Connect with us

Hacking

Hillary Clinton Hacker Guccifer Gets 52 Months in Prison

Published

on

Romanian hacker Marcel Lehel Lazar, known by his hacker moniker “Guccifer” was sentenced today to 52 months in prison. Lazard is known for hacking many major politicians such as Hillary Clinton, the Bush political family as well as the email and social media accounts of over 100 Americans, which he leaked online.

The now 44-year-old Marcel Lehel Lazar had a day job as a cab driver while carrying out hacking sprees that targeted prominent Americans, all the way from Romania. It wasn’t long before he rose to prominence himself, stateside. It was Lazar, popularly or infamously known by his nickname “Guccifer”, who first exposed the very existence of the much-debated private email server used by Hillary Clinton, back when the Democratic Presidential candidate was the U.S. secretary of state.

Beyond Hillary Clinton, Lazar’s victims include other notable politicians such as Secretary of State Colin Powell, family members of former Presidents George H.W. Bush and George W. Bush. Celebrities such as Steve Martin and Leonardo di Caprio were also targets during his many hacking sprees.

Lehel was charged by the U.S. Department of Justice (DOJ) in 2014 on charges of cyberstalking, unauthorized access to a protected computer, aggravated identity theft, wire fraud and obstruction of justice.

The law has now caught up with him, with the DOJ releasing details of his sentencing and plea agreement where Lazar admitted to carrying out multiple hacking crimes between October 2012 and January 2014.

hilary-clinton-e-mail-scandal-private-e-mail-state-department-investigation

An excerpt from today’s DOJ release read:

In many instances, Lazar publically released his victims’ private email correspondence, medical and financial information and personal photographs, according to the statement of facts filed with his plea agreement.

Through a combination of basic computer skills, social engineering cunning and guess-work, Lazar was able to gain access to multiple private email accounts of his victims.

Prosecutors have previously argued that Lazar was a misfit who sought fame. He was also reportedly interested in the occult and actively targeted U.S. officials to try and establish links with the Illuminati.

Hillary Clinton

The former taxi driver arguably became the world’s most-known hacker after hacking and taking control of the email account belonging to Sidney Blumenthal, the Clinton family’s confidant. Here, ‘Guccifer’ proceeded to copy several emails that contained correspondence with Hillary Clinton, emails which contained elaborate and sensitive details of international affairs and more. The ensuing storm surrounding Hillary’s use of a private email server continues to plague her campaign, even after the FBI’s director saw no reason for Hillary Clinton to face charges.

Meanwhile, Guccifer has previously stated that hacking Clinton’s emails was “easy”, after his extradition to the United States.

Images from YouTube/NBC News, Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

Cyberespionage

North Korea is now Targeting Crypto Users with Macs

Published

on

AppleJeus Malware Hack

The Lazarus group has earned quite a reputation for themselves in cyber-security circles.

This group of North Korean hackers have been responsible for some of the most well known intrusions in the past few years. For example, they were behind the Sony Pictures hack in 2014, the Bangladesh central bank heist in 2016 and the Wannacry ransomware outbreak in 2017.

It is safe to say that these are quite effective operators.

However, with the popularity of cryptocurrencies, the Lazarus group has changed their attack vectors and are targeting every day users with Malware.

The latest report now has the hackers using MacOS malware to hoover up information from those cryptocurrency users who work on Macbooks.

“AppleJeus”

This was the first time that the Lazarus group has developed malware to target Mac users. Indeed, Mac operating systems are far less susceptible to Malware than Windows based systems.

It was a surprise for researchers at Kaspersky Lab to have learned about the latest Lazarus attempt to target users with there macOS malware. They have labelled it “AppleJeus”.

This was first spotted on machines that were being used by cryptocurrency company in Asia. Indeed, this is no coincidence as the Lazarus group has often targeted cryptocurrency related businesses and exchanges in South Korea.

How Does it Work?

AppleJeus hides itself inside the code of a seemingly legitimate piece of cryptocurrency trading software called Celas Trade Pro. The user will download the app from the website of the developer. When it is first downloaded, there are no signs that anything could be off. The app appears to operate normally.

Celas Trade Screenshot

Screenshot of Celas Trade, the offending program. Source: kaspersky labs

Once the app is installed on the device, it will request to update the software. This sort of request is present in authentic software and as such will not trigger any alerts. However, there is malicious code that is inside of this update.

The moment that the update is installed, it will scan the computer and gather as much information as possible. This will then be sent back the hacker’s server so that they can make a decision on whether the person is worth attacking.

