Author: Dennis Wafula

MikroTik cryptojacking still in play with over 400K affected routers

The number of MikroTik routers that have been affected by a malicious malware that mines privacy-centric cryptocurrency Monero (XMR) has risen to 415,000, according to security researchers.

The cryptojacking malware was first discovered in August. According to a Trustwave report, the malware attacked the MikroTik routers after their systems became vulnerable earlier this year in April. Initially, hackers had penetrated 175,000 routers and then expanded to Eastern Europe, where they attacked 25,000 more routers. The hackers were using Coinhive and 15 other malware to mine XMR.

Since it was discovered, Twitter user VriesHd and researchers from Bad Packets have been following the cryptojacking malware. In September, they reported the number of affected MikroTik routers have risen to 280,000. In his recent tweet, VriesHd explains that the numbers have doubled since the initial attacks.

According to VriesHd, the number is derived from checking three possible ways hackers could be abusing MikroTik, although the number could be higher since the data reflects IP addresses known to have been infected with cryptojacking scripts. He noted that it would not surprise him if the actual number totals to somewhere around 350,000 to 400,000.

The researcher further found that the hackers are no longer exclusively using Coinhive; they have been using other mining software like Omine and CoinImp to mine the privacy-centric cryptocurrency.

To protect themselves from the malware, Bad Packets Report security expert Troy MUrsch advises MikroTik router users to download the latest firmware version available for their device. This will prevent the malware from using their routers to mine cryptocurrencies.

VriesHD also points out that internet service providers (ISPs) can also be used to fight the spread of malware by forcing over-the-air updates to the routers.

Cryptojacking cases continue to rise with figures increasing by 500% this year. According to reports, Brazil is the leading country affected by the malicious malware. Research shows that Coinhive has hit the country over 81,000 times in October. India ranks second with 29,000 discovered incidents followed by Indonesia, which has more than 23,000 cryptojacking cases.

The post MikroTik cryptojacking still in play with over 400K affected routers appeared first on CoinGeek.

Read More

US regulator calls for global cooperation to stop fraudulent ICOs

Initial coin offerings (ICOs) are outright frauds that need to be stopped, according to the U.S. Securities and Exchange Commission (SEC). This is why it has become hard for regulators to monitor ICOs activities in different jurisdiction because often money raised in ICOs comes from investors in America and other parts of the world.

While speaking at Harvard Law School’s Program on International Financial System, SEC Co-Director for Enforcement Division Steven Peikin noted how the ICO market has exploded from a mere concept to a phenomenon within a short period of time. In 2016, ICOs raised $100 million, while in 2018, they raised $22 billion—a 22,000% increase. The novelty of ICOs, accompanied with the excitement surrounding blockchain technology, has been a key attraction that enterprising people have been using to lure investors, according to Peikin.

The hype and growth of the  ICOs can obscure the fact that most of these offering are high-risk investments. At times, the issuers may lack established records of accomplishment. They may also not have viable products business model or proper security measures safeguarding the digital assets from hackers. Without considering all these investors are quick, to pour out their money to projects that eventually fraudulently shut down.

Peikin recalled the case of ICO fraud conducted by Canadian Dominic Lacroix, who defrauded many U.S. investors out of some $15 million by promising a 13-fold profit in less than a month. Lacroix turned out to have had a long history of doing similar financial frauds in Quebec and Canada.

Peikin believes in fighting the fraudulent activities in ICOs and the crypto space there should be global cooperation. He acknowledges collaboration between, the United stated and Canada in Operation Crypto Sweep. The operation was launched in May 2018 by the two countries, which is conducting over 70 investigations into cryptocurrency scams and fraud in ICOs. So far, the North American Securities Administrators Association has sent cease letter to operators of fraudulent crypto companies I more than forty jurisdictions in both countries.

According to Peikin, “The sponsors of ICOs are, in many instances, located outside the United States. And international cooperation is critical to our ability to investigate and, where appropriate, recommend that the Commission bring enforcement action.”

