Bitcoin | Breaking Cybersecurity News | The Hacker News

Cyber criminals are more business-minded than you might expect. As the business has moved to greater use of mobile and non-Windows computers, so cyber criminals have adapted techniques monetize their efforts. Security researchers at Lookout Mobile Security discovered that various apps uploaded to Google Play Store containing hidden Coinkrypt android malware, that can turn your mobile device into crypto-currency miners. As we know, coin mining is the key component for digital currencies, so the malware uses a botnet of infected Android Smartphones to mine for currency. Such malware does not steal data. Instead, they are capable of mining Bitcoin , Litecoin and Dogecoin using the victim's device. " Mining can be incredibly resource-intensive and, if allowed to run without any limits, could potentially damage hardware by causing it to overheat and even burn out. " researchers said. The Antivirus firm Trend Micro also spotted two apps named - ' Song

Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices. A Linux worm named Linux . Darlloz , earlier used to target Internet of Things (IoT) devices, i.e. Home Routers, Set-top boxes, Security Cameras, printers and Industrial control systems; now have been upgraded to mine Crypto Currencies like Bitcoin. Security Researcher at Antivirus firm Symantec spotted the Darlloz Linux worm back in November and they have spotted the latest variant of the worm in mid-January this year. Linux . Darlloz worm exploits a PHP vulnerability ( CVE-2012-1823 ) to propagate and is capable to infect devices those run Linux on Intel's x86 chip architecture and other embedded device architectures such as PPC, MIPS and MIPSEL. The latest variant of Linux . Darlloz equipped with an open source crypto currency mining tool called ' cpuminer ', could be use

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

This News will blow everyone's mind! If you are a bitcoins holder then you might be aware of  MtGox , Once the World's biggest Bitcoin exchange .  MtGox  filed for bankruptcy last month after saying it lost some 8,50,000 Bitcoins to hackers and suddenly went dark with no explanations. A few days ago, some unknown hacker breached into the personal blog and Reddit account of MTgox CEO,  Mark Karpeles  to level charges of fraud. But, Hackers are very clever to avail every eventuality they get. After compromising the MtGox CEO's blog, the hacker posted a 716MB ZIP file, MtGox2014Leak.zip , which contains the data dump and specialized software tools for remote access to MtGox data, but these software tools turned out to be a Bitcoin wallet stealing malware , according to the research carried out by the Kaspersky Lab Expert , Sergey Lozhkin. The application was actually a malware, which was created to search and steal Bitcoin wallet files from the victims' computer.

' Satoshi Nakamoto ', the mysterious founder and creator of the biggest digital cryptocurrency ' Bitcoin ' has reportedly been unmasked as a 64-year-old father of six living in Temple City, Southern California. Satoshi Nakamoto introduced Bitcoin to the world in 2008, but his identity has remained unknown. Till now, there was speculation that he might be a rebellious young programmer based in Tokyo, who took up the Nakamoto moniker as an alias. B ut t he most astonishing thing about this Japanese-American man is that, his real name is Satoshi Nakamoto , who has been finally identified by Newsweek magazine . Newsweek journalist, Leah McGrath Goodman also had a face-to-face meeting with Satoshi Nakamoto, and during an interview he said, " I am no longer involved in that [Bitcoin] and I cannot discuss it, " he said. " It's been turned over to other people. They are in charge of it now. I no longer have any connection. " and even he kep

Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named " Dendroid ". Previously Symantec found an Android Remote admin tool named AndroRAT is believed to be the first malware APK binder. However, Dendroid runs on HTTP with many malicious features. Dendroid toolkit is able to generate a malicious apk file that offers amazing features like: Can delete call logs Open web pages Dial any number Record calls SMS intercepting Upload images, video Open an application Able to perform DoS attack Can change the command and control server The author of Dendroid also offers 24/7 customer support for this RAT and Android users can buy this toolkit at $300 by paying Bitcoin , Lifecoin. Experts at Symantec said that Dendroid has some connection with the previous AndroRAT toolkit . Dendroid being an HTTP RAT offers PHP