If they think that there is valuable information (or cryptocurrency) on the machine then they will instruct the software to install a trojan called “Fallchill”. For those who do not know, Trojans are malicious malware that will install a “backdoor” into the machine

Fallchill is a particularly robust trojan and can gather a great deal of information from the machine. This includes data such as financial information, login credentials and of course, information about cryptocurrency trading accounts.

Once the hackers have this personal information, they can either access your online accounts or they can conduct other spear phishing attacks against you. It is indeed a troubling development and according to Vitaly Kamluk of Kaspersky:

“For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies”

So now that you know North Korea is actively trying to get their hands on your cryptocurrency, how do you protect yourself?

Keeping Safe from AppleJeus

The most effetive way to protect yourself from this Malware is to make sure that you only download software that is well known and reputable. This of course goes without saying but it is far too often that relatively inexperienced cryptocurrency traders will avoid doing their research.

The researchers have recommended that people and businesses do not download the software of Celas Trade. Even though they appear to have a a good reputation and verified digital certificates, this cannot be fully trusted.

You should also consider investing in some effective anti-malware software that you should use to scan all files that you have downloaded. This should be done even if you trust the source because hackers have been known to infiltrate trusted websites.

Cryptocurrency Security 101

Even if you are unlucky enough to have your machine infected with crypto grabbing malware, basic crypto security best practices will still protect you.

If you do a great deal of online trading with your cryptocurrency then it is essential that you secure your accounts with 2 factor authentication. This way, you are at least able to reduce the number of attack vectors.

You should always secure your large cryptocurrency holdings in hardware wallet. This is because the wallets operate external from the machine and hence the trojan cannot read your private key information.

Caution and a healthy does of scepticism will protect you from the an unhealthy does of AppleJeus.

Featured Image via Fotolia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 3 rated postsNic is an ex Investment Banker and current crypto enthusiast. When he is not sitting behind six screens trading Bitcoin, he is maintaining his numerous mining rigs.




Feedback or Requests?

Continue Reading

Breaches

Mt. Gox vs. Bithumb: That Was Then, This Is Now

Published

on

Bithumb now shares something in common with the Tokyo-based shuttered bitcoin exchange Mt. Gox — both suffered a hack on about the same date, June 19. It’s a club that no exchange wants to belong to and that Bithumb happened on the seven-year anniversary of Mt. Gox’s maiden attack has to be more than an eerie coincidence.

It’s a stark reminder of the risks involved with keeping funds on an unregulated exchange, vulnerabilities that cost South Korea’s Bithumb some $36.6 million in digital cash and Mt. Gox $450 million in hacked bitcoin and its future. The Mt. Gox theft unfolded over a series of hacks that culminated in 2014. Though it’s still early on in the Bithumb hack, it appears the South Korean exchange will recover from the security breach. So what do we know now that we didn’t on June 19, 2011?

Then vs. Now

Former Coinbase official Nick Tomaino, who is also the founder of crypto fund 1 confirmation, reflected on the Mt. Gox hack in what proved to be a prescient tweet given the Bithumb attack that was about to surface.

The thing to note about Mt. Gox is that the Japan-based exchange in 2011 controlled most of the BTC trading volume, approximately three-quarters of it by average estimates — more if you ask Tomaino. Since bitcoin fever caught on in 2017, there are more than 500 cryptocurrency exchanges on which trading volume is shared. Binance boasts the highest trading volume and captures nearly 15% of bitcoin trading. It’s much less than Mt. Gox days but still a little high.

The other thing to note is that the Mt. Gox hack or actually hacks, as there were multiple attacks on the exchange over several years, was a mysterious event that was shrouded in controversy and mistrust of a key executive. Bithumb, on the other hand, confronted the hack seemingly right away on Twitter and has not let any grass grow under its feet in the interim, which is a key difference in the way Mt. Gox was handled.

Also, the bitcoin price didn’t tank in response to the Bithumb hack. It traded lower for a while, but less than 24 hours it was back in the green, which is a reflection of the fact that bitcoin trading is no longer dependent on a single exchange.

Charlie Lee, creator of Litecoin (LTC), the No. 6 cryptocurrency by market cap, was among the first to respond to the Bithumb hack. He tweeted:

Indeed, Bithumb does expect to be able to cover the losses via their reserves.

Crypto Security

It’s still early on in Bithumb’s security breach, and more details are sure to emerge in time. In the meantime, it’s a good idea to use the hack as an opportunity to examine the security of your cryptocurrency investment portfolio. There are several hardware wallet options out there for you to choose from — whether it’s Trezor or Ledger Nano S, to name a couple — and as Charlie Lee advised, “only keep on exchange coins that you are actively trading.”

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 62 rated postsGerelyn has been covering ICOs and the cryptocurrency market since mid-2017. She's also reported on fintech more broadly in addition to asset management, having previously specialized in institutional investing. She owns some BTC and ETH.




Feedback or Requests?

Continue Reading

Cybersecurity

NEM Theft Suggests Hacking Is More Lucrative than Mining

Published

on

The NEM Foundation has called off its search for the 523 million NEM tokens that were stolen from the Tokyo-based Coincheck exchange. Although the Foundation lauded the effectiveness of the search, the outcome proves yet again that cryptocurrency hackers are benefiting from the dark web, which provides an effective venue for laundering stolen funds.

Search for Stolen Coins Ends

In a statement published Mar. 19, the NEM Foundation informed its community that it had disabled the tracking mosaic used to monitor the movement of XEM funds tied to the massive heist of Coincheck in January. According to the post, the search ended on Mar. 18.

The statement reads:

“Beginning March 18, the NEM.io Foundation has disabled the tracking mosaic that was put into place to monitor XEM movements from the Coincheck theft. This effort was effective at reducing the hacker’s ability to liquidate stolen XEM and provided law enforcement with actionable information. We don’t plan to release further details due to the sensitive nature of this investigation.”

On. Jan. 26, hackers successfully made off with $530 million worth of XEM tokens, marking the biggest crypto heist on record. The theft propagated a new investigation into existing crypto exchanges by Japan’s Financial Services Authority (FSA). Domestic exchanges also announced plans to form a self-governing body to safeguard against illicit activity.

Hacked reported earlier this month that the Coincheck attackers had already laundered some 40% of the stolen NEM funds, primarily through the dark web. The stolen coins have reportedly made their way into exchanges in Japan, China and Canada.

Crypto Heists: A Growing Phenomenon

While the crypto economy has been highly lucrative for early adopters, cyber criminals have managed to steal huge sums of money. Unlike credit card fraud, the theft of major crypto exchanges has reshaped the digital currency market. This was most evident in 2014, when Mt Gox fell prey to a $480 million attack that eventually led to its demise.

As the Coincheck hack demonstrated, locating stolen funds and identifying perpetrators are extremely difficult. That said, NEM’s efforts to blacklist the tokens probably limited how much money the attackers were able to keep.

This brings us to an important question: is hacking more lucrative than legitimate crypto mining? To answer that question, we’ll begin by providing a rundown of the major crypto heists of the last four years.

Since 2014, hackers have made off with more than $1.3 billion in stolen coins. The biggest losses are as follows:

  • Coincheck: $530 million (2018)
  • Mt Gox: $480 million (2014)
  • Parity Wallet: $155 million (2017)
  • Bitfinex: $65 million (2016)
  • NiceHash: $63 million (2017)
  • DAO: $50 million (2016)
  • Tether: $31 million (2017)

For all of 2017, it is estimated that hackers stole nearly $400 million from ICOs. That’s roughly 10% of the total amount raised for the year.

Mining Profitability

Cryptocurrency mining has spearheaded a multi-billion-dollar industry. The recent crackdown on mining rigs in China means there is a large void in the market that several jurisdictions, including Canada and India, are rushing to fill. During the height of bitcoin’s surge, crypto miners earned roughly $240,000 every ten minutes. Miners now earn roughly half that, based on current price levels.

Of course, this doesn’t factor the cost of electricity, power consumption, hardware, manpower and other fees needed to operate a mining operation. These variables, combined with the unknown trajectory of crypto prices, make profitability a lot harder to gauge.

The yearly decline in profitability is also a critical, albeit elusive variable in pricing the success of a mining operation. This variable is tied to the number of miners that join the network – a figure that is extremely difficult to predict. Against this backdrop, 99bitcoins.com has developed a bitcoin mining calculator that provides simple guidance on whether a certain mining operation is profitable.

Other digital currencies provide a potentially more lucrative opportunity to join the mining business. For example, Monero can still be mined with a basic desktop computer. With an average block time of two minutes, users can mine the coin casually using the spare computing power of their home PC.

However, it appears that hackers have already taken over the Monero mining business. There are several recent cases of hackers embedding malware to hijack the computing power of other systems. The Australian government was also a victim of this hacking attempt.

Cryptomining is such a new phenomenon that there are few guidelines in place to ensure trust. Selecting a company to work with an a fair compensation model are two important questions every potential miner needs to consider.

As cryptocurrencies appreciate in value, the allure of cyber crime will continue to grow. As NEM, Mt Gox and other large-scale thefts demonstrate, criminals are succeeding in their quest to compromise online exchanges.

With respect to mining, profitability remains an elusive question, especially with the recent downturn in the market. That said, there are many alternative motivations involved in mining digital currency, including supporting the network, influencing the market and using additional revenues to fund other business operations.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
6 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 5 (6 votes, average: 4.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 610 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending