CySecurity News - Latest Information Security and Hacking Incidents: Bitcoin

Bitcoin Cyber Security Email Scams Fraud Email Internet scammers Microsoft Microsoft 365 Ransom Demand Sextortion Scam

Beware of Fake Microsoft Emails Exploiting Microsoft 365 Vulnerabilities

The internet is rife with scams, and the latest involves hackers exploiting vulnerabilities in the Microsoft 365 Admin Portal to send fraudulent emails directly from legitimate Microsoft.com accounts. These emails bypass spam filters, giving them an appearance of credibility, but their true purpose is extortion. These scam emails claim to have sensitive images or videos of the recipient in compromising situations. To prevent this alleged content from being shared, the recipient is asked to pay a ransom—often in Bitcoin. This type of cybercrime, known as “sextortion,” is designed to prey on fear and desperation, making victims more likely to comply with the scammer’s demands.

Unfortunately, sextortion scams are becoming increasingly common. While tech companies like Microsoft and Instagram implement protective measures, hackers find new ways to exploit technical vulnerabilities. In this case, scammers took advantage of a flaw in the Microsoft 365 Message Center’s “share” function, commonly used for legitimate service advisories. This loophole allows hackers to send emails that appear to come from a genuine Microsoft.com address, deceiving even cautious users. To identify such scams, it is crucial to evaluate the content of the email. Legitimate companies like Microsoft will never request payment in Bitcoin or other cryptocurrencies.

Additionally, scammers often include personal information, such as a birthday, to make their claims more believable. However, it is important to remember that such information is easily accessible and does not necessarily mean the scammer has access to more sensitive data. Victims should also remember that scammers rarely have the incriminating evidence they claim. These tactics rely on psychological manipulation, where the fear of exposure often outweighs rational decision-making. Staying calm and taking deliberate action, such as verifying the email with official Microsoft support, can prevent falling prey to these schemes. Reporting such emails not only protects individual users but also helps cybersecurity teams track and combat the criminals behind these campaigns.

Microsoft is actively investigating this criminal activity, aiming to close the exploited loopholes and prevent future scams. In the meantime, users must remain vigilant. Keeping software up to date, enabling multi-factor authentication, and using strong passwords can help mitigate risks. A scam email may look convincing, but its demands reveal its true intent. Always approach threatening emails critically, and when in doubt, seek guidance from the appropriate channels. By cultivating a habit of skepticism and digital hygiene, users can strengthen their defenses against cybercrime. Awareness and timely action are essential for navigating the modern threat landscape and ensuring personal and organizational security.

Crypto Bull Market Targeted: The Lottie-Player Security Breach



 

Web3

Bitcoin Bull Market Crypto GitHub Technology Trading Web3

Crypto Bull Market Targeted: The Lottie-Player Security Breach

In an alarming development for the tech community, especially for those immersed in the Web3 ecosystem, a supply chain attack has targeted the popular animation library, Lottie-Player. If users fall for this prompt, it could enable attackers to drain cryptocurrency wallets.

Given Lottie-Player's impressive tally of over 4 million downloads and its significant presence on many prominent websites for animation embedding, this incident underscores the security vulnerabilities associated with open-source libraries.

Understanding the Attack

The breach initially came to light on GitHub when a user noticed an unusual Web3 wallet prompt while integrating Lottie-Player on their website. Upon closer examination, it was discovered that versions 2.0.5, 2.0.6, and 2.0.7 of Lottie-Player, released between 8:12 PM and 9:57 PM GMT on October 30, 2024, had been tampered with and compromised.

The attack involved the introduction of malicious code into three new versions of the Lottie-Player library, a widely used tool for rendering animations on websites and applications. Threat actors infiltrated the distribution chain, embedding code designed to steal cryptocurrencies from users' wallets. This method of attack is particularly insidious because it leverages the trust developers place in the libraries they use.

The Broader Implications

Once the compromised versions were released, they were integrated into numerous high-profile projects, unknowingly exposing countless users to the threat—the malicious code activated during transactions, redirecting funds to wallets controlled by the attackers. In one notable case, a user reportedly lost 10 Bitcoin (BTC), worth hundreds of thousands of dollars, due to a phishing transaction triggered by the malicious script.

Following the discovery of the attack, the Lottie-Player team swiftly released a clean version, 2.0.8, which developers can use to replace the compromised files. To further contain the breach and limit exposure, versions 2.0.5 through 2.0.7 were promptly removed from npm and CDN providers like unpkg and jsdelivr.

Moving Forward

The attack occurred during a pivotal phase of the crypto bull market, intensifying efforts to steal increasingly valuable tokens. To mitigate risks, it's advisable to connect a wallet only for specific purposes rather than granting full-time permissions for signing transactions. Additionally, being prompted to connect a wallet immediately upon entering a website can serve as a potential warning sign.

Protect Yourself from Phishing Scams Involving Personal Data and Bitcoin Demands



 

Phishing Attack

Bitcoin Cyber Attacks data security Email Phishing Email scam FTC Phishing Attack

Protect Yourself from Phishing Scams Involving Personal Data and Bitcoin Demands

A new phishing scam is emerging, where hackers send threatening emails to people with personal details like images of their homes and addresses. This scam tricks recipients into believing their privacy is compromised, urging them to pay money or Bitcoin to avoid exposure. According to cyber expert Al Iverson, scammers often use public sources like Google Maps and data from previous breaches to craft these threatening messages. He recommends confirming any images on Google Maps and checking email legitimacy to ensure the message isn’t a scam.

One victim, Jamie Beckland, shared his experience, revealing that the scammers falsely claimed to have video evidence from spyware on his computer. Beckland, like others, was targeted with demands for Bitcoin in exchange for silence. Fortunately, by cross-referencing the address and photo in the email with Google Maps, he realized the threat wasn’t credible. To avoid falling for such scams, it’s critical to scrutinize email addresses and domains. Iverson advises checking SPF, DKIM, and DMARC results, which help verify the sender’s legitimacy. Scammers often spoof email addresses, making them appear familiar, but most don’t actually have access to sensitive data—they’re simply trying to scare people into paying.

Zarik Megerdichian, founder of Loop8, strongly warns against clicking any unfamiliar links in these emails, especially those related to payments. Bitcoin and similar transactions are irreversible, making it crucial to avoid engaging with scammers. If you suspect financial information is at risk, Megerdichian advises reporting the incident to the Federal Trade Commission (FTC) and closely monitoring your accounts. Yashin Manraj, CEO of Pvotal Technologies, recommends changing passwords immediately if you suspect your data has been compromised. Moving sensitive accounts to a new email address can provide added protection. He also suggests notifying local authorities like the FBI, while ensuring that family members are informed of the scam to prevent further risks.

Lastly, Manraj emphasizes that you should never engage with scammers. Responding to emails only increases your vulnerability, adding your information to target databases. To further protect yourself, isolating your home network, using a VPN, and avoiding public forums for help are essential steps in safeguarding your information from potential future attacks. These phishing scams, though threatening, rely on fear and manipulation. By taking steps to verify email legitimacy, securing your accounts, and staying cautious, you can avoid falling victim to these tactics.

Russian Nationals Charged in Billion-Dollar Cryptocurrency Fraud



 

Ransomware

Bitcoin cryptocurrency Cyber Crime Cyber crimes DOJ Ransomware

Russian Nationals Charged in Billion-Dollar Cryptocurrency Fraud

A tremendous blow has been dealt to global cybercrime after US authorities charged two Russian nationals with masterminding a giant cryptocurrency money laundering network. After being charged by the U.S., the two Russian nationals are alleged to have headmastered a giant cryptocurrency money laundering network. The couple laundered the billions through crypto exchange services, concealing ill-gotten gains from cyber frauds, ransomware, and dark web narcotics.

DOJ officials collaborated with worldwide law enforcement to obtain servers and USD 7 million in cryptocurrency from the network, effectively crippling the criminal organisation.

Vast Money Laundering Scheme Exposed

DOJ says the two Russians to be arraigned, Sergey Ivanov and Timur Shakhmametov, played a significant role in one of the largest money laundering operations. They traded billions of dollars for international cybercriminals through various cryptocurrency exchanges, including platforms like Cryptex and Joker's Stash. Their operation enabled criminals to avail themselves of the anonymity associated with cryptocurrencies, avoiding financial regulations, and even making their laundered funds more portable and unobservable.

Investigators said Ivanov operated Cryptex, a site that processed more than $1.15 billion in cryptocurrency transactions. Of that, $441 million was directly linked to crimes, including $297 million in fraud and $115 million in ransomware payments. Cryptex offered criminals a loophole because it didn't require users to have their IDs verified—a "know-your-customer" (KYC) compliance process would have made their transactions traceable.

The medium to support darknet criminals

Besides Cryptex, the operation made it possible to conduct many other illegal activities on the dark web like carding sites-Rescator and Joker's Stash. The said platforms, especially Joker's Stash, deal in stolen payment card information. Estimated proceeds from these operations ranged around $280 million to up to $1 billion. One of the defendants, Shakhmametov was said to manage Joker's Stash, and hence the extent of this criminal network increased.

Seizing Servers and Crypto Currency

Indeed, international cooperation figured quite largely into taking down this elaborate criminal enterprise. US authorities teamed with law enforcement agencies from other countries, such as Dutch authorities, to take down servers hosting such platforms as PM2BTC and Cryptex, located in several different countries, which have disrupted the operation. Moreover, law enforcement seized more than $7 million in cryptocurrency on those servers from the organisation.

According to the Justice Department, bitcoin transactions through Cryptex were pegged at 28% to the darknet markets that are U.S.-sanctioned, as well as other crime enterprises. This percentage emphasises the colossal level of participation that such exchanges provided in furthering cybercrimes at a worldwide level.

Global Crackdown on Cybercrime

The case reminds everyone that efforts at a global level are aimed at fighting the same cybercrime supported by cryptocurrencies. The DOJ has already communicated while working with other U.S. agencies, including the Department of State and the Treasury, that it will continue the crusade against those who use digital currencies for nefarious activities. In this case, the dismantling of this billion-dollar laundering network makes it a milestone victory for law enforcement and a warning to others in similar operations.

As cryptocurrency increases in usage, so does its misuse. Even though digital currencies offer immense legitimate advantages, they also provide criminals with a conduit to bypass traditional financial systems. This makes it pretty evident that the breaking down of Cryptex and Joker's Stash serves as a harsh reminder of how much importance needs to be given to strict security and regulatory measures so that such practices cannot be made using the system for nefarious purposes.

The recent charges suggest that U.S. and international law enforcement agencies are attacking cybercrime networks, especially those using cryptocurrency as a cover for under-the-radar activities. By taking down these systems, the authorities would find it more challenging for cybercrimes to cover up their illegal sources of income and further reduce the threat of rising cybercrime globally.

Hence, this high-profile case should awaken business entities and private individuals dealing in cryptocurrencies to take extreme care that they do not engage in any activity contrary to regulations set to monitor money laundering and other illegal activities.

Port of Seattle Faces $5.9 Million Ransom Demand in Rhysida Cyberattack



 

Stolen Data

Bitcoin Cyber Attacks Ransom Attack Rhysida Rhysida Ransomware Rhysida ransomware gang Seattle Seattle Port Stolen Data

Port of Seattle Faces $5.9 Million Ransom Demand in Rhysida Cyberattack

The Port of Seattle is confronting a severe cybersecurity crisis as the Rhysida ransomware group demands a ransom of 100 bitcoins (approximately $5.9 million). Rhysida, which has gained notoriety for targeting organizations worldwide, released screenshots of stolen documents, claiming they possess sensitive data such as scanned U.S. passports, Social Security numbers, and tax forms. The group has threatened to sell this data on the dark web if their ransom demands are not met within a week.

In a joint statement with Seattle-Tacoma International Airport, the Port of Seattle has made it clear they will not pay the ransom, despite threats to publicly release the stolen data. A Port spokesperson emphasized that refusing to comply is part of their firm stance against negotiating with cybercriminals. The extent of the data breach is still under investigation, but Rhysida’s involvement suggests a sophisticated attack that exploited vulnerabilities in the port’s systems. The attack was initially detected on August 24, leading to widespread service disruptions.

Critical systems were impacted, including baggage handling, check-in kiosks, ticketing, Wi-Fi, and digital display boards, creating significant inconvenience for travelers. The port responded swiftly, isolating affected systems to prevent further breaches. This disruption highlights the real-world consequences of ransomware attacks on essential infrastructure, raising concerns about cybersecurity preparedness in public sectors. Rhysida operates as a ransomware-as-a-service group, enabling other cybercriminals to use its platform for extortion. The group, active since June 2023, has a history of targeting multiple sectors, including government, healthcare, and critical infrastructure, with a focus on the U.S.

According to cybercrime research platform eCrime.ch, Rhysida has claimed nearly 150 victims since its emergence, demonstrating its rapid growth and effectiveness in breaching high-value targets. The breach at the Port of Seattle emphasizes the growing threat of ransomware attacks on critical infrastructure and serves as a wake-up call for organizations to prioritize cybersecurity measures. Authorities, cybersecurity experts, and the port’s internal IT team are working together to assess the full impact of the attack and develop strategies to restore normal operations. Given the evolving tactics of ransomware groups like Rhysida, this incident underscores the urgent need for comprehensive security strategies and employee training to protect against future breaches.

In light of this attack, cybersecurity agencies have warned other U.S. ports and critical infrastructure organizations to strengthen their defenses against similar threats. This breach represents a broader trend of ransomware groups targeting critical infrastructure, which, if left unchecked, could have far-reaching implications on national security and economic stability. The Port of Seattle’s refusal to pay the ransom aligns with federal guidelines discouraging negotiations with cybercriminals, but it remains to be seen whether this approach will mitigate the impact of the breach or provoke further retaliation from Rhysida.

The incident serves as a stark reminder that cybersecurity threats are increasingly sophisticated, requiring organizations to adapt their defense strategies to safeguard sensitive data and operations.

North Korean Hackers Attacking Crypto Industry, Billions at Risk



 

Web3

Bitcoin Crypto Currency ETF Ether lazarus North Korea Web3

North Korean Hackers Attacking Crypto Industry, Billions at Risk

The United States Federal Bureau of Investigation (FBI) has recently highlighted a significant cybersecurity threat posed by North Korean cybercriminals targeting the web3 and cryptocurrency sectors.

Why Hackers Target ETFs?

The cryptocurrency industry has witnessed tremendous growth, Ether and Bitcoin are game changers. The rise has led to financial instruments like ETFs (Exchange-traded funds) that allow investors access without owning them directly. But, with the increase of crypto technologies, security questions have also surfaced.

