#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Blockchain | Breaking Cybersecurity News | The Hacker News

Category — Blockchain
Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

Oct 23, 2021
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and  taken offline  for a second time earlier this week, in what's the  latest action  taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by  Reuters , quoting multiple private-sector cyber experts working with the U.S. government, noting that the  May cyber attack  on Colonial Pipeline relied on encryption software developed by REvil associates, officially corroborating DarkSide's  connections  to the prolific criminal outfit. Coinciding with the development, blockchain analytics firm Elliptic  disclosed  that $7 million in bitcoin held by the DarkSide ransomware group were moved through a series of new wallets, with a small fraction of the amount being transferred with each transfer to make the laundered money more difficult to track and  convert   the funds  into fiat currency through
Users Can Be Just As Dangerous As Hackers

Users Can Be Just As Dangerous As Hackers

Aug 09, 2021
Among the problems stemming from our systemic failure with cybersecurity, which ranges from decades-old software-development practices to Chinese and Russian cyber-attacks, one problem gets far less attention than it should—the insider threat. But the reality is that most organizations should be at least as worried about user management as they are about Bond villain-type hackers launching compromises from abroad. Most organizations have deployed single sign-on and modern identity-management solutions. These generally allow easy on-boarding, user management, and off-boarding. However, on mobile devices, these solutions have been less effective. Examples include mobile applications such as WhatsApp, Signal, Telegram, or even SMS-which are common in the workforce. All of these tools allow for low-friction, agile communication in an increasingly mobile business environment. Today, many of these tools offer end-to-end encryption (e2ee), which is a boon when viewed through the lens of
How to Get Going with CTEM When You Don't Know Where to Start

How to Get Going with CTEM When You Don't Know Where to Start

Oct 04, 2024Vulnerability Management / Security Posture
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities - before they can be exploited by attackers.  On paper, CTEM sounds great . But where the rubber meets the road – especially for CTEM neophytes - implementing CTEM can seem overwhelming. The process of putting CTEM principles into practice can look prohibitively complex at first. However, with the right tools and a clear understanding of each stage, CTEM can be an effective method for strengthening your organization's security posture.  That's why I've put together a step-by-step guide on which tools to use for which stage. Want to learn more? Read on… Stage 1: Scoping  When you're defin
Ethereum Classic (ETC) Hit by Double-Spend Attack Worth $1.1 Million

Ethereum Classic (ETC) Hit by Double-Spend Attack Worth $1.1 Million

Jan 08, 2019
Popular cryptocurrency exchange Coinbase has suspended all transactions of Ethereum Classic (ETC)—the original unforked version of the Ethereum network—on their trading platforms, other products and services after detecting a potential attack on the cryptocurrency network that let someone spend the same digital coins twice. Why is this attack concerning? The heist resulted in the loss of $1.1 million worth of the Ethereum Classic digital currency. The digital currency immediately fell in price after the news came out. Coinbase revealed Monday that it identified "a deep chain reorganization" of the Ethereum Classic blockchain (or 51 percent attack of the network), which means that someone controlling the majority of miners on the network (over 50%) had modified the transaction history. After reorganizing the Ethereum blockchain, the attackers were able to what's called "double spend" about 219,500 ETC by recovering previously spent coins from the rightfu
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
KICKICO Hacked: Cybercriminal Steals $7.7 Million from ICO Platform

KICKICO Hacked: Cybercriminal Steals $7.7 Million from ICO Platform

Jul 30, 2018
Again some bad news for cryptocurrency users. KICKICO, a blockchain-based initial coin offering (ICO) support platform, has fallen victim to a suspected cyber attack and lost more than 70 million KICK tokens (or KickCoins) worth an estimated $7.7 million. In a statement released on its Medium post on July 26, the company acknowledged the security breach, informing its customers that an unknown attacker managed to gain access to the account of the KICK smart contracts and the tokens of the KICKICO platform on last Thursday at around 9:04 (UTC). KICKICO admitted that the company had no clue about the security breach until and unless several of its customers fell victim and complained about losing KickCoin tokens worth $800,000 from their wallets overnight. However, after investigating, the company found that the total amount of stolen funds was 70,000,000 KickCoin, which, at the current exchange rate, is equivalent to $ 7.7 million. KICKICO reported that suspected attackers
Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

May 29, 2018
Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as 'Blockchain 3.0,' that allows developers to build decentralized applications over blockchain infrastructure, just like Ethereum. Discovered by Chinese security researchers at Qihoo 360 —Yuki Chen of Vulcan team and Zhiniang Peng of Core security team—the vulnerability is a buffer out-of-bounds write issue which resides in the function used by nodes server to parse contracts. To achieve remote code execution on a targeted node, all an attacker needs to do is upload a maliciously crafted WASM file (a smart contract) written in WebAssembly to the server. As soon as the vulnerable process parser reads the WASM file, the malicious payload gets executed on the node, which could then al
Gladius Shows Promise in Utilizing Blockchain Tech to Fight Hackers

Gladius Shows Promise in Utilizing Blockchain Tech to Fight Hackers

Nov 27, 2017
Image Credit: Pixelbay Blockchain startups are cropping up left and right aiming to disrupt existing services and business models. These range from the trivial to potentially game-changing solutions that can revolutionize the internet as we know it. Among those that promise to change the world, most are attempting to reconstruct the entire internet infrastructure into something that is decentralized, secure, scalable, and tokenized. There are also those that aim to solve the most significant problems plaguing the digital world, particularly potentially costly and tedious security issues. We do not lack for dangers, ranging from data breaches to denial-of-service attacks, and other hacks. For the most part, there are capable SaaS and software-defined services that are capable enough in addressing the threats that involve malware and DDoS. However, blockchains offer much much more. The plague of DDoS Distributed denial-of-service or DDoS attacks involve a malicious hacke
Learn Ethereum Development – Build Decentralized Blockchain Apps

Learn Ethereum Development – Build Decentralized Blockchain Apps

Nov 06, 2017
As of today — 1 Bitcoin = $7300 USD (Approx 471,000 INR) At the beginning of this year, 1 Bitcoin was approximately equal to $1000, and now it has surged to a new height, marking its market capitalization at over $124 billion. Is it really too late to invest in Bitcoin or other cryptocurrencies like Ethereum? For those wondering if they have missed the money-making boat, the answer is—NO, it's never too late to invest. In case you are new to cryptocurrency trading, we have a simple step-by-step guide on our deal store that explains how to invest in cryptocurrencies . However, the blockchain, the revolutionary technology behind Bitcoin and other digital currencies, is not always about cryptocurrencies. Though it is a decentralized public database which ensures that all transactions are properly conducted and recorded, Blockchains can be used for a wide variety of applications, such as for digital identity management, smart assets, digital voting, distributed cloud sto
EtherParty Breach: Another Ethereum ICO Gets Hacked

EtherParty Breach: Another Ethereum ICO Gets Hacked

Oct 03, 2017
Etherparty announced Sunday that its ICO (Initial Coin Offering) website selling tokens for a blockchain-based smart contract tool was hacked and the address for sending funds to buy tokens was replaced by a fraudulent address controlled by the hackers. Vancouver-based Etherparty is a smart contract creation tool that allows its users to create smart contracts on the blockchain. Companies like this launch ICO to let them raise funding from multiple sources. Etherparty said the company launched its Fuel token sale on Sunday, October 1 at 9 A.M. PDT, but just 45 minutes, some unknown attackers hacked into its ICO website and replaced the legitimate address by their own, redirecting cryptocurrencies sent by investors into their digital wallet. According to the details released by the Etherparty team, the company detected the hack after just 15 minutes and immediately took its website down for nearly one and half hour to fix the issue, preventing more people from sending funds to
Microsoft Launches Ethereum-Based 'Coco Framework' to Speed Up Blockchain Network

Microsoft Launches Ethereum-Based 'Coco Framework' to Speed Up Blockchain Network

Aug 14, 2017
A growing number of enterprises are showing their interest in blockchains , but the underlying software fails to meet key enterprise requirements like performance, confidentiality, governance, and required processing power. However, Microsoft wants to help solve these issues and make it easier for the enterprises to build their networks using any distributed ledger. Microsoft has unveiled a framework called " Coco " — short for " Confidential Consortium " — a new open-source foundation for enterprise blockchain networks . Coco is an Ethereum-based protocol which has been designed to help commercial companies and large-scale enterprises process information on the Ethereum Blockchain with increased privacy. "Coco presents an alternative approach to Ledger construction, giving enterprises the scalability, distributed governance and enhanced confidentiality they need without sacrificing the inherent security and immutability they expect," Mark Russi
Hacker Uses A Simple Trick to Steal $7 Million Worth of Ethereum Within 3 Minutes

Hacker Uses A Simple Trick to Steal $7 Million Worth of Ethereum Within 3 Minutes

Jul 18, 2017
All it took was just 3 minutes and ' a simple trick ' for a hacker to steal more than $7 Million worth of Ethereum in a recent blow to the crypto currency market. The heist happened after an Israeli blockchain technology startup project for the trading of Ether, called CoinDash , launched an Initial Coin Offering (ICO), allowing investors to pay with Ethereum and send funds to token sale's smart contact address.. But within three minutes of the ICO launch, an unknown hacker stole more than $7 Million worth of Ether tokens by tricking CoinDash's investors into sending 43438.455 Ether to the wrong address owned by the attacker. How the Hacker did this? CoinDash's ICO posted an Ethereum address on its website for investors to pay with Ethereum and send funds. However, within a few minutes of the launch, CoinDash warned that its website had been hacked and the sending address was replaced by a fraudulent address, asking people not to send Ethereum to the pos
BlockChain.info Domain Hijacked; Site Goes Down; 8 Million Bitcoin Wallets Inaccessible

