Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cryptomining News. Show all posts

Unveiling the Power of Zero-Knowledge Proofs in Blockchain Technology

In the dynamic realm of blockchain technology, a groundbreaking innovation is emerging as a beacon of privacy and security: Zero-Knowledge Proofs (ZKPs). These cryptographic marvels are poised to redefine the landscape of blockchain transactions, offering unparalleled privacy and integrity. Let's delve into the intricate world of ZKPs and explore their transformative potential within the blockchain ecosystem. 

Let’s Understand What is ZKPs Zero-knowledge Proofs 

(ZKPs) stand as a cornerstone of modern cryptography, enabling individuals to assert knowledge of specific data without disclosing the data itself. Their utility extends across various domains, particularly in scenarios where data confidentiality is paramount. 

Privacy on Blockchains: While blockchains offer transparency, preserving privacy is often crucial, especially when dealing with sensitive financial or personal information within smart contracts. To safeguard this data, smart contracts typically require specific inputs before execution. 

Prover and Verifier: In Zero-Knowledge Proofs (ZKPs), one party (the prover) demonstrates cryptographically to another party (the verifier) that they possess accurate knowledge of hidden data. The data remains undisclosed, known only to the prover with a high level of certainty. 

Maintaining Privacy: ZKPs emerge as a key method for ensuring privacy on public blockchains. They enable the prover to prove knowledge without revealing the actual data, crucial for preserving confidentiality in transactions. 

Enhanced Security: Beyond privacy, ZKPs also bolster security. With 66% of organizations experiencing cyber attacks in the past year, such technology becomes increasingly vital for safeguarding sensitive information. 

Understand With This Example: 
Imagine your friend, Chani, claims she knows the password to your favorite online game but does not want to reveal it. Instead, she aims to prove her knowledge without disclosing the password itself. Enter Zero-Knowledge Proofs (ZKPs). 

In this scenario, Chani serves as the prover, while you are the verifier. Chani seeks to demonstrate her knowledge of the password without giving it away. Using a Zero-Knowledge Proof, Chani can achieve this by engaging in a series of interactions with you that showcase her knowledge without directly revealing the password. 

For example, Chani might ask you to input any word as a password and then perform a sequence of actions that only someone aware of the actual password could execute correctly. Perhaps she requests you to enter the password into a login screen multiple times, each time making slight modifications to the input to prove her familiarity with the correct password. After witnessing several successful attempts, you become convinced of Chani's knowledge of the password, even though she never explicitly discloses it. 

In this manner, Chani effectively proves her knowledge without divulging any additional information beyond the fact that she knows the password. This straightforward illustration underscores the efficacy of Zero-Knowledge Proofs in real-life scenarios, enabling individuals to demonstrate possession of specific knowledge without exposing the knowledge itself. Such a concept finds broad applicability across various domains, including cryptography, cybersecurity, and everyday interactions where privacy and security are paramount. 

Understand How ZKP Works? 

Advanced Verification: This is like a security guard checking if someone trying to enter a restricted area knows the secret moves or actions. If someone tries to fake it, the security system detects the trickery. 

Interactive ZKP: This is when the prover has to go through the secret handshake process separately with each verifier every time they want to prove their knowledge. 

Non-Interactive ZKP: Here, the prover creates a special proof that anyone else who knows the secret handshake can easily check without having to interact directly with the prover. It is like having a stamp of approval that others can use to verify your knowledge. 

Zero-Knowledge Proofs (ZKPs) Come in Different Types, Each With its Own Strengths: 

PLONK: This ZKP is highly versatile and can handle various tasks involving many people. It is like a Swiss Army knife of ZKPs, ready for any challenge. 

ZK-SNARKS: These proofs are fast and easy to verify. They are like simple puzzles that you can quickly solve once you have the right pieces. Using smart math tricks, they keep things running smoothly. 

ZK-STARKS: These proofs are lightning-fast. They do not need much chatting back and forth between the prover and verifier, so they speed through the process. 

Bulletproofs: These ZKPs are short and to the point. They do not require any special setup, making them perfect for keeping cryptocurrency transactions private without relying on trust. 

Zero-Knowledge Proofs (ZKPs) are rapidly becoming a standard in various fields, offering solutions to pressing challenges. They enable private transactions, as seen in cryptocurrencies like Zcash, ensuring anonymity for users. Additionally, ZKPs contribute to decentralized identity systems, safeguarding personal information while allowing for verification. Furthermore, they facilitate verifiable computations in decentralized networks, enhancing the trustworthiness of smart contracts accessing off-chain data. With their versatility and security features, ZKPs are poised to continue revolutionizing cybersecurity, Web3 projects, and beyond, shaping the future of digital transactions and identity management. 

Malware Targets Weblog Servers And Dockers APIs For Cryptomining

Malicious malware known as Kinsing is using both recently discovered and legacy vulnerabilities in Oracle WebLogic Server to boost cryptocurrency mining malware. 
  
It was discovered by Trend Micro, that a financially-motivated cyber attack group behind the malware was making use of the vulnerability to run Python scripts that could disable Operating System (OS) security features such as Security-Enahnced Linux (SELinux), and many more. 
 