The United States FBI recently warned about a major cybersecurity threat from North Korean hackers targeting cryptocurrency and web3 sectors. Billions of dollars go into these crypto ETFs, but investors shouldn’t be hasty to think their assets are secure.

Lazarus Behind Attacks

Lazarus (a North Korean state-sponsored group) is no stranger to the cryptocurrency market and is allegedly responsible for various attacks against famous exchanges and blockchain protocols. Officials are concerned about hackers attacking crypto-backed ETFs by targeting the underlying assets.

North Korean hackers are using advanced engineering methods to fool employees at decentralized finance (DeFi) and cryptocurrency firms. The hackers impersonate high-profile figures within an organization and or make specific scenarios based on the target’s position, business interests, or skills to get in their good books.

“The actors may also impersonate recruiting firms or technology companies backed by professional websites designed to make the fake entities appear legitimate. Examples of fake North Korean websites can be found in affidavits to seize 17 North Korean domains, as announced by the Department of Justice in October 2023,” the FBI warned.

The FBI Warning

The FBI has warned against storing private cryptocurrency wallet data on web-connected devices as they may be victims of hacking attacks. If these requests come from unfamiliar sources, organizations should be careful when using non-standard software or applications on their network.

North Korean hackers have already stolen sensitive data from Bitcoin companies by using fake job ads. The FBI’s warning is a wake-up call for web3 and cryptocurrency firms to advance their cybersecurity systems and be careful against these rising attacks.

“The actors usually attempt to initiate prolonged conversations with prospective victims to build rapport and deliver malware in situations that may appear natural and non-alerting. If successful in establishing bidirectional contact, the initial actor, or another member of the actor’s team, may spend considerable time engaging with the victim to increase the sense of legitimacy and engender familiarity and trust,” the FBI reports.

Bitcoin and Nostr: What Lies Beyond Decentralization and Freedom



 

Technology

Bitcoin Data Decentralization Nostr Technology

Bitcoin and Nostr: What Lies Beyond Decentralization and Freedom

In today's digital expanse, in some countries governments and corporations wield immense power, two remarkable projects—Bitcoin and Nostr—have emerged as champions of decentralization. Their stories are quite similiar, revealing their struggle for financial autonomy, censorship resistance, and individual empowerment.

Bitcoin: The Genesis of Digital Gold

The Mysterious Creator

In 2009, an enigmatic figure known as Satoshi Nakamoto introduced Bitcoin to the world. Nakamoto's true identity remains shrouded in mystery, but their creation sparked a revolution. Bitcoin wasn't just a currency; it was a paradigm shift—a departure from centralized financial systems.

The Decentralized Ledger

At its core, Bitcoin operates on a decentralized ledger called the blockchain. Imagine a vast, incorruptible book where every transaction is recorded. Miners—individuals who dedicate computational power—verify these transactions, ensuring transparency and security. No central authority governs Bitcoin; it thrives on collective trust.

Digital Gold and Pseudonymity

Bitcoin's scarcity—capped at 21 million coins—gives it a unique allure. Investors liken it to digital gold, a store of value immune to inflation. Yet, unlike gold, Bitcoin transactions occur in the digital realm. Users remain pseudonymous, their identities veiled behind cryptographic addresses.

Nostr: A Community's Rebellion

The Rise of Nostr

Enter Nostr, a lesser-known but equally significant tech. Nostr's story diverges from Bitcoin's, emphasizing community governance and censorship resistance.

Community-Driven Governance

Nostr's strength lies in its community. Decisions—upgrades, proposals, and network changes—are made collectively. No central authority dictates terms; instead, users shape the network's destiny. Transparency prevails, and the community guards against undue influence.

Censorship Resistance

Nostr's architecture is a fortress against censorship. Content creators, developers, and users participate without fear of suppression. In a world where platforms silence dissenting voices, Nostr stands firm—a bastion of free expression.

Proof of Reputation (PoR)

While Bitcoin relies on proof-of-work (PoW) and proof-of-stake (PoS), Nostr pioneers a different path: Proof of Reputation (PoR). Reputation is earned through contributions, expertise, and positive interactions. It's a nod to meritocracy, where influence aligns with genuine value.

Why They Matter

1. Evading State Repression

In regions where there is censorship on data, Bitcoin and Nostr offer escape routes. Citizens preserve wealth and communicate freely, shielded from state interference. Nostr's community-driven model ensures that no single entity can silence dissent.

2. Financial Inclusion

Both projects empower the unbanked. Bitcoin's global accessibility and Nostr's community-driven ethos allow participation in the global economy. No longer bound by traditional banking, individuals find newfound freedom.

3. Hedging Against Fiat Devaluation

As governments print money, inflation erodes fiat currency value. Bitcoin's scarcity and Nostr's stability provide a hedge. They're shields against economic uncertainty.

4. Technological Pioneering

Bitcoin's Lightning Network accelerates transactions, while Nostr experiments with consensus mechanisms. Both drive technological progress, shaping the future of finance.

Bitcoin and Nostr- although they can be different yet intertwined—remind us that decentralization isn't a mere buzzword. It's a way forward, heading the way toward financial sovereignty and individual empowerment.

DMM Bitcoin Hack: 500 BTC Transfer Linked to $305 Million Theft Raises New Concerns



 

PeckShield

Bitcoin Bitcoin hacked Chainalysis cryptocurrency cryptocurrency hack Cyber Attacks Lazarus Group PeckShield

DMM Bitcoin Hack: 500 BTC Transfer Linked to $305 Million Theft Raises New Concerns

A cryptocurrency address linked to the $305 million DMM Bitcoin hack in May has reportedly transferred 500 Bitcoin, valued at approximately $30.4 million. On August 22, PeckShield Alert reported that the suspect address initially split the funds into two separate addresses, each receiving around 250 BTC. This movement of funds marks a significant development in the aftermath of the DMM Bitcoin hack, which remains one of the most substantial cryptocurrency thefts of 2024. The DMM Bitcoin hack, which occurred in May, resulted in the theft of 4,502.9 BTC, valued at approximately $305 million at the time.

The current value of the stolen Bitcoin is just over $274 million. In response to the breach, DMM Bitcoin quickly raised $320 million to reimburse affected users, demonstrating the exchange’s commitment to mitigating the impact of the hack on its customers. Blockchain investigator ZachXBT previously attributed the attack to the Lazarus Group, a notorious hacking organization allegedly linked to the Democratic People’s Republic of Korea. The Lazarus Group has been implicated in several high-profile cyberattacks, and its involvement in the DMM Bitcoin hack highlights the growing sophistication of cybercriminals targeting the cryptocurrency industry.

According to on-chain analysts, the methods used to launder the stolen funds and various off-chain indicators strongly suggest the Lazarus Group’s involvement in the heist. Following the hack, the attackers reportedly split the stolen Bitcoin into smaller batches of 500 BTC and transferred them to new wallets. PeckShield identified that the latest funds moved since the May 31 incident originated from one of these wallets. This strategy of splitting and moving funds is a common tactic among cybercriminals to obfuscate the trail of stolen assets and avoid detection.

In July, ZachXBT alleged that the attackers transferred approximately $35 million worth of Bitcoin to the Cambodia-based exchange Huione Guarantee. The exchange has faced accusations of facilitating the laundering of funds from various crypto hacks, pig butchering scams, and other illicit activities. The involvement of exchanges like Huione underscores the challenges in tracking and recovering stolen cryptocurrency, as these platforms can serve as intermediaries for converting stolen assets into fiat currency or other cryptocurrencies.

The DMM Bitcoin hack is a significant addition to the growing list of cryptocurrency thefts in 2024, which had already claimed over $473 million in losses before this incident. The hack is the second largest in Japan’s history, following the 58 billion yen loss suffered by Coincheck in 2018. In the aftermath of the DMM Bitcoin hack, the exchange halted all spot trading on its platform and warned that withdrawals in Japanese yen might take longer than usual, as they implemented measures to prevent further unauthorized outflows. This incident also highlights broader trends in the cryptocurrency industry.

According to a Chainalysis report, while illegal activity on blockchain networks has decreased by almost 20% year-to-date, malware attacks and stolen funds have surged. Stolen funds inflows doubled to $1.58 billion compared to $857 million last year, and ransomware inflows climbed around 2%, reaching $459.8 million. The DMM Bitcoin hack serves as a stark reminder of the ongoing vulnerabilities in the cryptocurrency sector and the need for enhanced security measures to protect digital assets from increasingly sophisticated cyber threats.

Hackers Exploit Dark Skippy Attacks to Steal Secret Keys from Secure Devices



 

TRX

Bitcoin Crypto Cyber Attacks CyberCrime Cyberhackers Cybersecurity Cyberthreats Cybervictimes Secret Steal TRX

Hackers Exploit Dark Skippy Attacks to Steal Secret Keys from Secure Devices

An element of the Dark Skippy attack involves the subtle manipulation of nonces during the signature creation process to create the signature. To obtain the private key of a cryptocurrency wallet, attackers craft carefully crafted nonces, thereby gaining full access to the wallet by extracting the private key. The nature of this attack is particularly insidious.

Due to the covert nature of its execution, no trace of how it was carried out can be found. Additionally, it can impact every user of an infected device. Earlier this year, security researchers from the University of Cambridge were able to disclose an entirely new type of malware attack that will allow hackers to access hardware wallets and private keys held by users after two signed transactions.

Known as Dark Skippy by the researchers, the attack occurs when a hacker becomes aware of a user's device and tricks him into downloading malware to gain access. As part of the disclosure, Nick Farrow, Lloyd Fournier, and Robin Linus included information regarding Dark Skippy that can be found here. A new hardware wallet software company called Frostsnap was founded by Nick Farrow and Lloyd Fournier in 2012. Currently, Robin Linus is one of the people who are in charge of BitVM and ZeroSync protocols that relate to Bitcoin. Every signer device inserts random numbers, or nonces, into every transaction that is signed with Bitcoin, which is explained in the report.

Even though the vulnerability was not discovered until March 8, 2024, about 15 vendors were privately informed about it during that period. As a result of Dark Skippy, it is possible to leak private keys with a sophisticated attack technique that exploits the corrupted firmware of Bitcoin hardware wallets and signing devices.

Although the technique has primarily been identified in the context of cryptocurrency security, it could have applications in other types of cryptographic systems as well, despite its focus on cryptocurrency security. However, even though this malware is theoretically powerful, it has not yet been observed in a real-world attack environment.

Generally, if a device is maliciously designed, it will be able to execute this process. It is still considered an academic concept at the moment, and real-world attacks based on this concept have not yet been witnessed. A key aspect of protecting against Dark Skippy is to use only genuine devices that come with a firmware that was not modified in any way.

The user's funds are immediately lost as soon as the attacker compromises a device with malicious firmware that supports executing a Dark Skippy attack, and this can have a devastating impact on the user's funds. There is no doubt that cryptocurrency is becoming more popular and the value of secure hardware wallets and constant vigilance is on the rise.

A cryptocurrency signing device equipped with Dark Skippy is vulnerable to Schnorr signature technology, which is used to sign cryptocurrency transactions. In a recent development, a sophisticated attack method known as the "Dark Skippy" attack has emerged, allowing hackers to compromise the security of signing devices by manipulating nonces during the creation of digital signatures. This attack targets the firmware of these devices, exploiting vulnerabilities to extract secret keys, which are crucial for secure cryptographic operations.

The Dark Skippy attack offers several key advantages to attackers, making it particularly concerning. It operates covertly, leaving little trace of its activity, and does not require additional communication channels to execute. Furthermore, it is effective against stateless devices, which typically lack the memory to track previous states. It can exfiltrate the master secret, putting every user of a compromised device at risk. In response to this emerging threat, Nick, a cybersecurity expert, took to Twitter to discuss protocol-based mitigations used to combat similar attacks.

These include anti-exfiltration measures and deterministic nonces to prevent unauthorized key extraction. Additionally, three researchers have presented new mitigation strategies in a recently published report. These strategies are designed to coexist with partially signed Bitcoin transactions (PSBT) signing workflows, offering enhanced protection against attacks like Dark Skippy. The two primary mitigation measures suggested in the report are the mandatory use of adaptor signatures and the implementation of mandatory nonce proof-of-work.

These measures are intended to disrupt the effectiveness of Dark Skippy and similar attacks by introducing new fields into the PSBT process, thereby strengthening the overall security of the signing workflow. The co-founder of Frostsnap, a prominent figure in the cybersecurity community, has emphasized the importance of ongoing discussions and the implementation of mitigation strategies to address this new threat.

The researchers behind the report have also called upon readers and industry experts to provide feedback on the proposed mitigation measures, underlining the collaborative effort needed to safeguard the ecosystem. In a related issue, a data analytics company has highlighted a new type of scam involving QR codes. In these scams, attackers deceive victims by suggesting over-the-counter transactions and offering lower rates than those provided by legitimate crypto market services.

The scammers often offer TRX as a fee for long-term cooperation and initiate a USDT payment to build trust with the victim. They then request a small payment as a test, using it as a means to access the victim's wallet. The company, Bitrace, conducted an experiment using an empty wallet and the QR code provided by a victim. The scan led to a third-party website that requested a repayment amount. Once the victim confirmed the transaction, the scammers were able to steal the wallet's authorization and transfer all the funds from the victim’s account.

Bitcoin wallet vulnerabilities have led to significant financial losses for users in the past. In August 2023, cybersecurity firm Slowmist reported that over $900,000 worth of Bitcoin had been stolen due to a flaw in the Libbitcoin explorer library. Similarly, in November of the same year, Unciphered revealed that $2.1 billion worth of Bitcoin held in old wallets might be at risk of being drained by attackers exploiting a flaw in the bitcoin wallet software. These incidents underscore the critical need for enhanced security measures and vigilant monitoring to protect digital assets.

Xapo Bank Aims To Boost Bitcoin Safety With Tech And Bunkers



 

Vulnerability management

Bank Security Bitcoin Digital Assets Technology Vulnerability management

Xapo Bank Aims To Boost Bitcoin Safety With Tech And Bunkers

Satoshi Nakamoto, the pseudonymous developer of Bitcoin, published the system's whitepaper in 2008, bluntly criticising financial institutions and the confidence they demand. However, in 2010, one of the most notable Bitcoin collaborators in its early days and the recipient of the first Bitcoin transaction in history, cypherpunk and cryptography specialist Hal Finney, predicted the existence of bitcoin banks. Today, bitcoin-native banks such as Xapo Bank exist in this grey area between the ethos and the potential deployment of this system across the global financial sector.

