Connect with us

Hacking

Hillary Clinton Email Hacker Says It Was “Easy”

Published

on

 Romanian hacker Marcel Lehel, infamously known as “Guccifer” has, in an interview with Fox News from a Virginia jail, claimed that he breached Hillary Clinton’s “completely unsecured” private email server, repeatedly and easily.

42-year old Lehel, best known for his hacking prowess that compromised targets such as former US President George Bush and several celebrities including Steve Martin and Leonardo di Caprio, allegedly, has revealed details of his breach of Hillary Clinton’s email account.

Speaking to Fox News who queried him if it was easy or hard to gain access to Hillary Clinton’s email account, Guccifer stated:

For me, it was easy…easy for me, for everybody.

The hacker revealed that the process of the breach began when he correctly guessed Clinton confidant Sidney Blumenthal’s AOL account security question in early 2013, before gaining access to Clinton’s private server.

He stated that he had accessed Clinton’s server “twice” although he deemed it was uninteresting to him at the time.

I was not paying attention. For me, it was not like the Hillary Clinton server, it was like an email server she and others were using with political voting stuff.

Although there isn’t much to go by with how he gained access to Hillary Clinton’s emails, he claimed that he sought the originating IP of the email. “The email header is the originating IP usually,” Lazard explained before adding that he then scanned and checked the IP with an IP scanner.

He also mentioned programs like netscan, Netmap, Angry IP and Wireshark as tools in which he checked to see if the targeted servers and ports were “alive” and open.

Meanwhile, Hillary Clinton’s campaign issued a statement refuting Guccifer’s claims which read:

There is absolutely no basis to believe the claims made by this criminal from his prison cell. In addition to the fact he offers no proof to support his claims, his descriptions of Secretary Clinton’s server are inaccurate. It is unfathomable that we would have gained access to her emails and not leaked them the way he did to his other victims.

Hillary Clinton’s secret email was revealed as hrd22@clintonemailcom, her personal email during her tenure as the Secretary of State.

Guccifer was recently extradited to the United States and faces charges of unauthorized access to a protected computer, cyberstalking, aggravated identify theft, wire fraud and obstruction of justice by the US Department of Justice.

Fox News added that it could not independently verify Guccifer’s claims.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

1 Comment

1 Comment

  1. Dennis Freeland

    May 11, 2016 at 5:59 am

    “Guccifer never hacked my server”

    Then she needs to explain how RT obtained 20,000 of her emails, and published all the Benghazi related emails, all marked with “G” for Guccifer , publishing them over two years before she handed them over to the DOJ & State Department. Comparison with the State Department published emails shows them to be correct – actual emails either to or from HRC.

    Her alternative options are :
    a) He made a lucky guess on who sent what emails when and to whom, and the entire content of the emails verbatim !!
    b) It wasn’t him – it was someone else – who then marked them as if they had come from him. But that still leaves her as having been hacked. That sounds like the “I didnt have sex with that woman” defense.
    c) She deliberately leaked her emails as an act of positive espionage.

    Regardless of which option turns out to be true, it is hardly the outcome one would want attributed to a Presidential candidate.

You must be logged in to post a comment Login

Leave a Reply

Cyberespionage

North Korea is now Targeting Crypto Users with Macs

Published

on

AppleJeus Malware Hack

The Lazarus group has earned quite a reputation for themselves in cyber-security circles.

This group of North Korean hackers have been responsible for some of the most well known intrusions in the past few years. For example, they were behind the Sony Pictures hack in 2014, the Bangladesh central bank heist in 2016 and the Wannacry ransomware outbreak in 2017.

It is safe to say that these are quite effective operators.

However, with the popularity of cryptocurrencies, the Lazarus group has changed their attack vectors and are targeting every day users with Malware.

The latest report now has the hackers using MacOS malware to hoover up information from those cryptocurrency users who work on Macbooks.

“AppleJeus”

This was the first time that the Lazarus group has developed malware to target Mac users. Indeed, Mac operating systems are far less susceptible to Malware than Windows based systems.

It was a surprise for researchers at Kaspersky Lab to have learned about the latest Lazarus attempt to target users with there macOS malware. They have labelled it “AppleJeus”.

This was first spotted on machines that were being used by cryptocurrency company in Asia. Indeed, this is no coincidence as the Lazarus group has often targeted cryptocurrency related businesses and exchanges in South Korea.

How Does it Work?

AppleJeus hides itself inside the code of a seemingly legitimate piece of cryptocurrency trading software called Celas Trade Pro. The user will download the app from the website of the developer. When it is first downloaded, there are no signs that anything could be off. The app appears to operate normally.

Celas Trade Screenshot

Screenshot of Celas Trade, the offending program. Source: kaspersky labs

Once the app is installed on the device, it will request to update the software. This sort of request is present in authentic software and as such will not trigger any alerts. However, there is malicious code that is inside of this update.

