Connect with us

Cybersecurity

Criminal Underground Disavowing Bitcoin for Other Cryptocurrencies

Published

on

The criminal underworld is disavowing bitcoin in favor of a new breed of cryptocurrencies that can better conceal illicit activity, a phenomenon that can partly explain the rapid rise of altcoins over the past three months.

The Rise of Privacy Coins

So-called ‘privacy coins’ like Monero, which are designed to avoid tracking, have quickly climbed the cryptocurrency market’s ranks. According to Bloomberg, these crypto alternatives have gained prominence at a time when law enforcement is increasing its surveillance of bitcoin users. Analytics firms are also getting better at spotting illicit behavior and alerting crypto exchanges before funds are exchanged into fiat money.

Europol has flagged several privacy coins as being more conducive for the criminal black market. In a recently published report, the European Union’s law enforcement agency said “other cryptocurrencies such as Monero, Ethereum and Zcash are gaining popularity within the digital underground.”

An analyst interviewed by Bloomberg said Monero is one of the most popular coins for ransomware attacks. Monero’s popularity among cyber criminals stems from its advanced encryption techniques, which generate fake addresses to hide the real sender’s identity. This technique also obscures the transaction amount issued. Bitcoin, on the other hand, records all addresses and transactions on an immutable digital ledger.

Experts say Zcash offers even better privacy protection because it obscures the actual address of the sender rather than generate fake addresses. This method makes it impossible for surveillance technology to draw correlations in addresses used in multiple transactions.

Monero and Zcash have both grown to become multi-billion-dollar cryptocurrencies. By market cap alone, Monero is ranked 12th, with an overall value of $6.3 billion. Zcash is down at 29th with an overall market cap of $1.7 billion. Both cryptocurrencies have daily turnover well into the hundreds of millions.

The developers behind Monero said they specifically designed the cryptocurrency to safeguard privacy. Naturally, this would be of benefit to criminals looking to evade detection.

“As a community, we certainly don’t advocate for Monero’s use by criminals,” core developer Riccardo Spagni told Bloomberg. “At the same time if you have a decentralized currency, it’s not like you can prevent someone from using it. I imagine that Monero provides massive advantages for criminals over bitcoin, so they would use Monero.”

Governments Make a U-Turn on Cryptos

Although bitcoin catapulted into the mainstream last year as one of the world’s fastest-growing alternative assets, its history is tainted with criminal activity tied to money laundering and the dark web. This partly explains why so many governments were eager to disavow the cryptocurrency. Many policymakers quickly realized that prohibition is not the answer given the inherent benefits of blockchain technology.

Russia is one of the more notable examples of a government that quickly changed its tune on bitcoin. It was not even two years ago that Russia’s Finance Ministry was proposing seven-year jail sentences for bitcoin users and adopters. Last week, the government said it would take decisive steps to developing a national cryptocurrency backed by fiat money.

Today, the cryptocurrency market enjoys favorable conditions in many parts of the world, including Japan, South Korea and Switzerland. Buying and selling crypto assets is also supported across many Western nations. However, the evolving nature of the market has put authorities on high alert, with South Korea recently announcing it would take decisive steps to rein in speculation.

2018 is expected to be a pivotal year for crypto regulation, as legislators attempt to define the burgeoning market. Cryptocurrency exchanges, initial coin offerings and mining could all be subject to federal oversight in the near future.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 606 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Cyberespionage

North Korea is now Targeting Crypto Users with Macs

Published

on

AppleJeus Malware Hack

The Lazarus group has earned quite a reputation for themselves in cyber-security circles.

This group of North Korean hackers have been responsible for some of the most well known intrusions in the past few years. For example, they were behind the Sony Pictures hack in 2014, the Bangladesh central bank heist in 2016 and the Wannacry ransomware outbreak in 2017.

It is safe to say that these are quite effective operators.

However, with the popularity of cryptocurrencies, the Lazarus group has changed their attack vectors and are targeting every day users with Malware.

The latest report now has the hackers using MacOS malware to hoover up information from those cryptocurrency users who work on Macbooks.