Finney claims that Xapo Bank, which was founded in 2013, is among the leaders in the custodial space of Bitcoin. Wences Casares, an Argentinean entrepreneur and innovator who is well-known in Silicon Valley for his support of this technology, developed it as a solution for his friends and family. However, it expanded significantly. Currently, it is one of the few fully licensed banks in the world that deals with Bitcoin and other digital assets.

Its business idea combines cutting-edge Bitcoin technology with a physical bunker in the Swiss highlands. This physical location blends old-fashioned Swiss standards with the latest safety technology. It's an atomic bunker that serves as the foundation of what Xapo provides its clients: high-quality security for digital assets. Xapo is exploring new technical opportunities. The custody business is dominated by multi-signature solutions, but the greatest alternative and security solution for the Gibraltar-registered bitcoin bank is the multi-party computation protocol. On a broad level, MPC enables several parties to share information without fully exposing the shared data.

In the case of Xapo, this works by breaking the digital asset master private key into several unique fragments known as "key shares," which Xapo Bank has stored and distributed in hidden places around the world, including the Swiss bunker. The MPC protocol ensures that participants' contributions remain private during key creation and signing, without being revealed. This functionality assures that no single participant in the quorum has total access to or control over the stored assets, reducing the chance of collusion to nearly zero.

"MPC is a much more modern and secure setup compared to a still more popular multi-signature approach. The fact that the private key is not put together at any point in the transaction means there is no moment it can be potentially exposed or hacked, which is not the case with the more traditional multi-sig technology," Xapo Bank's Chief Technology Officer, Kamil Dziubliński, stated.

However, there are threats and concerns, even with a movie-style bunker and this novel method of securing the keys and transaction signing process. Security threats include hacking and phishing attempts. Financial risks include money laundering, terrorist financing, and various types of financial attacks.

Bitcoin Heist Hits Japanese Exchange DMM Bitcoin



 

Security Breach

Bitcoin cryptocurrency Cyber Security Elliptic Security Breach

Bitcoin Heist Hits Japanese Exchange DMM Bitcoin

In a security breach, Japanese cryptocurrency exchange DMM Bitcoin announced the theft of approximately 4,502.9 Bitcoin, valued at around 48.2 billion yen (approximately $304 million). The incident marks one of the largest cryptocurrency heists in recent history.

The breach was detected on May 31, 2024, at approximately 1:26 p.m. when DMM Bitcoin identified an unauthorised leak of Bitcoin from its wallets. The exchange immediately took steps to mitigate the leak and implement additional security measures to prevent further unauthorised access. The company is still investigating the full extent of the damage.

DMM Bitcoin has reassured its customers that their Bitcoin deposits will be fully guaranteed despite the breach. However, the exchange has implemented several temporary restrictions on its services to enhance security. These measures include the suspension of new account openings, the processing of cryptocurrency withdrawals, and the placing of new buy orders for spot trading. Only sell orders will be accepted for spot trading, and new open positions for leveraged trading are also suspended, with only settlement orders being processed.

Impact on Customers

The company has informed customers that existing limit orders for both spot and leveraged trading will remain unaffected. However, withdrawals of Japanese yen may experience delays. DMM Bitcoin has apologised for the inconvenience caused and assured customers that their assets are secure.

Response and Analysis

Cryptocurrency security firm Elliptic has reported that this heist ranks as the eighth-largest crypto theft of all time. It is the most significant since the $477 million hack suffered by FTX in November 2022. Elliptic has also confirmed the identification of the wallets involved in the DMM Bitcoin attack.

Ongoing Investigation

DMM Bitcoin continues to work on understanding the details of the attack and has not yet provided specific information about how the breach occurred. The company remains focused on ensuring the security of its platform and protecting customer assets.

The broader cryptocurrency community will be closely monitoring the developments of this case and the measures taken by DMM Bitcoin to prevent future incidents.

Cryptocurrency Chaos: El Salvador's Bitcoin Wallet Code Leaked, Privacy at Risk



 

VPN

Bitcoin BTC Chivo Wallet Code Leak cryptocurrency Cyberattacks CyberCrime Cybersecurity El Salvador Privacy Security Breach Technical Breach VPN

Cryptocurrency Chaos: El Salvador's Bitcoin Wallet Code Leaked, Privacy at Risk

There was a security breach with El Salvador's state Bitcoin wallet, Chivo, after hackers from the group CiberInteligenciaSV leaked a part of its source code to a hacking forum. In the earlier leak of personal data belonging to nearly all of El Salvador's adults, the code from Chivo Wallet ATMs as well as VPN credentials had been exposed. According to the wallet administration, there has been no compromise with the security of the wallet's data.

Chivo Wallet had several challenges since it was revealed that it would be the official Bitcoin storage tool after its launch, so this event has become another blight on the Chivo Wallet. President Nayib Bukele set Bitcoin (BTC) as legal tender in El Salvador in 2021 to make digital payments more convenient. However, security breaches and technical issues have made the adoption of Bitcoin (BTC) difficult.

The Chivo Wallet has been criticized by consumers for its slow operation, app crashes, vulnerabilities to exploitation, and lack of official backing, despite its official backing. The Chivo Wallet company has responded to allegations that it was linked to a data breach in which over 5 million Salvadorans' personal information was allegedly exposed.

In addition to full names, unique identifiers, dates of birth, addresses, phone numbers, emails, and photographs, all of this data was leaked. The data had been rumoured to be related to the KYC processes that the Salvadoran government required its citizens to complete before they could be offered incentives, such as $30 in Bitcoin at the wallet’s launch, by the Salvadoran government.

On April 6, the hacker group CiberInteligenciaSV compromised 5.1 million Salvadoran data. Recently, the same hackers leaked the source code for Chivo Wallet and the VPN credentials for the ATM network. The Chuvo Bitcoin wallet, backed by the government, has caused controversy among peer-to-peer money enthusiasts and crypto punks alike for its custodial status.

In a press release published on X (formerly Twitter) on April 24, the company commented on the matter, describing it as “fake news.” Furthermore, a group of individuals from the Salvadoran community who downloaded the wallet have released over 144 GB of data containing their personal information. Even though it was available for purchase on various channels since August, it was only leaked for download on April 5.

This data includes a user's full name, unique identifier, date of birth, address, and a high-definition picture of their face, as well as their full name, unique identifier, and date of birth. Also included in this week's leaked information was the file Codigo.rar, which contained information on El Salvador's Chivo ATM network, including the code and VPN credentials for the network.

Government officials have yet to come out with a formal statement regarding either of the hacks that took place this month. As a result of the leak of the code and VPN details of the source, the Chivo wallet system is at risk of being compromised, making hackers able to gain access to users' accounts or control them unauthorizedly.

The particularity of the data exposed previously affects almost the entire adult population of El Salvador, which makes them fear identity theft and fraud as a result of the exposure of personal data previously exposed. In light of these breaches, security experts advise users to be vigilant and to monitor their accounts for any suspicious behaviour if they see anything strange.

El Salvador is a country where incompetence is prevalent and there is a good chance that this will have a significant impact on the financial ecosystem as well, as trust in the government's digital solutions might wane as a result. In the beginning, the Chivo software was plagued with numerous software bugs and technical glitches as users reported numerous problems with the software.

Despite the President's promise to give them $30 for downloading the Chivo wallet, some people were not able to withdraw money from Chivo because some had trouble getting it. The Salvadoran government announced last year that over 100 ATMs across the country will be equipped with lightning network technology in Q4 2024.