Kinsing malware has a history of acquiring vulnerable servers to co-opt into botnet devices such as Redis, SaltStack, Log4Shell, Spring4Shell, and the Atlassian Confluence vulnerability (CVE-2022-26134). The malware has also reportedly been involved in campaign container environments via misconfigured open Docker Daemon API ports instigating crypto mining and spreading the malware to other containers am host devices. 
 
In the latest wave of attacks, the malicious actor weaponized a two-year-old Remote Code Execution (RCE) bug, dubbed CVE-2020-14882 (CVSS score 9.8), against unpatched vulnerabilities to seize control of the servers and cause harm to the victims through malicious payloads. 
 
The exploitation of the bug further involved deploying a shell script responsible for various actions, such as removing the var/log/syslog/systemlog, disabling security functions and cloud service agents from conglomerates like Alibaba and Tencent – killing competing crypto mining processes.  
 
It is then followed by the shell script downloading the Kinsing malware from a remote server, along with taking steps to ensure persistence through a cron job. 
 
“The successful exploitation of this vulnerability can lead to RCE, which can allow attackers to perform plethora of malicious activities on the affected systems” Trend Micro said. “This can range from malware execution [...] to theft of critical data, and even complete control of a compromised machine.”
 
TeamTNT malwares makes comeback
 
Researchers at Aqua Security, a cloud-native security company, have linked three new attacks to another “vibrant” cryptojacking group called "TeamTNT", which eventually stopped functioning in November 2021.  
 
“TeamTNT has been scanning for microconfigured Docker Daemon and deploying alpine, a vanilla container image, with a command line to download a shell script (k.sh) to C2 server”, stated Aqua Security researcher Assaf Morag. 

The attack chain appears to be designed to crack SECP256K1 encryption, which if successful could give the malicious actor the ability to compute the keys for each cryptocurrency wallet. Thus, using high but illegal processing power of its targets to run the ECDLP solver and acquire the key. The other two attacks carried out by the threat group involve exploiting exposed Redis servers and misconfigured Docker API to provide cryptominers and Tsunami binaries. 
 
The targeting of Docker REST APIs by TeamTNTs has been well-documented over the past years. But in an operational security blunder observed by Trend Micro, credentials connected with two of the attacker-controlled DockerHub accounts have been uncovered. 

The accounts namely 'alpineos' and 'sandeep078' are said to have been used to distribute numerous malicious payloads like rootkits, Kubernetes exploits kits, credential stealers, XMTig Monero miners, and even the Kingsing malware. 
 
“The account alpineos was used in exploitation attempts on out honeypots three times, from mid-September to early October 2021, and we tracked the deployments’ IP addresses to their location in Germany,” stated Nitesh Surana, a researcher at Trend Micro. 
 
As estimated by Trends Micro, alpineos image has been downloaded more than 150,000 times. This further notified Docker about these accounts. 
 
The cybersecurity platform recommends organizations configure the exposed RESR API with TLS to steer clear of the adversary-in-the-middle (AiTM) attacks, along with using credential stores and helpers to host user credentials.

In-Browser Cryptomining Service, 'Coinhive' to Shut Down on March 8, 2019



Coinhive, an in-browser Monero cryptocurrency miner which was designed to provide web developers a JavaScript will be terminating its operations soon.  

Officials at Coinhive put the news forth in a blog post on February 26 where they cited various reasons for their decision of shutting down all their operations. The post suggested that following a 50 percent drop in hash rate, Cryptocurrency service, Coinhive decided to discontinue its operations on March 8, 2019.  

Referencing from the blog post, "The drop in hash rate (over 50%) after the last Monero hard fork hit us hard," the company said. "So did the 'crash' of the crypto currency market with the value of XMR depreciating over 85% within a year."

"This and the announced hard fork and algorithm update of the Monero network on March 9 has lead us to the conclusion that we need to discontinue Coinhive," said the officials.

The project which no longer is economically viable was launched in September 2017 as an alternative to traditional banner ads.

Before Coinhive’s in-browser Monero mining stops working on March 8, the registered users will be made dashboards accessible until April 30 so that they can withdraw funds from their respective accounts.

The digital currency mining service, despite the consistent efforts of the team never become one of the major websites in the league. Moreover, it was subjected to heavy criticism for skyrocketing the CPU usage inside browsers. 

Afterward, it went on becoming immensely popular among cybercriminals for cryptojacking and recently a report from Kaspersky Labs suggested that cryptojacking left behind ransomware and became the biggest cybersecurity threat. 

Referencing from the announcement made by the company,

“Some of you might have anticipated this; some of you will be surprised. The decision has been made. We will discontinue our service on March 8, 2019. It has been a blast working on this project over the past 18 months, but to be completely honest, it isn’t economically viable anymore.”

“The drop in hash rate (over 50%) after the last Monero hard fork hit us hard. So did the “crash” of the cryptocurrency market with the value of XMR depreciating over 85% within a year. This and the announced hard fork and algorithm update of the Monero network on March 9 has lead us to the conclusion that we need to discontinue Coinhive.”