November 03, 2017
By William Suberg - November 03, 2017 (cointelegraph.com)
Researchers have unearthed a further Bitcoin virus amid warnings that CryptoShuffler had made a comeback, stealing over $140,000.
According to Russian news media resource RBC, Kaspersky and ESET antivirus researchers have discovered two apps which do not officially exist infecting users on Google Play.
The apps purport to be from cryptocurrency exchange Poloniex, despite Poloniex not actually having an app.
After download, users who enter login information find funds being stolen from their Poloniex accounts. So far, around 5,000 downloads have completed, the investigators warned.
“These two apps were trying to steal Poloniex credentials as well as gaining access to user emails,” ESET’s Lukas Stefanko said in a warning first issued last week.
The latest threat adds to the soup of malicious items currently targeting Internet users, leveraging Bitcoin as a weapon.
In addition to CryptoShuffler, which takes advantage of copy+paste tools to replace destination Bitcoin addresses, businesses last week continued to be held to ransom by new Bitcoin malware.
Bad Rabbit, which targeted major outfits in Russia, Ukraine and further afield, displayed similar characteristics to May’s WannaCry attack.
Stefanko meanwhile advised users to enable two-factor authentication as a matter of course to guard against falling prey to current or future hackers.
October 25, 2017
By Darryn Pollock - October 25, 2017 (cointelegraph.com)
The rising value of cryptocurrencies is likely to push up corporate ransom and extortion demands, a UK cyber security company warns. With Bitcoin reaching over $6,000 this week and other more anonymous coins also jumping in value, it is becoming more lucrative for criminals.
There have been highly publicized cases where cybercriminals and hackers have taken corporations hostage with their ransom demanded in cryptocurrencies. Now, there is an even bigger incentive to make high demands as the payoffs are much larger.
Demands for at least $25 mln are likely to increase because technological changes in virtual currencies are making it easier for criminals to move sums anonymously, says MWR InfoSecurity.
MRW, which tests cyber defenses for banks and governments, has made the risks known to several large city institutions in a report that focuses on the effects of the growing interest in trading cryptocurrencies.
A liquid market
It is not only the high price of these digital currencies that are making it attractive to criminals; it is because the surge in demand is slowly building the depth and liquidity of the market.
The growing liquidity makes it easier for buyers and sellers of assets to conduct transactions without dramatically moving the asset’s price and rising prices enable larger sums to change hands more easily.
“A single transaction that consumes much of the liquidity of a market is very likely to be noticed, whilst a proportionally smaller transaction on a larger marketplace will generate less attention. As such, increasing liquidity of cryptocurrencies will mean criminals can extract greater values,” the report said.
Good for crypto is good for criminals
In July, it emerged that British companies were stockpiling cryptocurrency in case of ransomware attacks. They were prepared to pay on average £136,000 to regain access to critical data and intellectual property.
However, since there has been an increase in value, as well as the Blockchain infrastructure with the implementation of SegWit, things have become smoother for everyone including criminals.
Collecting real-world cash that could be spent anonymously presented problems for criminals until earlier this year, the report added, in part because the Blockchain, the infrastructure underpinning Bitcoin, sometimes took minutes or hours to finalize payments. Until then, ransomware demands were limited to about $40,000, the report argued.
But in late July Bitcoin split into two currencies and transaction payment times have been speeded up.