BlockChain.info Domain Hijacked; Site Goes Down; 8 Million Bitcoin Wallets Inaccessible

Oct 12, 2016
UPDATE: The site is back and working. Blockchain team released a statement via Twitter, which has been added at the end of this article. If you are fascinated with the idea of digital currency, then you might have heard about BlockChain.Info. It's Down! Yes, Blockchain.info, the world's most popular Bitcoin wallet and Block Explorer service, has been down from last few hours, and it's believed that a possible cyber attack has disrupted the site. The site is down at the time of writing, and the web server reports a bad gateway error, with a message on the website that reads: "Looks like our site is down. We're working on it and should be back up soon." With more than 8 million Digital Wallet customers, BlockChain is users' favorite destination to see recent transactions, stats on mined blocks and bitcoin economy charts. A few hours ago, BlockChain team tweeted about the sudden breakdown of the site, saying: "We're researching a DNS
Warning — Bitcoin Users Could Be Targeted by State-Sponsored Hackers

Warning — Bitcoin Users Could Be Targeted by State-Sponsored Hackers

Aug 19, 2016
Another day, another bad news for Bitcoin users. A leading Bitcoin information site is warning users that an upcoming version of the Blockchain consolidation software and Bitcoin wallets could most likely be targeted by "state-sponsored attackers." Recently, one of the world's most popular cryptocurrency exchanges, Bitfinex, suffered a major hack that resulted in a loss of around $72 Million worth of Bitcoins . Now, Bitcoin.org, the website that hosts downloads for Bitcoin Core, posted a message on its website on Wednesday warning users that the next version of the Bitcoin Core wallet, one of the most popular bitcoin wallets used to store bitcoins, might be replaced with a malicious version of the software offered by government-backed hackers. Specifically, Chinese bitcoin users and services are encouraged to be vigilant " due to the origin of the attackers. " Bitcoin.org doesn't believe it has sufficient resources to defend against the attack.
Craig Wright Will Move Satoshi Nakamoto's Bitcoin to Prove His Claim

Craig Wright Will Move Satoshi Nakamoto's Bitcoin to Prove His Claim

May 03, 2016
Yesterday, BBC broke a story allegedly revealing Craig Wright as the original creator of Bitcoin digital currency Satoshi Nakamoto. However, the highly skeptical cryptographic community is definitely not yet convinced with the technical proofs Wright has yet provided to the media outlets and on his  blog . Now, Wright has promised to provide further evidence for his claim that he is behind the pseudonym, Satoshi Nakamoto. Wright's spokesman told BBC that he would " move a coin from an early block " of Bitcoin owned by Nakamoto " in the coming days. " However, the spokesman did not specify a deadline. " So, over the coming days, I will be posting a series of pieces that will lay the foundations for this extraordinary claim, which will include posting independently-verifiable documents and evidence addressing some of the false allegations that have been levelled, and transferring bitcoin from an early block. ", Wright said in a latest blog post
​DARPA Wants To Build Ultra Secure Messaging App for US Military

​DARPA Wants To Build Ultra Secure Messaging App for US Military

Apr 24, 2016
Just last month, DARPA launched a project dubbed "Improv," inviting hackers to transform simple household appliances into deadly weapons . Now, the Defense Advanced Research Projects Agency is finding someone in the private sector to develop a hacker-proof " secure messaging and transaction platform " for the U.S. military. Darpa wants researchers to create a secure messaging and transaction platform that should be accessible via the web browser or standalone native application. The secure messaging app should " separate the message creation, from the transfer (transport) and reception of the message using a decentralized messaging backbone to allow anyone anywhere the ability to send a secure message or conduct other transactions across multiple channels traceable in a decentralized ledger, " agency's  notice explains. In simple words, DARPA aims to create a secure messaging service that not only implements the standard encryption and se
Wanna Mine Bitcoins Faster? Researchers Find New Way to Do it

