All about Blockchain, Cryptocurrency, Digital Transformation

Discussion in 'Off Topic' started by Dr. AMK, Jan 7, 2018.

  1. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    4,488
    Messages:
    15,708
    Likes Received:
    19,326
    Trophy Points:
    931
    Is your computer safe from the cryptojackers? - BBC Click
    (coverage takes a break at 10:05 then restarts at 15:40)

    BBC Click
    Published on Apr 30, 2018
    Click visits a cryptocurrency mine in Iceland and investigates 'cryptojacking', the new crime becoming a craze amongst hackers.
     
    Last edited: Apr 30, 2018
    Dr. AMK likes this.
  2. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    4,488
    Messages:
    15,708
    Likes Received:
    19,326
    Trophy Points:
    931
    This cryptocurrency mining malware also disables your security services
    A year on from the vulnerabilities being leaked, attackers are still using leaked NSA tools to power new attacks - this time with the newly uncovered PyRoMine.
    By Danny Palmer | April 24, 2018 -- 10:43 GMT (03:43 PDT)
    https://www.zdnet.com/article/this-...malware-also-disables-your-security-services/

    "A new form of cryptocurrency mining malware uses a leaked NSA-exploit to spread itself to vulnerable Windows machines, while also disabling security software and leaving the infected computer open to future attacks.

    The Python-based malicious Monero miner has been uncovered by researchers at security company Fortinet who've dubbed it PyRoMine. It first appeared this month and spreads using EternalRomance, a leaked NSA-exploit which takes advantage of what until a year ago had been an undisclosed SMB vulnerability to self-propagate through networks.

    EternalRomance helped spread BadRabbit ransomware and is similar in many ways to EternalBlue, a second leaked NSA exploit which helped fuelWannaCry and NotPetya. Both exploits look for public-facing SMB ports, allowing them to deliver malware to networks.

    Researchers discovered the malware was downloadable from a particular web address as a zip file, bundled with Pyinstaller, a program which packages programs written in Python into stand alone executables, meaning there's no need for Python to be installed on the compromised machine.

    The malicious code behind PyRoMine appears to have been directly copied from a publicly shared EternalRomance implementation.

    Once the PyRoMine payload makes its way onto a machine, a malicious VBScript is downloaded which enables Remote Desktop Protocol (RDP) to enable propagation with the aid of adding a firewall rule that allows traffic on RDP port 3389.

    In addition to this, the malware also stops Windows Updates and allows the transfer of unencrypted data.

    Disabling security software allows the attackers to potentially deliver additional malware, should they eventually pivot away from the cryptocurrency miner, which is downloaded following the manipulation of RDP. The miner is registered as a service named "SmbAgentService" by the file "svchost.exe."

    Once running on a system, the malicious miner will use the power of the machine to mine for Monero - specifically selected because it can be mined by ordinary computers and provides additional privacy to users.

    Currently, PyRoMine isn't widely spread and hasn't made its authors very much money, but the sheer number of machines in the wild which still haven't patched against EternalRomance means there are a lot of potential targets out there. Another reason it hasn't spread is that the authors are still in the testing stage.

    "We first started to see this malware in April 2018, and it looks like it is still being improved, which might be the reason why its earnings are not very high at the moment," said Jasper Manuel, security researcher at Fortinet.

    A patch to protect systems against the leaked-NSA hacking tools was released over a year ago, but there are many Windows machines which haven't received the patch and remain vulnerable to attack.

    While PyRoMine isn't the first cryptocurrency malware to spread via the leaked-hacking tools, the additional damage it could do via disabling systems and security software could lead to it becoming much more dangerous in future.

    "This malware is a real threat as it not only uses the machine for cryptocurrency mining, but it also opens the machine for possible future attacks since it starts RDP services and disables security services," said Manuel.

    "Commodity malware will continue to use the NSA exploits to accelerate its ability to target vulnerable systems and to earn more profit," he added.

    Cryptocurrency mining has become a popular way for cyber-crooks to earn money, with attacks successful over a long period of time because the malware is subtle and remains hidden. The technique is said to be so popular with cybercriminals that it is now as lucrative as ransomware."

    "READ MORE ON CYBERCRIME
     
  3. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    4,488
    Messages:
    15,708
    Likes Received:
    19,326
    Trophy Points:
    931
    Balancing The Ledger: How To Invest In The Crypto Economy I Fortune
    Fortune Magazine
    Published on May 4, 2018
    Chris Burniske, co-author of the book 'Cryptoassets,' explains why crypto valuations are more than just hype and headlines.
     
  4. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    4,488
    Messages:
    15,708
    Likes Received:
    19,326
    Trophy Points:
    931
    The world’s first blockchain toothbrush lets you mine coins by brushing your teeth
    By Masha Borak, Mar 27, 2018
    https://technode.com/2018/03/27/the...h-lets-you-mine-coins-by-brushing-your-teeth/

    "Blockchain is the biggest buzzword of the year. However, we are just now beginning to see what silly creative ways will this technology be applied. The newest example from China is a blockchain-based toothbrush by Shenzhen-based 32Teeth, currently crowdfunding the project through the JD Finance platform.

    The company aims to make your teeth really clean by applying not only blockchain technology, but also facial recognition, sensors, and big data. If the company delivers its promise, the toothbrush is likely to become a favorite among OCD sufferers superheroes. The toothbrush app offers precise identification of 16 tooth surface cleanliness levels, analyzes users’ brushing activity data, and offers a powerful intelligent reminder. It even has AR function which gives you an inside look (literally) into how you brush your teeth.

    [​IMG]
    32Teeth blockchain toothbrush app lets you identify where you should be brushing harder (Image credit: 32Teeth)

    The toothbrush also tries to make each of your 32 teeth—the average number of teeth in an adult—a cryptocurrency mine. Brushing your teeth regularly rewards you with AYA tokens (爱牙币, literally “love teeth coins”) which can be exchanged for more toothbrushes, toothpaste, and dental hygiene services.

    Although some have ridiculed the product—one commentator worried that his mother might give it to the dog to chew so she can mine as much free stuff as possible—many consumers seem excited with the idea. The high tech toothbrush has already exceeded the RMB 100,000 crowdfunding goal required for the project. The crowdfunding will continue until May this year.

    China has recently become the birthplace of other odd blockchain ideas. One example is this triangle-shaped cryptocurrency miner made by Acute Angle which—besides the triangular design—promises a “stable blockchain spirit,” according to the video on their website.

    [​IMG]
    Acute Angle PC (Image credit: Acute Angle)

    However, we shouldn’t be too quick to discard futuristic sounding blockchain projects. Blockchain has the potential to play a significant role in the development of IoT devices since it provides a secure way to transact and record information. Companies such as Huawei and Lenovo are already looking into blockchain-based smartphones. Chinese smart devices company Life Sense has also announced a high-end smartwatch based on blockchain technology last week."
     
Loading...
Similar Threads - Blockchain Cryptocurrency Digital
  1. hmscott
    Replies:
    1
    Views:
    247

Share This Page