The moment that the update is installed, it will scan the computer and gather as much information as possible. This will then be sent back the hacker’s server so that they can make a decision on whether the person is worth attacking.

If they think that there is valuable information (or cryptocurrency) on the machine then they will instruct the software to install a trojan called “Fallchill”. For those who do not know, Trojans are malicious malware that will install a “backdoor” into the machine

Fallchill is a particularly robust trojan and can gather a great deal of information from the machine. This includes data such as financial information, login credentials and of course, information about cryptocurrency trading accounts.

Once the hackers have this personal information, they can either access your online accounts or they can conduct other spear phishing attacks against you. It is indeed a troubling development and according to Vitaly Kamluk of Kaspersky:

“For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies”

So now that you know North Korea is actively trying to get their hands on your cryptocurrency, how do you protect yourself?

Keeping Safe from AppleJeus

The most effetive way to protect yourself from this Malware is to make sure that you only download software that is well known and reputable. This of course goes without saying but it is far too often that relatively inexperienced cryptocurrency traders will avoid doing their research.

The researchers have recommended that people and businesses do not download the software of Celas Trade. Even though they appear to have a a good reputation and verified digital certificates, this cannot be fully trusted.

You should also consider investing in some effective anti-malware software that you should use to scan all files that you have downloaded. This should be done even if you trust the source because hackers have been known to infiltrate trusted websites.

Cryptocurrency Security 101

Even if you are unlucky enough to have your machine infected with crypto grabbing malware, basic crypto security best practices will still protect you.

If you do a great deal of online trading with your cryptocurrency then it is essential that you secure your accounts with 2 factor authentication. This way, you are at least able to reduce the number of attack vectors.

You should always secure your large cryptocurrency holdings in hardware wallet. This is because the wallets operate external from the machine and hence the trojan cannot read your private key information.

Caution and a healthy does of scepticism will protect you from the an unhealthy does of AppleJeus.

Featured Image via Fotolia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 3 rated postsNic is an ex Investment Banker and current crypto enthusiast. When he is not sitting behind six screens trading Bitcoin, he is maintaining his numerous mining rigs.




Feedback or Requests?

Continue Reading

Breaches

Mt. Gox vs. Bithumb: That Was Then, This Is Now

Published

on

Bithumb now shares something in common with the Tokyo-based shuttered bitcoin exchange Mt. Gox — both suffered a hack on about the same date, June 19. It’s a club that no exchange wants to belong to and that Bithumb happened on the seven-year anniversary of Mt. Gox’s maiden attack has to be more than an eerie coincidence.

It’s a stark reminder of the risks involved with keeping funds on an unregulated exchange, vulnerabilities that cost South Korea’s Bithumb some $36.6 million in digital cash and Mt. Gox $450 million in hacked bitcoin and its future. The Mt. Gox theft unfolded over a series of hacks that culminated in 2014. Though it’s still early on in the Bithumb hack, it appears the South Korean exchange will recover from the security breach. So what do we know now that we didn’t on June 19, 2011?

Then vs. Now

Former Coinbase official Nick Tomaino, who is also the founder of crypto fund 1 confirmation, reflected on the Mt. Gox hack in what proved to be a prescient tweet given the Bithumb attack that was about to surface.

The thing to note about Mt. Gox is that the Japan-based exchange in 2011 controlled most of the BTC trading volume, approximately three-quarters of it by average estimates — more if you ask Tomaino. Since bitcoin fever caught on in 2017, there are more than 500 cryptocurrency exchanges on which trading volume is shared. Binance boasts the highest trading volume and captures nearly 15% of bitcoin trading. It’s much less than Mt. Gox days but still a little high.

The other thing to note is that the Mt. Gox hack or actually hacks, as there were multiple attacks on the exchange over several years, was a mysterious event that was shrouded in controversy and mistrust of a key executive. Bithumb, on the other hand, confronted the hack seemingly right away on Twitter and has not let any grass grow under its feet in the interim, which is a key difference in the way Mt. Gox was handled.

Also, the bitcoin price didn’t tank in response to the Bithumb hack. It traded lower for a while, but less than 24 hours it was back in the green, which is a reflection of the fact that bitcoin trading is no longer dependent on a single exchange.

Charlie Lee, creator of Litecoin (LTC), the No. 6 cryptocurrency by market cap, was among the first to respond to the Bithumb hack. He tweeted:

Indeed, Bithumb does expect to be able to cover the losses via their reserves.

Crypto Security

It’s still early on in Bithumb’s security breach, and more details are sure to emerge in time. In the meantime, it’s a good idea to use the hack as an opportunity to examine the security of your cryptocurrency investment portfolio. There are several hardware wallet options out there for you to choose from — whether it’s Trezor or Ledger Nano S, to name a couple — and as Charlie Lee advised, “only keep on exchange coins that you are actively trading.”

