Connect with us

Cyberespionage

Hong Kong Targeted by ‘Politically-Motivated” Chinese Hackers

Published

on

During the lead-up to the recent legislative elections in Hong Kong, two government agencies in the country had been targeted by cyberespionage agents from China in a politically-motivated attack during August, a cybersecurity firm stated.

A Chinese hacking group has been accused of targeting multiple Hong Kong government agencies with cyberespionage operations in politically motivated attacks, according to U.S. cybersecurity firm iSIGHT, a unit of FireEye Inc,.

China keyboard

Dubbed APT 3 (Advanced Persistent Threat), the hacking group has, according to iSIGHT president John Watters speaking to Bloomberg, targeted the Hong Kong agencies with spear-phishing attacks. The malware-laden emails were sent in what was “certainly” a politically motivated attack, Watters said, due to the targets involved.

While Watters refused to confirm if APT 3 was a state-sponsored or linked hacking group, he revealed that the firm had informed Hong Kong authorities of incidents during at least three separate occasions.

One of the emails used during the attacks included a report on election results with a hyperlink to a compromised sub-domain that contained the malware. This malware would then have the means to infiltrate the computer from which the malicious sub-domain was accessed, before compromising other networks that the computer is connected to.

Hong Kong’s Past and Future Intertwined with China

Hong Kong’s 2016 elections saw a record 2.2 million people turn up as calls for further political autonomy or even outright independence from China resonate throughout the country. Beijing’s continued influence over Hong Kong after the latter was handed back to China from Great Britain in 1997, has been among the key campaign issues this year, where voters will select lawmakers for the 70-seat Legislative council.

Watters believes that the cyberespionage operation was triggered out of a need to gain information on Hong Kong’s political affairs.

What it appears to be is an opportunity to gain information without having the transparency of having to make a request. If you want to know what someone’s thinking, would you rather read their diary or hear their prepared remarks?

In a statement, the office for information of the Hong Kong government confirmed that it had been informed of the attacks, with “relevant security measures” enforced to block the suspicious e-mails. The office added:

So far, there is no security incident report from the two concerned departments.

The targeted departments or the stolen information, if any, haven’t been revealed or verified.

 Images from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

Cyberespionage

The NSA Is Tracking Bitcoin Users, According to Snowden Papers

Published

on

The U.S. National Security Agency (NSA) used its vast powers to spy on and track down bitcoin users globally, according to classified documents released by Edward Snowden. The revelations send a chilling message to crypto investors that their activity may be monitored by federal agencies under the guise of anti-money laundering programs.

Deep State Targets Bitcoin Users

The spy agency used sophisticated techniques to monitor senders and receivers of digital currency as far back as 2013, according to several memos that were published by The Intercept. The classified reports also seemed to indicate that the NSA may have collected information from users’ personal computers.

The reports obscure the identity of the agents involved in the investigation, referring to them only with code names. One particularly telling passage was taken from a weekly report dated Mar. 2-8, 2013:

“S2F214 [the agent] is hoping to use the access for their mission of looking at organized crime and cyber targets that utilize online e-currency services to move and launder money. These illicit finance networks provide user access to international monetary systems, while providing a high-degree of anonymity.”

In a Mar. 15, 2013 report, the spy agency referred to bitcoin as the “#1 priority”.

Julian Assange commented on the newly leaked documents, where he called out various media platforms for neglecting to follow the WikiLeaks model

According to the documents, the NSA monitored bitcoin using a program called MONEYROCKET, which gathered information from the Middle East, Asia, Europe and South America. Interestingly, the reports show that bitcoin wasn’t the only area targeted by the NSA. Liberty Reserve, a now defunct digital currency service, also received careful attention.

Based in Costa Rica, Liberty Reserve was shut down in 2013 by the United States government for criminal activity. Prosecutors appealed to the controversial Patriot Act to dissolve the entity following an investigation with 16 other countries. The platform’s founder, Arthur Budovsky, and six others were charged with money laundering.

Financial Privacy

The recent documents released by Snowden sent a clear warning sign to cryptocurrency users that their financial information could be intercepted by big government agencies. Although some news outlets have used the documents to question bitcoin’s privacy features, many within the crypto community know that the original blockchain isn’t necessarily the most anonymous.

In fact, dark web criminals are beginning to disavow bitcoin for one of the many privacy coins in circulation today. Chief among them are Zcash and Monero. A report released in February also drew attention to the meteoric rise of Litecoin on the dark web.

Assessed purely in terms of privacy, many believe Zcash provides the best protections. Unlike other protocols, Zcash uses advanced encryption to obscure the sender’s address.

Privacy isn’t the only consideration cyber criminals weigh when deciding which cryptocurrency to exploit. According to Recorded Future researchers, transaction fees and speed are also important factors.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

 

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
3 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 5 (3 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 548 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Cryptocurrencies

Spectre And Meltdown Madness: What It Means For Ethereum

Published

on

To anyone who talks in terms of a cryptocurrency bubble, consider the following fun facts. In the short period of a few days following the bombshell announcement of Meltdown and Spectre, crypto prices responded in the following manner:

Bitcoin +18%

ETH +41%

Litecoin +30%

In my view, this is clear evidence of a market that is responding rationally to information coming from responsible sources. To appreciate what all the noise is about you must appreciate what Meltdown and Spectre are and why they present a danger to the big companies providing cloud storage for the corporate world.

Once this is clear, then you will better appreciate why Ether’s 41%+ short-term price spike left the others in the dust. But first lets dig into the Meltdown and Spectre situation.