Are you the one of the Digital Currency Holder? PONY is after You.  A Group of cyber criminals has used hundreds of thousands of infected computers of the digital currency holders to filch approximately $220,000 worth of Bitcoins and other virtual currencies. The researchers at the security firm, Trustwave have uncovered the Bitcoin Heist that was accomplished by the computers infected with a new class of malware that has been dubbed as ' Pony ', a very powerful type of Spying Keylogger Malware with very dangerous features that was last time found two months ago. Pony, for those who have not yet heard about it, is a bot controller much like any other, with the capability to capture all kinds of confidential information and access passwords. It contains a control panel, user management, logging features, a database to manage all the data and, of course, the statistics. It can see the passwords and login credentials of infected users when they access applications and

World's largest Bitcoin exchange Mt. G ox  has shut down its website, withdrawal system, deleted its Twitter feed and halted all trading systems after it detected " unusual activity ." The Bitcoin Foundation, a Bitcoin advocacy group, confirmed th at Mark Karpeles , the chief executive of Tokyo-based Mt. Gox  bitcoin exchange has resigned from the board of the Bitcoin Foundation. This comes just days after the exchange gave an update regarding the technical issues. Last week, Mt. Gox said a technical glitch that had forced the exchange to suspend bitcoin withdrawals for a week. They discovered the transaction falsification glitch and same flaw alleged to have been used to steal all of the bitcoins worth about $2.7 million from Silk Road 2.0 . Later, some sources close to the matter have confirmed that more than 700,000 bitcoins are indeed missing from MtGox records, in a ' slow-leak ' hack that went on for years. The repeated technical glitches over

Till now we all have heard about the Ransomware malware that encrypts your files or lock down your computer and ask for a ransom amount to be paid in a specified duration of time to unlock it. Emsisoft has detected a new piece of malware called " Linkup ", dubbed as " Trojan-Ransom.Win32.Linkup " that doesn't lock your computer or encrypts files; rather it blocks your Internet access by modifying the DNS settings, with the ability to turn your computer into a Bitcoin mining robot.  Sounds Interesting?? Once the Linkup Trojan is installed in your system, it makes a copy of itself and disables the selected Windows Security and Firewall services to facilitate the infection. Injected poisoned DNS Server will only allow the malware and Bitcoin miner to communicate with the internet. It display a bogus notification on the victim's web browser, which is supposed to be from the Council of Europe , that accuses you of viewing " Child Pornography " and only returns th

Last year in the month of December the Security-focused Unix-like distribution ' OpenBSD ' Foundation announced that it was facing shut down due to lack of funds to pay their electricity bills and dedicated Internet line costs. Theo de Raadt , the founder of the OpenBSD project, and Bob Beck (Developer) announced : " In light of shrinking funding, we do need to look for a source to cover project expenses. If need be the OpenBSD Foundation can be involved in receiving donations to cover project electrical costs. But the fact is right now, OpenBSD will shut down if we do not have the funding to keep the lights on. " Just after a month, a Bitcoin billionaire from Romania has stepped in and sorted OpenBSD out! Mircea Popescu , the creator of the MPEx Bitcoin stock exchange has offered $20,000 donations to the OpenBSD Foundation and saved the existence of OpenBSD development from being stopped. Like each open source project, OpenBSD production servers we

In last October, the Feds told they would probably just  liquidate the bitcoins  seized from the online black market Silk Road, once they were legally free to do so. Finally the United States District Judge  J. Paul Oetken   signed off  on the forfeiture order for the Bitcoins, clearing the government to sell the assets. Last September, the FBI had seized  29,655 Bitcoins from the online black market Silk Road after its alleged 29-year-old mastermind, Ross William Ulbricht , aka ' Dread Pirate Roberts ' was arrested and charged with possessing controlled substances and committing or conspiring to commit computer hacking offenses, among other charges. This new ruling represents the largest-ever forfeiture of Bitcoins . The assets include the Silk Road hidden website and 29,655 Bitcoins , worth more than $28 Million according to current exchange rates. Manhattan U.S. Attorney Preet Bharara said: "With today's forfeiture of $28 million worth of Bitcoins fr

Like Bitcoin, There are numerous other cryptocurrency similar in nature, including  MasterCoin , ProtoShares, Litecoin, Peercoin, BitBar and many more. One of them is  Primecoin  (sign: Ψ; code: XPM),  a peer-to-peer open source cryptocurrency that implements a scientific computing proof-of-work system. Unlike Bitcoin or other virtual currencies, only Primecoin provides a proof of work that has intrinsic value. It generates a special form of prime number chains, known as ' Cunningham chains & bi-twin chains ' and has a real world importance in mathematical research. Worldwide famous RSA Encryption basically uses two prime numbers for generating a RSA key pair. If you are able to factorize the public key and find these prime numbers, you will then be able to find the private key. Thus, the whole Security of RSA encryption is based on the length of prime numbers. So, Primecoin plays a great role for crypto researchers to get large... and a very large number of Primes. Like

Ransomware is one of the most blatant and obvious criminal's money making schemes out there. Ransomware malware was mostly known by the people when Cryptolocker comes into play. At the time when readers were getting aware of ransomware, Cryptolocker threat had touched the peak and other money motivated cyber criminals have started developing their own Cryptolocker versions. Two hackers going by the name of ' gyx ' and ' Porphyry ' (admin of maldev.net hacking forum) are advertizing a new ramsomware malware tool-kit called "Prison Locker" on various hacking forums with tutorials. They have developed the Prison Locker a.k.a Power Locker ramsomware toolkit in C/C++ programming language, proving a GUI version with customizable features for customers. The Ransomware is using BlowFish encryption to encrypt all available files on the victim's hard disk and shared drives except . exe , . dll , . sys , other system files. During encryption it will ge

As the year draws to a close, we have seen the number of emerging threats like advance phishing attacks from the Syrian Electronic Army , financial malware and exploit kits, Cryptolocker ransomware infections, massive  Bitcoin theft, extensive privacy breach from NSA and many more. The financial malware's were the most popular threat this year. Money is always a perfect motivation for attackers and cyber criminals who are continually targeting financial institutions. On Tuesday, Antivirus firm Symantec has released a Threat report, called " The State of Financial Trojans: 2013 ", which revealed that over 1,400 financial institutions have been targeted and compromised millions of computers around the globe and the most targeted banks are in the US with 71.5% of all analyzed Trojans. Financial institutions have been fighting against malware for the last ten years to protect their customers and online transactions from threat. Over the time the attackers adapted to these counter

Data breaches and security incidents are a constant in the headlines these days. Hackers and cyber criminals   are motivated by status or money and finding new innovative and more creative attacks to achieve this. One of them are, Digital Bank robbery  - where the thieves didn't need masks and guns to pull off the job, all they need are - Hacking Skills, a computer and the Internet. Another way is  Cyber extortion  - threat of attack against an enterprise or a bank, coupled with a demand for money to avert or stop the attack. According to Haaretz news, A Hacker - who is the operator of a biggest botnet malware network in the Israel, has threatens 3 major Israeli banks, i.e. Israel Discount Bank, Bank Yahav and the First International Bank of Israel. " Bank received an e-mail message threatening that unless they handed over a certain sum in Bitcoins by the end of next week, a list of customers' details would be given to hostile elements. " Banks database, network an

World's largest Bitcoin poker website ' SealsWithClubs ' has been compromised and around 42,000 users' credentials are at risk. Seals With Club  has issued a  Mandatory Password Reset   warning to their users, according to a statement published on the website. The service admitted their database had been compromised and revealed that the data center used until November was breached, resulting 42,020 hashed password theft. " Passwords were salted and hashed per user, but to be safe every user MUST change their password when they next log in. Please do so at your earliest opportunity. If your Seals password was used for any other purpose you should reset those passwords too as a precaution. " and " Transfers may be disabled for a short period of time.". Seals With Clubs used SHA1 hash functions to encrypt the passwords, but SHA1 is outdated and easy to crack if not salted. ' StacyM ', a user then posted the hashed passwords on a web forum o

The German Federal Criminal Police Office (BKA) has arrested a gang of cyber criminals believed to be responsible for creating the Skynet Botnet. Skynet was first detected by Security Firm G DATA in December 2012. It is a variant of the famous Zeus malware to steal banking credentials with DDoS attack and Bitcoin mining capabilities. The Botnet was controlled from an Internet Relay Chat (IRC) server hidden behind Tor network in order to evade sinkholing. According to a press release from German police, they arrested two people suspected of illegally generating Bitcoins worth nearly $1 million using a modified version of existing malware i.e. Skynet Botnet. German police conducted raids earlier this week on 3rd December and found evidence of other hacking activities i.e. Fraud and distribution of copyrighted pornographic material. A third person is under suspicion but has not been arrested. However, Police didn't mention Skynet Botnet in their press release, but just a day