Meanwhile, SEC lawyers recently warned celebrities from endorsing ICOs to avoid being charged with fraud. A few celebrities, such as Floyd Mayweather and Dj Khaled, have already fallen victims to such fraudulent ICOs.

The post US regulator calls for global cooperation to stop fraudulent ICOs appeared first on CoinGeek.

Read More

CoinZoom secures license to start Australian operations

CoinZoom, a U.S.-based cryptocurrency exchange, will soon start its operations in Australia after its subsidiary, CoinZoom Australia, received approval from the Australian Transaction Reports and Analysis Centre (AUSTRAC).

According to the announcement, CoinZoom Australia will be able to offer its services to people across Australia lawfully. The exchange will now be able to accept and exchange fiat and digital currencies including BTC, Bitcoin Cash, Litecoin, Ethereum, Ripple and other alt coins.

Under the license, CoinZoom Australia will provide its services to people in Australia and around the world.

CoinZoom CEO Todd Crosland stated that receiving the license will help actualize the company’s vision of providing global cryptocurrency traders with innovative trading technology. He added that the license was an essential step in the company’s goal to provide globally compliant digital currency trading.

With the license in place, CoinZoom is expected to launch Coin Zoom Australia next year, possibly in the first quarter of 2019. Customers wishing to use the exchange will be required to comply with Anti Money Laundering (AML) and Know Your Customer (KYC) requirements in America and Australia.

The exchange will provide a simple and easy “one-stop user experience” to link their credit card, bank account, and cryptocurrency wallets. CoinZoom’s‎ trading platform also offers customers a pattern recognition system; CoinZoom Rewards debit card, and social trading capabilities.

CoinZoom has been offering crypto services to people in the United States for quite some time. It is registered as a money service business (MSB) with the Financial Crimes Enforcement Network (FinCEN) to operate in all 50 states.

AUSTRAC has been actively involved in trying to make sure businesses in the crypto space follow regulations during their operations. The authority has also grown its global network of financial intelligence. In November, the financial authority appointed the first ever AUSTRAC financial intelligence analyst to be posted in China. To facilitate its activities, AUSTRAC received additional funding of $5.2 million from the Australian government. In addition to helping grow its global imprint, the funding was aimed at assisting the authority to conduct a more profound analysis of risks, money laundering activities, threats, and terrorist activities in the country. 

The post CoinZoom secures license to start Australian operations appeared first on CoinGeek.

Read More

To protect investors, Japan plans to regulate ICOs

Japan’s chief financial regulator, the Financial Services Agency (FSA), will reportedly roll out a new set of regulations targeting initial coin offerings (ICOs) in the country. According to Japanese news outlet Jiji Press, the financial authority wants to impose new regulations to protect investors in the crypto space.

Citing the increased fraudulent activities relating to ICOs, FSA believes it is high time they took appropriate actions to provide order and protection for the public. In the proposed regulations, all businesses offering crypto-related services in the country will be required to register with FSA before starting operations.

FSA plans to submit the proposed bill in January 2019, during the ordinary parliamentary session. The proposed bill will seek to revise the financial instruments and exchange law as well as the payment services law, according to the report.

The Japanese FSA is not the only financial authorities to want regulations for the ICO space. In the recent months, the U.S. Securities and Exchange Commission (SEC) has been busy in trying to regulate ICOs. Though it has taken a conservative and traditional approach on ICO, U.S. securities regulator has made a milestone in shaping the ICO industry. Last month, authorities in Thailand also tightened its grip on ICO regulation to create order in the industry.

Different jurisdictions worry that if proper regulations are not set for ICOs, fraudulent activities will cause significant effects on the economy. They have a good reason to worry. According to a recent report by Diar, a cryptocurrency and blockchain research company, ICO fraudulent cases have raised $12 billion, twice more than what was reported in 2017.

In the report, Diar stated that the amount raised by the ICO does not justify their operations.  The report also noted that most of the ICOs either get unlisted or they do not have the funds needed to stay in business. More than 60 percent tokens that completed their ICOs in 2017 and 2018, raising over $2.3 billion in the process, have yet to be listed on any exchange.

The report also noted that a good number of these ICOs have ended up being scams. ICO owners conduct an exit scam after collecting millions of dollars from unsuspecting investors. In the last two years, exit scams caused by ICOs amounted to $100 million.

The post To protect investors, Japan plans to regulate ICOs appeared first on Coingeek.

Read More

Illegally plugging fraud ICO leads to $750K penalty for Mayweather, DJ Khaled

The post Illegally plugging fraud ICO leads to $750K penalty for Mayweather, DJ Khaled appeared first on coingeek.

Read More

Crypto in Africa: Nigerian politician vows support as Uganda seeks crypto regulatory framework

It’s an interesting week for the cryptocurrency space in Africa this week. The continent has seen more governments profess their support for cryptocurrencies publicly, while others are planning to create a regulatory framework for the market.

Nigeria opposition leader promises to support blockchain, cryptos

Atiku Abubakar, the former Nigerian vice president and current opposition presidential candidate, promised his supporters that, when elected, he would work to create blockchain and cryptocurrency regulation for the country.

According to local reports, Abubakar made the announcement while launching his policy document ahead of the February 2019 elections. In the policy, he explains that he plans to use blockchain and cryptocurrencies to help improve the country’s economy.

In his policy document titled ‘Get Nigeria Working Again,’ Abubakar also explain that this government will, in addition, create a regulatory framework for the industry. He stated that regulation would help build the industry, in turn, creating thousands of employment opportunities as well as generating income for the government.

He asserted, “My mission is to make sure that Nigeria’s economy is reactive to the challenges of the 21st-century knowledge economy by keeping up with the amazingly dynamic in the technological pace.”

The crypto ecosystem in Nigeria has been on the rise in the last few years and the country is among the top crypto markets in Africa. If Abubakar gets elected as president, the crypto space in the country stands to see tremendous growth. Despite the current crypto prices and challenges, it seems that Abubakar is optimistic about the cryptocurrency industry.

Uganda has plans for new crypto regulations

The cryptocurrency market in Uganda has shown great promise ever since Binance set up shop in the country. Though not as active as South Africa, Nigeria or Kenya, the market is quickly picking up the pace. With this new development, the government in Uganda has decided to set up regulations to govern all crypto operations. According to reports, the government seeks to establish rules that will protect its citizens from illegal activities in the space.

Thousands of Ugandans have fallen victim to one crypto scam or another and many have lost vast sums of money in the process, local news outlets reported. The government fears the economy in the country might become unstable if this trend continues.

According to David Bahati from the Planning and Finance Ministry, his ministry has finished drafting the bill that pertains to national payments. The bill will be presented before Parliament next month for debate and approval. The bill has already been approved by the Cabinet in Uganda and is believed to shine a light on what citizens can do when they find themselves victims to fraudulent activities in the crypto space.

South Africa seeks to regulate crypto through taxation.

In April 2018, the South African Reserve Bank stated that cryptocurrency is not considered “legal tender” in South Africa. Later, authorities in the country imposed tax regulations on crypto owners that require them to declare their gains and losses concerning their transactions involving cryptocurrency.

In July, the National Treasury published the draft Taxation Laws Amendment Bill (the Bill) for the public, the Treasury’s first attempt to regulate the use of cryptocurrency in the country. It proposes changes to both the Income Tax Act and the VAT Act. One of the proposed changes is the inclusion of cryptocurrency in the definition of “financial instrument” in the Income Tax Act.

Experts claim that the new bill will not be favourable for the crypto space in the country. According to the reports, Section 22 and section 22(1)(a) of the Income Tax Act limits the benefits crypto traders get from valuing their undisputed cryptocurrency using the valuation method contemplated in section 22. In addition, Section 11 also represses investment in FinTech companies in South Africa.

The Treasury has also suggested that the “issue, acquisition, collection, buying or selling or transfer of ownership of any cryptocurrency” be added to the definition of “financial services” in Section 2 of the VAT Act.

While some countries seem to be content with not innovating in the crypto space, it is becoming more apparent that African nations see the true value of digital currency in global economies.

The post Crypto in Africa: Nigerian politician vows support as Uganda seeks crypto regulatory framework appeared first on Coingeek.

Read More

Unauthorized ICO lands crypto mining firm in hot water with Swiss court

Cryptocurrency mining firm Envion AG was reportedly shut down in Switzerland over allegations that it conducted an unauthorized initial coin offering (ICO). On Wednesday, German news outlet Handelsblatt Global reported that the Cantonal court of Zug ordered the company’s liquidation, noting that the Swiss firm lacked any auditing function or board.

Established by Michael Luckow and Matthias Woestmann, Envion is an off-grid mining company that boasts of using decentralized, clean energy such as solar and hydroelectric to power its mobile mining units. The Swiss company held an ICO in early 2018, raising around $100 million.

Luckow accused his partner of taking control of the majority of Envion shares shortly after the company held its crowdsale. Meanwhile, Woestmann claimed Luckow illegally generated another 40 million of Envion’s native tokens (EVN) without the knowledge of the board of directors. This, according to Woestmann, was in addition to the 86 million tokens that were initially agreed on.

In July, the Swiss Financial Market Supervisory Authority (FINMA) launched a probe into Envion’s ICO and found that the company accepted some 100 million francs (worth $100.01 million at the time) from 30,000 investors. The company reportedly gave investors the EVN tokens “in a bond-like form.”

According to reports, FINMA was investigating “possible breaches of banking law resulting from the potentially unauthorized acceptance of public deposits” during the token sale.

Since the dispute between the two, Luckow has been fighting for the firm in a bid to save the original concept. In a Medium post, Envion stated, “The founding team now faces the challenge of responding to fallacious allegations as they make their case against Woestmann. Though Woestmann can produce no evidence supporting his allegations, envion’s founders have begun a campaign to publish the necessary proof to allow investors to determine the truth based on verifiable documentation.”

Financial supervisors have already appointed an investigator to ensure the liquidation process is “unavoidable.”

The post Unauthorized ICO lands crypto mining firm in hot water with Swiss court appeared first on Coingeek.

Read More

Israeli crypto businessman charged with embezzling ICO funds

Moshe Hogeg, a known cryptocurrency entrepreneur in Israel, is reportedly facing embezzlement charges in connection with the missing funds from two initial coin offerings (ICOs). According to local media outlets, the petition against Hogeg was brought to court by 17 shareholders of the now-defunct Israeli binary option company, AnyOption.

The Times of Israel  reported that the petitioners sought to liquidate IDC Investdotcom Holdings, a Cypriot company that was operated from Israel and associated with Hogeg. In their petition, the shareholders claimed Hogeg stole assets and profits from the company, rendering it insolvent.

The petition further explained that the company, which is better known as, held two successful ICOs with each collecting “tens of millions of dollars.” Hogeg, however, allegedly did not share the revenue from the token crowdsales with the shareholders per their contractual agreement.

According to reports, issues between the shareholders and Hogen rose after the crypto entrepreneur failed to meet new agreement terms. The changes started when AnyOption was forced to merge with in June 2017 before the Israeli government ban on binary option took effect in October of the same year. As filed by Shy Datoka, one of the primary shareholders of AnyOption, was interested in getting all the assets that AnyOption had to offer. Initially, offered forex and CFD trading to investors, but later it decided to try to raise money through ICOs.

The two companies changed their merger agreement terms in early 2018. The companies originally agreed that shareholders from AnyOption would own 35% of, but under the new terms, the shareholders were entitled to $3.5 million and a share or token of a new cryptocurrency company they launched, called Stox.

Stox raised $34 million in ETH in August 2017, although the value later rose to $60 million. The crypto company also held another ICO in February for a project called Zodiac, which raised $33 million, according to the petition.

A spokesperson for Hogeg told reporters that Zodiac is a private project and has never issued any tokens, claiming that all shareholders belonging to AnyOption had received all their tokens in Stox.

This year, Hogeg has ventured into what many may term as a shopping spree. He recently bought a parcel of land in Tel Aviv at $19 million. He also bought the Israeli top soccer club Beitar Jerusalem for $7.2 million. Hogeg is also reported to have donated $1.9 million to Tel Aviv University, which will build a blockchain research facility that will be named after him.

The post Israeli crypto businessman charged with embezzling ICO funds appeared first on Coingeek.

Read More

Police arrest 3 Bulgarians in $5M crypto theft case

Authorities in Bulgaria arrested three suspects who were believed to have stolen cryptocurrencies worth $5 million, Reuters reported.

According to the interior ministry and prosecutors’ office, the three appeared to have good knowledge of cryptocurrency trading, which they used along with “innovative methods” as well as “specialized software” in their operations.

Two of the three suspects were taken into police custody “by order of the Specialized Criminal Court,” while the third paid “cash guarantee” amounting to BGN50,000 ($28,900).

During the arrest, police found cryptocurrencies worth $3 million, computers used to conduct the theft, flash drives, and many notebooks listing accounts of people real and fictitious used for the operation. Police seized a car worth about BGN60,000 ($34,700) from the location.

Over the years, Bulgarian officials have seized numerous cryptocurrencies all related to criminal activities. The $3 million worth of cryptocurrencies taken by Bulgarian officials could be added to the country’s growing stash of cryptocurrency. Last year, authorities managed to collect over 213,000 BTC. Experts believe Bulgaria is sitting on one of the world’s most massive crypto stash valued at over $800 million at today’s prices.

According to a report by CipherTrace, a U.S.-based cyber security firm, theft of cryptocurrencies through hacking of exchanges and trading platforms soared to $927 million in the first nine months of the year. These new figures are up nearly 250 percent from the level seen in 2017.

Earlier this year, Japanese exchange Coincheck had over $530 million worth of crypto stolen. Bitgrail, another exchange in Italy, lost $195 million. The frequency, severity, and amount of cryptocurrency being stolen is only increasing.

On Nov. 14, a 21-year-old man was arrested by the U.S. federal agents for allegedly stealing $1 million of cryptocurrency from a Silicon Valley executive. The young man is believed to have hacked the executive’s phone. The 21-year-old, who used a SIM-swapping scheme to steal the cryptocurrencies, victimized six others, resulting in his arrest. He is now facing 21 counts of felony charges.

The post Police arrest 3 Bulgarians in $5M crypto theft case appeared first on Coingeek.

Read More

Cryptojacking malware hits Make-A-Wish Foundation site

Cybercriminals are at it again, this time setting their sights on a charity foundation.

Last week, researchers at security firm Trustwave reported that they have found a CoinImp crypto mining script has been injected into the official website of Make-A-Wish Foundation. In a blog post, the Trustwave researchers said the malware has been mining cryptocurrencies since May 2018. CoinImp has been using the website visitors’ computing power to mine cryptocurrencies.

Upon further investigation, researchers discovered that the foundation’s website became vulnerable earlier this year when its domain host, Drupal, became vulnerable to CVE-2018-7600, a remote code execution bug popularly known as “Drupalgeddon 2.” Drupal, an open source content management system, claimed that the vulnerability allowed hackers to inject malicious malware into specific websites that had failed to add in their security patch.

The CoinImp miner is based on the JavaScript and is generally used by individuals who secretly want to mine Monero currency using visitor’s phone, tablet or computer.

This particular cryptojacking incident was difficult to find because it used different techniques to avoid detection, according to Trustwave’s Simon Kenin. First, the malware changes the domain name that hosts the JavaScript miner. In addition, the WebSocket proxy also used different domains and IPs to avoid blacklist solutions.

Researchers have warned that Drupal-based websites need to be updated to avoid attacks from these and other malicious malware. Just this spring, the Drupalgeddon 2 bug, Remote Code Execution (RCE) vulnerability in the older versions of Drupal, affected more than 100,000 sites.

Meanwhile, McAfee Labs, an Internet security provider warned the public to watch out for a new cryptojacking malware called WebCobra. The company stated that unlike previous malware, the new cryptojacking malware could not be traced in the victim’s computer. The malware will slow down the user computer and consume a lot of power during its operations.


The post Cryptojacking malware hits Make-A-Wish Foundation site appeared first on Coingeek.

Read More