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 62 rated postsGerelyn has been covering ICOs and the cryptocurrency market since mid-2017. She's also reported on fintech more broadly in addition to asset management, having previously specialized in institutional investing. She owns some BTC and ETH.




Feedback or Requests?

Continue Reading

Cybersecurity

NEM Theft Suggests Hacking Is More Lucrative than Mining

Published

on

The NEM Foundation has called off its search for the 523 million NEM tokens that were stolen from the Tokyo-based Coincheck exchange. Although the Foundation lauded the effectiveness of the search, the outcome proves yet again that cryptocurrency hackers are benefiting from the dark web, which provides an effective venue for laundering stolen funds.

Search for Stolen Coins Ends

In a statement published Mar. 19, the NEM Foundation informed its community that it had disabled the tracking mosaic used to monitor the movement of XEM funds tied to the massive heist of Coincheck in January. According to the post, the search ended on Mar. 18.

The statement reads:

“Beginning March 18, the NEM.io Foundation has disabled the tracking mosaic that was put into place to monitor XEM movements from the Coincheck theft. This effort was effective at reducing the hacker’s ability to liquidate stolen XEM and provided law enforcement with actionable information. We don’t plan to release further details due to the sensitive nature of this investigation.”

On. Jan. 26, hackers successfully made off with $530 million worth of XEM tokens, marking the biggest crypto heist on record. The theft propagated a new investigation into existing crypto exchanges by Japan’s Financial Services Authority (FSA). Domestic exchanges also announced plans to form a self-governing body to safeguard against illicit activity.

Hacked reported earlier this month that the Coincheck attackers had already laundered some 40% of the stolen NEM funds, primarily through the dark web. The stolen coins have reportedly made their way into exchanges in Japan, China and Canada.

Crypto Heists: A Growing Phenomenon

While the crypto economy has been highly lucrative for early adopters, cyber criminals have managed to steal huge sums of money. Unlike credit card fraud, the theft of major crypto exchanges has reshaped the digital currency market. This was most evident in 2014, when Mt Gox fell prey to a $480 million attack that eventually led to its demise.

As the Coincheck hack demonstrated, locating stolen funds and identifying perpetrators are extremely difficult. That said, NEM’s efforts to blacklist the tokens probably limited how much money the attackers were able to keep.

This brings us to an important question: is hacking more lucrative than legitimate crypto mining? To answer that question, we’ll begin by providing a rundown of the major crypto heists of the last four years.

Since 2014, hackers have made off with more than $1.3 billion in stolen coins. The biggest losses are as follows:

  • Coincheck: $530 million (2018)
  • Mt Gox: $480 million (2014)
  • Parity Wallet: $155 million (2017)
  • Bitfinex: $65 million (2016)
  • NiceHash: $63 million (2017)
  • DAO: $50 million (2016)
  • Tether: $31 million (2017)

For all of 2017, it is estimated that hackers stole nearly $400 million from ICOs. That’s roughly 10% of the total amount raised for the year.

Mining Profitability

Cryptocurrency mining has spearheaded a multi-billion-dollar industry. The recent crackdown on mining rigs in China means there is a large void in the market that several jurisdictions, including Canada and India, are rushing to fill. During the height of bitcoin’s surge, crypto miners earned roughly $240,000 every ten minutes. Miners now earn roughly half that, based on current price levels.

Of course, this doesn’t factor the cost of electricity, power consumption, hardware, manpower and other fees needed to operate a mining operation. These variables, combined with the unknown trajectory of crypto prices, make profitability a lot harder to gauge.

The yearly decline in profitability is also a critical, albeit elusive variable in pricing the success of a mining operation. This variable is tied to the number of miners that join the network – a figure that is extremely difficult to predict. Against this backdrop, 99bitcoins.com has developed a bitcoin mining calculator that provides simple guidance on whether a certain mining operation is profitable.

Other digital currencies provide a potentially more lucrative opportunity to join the mining business. For example, Monero can still be mined with a basic desktop computer. With an average block time of two minutes, users can mine the coin casually using the spare computing power of their home PC.

However, it appears that hackers have already taken over the Monero mining business. There are several recent cases of hackers embedding malware to hijack the computing power of other systems. The Australian government was also a victim of this hacking attempt.

Cryptomining is such a new phenomenon that there are few guidelines in place to ensure trust. Selecting a company to work with an a fair compensation model are two important questions every potential miner needs to consider.

As cryptocurrencies appreciate in value, the allure of cyber crime will continue to grow. As NEM, Mt Gox and other large-scale thefts demonstrate, criminals are succeeding in their quest to compromise online exchanges.

With respect to mining, profitability remains an elusive question, especially with the recent downturn in the market. That said, there are many alternative motivations involved in mining digital currency, including supporting the network, influencing the market and using additional revenues to fund other business operations.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
6 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 5 (6 votes, average: 4.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 610 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending