards at the Ukrainian nuclear power plant mined cryptocurrency and divulged state secrets


The attackers used the resources of the South Ukrainian nuclear power plant for mining digital currency. The Security Service of Ukraine (SBU) stopped the activity of criminals.

Agents of the SBU, checking objects of the nuclear power plant, found computer equipment, illegally connected to the systems for mining. On July 10, the employees of the Department searched and seized the media converter, fiber optic and part of the network cable.

It’s important to note that information about the physical protection of the station, which is a state secret, leaked to the network due to the unauthorized placement of computer equipment in the territory of a nuclear power plant.

Specialists of the Security Service of Ukraine have information according to which members of the National Guard of Ukraine may be involved in illegal mining. The SBU has achieved the initiation of criminal proceedings against them.

It is an interesting fact that recently it became known that in Ukraine the authority that controls the quality of equipment for the South Ukrainian nuclear power plant since 1992 will be eliminated. Employees of the structure carried out examinations, as well as participated in tests of the equipment.

The decision was made after the evaluation of the enterprise. The work of the center was deemed ineffective.

However, it can be assumed that this is due to the fact that someone was mining cryptocurrency on the territory of the South Ukrainian nuclear power plant.

In addition, this week the police discovered an underground farm for the production of cryptocurrency in Ingushetia. Its owners were engaged in illegal and unaccounted electricity consumption. During the inspection of this room, law enforcement officers found that more than 1.5 thousand devices for receiving crypto currency, a laptop, two system units, a video recorder of a video surveillance system, as well as two transformer points with a capacity of 1.6 thousand kW each were connected to the power supply system without appropriate documentation.

Recall that in May 2018 it became known that the police in the Ukrainian city Rovno were mining cryptocurrency directly at the workplace. Since Ukraine does not have legislation regulating the circulation and mining of cryptocurrencies, an investigation was conducted into the theft of electricity.

This was not the first case of using the official position for cryptocurrency mining. In September 2017, Crimean government officials were fired for mining bitcoins in the workplace, and on February 2018 it became known that employees of the Ministry of Finance of Kazakhstan used office computers and department servers for cryptocurrency mining.

Teen Hacker Elliott Gunton Taking Cryptocurrency for Stolen Data


In April 2018, Elliott Gunton, a teenager from Norwich, England, was caught by the police on the charges of hacking and his PC was taken hold of by the authorities.

He was convicted at Norwich Crown Court where he admitted five charges which included illegal data exchanges, computer exploitation and money laundering offences.

Gunton was subjected to a three and a half year community  order which kept him from using internet and software and he was made to pay a sum of £407,359 by the court order.

On the charges of stealing sensitive information of people and selling it in exchange of pounds in cryptocurrency, the Norwich Crown Court sentenced him to 20 months imprisonment and let out owing to the time spent on remand.

On the examination of Gunton's computer, it was found that he had scheduled supplies of stolen data of people which included their contact information for malicious purposes like texts to carry out fraud.

At the age of 16, Gunton hacked a telecommunications firm and was found guilty of the same.

The teen made constant and sophisticated efforts to conceal his fraudulent acts and hide the payments from police and therefore he dealt in Bitcoin instead of hard currency. However, he happened to leave behind some parts of conversations where he negotiated criminal deals.

Referencing from a tweet made by Gunton last year, "Having lots of money is cool… but having lots of money without people knowing is cooler." He called himself as a "full-time crypto trader."

Terrorists Resorting to Bitcoin for Funding




The military wing of Hamas, known by the name of 'Qassam Brigades', has established a highly sophisticated system which allows people to contribute in raising money by making donations which are extremely hard for the law department to trace.

In the most recent version of the wing's website, visitors are assigned their individual Bitcoin addresses which can be used by them to send the digital currency and make donations via a method which is nearly untraceable.

The site set up by the wing featuring the logo of the brigade is notably accessible in seven different languages, it also features a video which explains the procedure of acquiring and sending the digital currency in an increasingly sophisticated manner.

“This is going to be a part of the terrorist financing mix, and it is something that people should pay attention to", said Yaya Fanusie, a former analyst with the Central Intelligence Agency.

Commenting on the matter, Sigal Mandelkar, the Treasury Department’s undersecretary for terrorism and financial intelligence, said in an interview, “We are dedicating a lot of resources very specifically to this space.”

“It is still relatively new to them, but I’m confident that we’re going to see more of it in the future.”  He added.

There is a certain allure of cryptocurrency to the con men as it allows to hold money and make transactions without the involvement of a common authority, such as PayPal which can potentially freeze funds and close down accounts. Everyone, across the globe, is open to creating a Bitcoin address and receiving digital tokens without having to provide an address or identity.

Referencing from the statements given by, Mr. Zarate, an adviser at Coinbase, “I think we are still in the experimentation phase for terrorist groups — they are trying to figure out how best to do this,”

“What’s a challenge is that you see them continuing to experiment.” He further added.





New Zealand legalize salary payments in Cryptocurrencies





New Zealand is the first country to legalize payment of salaries in the form of  Bitcoin and other cryptocurrencies, Financial Times report.

The tax agency has deemed it legal for companies to pay wages in digital currencies is secured to at least one standard, or fiat, currency.

The country’s Inland Revenue Department (IRD) published a bulletin on August 7, 2019, stating that the ruling was made under the Tax Administration Act 1994.

According to the bulletin released, "the companies can only pay cryptocurrency to employees working under official employment agreements. Payments also have to be for a fixed amount – “the value of the crypto-asset is pegged to one or more fiat currencies.”

The ruling also states that cryptocurrency-based salary payments must also be able to be “converted directly into fiat currency (on an exchange).”

The report states that the salaries must be paid in a crypto-asset that functions as a currency.

The move has started a round of discussion on the controversial digital money coming into the realm of everyday payment modes. The major problem with the cryptocurrencies is that they are relatively free of regulation, and they are untrackable.

Banning Crypto Could Lead To The Indian Market Plummeting By Billions?




Crypto-currency if banned in India could lead to the Indian market going down by an approximate amount of $13 Billion, experts say.

An analysis of the revenues that companies could generate if crypto-currency were legalized was made by the experts, which also had a premise of Indian-founded crypto-companies.

Per the sources, the analysis reflected that “as part of their total estimated revenue” in India companies could’ve generated $4.9 billion as on crypto-white papers, $2.1 billion from expert blockchain coders, $1.27 billion from content creators and $4.5 billion from miscellaneous jobs.

According to the experts it sure is quite a herculean and next to impossible task for India to ban the crypto-currency on such a mass level and they’d end up regulating it.

The government of India is on the task of banning and is deliberating it with quite some thought. It also is considering imposing sanctions on any crypto related dealings.

The government still has quite a detailed and elaborate reviewing to go through before they draft a proper legislation.

Despite all the reports and analysis displayed by the experts the government has quite a strong will to go with the drafting of the bill that bans the crypto-currency and associated dealings.

Bitcoin surges past $ 11,000

Bitcoin soared 9% on Monday, performing like a safe haven asset as it edged past $11,000 for the first time since around mid-July.

The price of the world’s largest cryptocurrency climbed as high as $11,860, according to CoinDesk data, hitting a more than 3-week high. Bitcoin’s value now accounts for nearly 70% of the global crypto market, according to CoinMarketCap.

Global stock markets on the other hand have been sliding lower on the back of renewed trade uncertainty, after President Donald Trump said last week that Washington would impose 10% tariffs on another $300 billion worth of Chinese goods.

The pan-European Stoxx 600 index slipped 1.6% on Monday while the MSCI’s broadest index of Asia-Pacific shares outside Japan plummeted 2.5%. Dow futures meanwhile were off by about 100 points.

Analysts have previously argued the case that bitcoin could be a safe haven asset, with investors having flocked to the digital asset in the past on the back of an escalation in U.S.-Sino tensions.

“Bitcoin has many use cases and one of the most important is as a form of digital gold,” Charles Hayter, CEO of digital currency comparison platform CryptoCompare, told CNBC by email on Monday. “We have seen bitcoin jump before on macro uncertainty as it becomes a conduit and flight-to-safety asset.”

Yuan depreciation

Bitcoin’s jump in value also comes as China allowed the yuan to break the seven-per-dollar level for the first time in 11 years, triggering fears of a potential currency war.

The yuan fell after China’s central bank, the People’s Bank of China, set the currency’s daily midpoint at 6.9225 per dollar, its weakest level since December last year.

Simon Peters, an analyst at trading platform eToro, said Chinese investors could be seeking to diversify as the yuan depreciates.

“Given that Chinese investors make up a large proportion of crypto investors, there’s a strong possibility some are backing bitcoin’s chances against the yuan,” Peters said in a note on Monday.

Are MNCs and big consultants misleading Governments on Cryptocurrency and Blockchain?


MNCs and big consultants are well known to use heavyweight lobbying techniques to twist national policies in a manner that suit their interests. This is even more valid in the context of new technologies where governments usually lack the required domain skills and perspectives to make meaningful judgements. This appears to be the case with Cryptocurrencies and Blockchains.

The arguments being presented to make cryptocurrencies illegal is that they have no real value and can be used for Ponzi schemes and other such inappropriate or illegal operations. True. But then the Rupee is also used for Ponzi schemes such as chit business and various rackets. Does that mean that the Rupee should be banned? No, one bans ponzi investment schemes, not the Rupee. No rational arguments have yet been presented on why cryptocurrencies should be banned. Why not provide regulatory sandboxes and give entrepreneurs the freedom to test and present their case. With Blockchain based crypto currencies, one can publically store hash of information which can be later verified. This time stamping and hash information in public block chain can be used to verify time stamp of data.

The underlying technology in cryptocurrencies is Blockchain. While these MNCs rally against cryptocurrencies, they are pushing blockchain technology in a big way. But then here is the catch. No one has asked MNC company to show the source code of their Blockchain technology. Originally, Blockchain source code is public MIT license. It's very interesting that no one asks these MCNS to open the blockchain source codes. Can open source code like Blockchain be made into closed source code by MNCs?

MNCs claim that the blockchain(technically it's a DLT) is not charged. They charge only for "consulting,support and services"!

Why do governments need to invest millions and transfer wealth to MNCs and big consultants who already have fat wallets? The concept of private Blockchains is going to drain money from governments around the world. Fancy multiple databases across different stake holders – this is what is being presented as private blockchains. Why not instead governments develop software which run on public blockchain? Such applications can be written for US $ 200,000 to US $ 300,000 instead of the US $ 10 mn or so that fat cat consultants and MNCs will charge for private blockchains?

Some one scared everyone banks can't put data(even hash) on public blockchain. You don't need crypto currency to use public blockchain.

Will Governments including the Indian Government wake up? Especially at a time when there is so much demand on public exchequers from the poor and the needy.

(J Prasanna is founder of Cyber security and privacy foundation. This articles is their personal view)

Facebook to launch a new digital cryptocurrency





Social media giant Facebook is set to roll out a new digital cryptocurrency, Libra, next year, which would let users’ buy things as well as send money to people without any process fees. 

People would be able to make payments with the currency via    third-party wallet apps or Facebook’s own Calibra wallet that will be built into WhatsApp, Messenger and its own app. 

It is said that firms such as Uber and Visa will accept it in future.

From next year, Facebook users’ will be able to buy Libra from its platforms and then it will be stored in a digital wallet called Calibra.

The user can make payments and send money to other  users, and this whole process would instant and as easy as texting. 

"In time, we hope to offer additional services for people and businesses, such as paying bills with the push of a button, buying a cup of coffee with the scan of a code, or riding your local public transit without needing to carry cash or a metro pass,” it said. 

However, there is a big concern over how users’ money and data will be protected. 

The firm stressed that Libra would not be managed solely by the Facebook, but it would be independent, and run by a group of companies and charities- called the Libra Association.

Group of companies that are likely to accept Libra, includes
  • Payments firms such as Mastercard and PayPal
  • Digital businesses including eBay, Spotify and Uber
  • Telecoms firms such as Vodafone
  • And charities such as the microfinance group Women's World Banking.


Sim swapping attacks hit US cryptocurrency users

Something strange happened last week, with tens of US-based cryptocurrency users seeing SIM swapping attacks.

Numerous members of the cryptocurrency community have been hit by SIM swapping attacks over the past week, in what appears to be a coordinated wave of attacks.

SIM swapping, also known as SIM jacking, is a type of ATO (account take over) attack during which a malicious threat actor uses various techniques (usually social engineering) to transfers a victim's phone number to their own SIM card.

The purpose of this attack is so that hackers can reset passwords or receive 2FA verification codes and access protected accounts.

These types of attacks have been going on for half a decade now, but they've exploded in 2017 and 2018 when attackers started focusing on attacking members of the cryptocurrency community, so they could gain access to online accounts used for managing large sums of Bitcoin, Ethereum, and other cryptocurrencies.

But while these attacks were very popular last year, this year, the number of SIM swapping attacks appeared to have gone down, especially after law enforcement started cracking down and arresting some of the hackers involved in these schemes.

Something happened last week

But despite a period of calm in the first half of the year, a rash of SIM swapping attacks have been reported in the second half of May, and especially over the past week.

Several users tweeted their horrific experiences.

Some of them have publicly admitted to losing funds, such as Sean Coonce, who penned a blog post about how he lost over $100,000 worth of cryptocurrency due to a SIM swapping attack.

Some victims avoided getting hacked

Some other victims candidly admitted to losing funds, while others said the SIM swapping attacks were unsuccessful because they switched to using hardware security tokens to protect accounts, instead of the classic SMS-based 2FA system.

Crypto Scammers Take To YouTube; Promote Trojan-Hiding Software



A new crypto scam and malware campaign is in underway as the attackers play smart and utilize YouTube, yet this time they set up a rather chancy trap for the users, promoting videos for a "bitcoin generator" tool that guarantees to generate free bitcoins for them.

As indicated by a report in the digital security publication Bleeping Computer, the scam was discovered by a researcher who goes by the name of Frost.

Frost has been tracking the malevolent campaign for the past 15 days and has observed that every time he reports the user and their videos , YouTube does brings them down, yet the 'bad actors'  just make another user and upload more.




In the video's description there will likewise be links to download this tool, which in reality a Trojan, and a link for the https://freebitco.in site as shown below:






At the point when a user clicks on the download link in these videos, they will be brought to a page offering a Setup.exe file.

The payload being pushed by this YouTube scam is the Qulab information stealing and clipboard hijacker Trojan. Whenever executed, the Trojan will duplicate itself to %AppData%\amd64_microsoft-windows-netio-infrastructure\msaudite.module.exe and dispatch itself from that location.

Qulab endeavors to steal the browser history, saved browser credentials, browser cookies, saved credentials in FileZilla, discord credentials  and steam credentials. The Trojan likewise contains code to take .txt, .maFile, and .wallet records from a computer.

Qulab, on the other had goes about as a clipboard hijacker, or clipper, implying that it will monitor the Windows clipboard for specific information, and when distinguished, swap it with the different data  that the attacker needs.

In this specific case however , Qulab scans for crypto currency  addresses that have been replicated into the Clipboard, in many cases because a user is going to send currency to the address.

It is recommended for the users who have been tainted with this Trojan, that they ought to promptly change all passwords for their financial accounts and websites that they visit. Furthermore, as usual, they should turn to a password manager so as to make exceptional and solid passwords for each account they visit.

Amazon granted patent for Bitcoin-style system

Cryptocurrency rumor mongers are likely to be dancing today as Amazon has successfully filed a patent for a Bitcoin-styled Proof-of-Work system. But don’t get ahead of yourself, it doesn’t look like the Seattle-based ecommerce giant will be accepting Bitcoin for payments.

Despite first being filed in December 2016, Amazon’s patent application was granted earlier this week and appears to outline a system that uses Proof-of-Work to prevent distributed denial-of-service (DDoS) attacks.

“One way to mitigate against such attacks is to configure a service such that requests to the service incur some sort of expense, thereby providing a disincentive to participating in the attack,” the application reads.

Planting a Merkle Tree

Amazon proposes to use Merkle Trees to present a Proof-of-Work challenge and make it too costly for a series of computers to perform a DDoS attack.

But what’s a Merkle Tree? In short, Merkle Trees are cryptographic tools where blocks of data are manipulated to give them a unique identifier also known as a hash.

These hashes are then manipulated again to create a parent hash. Parent hashes are always a combination of two or more child hashes. It’s layers on layers of hashed data.

Since computing power is required to build a Merkle Tree, performing such hashes could get very costly in terms of time, electricity, and resources. In turn, this makes DDoS attacks economically unfeasible.

In the case of Amazon’s patent, imagine having to construct a Merkle Tree before you’re allowed to access a website hosted on one of its servers. To an individual the cost might be insignificant, but to an organization trying to carry out a DDoS attack – which might involve many hundreds of computers – it could become prohibitively expensive.

Merkle Trees are also used in Proof-of-Work blockchains like Bitcoin as part of its consensus mechanism. But for now that’s as close as Amazon will get to Bitcoin.

Unistellar Attackers Delete Over 12,000 Unsecured MongoDB Databases




With around 12,000 unsecured MongoDB databases being deleted in the course of three weeks, attackers have solicited the owners from the databases to contact the said cyber-exotortionists to have the information restored with just a message left behind.

They search for the already exposed database servers utilizing BinaryEdge or Shodan search engines, delete them and demand a ransom for their 'restoration services' and these sorts of attacks focusing on the publicly available MongoDB databases have known to have occurred since atleast the early 2017 [1, 2, 3, 4].

While Mongo Lock attacks likewise target remotely open and unprotected MongoDB databases, the campaign does not appear to demand a particular ransom. Rather, an email contact is given, well on the way to arrange the terms of information recuperation.

Sanyam Jain, an independent security researcher and the person who found the wiped out databases, gave quite a sensible clarification to this, saying that "this person might be charging money in cryptocurrency according to the sensitiveness of the database."

