Botnets increasingly used for crypto mining malware, Kaspersky says

Botnets are being repurposed to distribute crypto mining malware, using victim’s processing power and energy resources to mine for cryptocurrency, according to security experts at Kaspersky Labs.

The findings from cybersecurity company Kaspersky Labs identifies a growing trend towards using botnets in conjunction with crypto mining attacks, which allows hackers the opportunity to commandeer processing power from infected networks.

This processing power is then devoted to mining for cryptocurrencies, including the BTC token, which provides a source of funds for those behind the attacks.

According to the report, botnet owners are increasingly switching towards mining from other attack vectors, highlighting the profitability of this kind of attack. The research suggests that a corresponding drop in DDoS attacks could be as a result of attackers switching focus to mining over other types of malware.

“Evidence suggests that the owners of many well-known botnets have switched their attack vector toward mining. For example, the DDoS activity of the Yoyo botnet dropped dramatically, although there is no data about it being dismantled,” it noted.

The report goes on to say that the malware is often distributed alongside unlicensed, or pirated, software, explaining, “The more freely unlicensed software is distributed, the more miners there are. This is confirmed by our statistics, which indicates that miners most often land on victim computers together with pirated software.”

Kaspersky Labs has previously identified these types of attacks are being attractive for scammers, thanks to the difficulties with detection—both from law enforcement authorities, and from the victims themselves.

Running silently in the background, it is hard for victims to even identify when their system has been compromised, leading to a longer time to detection compared to other types of malware.

There was also the suggestion that some jurisdictions were more amenable to these types of attacks than others, with Kazakhstan, Vietnam and Indonesia amongst the most prominent locations for these types of attacks to originate, according to the report.

The report will serve as a reminder of the dangers of pirated software, and the type of attacks that can infect the computers of those who download software illegally.

The post Botnets increasingly used for crypto mining malware, Kaspersky says appeared first on Coingeek.

Read More

More DDoS attacks on Bitcoin (BCH-SV) friendly websites

If the only defence of your policies is to silence your critics, the chances of your ideas being the wrong ones are pretty high.

Over the past week, CoinGeek.com has suffered through several distributed denial of service attacks (DDoS). The first one was a big one, and we had to upgrade our defences. Thank-you to the beautiful people at Cloud Flare, subsequent attacks have caused minimal disruptions.

On Thursday BitcoinSV.io was hit with a massive DDoS attack.

The attack comes soon after the website published a listing of wallets, block explorers and other business and services that have chosen to add their support for Bitcoin SV after the ABC decision to move away from Bitcoin BCH.

The timing of these attacks could be coincidental, but the timing of the attacks is somewhat suspect. We won’t cast aspersions towards any of the bastions of free speech in the bitcoin community, but it does highlight a problem with society in recent years.

I was always led to believe that you let your opponent talk and you listen. You present your well-reasoned arguments and allow the better ideas to succeed for the betterment of the society.

With their most recent changes, 5th since the upgrade, ABC’s critics continue to grow. People are critical on social media, and now the mainstream tech press is starting to join the chorus of critics admonishing the Bitmain and Bitcoin.com funded group of developers.

TNW, formerly known as The Next Web, has written a scathing article titled “Bitcoin Cash ABC update exposes potentially catastrophic vulnerability” where it highlights the vulnerabilities opened up by ABC’s slapdashed approach to blockchain development.

For many on Twitter, the checkpoints are a bridge too far as it removes the security provided by the proof of work principal as laid out in the original whitepaper, with many saying and we agree, that ABC is no longer Bitcoin.

The move removes the trustless decentralized system, and it allows a “trusted central authority” to publish these checkpoints. Ask yourself, whom do you trust? Roger Ver, Jihan Wu or Amaury Sechet, I’m sure they’re all nice people to share a meal with but do you trust them with all your money?

DDoS attacks, several updates untested updates and all manner of collusion with wallets and exchanges seem like the actions of desperate men.

There are rumours that the Chinese government is behind this or there is a secretive cabal trying to control the chain for nefarious reasons. I believe it’s much simpler than a crazy conspiracy; this is about plain old-fashioned greed.

The group is desperate to make Wormhole token a thing. Back in August, there was an offer, 1000 wormhole tokens for every BCH burned. This 1000-1 ratio isn’t for everyone, the general public would be and will be offered 10-1 rate when wormhole becomes a widely accepted token.

My sources tell me that Jihan, Roger and a few trusted allies either orchestrated or took advantage of this 1000-1 proposal.

Despite crowing from Ver, the hash war isn’t over and as the chorus of dissent against ABC’s move away from Bitcoin grows louder, and the support for SV swells, we expect more attempts to silence the critics but you can’t DDoS the planet.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Cash (BCH) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BCH is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.

The post More DDoS attacks on Bitcoin (BCH-SV) friendly websites appeared first on Coingeek.

Read More

Researchers discover new crypto malware-killing botnet

A new botnet which sets out to specifically kill a type of crypto mining malware has been discovered by security researchers at Qihoo 360Netlab.

Known as Fbot, the botnet appears to be based on derivative software from Mirai, an application generally used in DDoS attacks. However, in this case, the DDoS module has been deactivated, with the botnet instead searching for cryptojacking malware before replacing its code, thereby neutering its bad effects.

In particular, the botnet searches for instances of the com.ufo.miner, a variation on the Android based ADB.Miner for privacy-centric altcoin Monero.

According to the Qihoo team, the botnet distributes itself by searching for open ports, before uninstalling the com.ufo.miner software where present. The botnet effectively installs itself over the malware, destroys its malicious code, and then self-destructs, according to a report published by the researchers.

The botnet is also linked to a domain name which is only accessible through EmerDNS, rather than the standard DNS system. This means it becomes harder to detect, with those scanning only traditional DNS names unable to access its records.

“The choice of Fbot using EmerDNS other than traditional DNS is pretty interesting, it raised the bar for security researcher to find and track the botnet (security systems will fail if they only look for traditional DNS names),” according to the Qihoo 360Netlab blog post.

It comes at a time when the numbers of cryptojacking and malware attacks have reached record highs, with the last few months seeing particularly elevated activity around these types of crypto scams.

Cryptojacking malware is now so prevalent that it has been identified across the systems of several large businesses and government agencies, as well as the countless individuals affected worldwide. According to security researchers, incidents of cryptojacking have increased by 956% over the last year.

This has even prompted Firefox to announce their latest browser will automatically detect and block cryptojacking scripts, in a bid to fight against this surge in their use.

At this stage, it remains unclear whether the botnet was created with the intention of cleaning up malware, or whether it has been launched by rival scammers to clear out competing malware.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Cash (BCH) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BCH is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.

The post Researchers discover new crypto malware-killing botnet appeared first on Coingeek.

Read More

Researchers discover new crypto malware-killing botnet

A new botnet which sets out to specifically kill a type of crypto mining malware has been discovered by security researchers at Qihoo 360Netlab.

Known as Fbot, the botnet appears to be based on derivative software from Mirai, an application generally used in DDoS attacks. However, in this case, the DDoS module has been deactivated, with the botnet instead searching for cryptojacking malware before replacing its code, thereby neutering its bad effects.

In particular, the botnet searches for instances of the com.ufo.miner, a variation on the Android based ADB.Miner for privacy-centric altcoin Monero.

According to the Qihoo team, the botnet distributes itself by searching for open ports, before uninstalling the com.ufo.miner software where present. The botnet effectively installs itself over the malware, destroys its malicious code, and then self-destructs, according to a report published by the researchers.

The botnet is also linked to a domain name which is only accessible through EmerDNS, rather than the standard DNS system. This means it becomes harder to detect, with those scanning only traditional DNS names unable to access its records.

“The choice of Fbot using EmerDNS other than traditional DNS is pretty interesting, it raised the bar for security researcher to find and track the botnet (security systems will fail if they only look for traditional DNS names),” according to the Qihoo 360Netlab blog post.

It comes at a time when the numbers of cryptojacking and malware attacks have reached record highs, with the last few months seeing particularly elevated activity around these types of crypto scams.

Cryptojacking malware is now so prevalent that it has been identified across the systems of several large businesses and government agencies, as well as the countless individuals affected worldwide. According to security researchers, incidents of cryptojacking have increased by 956% over the last year.

This has even prompted Firefox to announce their latest browser will automatically detect and block cryptojacking scripts, in a bid to fight against this surge in their use.

At this stage, it remains unclear whether the botnet was created with the intention of cleaning up malware, or whether it has been launched by rival scammers to clear out competing malware.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Cash (BCH) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BCH is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.

The post Researchers discover new crypto malware-killing botnet appeared first on Coingeek.

Read More
Top