Over 100 ATMs across the country will be equipped with this technology. In theory, this technology could allow Salvadorians to withdraw and deposit Bitcoins in an easier and faster manner with a lower fee. It was reported in October by a Salvadoran newspaper that only about 2% of the Salvadoran population was making remittance payments through the wallet, which had been its main selling point for a long time.

It has yet to be decided whether or not the Salvadoran government will declare a policy on this issue or formally address the issue. The state of El Salvador has become the first in the world to adopt Bitcoin as a legal tender in 2021, promoting the Chivo wallet as one of the official mediums used to engage with Bitcoin by its citizens.

The fact that these security issues exist in addition to the absence of communication from the authorities leaves the Salvadorans with an uncomfortable sense of uncertainty as to whether or not their personal information is safe and if this digital wallet offered by the state is reliable.

Look Out For SIM Swap Scams: Tips for Bitcoin Security



 

SIM swap

2FA Bitcoin Cyber Fraud Identity Theft SIM swap

Look Out For SIM Swap Scams: Tips for Bitcoin Security

In today's digitised world, safeguarding personal information and digital assets is of great importance. One emerging threat is the SIM swap scam, a sophisticated form of identity theft where fraudsters manipulate mobile carriers to transfer a victim's phone number to a SIM card under their control. This can lead to unauthorised access to accounts, especially those reliant on SMS-based two-factor authentication (2FA).

Bitcoin Security at Risk

For Bitcoin users, SIM swap scams pose an even greater risk, particularly on centralised exchanges using SMS-based 2FA. Unauthorised access to these accounts could result in substantial financial loss. However, utilising self-custodial wallets, where users control their private keys, significantly reduces this risk by eliminating reliance on telecom-based authentication methods.

Protective Measures and Best Practices

1. Switch to Authenticator Apps: Transitioning from SMS-based 2FA to authenticator apps like Google Authenticator or Authy enhances security by eliminating the vulnerability to SIM swap attacks.

2. Implement Additional Security Measures: Make use of platform-provided security features such as withdrawal address whitelisting and multi-factor authentication whenever possible to add layers of protection to your assets.

3. Stay Careful Against Phishing: Be cautious of unsolicited communications and verify the authenticity of requests for personal information or urgent actions related to your accounts.

4. Inform Your Mobile Carrier: Make your mobile carrier aware of the risks associated with SIM swap scams and inquire about additional security measures to safeguard your account.

5. Prioritise Non-Custodial Wallets: Opt for storing Bitcoin in hardware or reputable software wallets where you control your private keys, ensuring maximum security.

Striving for Practical Security

While achieving perfect security may seem daunting, taking practical steps such as enabling authenticator apps and transitioning to non-custodial wallets significantly reduces vulnerability to SIM swap scams. Rather than pursuing perfection, adopting proactive security measures is key to mitigating risks and protecting valuable assets.

In the face of multiplying threats like SIM swap scams, prioritising security measures is essential, especially for Bitcoin holders. By following best practices and embracing non-custodial solutions, individuals can shield their digital assets and minimise the risk of falling victim to cyberattacks. Stay informed, stay vigilant, and take proactive steps to protect yourself in the digital realm.

Is Bitcoin Changing? Big Shifts and What It Means for Us



 

Technology

Bitcoin cryptocurrency CyberCrime Digital Money Finance Sector Technology

Is Bitcoin Changing? Big Shifts and What It Means for Us

On the financial front, traditional powerhouses like Grayscale, BlackRock, and Fidelity are diving into Bitcoin, earning them the moniker 'Bitcoin whales.' These heavyweights are injecting billions into the digital currency, holding a sizable chunk of the finite 21 million bitcoins available.

Out of the 19 million bitcoins currently in circulation, an estimated 3.5 million are lost, either due to forgotten digital wallet details or lingering criminal proceeds. Concerns arise over the 2.3 million bitcoins held by cryptocurrency exchanges, acting as crypto-banks, sparking debates about reliance on centralised systems.

Adding to the mystery are 'unknown whales,' individuals or entities owning over 10,000 bitcoins, accounting for roughly 8% of the total. The remaining 7% of bitcoins are yet to be mined, with the last one expected in 2140. Meanwhile, Satoshi Nakamoto, Bitcoin's enigmatic creator, sits on an estimated 1.1 million bitcoins, securing a spot among the world's wealthiest.

Regulated investment firms, given the green light by US financial authorities, are now in the game. Grayscale, BlackRock, and Fidelity collectively hold about 4.5% of all bitcoins, signalling a significant shift.

Law enforcement's involvement introduces another layer, with nearly 200,000 bitcoins awaiting auction from cyber-crime seizures. MicroStrategy and Tether emerge as noteworthy Bitcoin holders, with MicroStrategy leading as the single largest organisation owner, holding around 193,000 Bitcoins. Tether, recognized for its stablecoin, claims an estimated 67,000 bitcoins.

Publicly listed Bitcoin miners, including Marathon and Hut8, contribute significantly, holding around 40,000 bitcoins collectively. Well-known investors like the Winklevoss Twins, Tim Draper, and companies like Tesla and Block add further diversity to the landscape.

Approximately 10.5 million bitcoins are believed to be held by the general public, constituting roughly 50% of the existing supply. However, the actual number of individual Bitcoin owners remains a mystery.

Interestingly, the recent surge in Bitcoin's value is credited not to individual retail investors but to Bitcoin whales, including major banks. Analysts suggest that these influential entities are steering both the price and demand, reshaping the once peer-to-peer digital cash dynamics.

As big financial players gather more and more bitcoins, it's making us rethink what Bitcoin was supposed to be. Originally, it was all about being decentralised and not controlled by big institutions. Now, with these financial giants holding a lot of bitcoins, we're wondering where Bitcoin is headed and if it's staying true to its roots. The world of cryptocurrency is changing, and it's not just affecting digital money – it's making waves in a much bigger way.

Blackbaud Enhances Security Measures Following FTC Settlement



 

Ransomware

Bitcoin Blackbaud Cybersecurity Data Breach Federal Trade Commission Ransomware

Blackbaud Enhances Security Measures Following FTC Settlement

Blackbaud, a major player in U.S. donor data management, recently settled with the Federal Trade Commission (FTC) after facing scrutiny for a ransomware attack in May 2020. This attack led to a substantial data breach affecting millions of individuals. The FTC's concerns revolved around security lapses, including weak passwords and insufficient monitoring of hacking attempts. The settlement marks a crucial step for Blackbaud, emphasising the need for enhanced security measures and data protection.

The FTC's complaint highlighted various security lapses by Blackbaud, including a failure to monitor hacking attempts, inadequate data segmentation, weak password practices, and a lack of multifactor authentication. As part of the settlement, Blackbaud is now mandated to enhance its security measures and delete unnecessary customer data from its systems.

One crucial aspect of the settlement requires Blackbaud to establish a data retention schedule, outlining the rationale behind retaining personal data and specifying a timeline for its deletion. The company is also obligated to promptly notify the FTC in the event of a data breach requiring reporting to relevant authorities.

The FTC alleges that Blackbaud paid a ransom of 24 Bitcoin (worth around $250,000 at the time) to the ransomware gang that stole sensitive personal data. However, the complaint reveals that the company did not verify whether the hacker actually deleted the stolen data. The breach, disclosed in July 2020, impacted over 13,000 Blackbaud business customers and their clients across the U.S., Canada, the U.K., and the Netherlands, exposing banking information, social security numbers, and plaintext credentials.

The aftermath of the breach saw Blackbaud facing 23 proposed class-action lawsuits in the U.S. and Canada by November 2020. In March 2023, the company agreed to pay $3 million to settle SEC charges for failing to disclose the full impact of the ransomware attack. Additionally, in October, Blackbaud agreed to a $49.5 million settlement to resolve a multi-state investigation supported by attorneys general from 49 U.S. states.

FTC Chair Lina M. Khan emphasised the severity of Blackbaud's failure to accurately convey the breach's scope, stating that it kept victims in the dark and delayed necessary protective actions. The settlement not only addresses security measures but also requires Blackbaud to avoid misrepresenting its data security and retention protocols in the future.

This settlement serves as a reminder of the responsibility companies bear in securing and managing the data they handle. It underscores the importance of robust cybersecurity practices, regular monitoring, and prompt disclosure in the event of a breach. As we move through our online experiences, these incidents show how important it is for companies to protect data and be clear with their clients and stakeholders.

Navigating the Paradox: Bitcoin's Self-Custody and the Privacy Challenge



 

Technology News

Bitcoin Financial Credentials Privacy Technology News

Navigating the Paradox: Bitcoin's Self-Custody and the Privacy Challenge

Self-custody in Bitcoin refers to individuals holding and controlling their private keys, which in turn control their bitcoin. This concept is akin to securing physical gold in a personal safe rather than relying on a bank or third-party custodian. Unlike physical assets such as gold, verifying the legitimacy of bitcoin transactions in the digital realm is more straightforward and does not involve the complex process of melting down to authenticate.

While certain regulations require individuals and entities, particularly in financial services, to report their holdings and transactions to regulatory bodies, this obligation aims to prevent illicit activities and ensure tax compliance. While reasonable for businesses in regulated markets, extending these requirements to personal finances, especially for private individuals, seems contradictory in a society that values personal freedom and privacy.

Bitcoin's architecture presents a paradox: it is transparent, allowing verification of the 21 million cap and transaction history, yet remarkably private as the true control lies with the holder of private keys. This duality ensures currency integrity but poses challenges to personal financial privacy under regulatory scrutiny.

To address this, innovative solutions like multi-signature wallets are emerging. Companies like Swan and On-ramp are developing tools focused on multi-signature wallets for individuals and institutions. This approach, such as a ⅔ multi-signature solution, allows a compliant third party to hold a key without compromising individual control, providing a subtle yet effective means of regulatory verification.

Multisig solutions also enhance security against theft while maintaining user control over assets, striking a delicate balance between autonomy and regulatory compliance. As the Bitcoin ecosystem evolves, these solutions become crucial for preserving personal financial freedom while aligning with existing regulatory frameworks.

The regulatory landscape must adapt to Bitcoin's distinct characteristics, leading to the development of refined self-custody approaches that support privacy, autonomy, and regulatory compliance. Advocacy for standardized reporting mechanisms for self-custodied assets can align with regulatory requirements without compromising Bitcoin's foundational tenets.

Balancing innovation and regulation presents challenges, requiring collaborative discourse among all stakeholders. Bitcoin's principles of autonomy and privacy may clash with regulatory transparency efforts, but finding a balance is essential for the cryptocurrency's revolutionary role in finance. Bitcoiners play a crucial role in advocating for their privacy and sovereignty rights, emphasizing that saving within the Bitcoin network is a legitimate exercise of economic liberty and not a criminal act or subject to public disclosure.

Crypto Enthusiasts Embrace New Frontier: Investing in Bitcoin ETFs Explained



 

Cybersecurity

Bitcoin cryptocurrency Cyber Attacks CyberCrime Cyberhackers Cybersecurity

Crypto Enthusiasts Embrace New Frontier: Investing in Bitcoin ETFs Explained

This was the first time the Securities and Exchange Commission approved an exchange-traded fund that contained bitcoin, but the Commission stressed that its decision does not mean it endorses or approves Bitcoin, but that it remains deeply sceptical about cryptocurrencies.

Despite a deadline for just one application, the SEC stated that it had given the green light to 11 exchange-traded funds for Bitcoin. The agency said that this would provide a level playing field and competitiveness for all.

As part of its approval process, the government has approved spot Bitcoin exchange-traded funds (ETFs), which can be bought by pension funds and ordinary investors. In the wake of the announcement by the head of the Securities and Exchange Commission, cryptocurrency fans reacted with glee - and memes about becoming rich.

However, the warning was tempered by an explanation of the risks associated with the asset. A previous attempt for approval by the US financial watchdog had been repeatedly rebuffed due to concerns about potential fraud and manipulation, as well as the lack of any transparency. ETFs are an excellent way to invest in something or a group of things, like gold or junk bonds, without actually owning those items themselves.

The ETFs trade much like stocks, which allows them to be purchased and sold throughout the day, as opposed to traditional mutual funds. Since Bitcoin was launched, anyone who wanted one had to purchase it. That means either that one would have to learn about cold wallets or that one would have to open an account on a crypto-trading platform like Coinbase or Binance, which is not an easy task to learn about.

Many new investors who are not inclined to go through all the extra steps to invest in Bitcoin could benefit from a spot Bitcoin ETF. In anticipation of the SEC approval, Bitcoin prices have soared, with the price trading at $45,280 on Wednesday, up from around $27,000 at the beginning of the month.

A crypto exchange called FTX filed for bankruptcy in November 2022, resulting in a price drop of $16,000 in November 2022. A major concern of investors who are considering buying an ETF in this area is the volatility of bitcoin's price.

Even though Bitcoin has not caught on as a replacement for fiat currency in November 2021, it soared to nearly $68,000 in November. The bitcoin price dropped below $20,000 one year after investors retreated from riskier assets and several company scandals eroded confidence in the crypto market.

Although regulators and law enforcement are cracking down on some bad actors in the crypto industry, such as Sam Bankman-Fried of FTX, the industry still feels like it is a Wild West. During this week's hack on the SEC's X account, in which a fake tweet claimed ETFs were approved, prices skyrocketed and raised questions about the SEC's ability to protect itself from scammers manipulating the market and whether they would be able to stop them.

ETFs linked to Bitcoin can change in price rapidly and without warning or explanation, so investors will have to weigh that up before purchasing a digital coin ETF. But ETFs are generally sold as high-risk, high-reward products anyway. In addition, there is also the possibility of cybercrime which has taken place in the past few years.

Almost every crypto company has been wiped out of the cash market overnight as a result of huge and costly attacks on bitcoins and other cryptocurrencies. When Blackrock, for instance, becomes a major Bitcoin holder, their cyber-security will be tested in ways they are not accustomed to due to the complexity of the blockchain.

In addition to the negative environmental impact, there is also a cost associated with it. It is no secret that the Bitcoin blockchain relies on thousands of powerful computers all around the world to process transactions and create coins. It is expected that the use of renewable energy will increase going forward, but it remains to be seen how investment companies will process the potential costs associated with Bitcoin against buyers concerned about compliance with environmental, social, and corporate governance (ESG) regulations.

Rise of OLVX: A New Haven for Cybercriminals in the Shadows



 

Amazon Bitcoin Cybeattacks Cyber Threats CyberCrime Cybersecurity OLVX SEO Telegram

Rise of OLVX: A New Haven for Cybercriminals in the Shadows

OLVX has emerged as a new cybercrime marketplace, quickly gaining a loyal following of customers seeking through the marketplace tools used to conduct online fraud and cyberattacks on other websites. The launch of the OLVX marketplace follows along with a recent trend in cybercrime marketplaces being increasingly hosted on the clearnet instead of the dark web, which allows for wide distribution of users to access them and for them to be promoted through search engine optimization (SEO).

Research conducted by Zerofox cybersecurity researchers discovered that there is a new underground market called OLVX (olvx[.]cc) that was advertising a wide variety of hacking tools for illicit purposes and was linked to a large number of hacking tools and websites.

Researchers at ZeroFox, who detected OLVX at the end of July 2023, have noted a marked increase in activity on the new marketplace in the fall, noticing that both buyers and sellers are increasing their activity on the marketplace.

There have been several illicit tools and services offered to threat actors by OLVX since its launch on July 1, 2023. As opposed to the other markets that OLVX operates in, it focuses on providing cyber criminals with tools that they can take advantage of during the 2023 holiday peak season in retail.

ZeroFox found that OLVX marketplace activity spiked significantly in fall 2023 due to more items selling on the marketplace, and buyers rushing to the new store to purchase those items. OLVX is estimated to be the result of leaked OLUX code from 2020/2021, according to an investigation.

Post-leak stores use improved versions of OLUX code, even though the old OLUX code is outdated. For better accessibility and better web hosting, OLVX hides the contents of its website on Cloudflare. For customer growth, OLVX does not make use of the dark web; instead, it relies on SEO and forums to grow customers.

For customer support, OLVX runs a Telegram channel to provide support. The company's reputation and earnings are boosted by strong relationships with its customers. Unlike most other markets of this nature, OLVX does not rely on an escrow service to ensure funds are protected.

Instead, it offers a "deposit to direct payment" system which supports Bitcoin, Monero, Ethereum, Litecoin, TRON, Bitcoin Cash, Binance Coin, and Perfect Money as cryptocurrencies. By doing this, users are encouraged to spend more, because funds are always available, so browsing leads to more frequent purchases for the user.

To maintain privacy and security, customers who are running low on funds are advised to use time-limited anonymous cryptocurrency addresses to "top-off" their accounts, in order to maintain funds. During the holiday season, OLVX and similar marketplaces thrive as cybercriminal hubs, supplying tools for targeting campaigns to cybercriminals during the colder months.

On the site, OLVX offers hosting via Cloudflare and advertises DDoS protection through Simple Carrier LLC, which is a substandard hosting provider. Consumers are increasingly putting their security at risk as they shop.

OLVX is one of the leading tools that criminals use during the holiday season for illicit activities, making this the time of year when criminals run their heists. Due to the unique nature of the platform, an independent verification team can not verify that the above quality and validity claims are accurate, however, users believe that OLVX's rising popularity and established reputation lend credibility to the majority of the claims.

Interestingly, Zerofox indicates that fraudulent activity on the platform starts to increase as users get closer to the holiday shopping season, which means that buyers should maintain heightened vigilance so as to avoid scams and identify fraud.

El Salvador to Offer Citizenship for a $1 Million Bitcoin ‘Investment’



 

Tether

Bitcoin Citizenship cryptocurrency Cyber Security El Salvador El Salvador Government Tether

El Salvador to Offer Citizenship for a $1 Million Bitcoin ‘Investment’

Last week, the El Salvador government, along with the stablecoin company Tether, joined in an initiative called ‘Adopting El Salvador Freedom,’ which will enable foreigners to obtain a Salvadoran passport in exchange for a million dollars in Bitcoin.

This initiative, which has a 1,000-participant annual cap, seeks to attract high-net-worth individuals by providing them with residency and eventual citizenship in exchange for their investment.

The initiative will require the ‘participant’ to make a $1 million investment in BTC or USDT, and successful applicants will be eligible for a Salvadoran passport and citizenship. According to a Bitcoin news source, Adriana Mira, El Salvador's Vice Minister of Foreign Affairs, emphasized the program as a critical step for anyone hoping to contribute to El Salvador's economic future.

However, Tether needed to make it clear where the funding will take place.

In September, El Salvador became the first nation to accept Bitcoin as a legal tender. The country required companies to accept the popular cryptocurrency as payment and launched a digital wallet named "Chivo" to encourage its citizens to use it by offering a $30 sign-up bonus in Bitcoin.

However, this plan evoked controversies among the Salvadoran public, with them protecting against the action – and President Nayib Bukele's alarming shift towards autocracy ensued – a vast majority of them continuing the use of cash. According to Fortune, Bitcoin's price fell from an all-time high of over $69,000 in November 2021—when Bukele announced the building of a “Bitcoin City”— to less than $17,000 by the start of 2023 as a result of Bukele's disastrous use of tens of millions of federal funds on the cryptocurrency.

How Did Bitcoin Boost The El Salvador’s Tourism

Despite the controversy revolving around the initiative, the country has gained popularity among Bitcoin enthusiasts worldwide. The country’s tourism minister announced in May that travellers were coming to the nation in unprecedented quantities because of its dedication to cryptocurrency. This included a huge number of the most well-known “Bitcoin maxis” in the world, such Swan Bitcoin, a powerful business that established a home in El Zonte, a surf town that is primarily responsible for sparking the nation’s Bitcoin experiment.

Researchers: 'Black Basta' Group Rakes in Over $100 Million



 

TrendMicro

Bitcoin Canti Conti CorvusInsurance Cyber Crime Cybersecurity Darkweb DigitalCurrency Elliptic Extortion Garantex Hackers Laundering Ransomware TrendMicro

Researchers: 'Black Basta' Group Rakes in Over $100 Million

A cyber extortion group believed to be an offshoot of the infamous Russian Conti hacker organization has reportedly amassed over $100 million since its emergence last year, according to a report published on Wednesday by digital currency tracking service Elliptic and Corvus Insurance.

The group, known as "Black Basta," has allegedly extorted at least $107 million in bitcoin, with a significant portion of the laundered ransom payments flowing to the sanctioned Russian cryptocurrency exchange Garantex, as revealed in the joint report. Attempts to contact Black Basta through its dark web site were unsuccessful. Garantex, which faced U.S. Treasury sanctions in April of the previous year, expressed support for global initiatives combatting cybercrime and urged information-sharing regarding the hackers' finances, pledging to block suspicious funds.

Elliptic co-founder Tom Robinson characterized Black Basta's substantial earnings as making it "one of the most profitable ransomware strains of all time." The researchers arrived at this figure by identifying known ransom payments linked to the group, tracing the laundering of digital currency, and discovering additional payments.

Robert McArdle, a cybercrime expert from security firm TrendMicro not involved in the report, deemed the reported Black Basta figure "certainly in a believable range for their operations."

The Elliptic-Corvus report also presented evidence linking Black Basta to the now-defunct Russian group "Canti." Conti, formerly a prominent ransomware gang, gained notoriety for coercing victims through data encryption, ransom demands, and threats to publish stolen information.

The report suggests that individuals from Conti, following the dismantling of its leak site after Russia's invasion of Ukraine and the subsequent posting of U.S. bounties on its leadership, may have reorganized and rebranded, with Black Basta potentially being a manifestation of this restructuring.

"Conti was perhaps the most successful ransomware gang we've seen," remarked Robinson. The recent findings indicate that some individuals responsible for Conti's success might be replicating it with the Black Basta ransomware, he added.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Showing result(s) for