The Secret Got Out

 On January 3 the secret about a new class of security vulnerabilities leaked out to the public. Not only was this seriously bad news but the leak also gave hackers advanced notice before anyone could begin to fix the twin problems.

The degree of seriousness is in the fact that almost all major microprocessor chips are vulnerable. This opens the door to hackers stealing information from personal as well as cloud services.

Researchers claim that Meltdown can be fixed with a patch. Shortly thereafter about every major player announced their patch. But there are two issues here. Will the patches fully solve they problem?

Casting A Cloud Over The Cloud

When a corporation becomes a cloud customer, even the largest share machines with other customers. This is the basic flaw in the centralized structure of cloud storage. Contrast this with the decentralized structure of blockchain technology and you begin to appreciate the force behind the sudden price spike in cryptocurrencies that we highlighted above.

Even though security tools and protocols are designed to separate customers date, the recently discovered Meltdown and Spectre flaws still leave serious vulnerabilities.

Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers.

Secondly, reports on cloud services like Amazon, Google and Microsoft claim that it creates as much as 30% slower computation speeds. That clearly won’t make for happy customers.

Jerky NetFlix

Virtually everyone reviewing the situation believes individual computer users are the least vulnerable. That may be true. Hackers are in the hunt for the biggest prize and that would be the big three cloud companies. But how do you think families are going to react if their Netflix stalls and buffers every few minutes?

In the final analysis, the Meltdown flaw affects virtually every computer chip fabricated by Intel in use today. You are talking about 90% of the Internet and business world. But Meltdown is just one flaw.

Spectre is the other flaw and this one is the more insidious of the two. There is no known fix. Intel, AMD and others have claimed how complex a project it would be for hackers to breech the Spectre vulnerability. That is pretty hollow comfort. After all, hasn’t the FBI security been breeched. Those guys were supposed to be airtight.

Boom Days For Blockchain

In so many ways, last year marked a tipping point in the spread and acceptance of blockchain technology. The uses for Bitcoin are probably best gauged by its record $20,000 price in December. For Ethereum, it may have been marked by the formation of the Enterprise Ethereum Alliance (EEA) in February and rise to over 300 members at year-end.

No sooner has 2018 begun that the Meltdown and Spectre flaws created unexpected excitement for investors in cryptocurrencies. If I were a software salesman out of work, I would be sending my resume to every crypto company offering to peddle their blockchain. It could be the easiest job since selling web design services in 1995.

The Ethereum platform with its smart contracts is not the only crypto capable of addressing this newly uncovered opportunity created by Meltdown and Spectre. You can safely bet this will attract many players and for good reason, today’s blockchain technology is a long way from fast enough for mass adoption. Blockchain security may be a step or two better in it present form than cloud storage, but it has its security issues as well.

Building the Ethereum Moat

 EEA founder Jeremy Millar is clearly a brand ambassador for Ethereum. He believes that CEOs hear the chatter about blockchain and are pre sold not having a clear picture what can be accomplished or the money saved using this technology. The important thing is for IT departments to have a respected brand to attach to their recommendations.

The EEA seeks to connect and inform and through this pioneering process spread the gospel of Ethereum. So far this is beginning to build a brand franchise for Ethereum.

The EEA is the largest blockchain body and is committed to using open-source Ethereum technology for enterprise blockchain solutions. EEA expects to see great advances in these areas in 2018 with Ethereum technologies.

It also helps when Wall Street banks uncover the potential for billions in savings on the trading desks through the applications of the Ethereum platform.

So, if you though the last year held plenty of excitement, the Meltdown and Spectre flaws promise to make this year every bit as much fun.

Featured image courtesy of Shutterstock.

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
14 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 5 (14 votes, average: 4.14 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 96 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

Cyberespionage

Apple Watches Banned from UK Cabinet Meetings for Hacking Fears

Published

on

Cabinet ministers have voiced concerns that Apple Watches could be hacked by Russian spies, prompting the devices to be barred from meetings, according to a report from The Telegraph.

Under the new leadership of Theresa May, U.K cabinet ministers have been barred from wearing the watch during meetings after concerns were raised that the gadgets could be employed as listening devices.

The Apple Watches join the list of banned items alongside mobile phones after these were barred for similar reasons.

According to a survey conducted by research firm IDC, Apple Watches account for seven percent of the market compared to FitBit, which is reported to account for 25.4 percent.

A Threat from Russian Hackers

This latest news comes amid concerns of a possible threat from Russian hackers who have recently been in the news.

Russian hackers are alleged to have been able to obtain confidential emails from the Democratic National Congress during the U.S. elections despite Russian president, Vladimir Putin, denying this was the case. Surprisingly, congressional leaders are reported to have known about the hacking a year before it was officially announced.

Not only that, but at the recent Rio Olympics, which saw many Russian athletes banned from competing after it was revealed that there was a state-run doping program in the country, Russian hackers have retaliated.

A Russian cyberespionage group known as Fancy Bear recently accessed and leaked data from several high-profile Olympic athletes, by targeting a World Anti-Doping Agency (WADA) database. This is the same agency that placed a recommendation to ban all Russian athletes from the 2016 Rio Olympics.

Unsurprisingly, with the threat of Russian hackers high, and with devices such as mobile phones and watches now being considered as vulnerable gadgets that can be hacked into, it seems as though banning them from important meetings is the only way that will remove any possible threat to state security.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...





Feedback or Requests?

Continue Reading

5 of 15 Seats Available

Learn more here.

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending