Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. Cryptojacking has become a more popular way for cyber-criminals to extract money from targets in the form of cryptocurrency. Widely publicized hacks, like ransomware attacks, are some of the ways the hackers are Cryptojacking.
Four young hackers have been arrested in a cryptojacking case involving over 6,000 computers in what is allegedly South Korea’s “first” known case of its kind, Korean English-language news outlet Aju Daily reports Nov. 8. The cryptojacking campaign is said to have lasted two months, as of October 2017, but resulted in mined crypto worth only around one million ($895).
International cybersecurity firm Group-IB has shown that the number of compromised accounts has risen 369 percent since 2017. Data shared with Hard Fork shows that a staggering third of all victims were in the US. Every single one of the top 19 exchanges has been breached; 720 usernames and passwords were stolen in total.
Now, more than ever, it’s a good idea to increase your knowledge of cyber-attacks and pay attention to who you conversate with about cryptocurrency in public. Set a complicated password and until the exchanges sort out their security issues, don’t keep too much on any particular exchange.
Madison County employees were unable to send emails one evening when a ransomware virus infected their computer systems. The virus has had crippling effects on the county’s ability to conduct business according to Madison County’s clerk Kim Muir. Ransomware viruses work by cutting off a user’s access to files and other important systems while demanding a ransom for it back.
The virus was discovered on October 4th, when an employee was checking to make sure the court’s new Odyssey system would run properly for the next day. “We don’t know a lot about how it happened or anything. We’ve got great IT people working to get our systems back up to where they need to be,” Muir says.
Many of the files that were encrypted have since been restored. Muir says they still do not have access to email but hope to have that too, soon restored. The ransomware virus ended up costing the county just under $200,000. Lisa Cannon (IT Director) said the ransomware breach affected over 600 personal computers and up to 75 servers. Weeks were spent recovering data.
Ransomware and other viruses can be easily avoided with 24/7 monitoring of computer networks, strong anti-virus, software patches, and updates, as well as end-user training. Reach out to your IT support team or person whether it be internal or external and make sure all of these things are being taken care of so you can avoid being the next Madison County.
According to a local news report in China’s Da Lian city, 20 arrests have been made in suspicion to hacking over a million computers and using these computers to mine or “generate” cryptocurrency using their victims’ computer processing power. Cryptocurrency is a form of digital “money.”
The hackers created and embedded the malware inside internet browser plug-ins they developed for multiple purposes, such as improved browsing speed, which were shown in display ads that reached 5 million computers in the country.
When clicking the display ads and downloading the plug-ins, over a million computers were breached, mining a total of 26 million digibyte, decred and siacoin tokens over the course of two years, according to the police. China reported this hack has earned its creators more than $2 million.
Hackers apparently opted to mine more minor cryptocurrencies or alt coins since they don't require such significant amounts of computing power, allowing the back-end mining process to be quieter and less likely to be spotted by victims.
The report also indicated the hackers developed a network of more than 100 agents to help propagate the illicit mining software, such as through working relationships with internet cafes.
The DEF CON convention is one of the world's largest hacker conventions, held annually in Las Vegas, Nevada with the first DEF CON taking place in June 1993. Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be "hacked."
The meaning behind this is simple and obvious, there is a LARGE convention where hackers go and show off their new skills, new hacking technology, and even go to show off what kind of damage they can do. As this convention grows, so does the possible threat of someone going back to their hometown and using what they learned on you or your company! Just as these hackers are sharpening their tools, your company should be doing the same via cyber-security!
On the positive side of this otherwise dark convention, a lot of cybersecurity professionals and software engineers also attend this event to help find loopholes in big-name companies and programs to help strengthen cyber defense. So, hackers go to show off their skills and new technology, and the “good guys” come and try to figure out how to stop it.
Blockchain is the digital and decentralized ledger that records all transactions. Anytime someone buys digital currency on a decentralized exchange, sells coins, transfers, or buys goods and services with virtual currency, a ledger records that transaction, often in an encrypted way to protect against cybercriminals. All these transactions are recorded and processed without a third-party provider or bank, which is usually the case.
Banks almost always serve as an intermediary of currency transactions, thus taking their cut in the process. Blockchain developers want the ability to process payments without a need for this middleman. For example, when transferring money to overseas markets, a payment or transaction could be delayed for days waiting for a bank to verify it. People argue financial institutions shouldn’t tie up cross-border payments for such a long time.
Despite popular belief, most blockchain transactions aren't anywhere near as private or anonymous as you'd like to think. Even though you don't have to provide a Social Security number or bank account when buying or selling cryptocurrencies, an analysis of a blockchain can often be traced back to an individual sender or receiving of funds. There are however certain “privacy” coins to counteract this.