The 12,564 unprotected MongoDB databases wiped out by Unistellar were found by the researchers utilizing BinaryEdge. Seeing that, right now, BinaryEdge indexes somewhat more than 63,000 publicly accessible MongoDB servers as per Jain, it appears as though the Unistellar attackers have dropped by approx 20% of the aggregate.




The cyber-extortionists leave behind notes asking their victims to connect with them if  they need to reestablish their data by sending an email to one of the accompanying two email addresses: unistellar@hotmail.com or unistellar@yandex.com.

Shockingly, there is no real way to follow if their victims have been paying for the databases to be reestablished on the grounds that Unistellar just gives an email to be reached and no cryptocurrency address is given.

These attacks can happen simply because the MongoDB databases are remotely open and access to them isn't appropriately verified. This implies that the database owners can without much of a stretch forestall such attacks by following genuinely basic steps intended to appropriately secure their database instances.

MongoDB gives details on the most proficient method on how to verify a MongoDB database by actualizing legitimate confirmation, access control, and encryption, and furthermore offers a security agenda for executives to pursue.

More to the point, significant measures will undoubtedly be taken which will additionally forestall the attacks by empowering authentication and to not enable the databases to be remotely accessible.

Cryptocurrency exchanges losses $40 million to hackers




A cryptocurrency exchange Binance reported a ‘’large scale’’ data breach in which hackers managed to steal 7,000 bitcoins worth of about $40 million.

The company said that hackers used various techniques including phishing, viruses and other attacks to obtain large numbers of user API keys, 2FA codes and other info. 

“The hackers had the patience to wait, and execute well-prepared actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” said Binance’s CEO, Changing Zhao.

According to the initial investigation, the hacker attacked through multiple seemingly independent accounts at the most opportune time. 

The company has halted all the withdrawals immediately after the reports of hack. 

In a public statement released by the company,  they admitted that, ’’the transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system.’’

They further added that they need to conduct a thorough security review, and it would include all parts of our systems and data, which might take one week. 

However, till the whole time, deposits and withdrawals will ‘’REMAIN SUSPENDED’’. 






Electricity Wastage Leading to a Ban on Cryptocurrency Mining in China



In the wake of cryptocurrency mining being listed as one of the hazardous and wasteful activities by China’s central state planner, the National Development and Reform Commission, Chinese government has decided to ban cryptocurrency mining in the country. China, after remaining the hub of bitcoin mining has now plans drafted to terminate the activity.

The list generated by China’s central state planner included more than 450 activities  which failed to abide by the regulations  and are categorized unsafe for either they lead to a wastage of resources or pollutes the environment.  

Drawing inferences from an anonymous Chinese bitcoin trader, Reuters noted, “Bitcoin mining wastes a lot of electricity,”

Bitcoin, one of the most popular cryptocurrency hit a record high by the end of 2017 and touched $5,000 for the first time ever since November.  This week, it was down by 1.4 percent along with Ripple’s XRP and Ethereum, which fell down by the same margin.

Lately, cryptocurrency has been under inspection in China and eventually, it led to the banning of initial coin offerings and shutting down of local trading exchanges. With electricity being a crucial factor determining the ban, countries with inexpensive electricity have now emerged as the key hosts of cryptocurrency mining.



Crypto-jacking: A New Vector of the Cyber-Cons after Ransomware!




Apparently, according to the records of 2018, after getting bored with ransomware attacks, crypto-jacking has become the new tool of cyber-cons for harvesting crypto-currency.



Crypto-jacking by nature is more insidious and stealthy and hence in the past year has emerged as a better way of harvesting crypto-currency.

Initially, the best choice for doing the same was ransomware, but having surpassed it, Crypto-jacking is now cyber-cons’ favorite option.

2018, unlike any other year in the cyber-crime history saw a lot of cyber-attacks, wherein the crypto-jacking attacks constituted to be amongst the most.

The report of IBM strictly mentioned that the crypto-currency attacks hiked by quite a large number.

Whereas, ransomware attacks plummeted by 45% including both mobile and desktop platforms.

The major reason behind this shift of inclination towards crypto-jacking happens to be the less-disruptive and furtive disposition.

After a ransomware is introduced to the victim, the attack weapon goes waste after just one attack, leaving no chances for a recurrence.

Meanwhile, in the case of crypto-jacking, a recurrence is almost ensured, making it possible for more profits from a single weapon.

Somehow, crypto-jacking appears to be the more malicious of the two, which if ignored could lead to serious ramifications.

Reportedly, crypto-jacking could soon transform from currency mining to fabrication its own botnets to function spyware attacks.

Leaving the users with the only advice and option; to use the latest versions of anti-viruses and keep the systems updated.