Wanna Mine Bitcoins Faster? Researchers Find New Way to Do it

Feb 15, 2016
A new machine for Bitcoin Mining called " Approximate Hardware " would make Bitcoin mining easier. Bitcoin had gained tremendous popularity over a few couple of years among the virtual currencies due to its decentralized principle. Mining a single Bitcoin is not an ice cake walk, as it requires an enormous amount of computing power to dig Bitcoins. To overcome this issue and mine Bitcoins faster, security researchers has conducted a study and made a new loophole in the mining process in an effort to mine the Bitcoins easily. How to Mine Bitcoins Faster? A team of Illinois-based researchers led by Indian Scientist, Rakesh Kumar, has designed a new hardware named " Approximate " that could reduce the pain of Bitcoin mining by 30 percent. The proposed system would make use of the faults in the hardware system such as: False Positives where an error is not present but notifies a fake error. False Negatives where an error is present but
Nasdaq to Use Bitcoin-style Blockchain to Record Shareholder Votes

Nasdaq to Use Bitcoin-style Blockchain to Record Shareholder Votes

Feb 13, 2016
The Nasdaq stock exchange and the Republic of Estonia have announced the use of Blockchain-based technology to allow shareholders of companies to e-vote in shareholder meetings even when they're abroad, according to Nasdaq's press release. Global stock market giant is developing an electronic shareholder voting system implemented on the top of Blockchain technology that underpins Bitcoins . Blockchain – the public and decentralized ledger technology underpins all Bitcoin transactions and logs each transfer of an asset in an encrypted "block" that is added to a permanent, transparent chain showing every deal associated with that asset. Even some of the world's major banks are also considering the adoption of the Blockchain technology. In the mid of last year, 9 of the World's renowned Banks, including JPMorgan, Royal Bank of Scotland, Goldman Sachs and Barclays , collaborated with New York-based financial tech firm R3 to create a new fram
Bitcoin Core Developers Quit Bitcoin Project to Launch a New Digital Currency

Bitcoin Core Developers Quit Bitcoin Project to Launch a New Digital Currency

Dec 28, 2016
Some of Bitcoin's Core developers have left the Bitcoin project and started building their separate cryptocurrency called DECRED . Decred aims to prevent the issues Bitcoin is currently facing regarding project governance and development funding. CEO of ' Company 0 ', Mr. Jacob Yocom-Piatt , who has funded Bitcoin development since early 2013, said the actual development of the Bitcoin cryptocurrency is funded by external entities that forms a conflict of interests between the groups and the project's core developers. According to Bitcoin's developers, these group puts limitations on input in Bitcoin's governance, selecting options that are favorable to their own interests only, and generally ignoring the developers' and project's best interests. "The Bitcoin software is controlled by a small group of people who decide exclusively what can and cannot be changed," Jacob says in a press release . "This is in part due to a la
Police Raid alleged Bitcoin Creator Craig Wright's Home in Sydney

Police Raid alleged Bitcoin Creator Craig Wright's Home in Sydney

Dec 09, 2015
Just hours after the Australian man ' Craig Steven Wright ' outed as the possible real identity of Satoshi Nakamoto , the anonymous creator of Bitcoin, Australian Police raided his home in Sydney. Over 10 police officers raided Wright's home in the Sydney suburbs on Wednesday afternoon. They forcefully opened the door, and 'started searching the cupboards and surfaces of the garage.' However, the Sydney police raid at Wright's home is not associated with the claims of his being involved in creating Bitcoins, rather related to the Australian Taxation Office investigation, the Guardian reported . Wright was recently identified as the mysterious creator of Bitcoin, based on leaked transcripts of legal interviews and a number of emails and blog posts. However, neither Dr. Wright nor anyone else has publicly confirmed the real identity of the founder of Bitcoin Satoshi Nakamoto. In a statement, the Australian Federal Police (AFP) officers said the raids weren
Bitcoin Creator 'Satoshi Nakamoto' Unmasked! An Australian Man 'Craig Wright' identified...

Bitcoin Creator 'Satoshi Nakamoto' Unmasked! An Australian Man 'Craig Wright' identified...

Dec 09, 2015
Breaking Update:   Police Raid alleged Bitcoin Creator Craig Wright's Home in Sydney . Yes, Satoshi Nakamoto , the mysterious creator of the Bitcoin digital cryptocurrency has possibly been identified as an Australian entrepreneur, according to investigations independently done by Wired and Gizmodo . His name is Craig Steven Wright … ...at least based on some convincing evidence shown by both the publications. Bitcoin is a revolutionary virtual currency developed around Blockchain , a complicated cryptographic protocol and a global computers network that oversees and verifies which Bitcoins have been spent by whom. The identity of the ones spending Bitcoins are extremely difficult to trace because of its anonymous nature, therefore, are very popular among criminals. Also Read:   Meet The World's First Person Who Hacked His Body to Implant a Bitcoin Payment CHIP Satoshi Nakamoto is not only the father of an entire economy worth Billions of dollars,
Expert Insights / Articles Videos
Cybersecurity Resources