“AppleJeus”

This was the first time that the Lazarus group has developed malware to target Mac users. Indeed, Mac operating systems are far less susceptible to Malware than Windows based systems.

It was a surprise for researchers at Kaspersky Lab to have learned about the latest Lazarus attempt to target users with there macOS malware. They have labelled it “AppleJeus”.

This was first spotted on machines that were being used by cryptocurrency company in Asia. Indeed, this is no coincidence as the Lazarus group has often targeted cryptocurrency related businesses and exchanges in South Korea.

How Does it Work?

AppleJeus hides itself inside the code of a seemingly legitimate piece of cryptocurrency trading software called Celas Trade Pro. The user will download the app from the website of the developer. When it is first downloaded, there are no signs that anything could be off. The app appears to operate normally.

Celas Trade Screenshot

Screenshot of Celas Trade, the offending program. Source: kaspersky labs

Once the app is installed on the device, it will request to update the software. This sort of request is present in authentic software and as such will not trigger any alerts. However, there is malicious code that is inside of this update.

The moment that the update is installed, it will scan the computer and gather as much information as possible. This will then be sent back the hacker’s server so that they can make a decision on whether the person is worth attacking.

If they think that there is valuable information (or cryptocurrency) on the machine then they will instruct the software to install a trojan called “Fallchill”. For those who do not know, Trojans are malicious malware that will install a “backdoor” into the machine

Fallchill is a particularly robust trojan and can gather a great deal of information from the machine. This includes data such as financial information, login credentials and of course, information about cryptocurrency trading accounts.

Once the hackers have this personal information, they can either access your online accounts or they can conduct other spear phishing attacks against you. It is indeed a troubling development and according to Vitaly Kamluk of Kaspersky:

“For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies”

So now that you know North Korea is actively trying to get their hands on your cryptocurrency, how do you protect yourself?

Keeping Safe from AppleJeus

The most effetive way to protect yourself from this Malware is to make sure that you only download software that is well known and reputable. This of course goes without saying but it is far too often that relatively inexperienced cryptocurrency traders will avoid doing their research.

The researchers have recommended that people and businesses do not download the software of Celas Trade. Even though they appear to have a a good reputation and verified digital certificates, this cannot be fully trusted.

You should also consider investing in some effective anti-malware software that you should use to scan all files that you have downloaded. This should be done even if you trust the source because hackers have been known to infiltrate trusted websites.

Cryptocurrency Security 101

Even if you are unlucky enough to have your machine infected with crypto grabbing malware, basic crypto security best practices will still protect you.

If you do a great deal of online trading with your cryptocurrency then it is essential that you secure your accounts with 2 factor authentication. This way, you are at least able to reduce the number of attack vectors.

You should always secure your large cryptocurrency holdings in hardware wallet. This is because the wallets operate external from the machine and hence the trojan cannot read your private key information.

Caution and a healthy does of scepticism will protect you from the an unhealthy does of AppleJeus.

Featured Image via Fotolia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 3 rated postsNic is an ex Investment Banker and current crypto enthusiast. When he is not sitting behind six screens trading Bitcoin, he is maintaining his numerous mining rigs.




Feedback or Requests?

Continue Reading

Cryptocurrencies

Crypto Pump and Dumps Have Generated $825 Million in Activity This Year: WSJ

Published

on

Price manipulation involving ‘pump and dump’ schemes are alive and well in the cryptocurrency market. According to new research by The Wall Street Journal, organized cryptocurrency groups have generated at least $825 million in trading activity over the past six months.

Pump Groups Thrive in Nascent Crypto Market

In a comprehensive review of trading data and online communications among crypto traders between January and July, WSJ identified 175 pump and dump schemes spanning 121 different coins. Among the 50 pumps with the biggest increase in price, nearly half had lost their value.

Among the dozen pump groups analyzed by WSJ, Big Pump Signal and its 74,000 Telegram followers have had the biggest impact on markets. The group engineered 26 pumps resulting in $222 million in trades.

