Connect with us

Crypto Trends

Experts Warn of Cryptojacking Malware That Mimics Adobe Flash Updates

Published

on

Spread the love

Researchers have identified Monero cryptojacking malware that conceals itself behind an Adobe Flash update.

Researchers have identified cryptojacking malware that conceals itself behind a fake Adobe Flash update. The finding has been revealed in a cyber threat report published by Unit 42 research group on Oct. 11.

Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge.

According to new research released by Unit 42, Palo Alto Networks’ threat intelligence team, the malware strain surreptitiously compels computers to mine Monero (XMR) by installing an “XMRig cryptocurrency miner.”

The new malware is said to be particularly harmful, as the developers have copied the pop-up notification from an official Adobe installer. Moreover, the download really does update targets’ computers with the latest version of Flash, further adding to its seeming legitimacy. 

Unit 42 analyst Brad Duncan has stated that:

“In most cases, fake Flash updates pushing malware are not very stealthy… [but in this instance, b]ecause of the latest Flash update, a potential victim may not notice anything out of the ordinary.”

Unit 42 reportedly uncovered the strain while searching for “popular” fake Flash updates using AutoFocus, a Palo Alto Networks intelligence tool:

“77.. malware samples are identified with a CoinMiner tag in AutoFocus.The remaining 36 samples share other tags with those 77 CoinMiner-related executables.”

As previously reported, coin miner works by using Coinhive – a JavaScript program created to mine Monero via a web browser. According to Unit 42, samples that deceptively mimic and install an actual Flash update have been in circulation as of August 2018.

Just yesterday, Iran’s cybersecurity authority issued a report that claimed that the highest number of recorded incidents of Coinhive infection have taken place in Brazil;  India came in second, followed by Indonesia.

As reported in September, cryptojacking malware reports are said to have surged almost 500 percent in 2018. According to estimations in June, around 5 percent of the total circulating Monero supply was mined using malware.

Continue Reading

Crypto Trends

US: Crypto Initiative Donates Monero to Bail Out Immigrants in ICE Detention

Published

on

By

Spread the love

In order to help immigrants in ICE custody pay their immigration bonds, the Bail Bloc project mines XMR using volunteers’ computer power.

The Bail Bloc initiative has started using cryptocurrency raised through charity to help people get out of U.S Immigration and Customs Enforcement (ICE) pretrial incarceration, according to a tweet posted by a Bail Bloc co-founder Nov. 15.

ICE is a law enforcement agency of the federal government of the U.S, the mission of which is to monitor cross-border crime and illegal immigration. In 2017, the agency conducted 143,470 overall administrative arrests, 92 percent of which resulted in a criminal conviction or a pending criminal charge.

In ICE detention people are required to pay an immigration bond in exchange for their immediate-term release, although statistically only 47 percent of those in detention are given a bond hearing. Those who cannot afford to pay the bond, or who are not granted a bond at all, must wait for their court hearing while detained, which could last from months to years.

Bail Bloc has set a goal to help charged immigrants pay their bail with money raised through cryptocurrency mining. The initiative has released an app that consumes a small portion — from 10 percent by default to 50 percent optionally — of users’ computer power to mine Monero (XMR) once it is installed.

The organization states that at the end of every month it exchanges XMR for U.S. dollars and donates the earnings to the Immigrant Bail Fund in New Haven, Connecticut. Bail Bloc has reportedly mined 44.34 XMR, which equates to $7,356.36 U.S. dollars. This sum is enough to bail out 12 people, per the organization’s website.

Bail Bloc says it chose XMR as it is an ASIC-resistant cryptocurrency, meaning that consumer-level computers are able to mine the coin “in a financially viable way,” while computers designed with the sole purpose of crypto mining cannot.

ICE’s approach to immigration policy enforcement has sparked significant controversy in the U.S. In May, reports of federal authorities losing track of nearly 1,500 immigrant children in their custody made headlines. As the Washington Post reported, the children had been separated from their immigrant parents. Per the policy of prosecuting “100 percent” of those crossing the border illegally, children were separated from their parents as the adults were charged with a crime.

At press time, XMR is trading at around $87, down 0.82 percent over the past 24 hours, according to CoinMarketCap. The coin’s market capitalization is around $1.4 billion, while its daily trading volume is about $18.9 million.

Continue Reading

Crypto Trends

Report: Bitcoin Scam Compromising Google and Target Accounts Came from Third Party App

Published

on

By

Spread the love

Bitcoin scammers that recently hacked Google and Target verified accounts reportedly gained access via a third-party app authorized to post content.

A recent Bitcoin scam on Twitter that compromised several major companies verified accounts came from a third-party app, tech news outlet the Next Web (TNW) reports Friday, Nov. 16, citing social media officials.

Speaking to TNW, a Twitter spokesperson confirmed that the attack came from an outside software provider and not from Twitter’s own system. However, the official refrained from naming the app.

The spokesperson reportedly explained that the attackers exploited a third-party marketing solution to launch a Bitcoin (BTC) giveaway from several verified accounts, including Google’s G Suite and major U.S. department store retailer Target.

The information was implicitly confirmed by Target. Its representatives told TNW that the hackers used a third-party marketing app, authorized to post content on Target’s behalf.

As Cointelegraph previously reported, on Wednesday, Nov. 14, hackers took over G Suite and Target accounts (800,000 and 1.92 million followers, respectively) and posted malicious cryptocurrency giveaway links. The message in G Suite’s account also falsely claimed that users could make payments in G Suite using cryptocurrencies.

Moreover, in early November several verified Twitter accounts, including those of film production firm Pathe U.K. and U.S. politician Frank Pallone Jr., were breached to pose as Elon Musk. Once hackers gained control of accounts, they changed the profile picture and name in order to pose as Elon Musk and offer scammy Bitcoin giveaways.

Bitcoin scammers have already posed as Elon Musk for several times, prompting the Tesla founder to seek help from Jackson Palmer, the creator of Dogecoin (DOGE), who claimed to have invented an anti-scam script.

Continue Reading

Crypto Trends

TRON Launches Accelerator Program for DApp Developers

Published

on

By

Spread the love

Cryptocurrency project TRON has announced an accelerator program to support developers building decentralized apps on the TRON protocol.

Decentralized Internet project TRON (TRX) is launching a $1 million accelerator program to support developers building DApps and products on the TRON protocol, according to a press release shared with Cointelegraph Nov. 16.

The initiative aims to facilitate consumer adoption of blockchain technology through TRON’s ecosystem following the recent acquisition of peer-to-peer file sharing service BitTorrent, Project Atlas, and payment service Poppy app. TRON’s protocol currently processes more than one million transactions and 600,000 wallets.

The startup will purportedly accept submissions to its accelerator through December, while the winners will be announced at TRON’s first international summit in January.

In October, TRON and China’s largest Internet search provider Baidu announced they will cooperate on cloud computing resources. The partnership between the two firms remains focused on the purchase and use of Baidu’s basic cloud computing resources, rather than being a connection “at the blockchain business level.”

Also in October, TRON’s CEO Justin Sun claimed its update dubbed Odyssey 3.1 would see it beat Ethereum on speed and EOS on cost. The changes include the launch of the TRON Virtual Machine, which would allow developers to test smart contracts before they transfer to the TRON mainnet.

As of press time, TRX is the 11th top cryptocurrency, trading at around $0.018, up by 0.27 percent on the day, according to CoinMarketCap.

Continue Reading

Trending