Pump schemes have exploded over the past 18 months as initial coin offerings (ICOs) garnered mainstream attention. More than $12 billion has flowed into coin offerings since January 2017, according to ICOData.io, inviting a new form of speculation in markets that remain largely unregulated to this day.

Analysts say most pump and dumps following a similar pattern: the group announces a time and exchange for a pump; at the set time, traders execute the signal, creating a short-term buying frenzy; after a set time (usually a few minutes), the coin is sold for instant profit.

One of the biggest pumps in recent memory came in early July after Big Pump Signal commanded its followers to buy cloakcoin (CLOAK), an obscure cryptocurrency that purports to be “fully private, secure and untraceable.” After the call was made, CLOAK spiked 50% on Binance before plummeting more than 20% after two minutes.

Stopping the Fraud

Although the pump and dump is one of the oldest forms of market fraud, regulators have struggled to stem the practice. As WSJ reports, similar practices were banned in the 1930s, but that hasn’t stopped pump and dumps from proliferating at different points in history. Jordan Belfort, whose life was chronicled in the movie “Wolf of Wall Street,” pleaded guilty in 1999 for running pump and dumps costing investors more than $200 million.

The U.S. Securities and Exchange Commission (SEC) regularly deals with pump and dumps in the stock market, but has yet to bring a case involving cryptocurrencies. In the meantime, the U.S. Commodity Futures Trading Commission (CFTC) has offered a reward for anyone who warns the agency about potential pump and dump schemes involving cryptocurrencies.

“If you have original information that leads to a successful enforcement action that leads to monetary sanctions of $1 million or more, you could be eligible for a monetary award of between 10 percent and 30 percent,” a CFTC memo, released in February, read. That translates into a potential reward of at least $100,000.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 606 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Breaches

MyEtherWallet Compromised in Security Breach; Users Urged to Move Tokens

Published

on

Popular cryptocurrency service MyEtherWallet (MEW) is urging users to move their tokens after the platform succumbed to its second cyber attack of the year. As the company reported earlier, hackers targeted MEW’s popular VPN service in an attempt to steal cryptocurrency.

Hola VPN Users Compromised

Rather than target MEW directly, hackers took control of the Hola VPN service, which claims nearly 50 million users. For the next five hours, MEW users who had the Hola chrome extension installed and running on their computer were exposed.

MEW took to Twitter to urge users to move their funds immediately.

“Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account!” the company said. It added the following message shortly thereafter:”We received a report that suggest Hola chrome extension was hacked for approximately 5 hrs and the attack was logging your activity on MEW.”

At the time of writing, MEW’s Twitter feed had no further updates.

MyEtherWallet is used to access cryptocurrency wallets, where users can send and receive tokens from other people.

The company reportedly told TechCrunch that the attack originated from a Russian-based IP address.

“The safety and security of MEW users is our priority. We’d like to remind our users that we do not hold their personal data, including passwords so they can be assured that the hackers would not get their hands on that information if they have not interacted with the Hola chrome extension in the past day,” MEW said, as quoted by TechCrunch.

It’s not yet clear how many users were compromised in the attack or how much, if any, was stolen from their wallets. MEW suffered a similar incident in February after a DNS attack wiped out $365,000 worth of cryptocurrency from users’ accounts.

Cyber Attacks on the Rise

The attack on MEW came less than 24 hours after Hacked reported another major cyber breach involving Bancor, a decentralized cryptocurrency exchange. The security breach compromised roughly $23.5 million worth of digital currency, including Ethereum, NPXS and BNT, Bancor’s native token.

Last month, a pair of South Korean exchanges fell prey to cyber criminals, prompting local regulators to expedite their approval of new cryptocurrency laws.

It has been estimated that a total of $761 million has been stolen from cryptocurrency exchanges in the first half of the year, up from $266 million in all of 2017. That figure is expected to rise to $1.5 billion this year.

CipherTrace, the company behind the estimates, told Reuters last week that stolen cryptocurrencies are mainly used to launder money and aid criminals in concealing their identities.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 606 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending