Connect with us

Cyberespionage

Someone is Probing to Take Down the Internet, Warns Cryptographer

Published

on

The pillars that provide the basic infrastructure of the internet are being probed by an unknown entity, probing for that point where the foundation cracks and the internet breaks.

The internet’s critical and underlying basic infrastructure is being probed by an unknown attacker who is – patiently – looking for vulnerabilities, revealed cybersecurity expert and cryptographer Bruce Schneier.

bruce-schneier

A board member at the Electronic Frontier Foundation (EFF) and the Tor project, Schneier is also the chief technology officer at Resilient, a cybersecurity firm recently acquired by IBM.

In a blog post, Schneier states that some of the companies that run “critical pieces of the internet” are being probed by an unknown quantity, with “precisely calibrated attacks.”,

Much like raptors did fences on Isla Nublar, these attacks are systematic and well-planned, seeking to understand the defenses employed by these vitally important companies.

“These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down,” Schneier wrote.

DDoS Disruptions

While Schneier did not disclose the companies – whom he spoke to in the condition of anonymity – he did reveal the attacks occurred in the way of distributed denial-of-service or DDoS attacks. While this form of attack isn’t anything new, Schneier revealed that the companies are seeing a changes in the way these DDoS attacks are being carried out. Not only are these attacks larger in bandwidth, they are also longer. They’re sophisticated and more notably, they’re probing.

He wrote:

One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.

In speculating, it’s possible that the companies Schneier is referring to include registrars (the companies that provide domains like .com etc.) and DNS providers.

DDoS flood

Schneier’s findings are in line with a DDoS trends report [PDF] by Verisign, the registrar for domains such as .com and .net. If Verisign is taken down, your favorite websites and even your emails are likely to stop working.

Furthermore, one of the companies even revealed that – in addition to DDoS attacks – intrusions that attempted to modify and manipulate internet addresses and tunnels, were also discovered. Again, to test the company or its security defense’s response times.

Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.

No Mischief Here

Schneier looks beyond activists and cybercriminals as the instigators of these systematic and calibrated attacks, pointing instead to the forces of cyberespionage. Such capabilities are, as history shows, possessed by the likes of China, Russia, North Korea and the United States, among others.

He wrote:

It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.

If the assertion does come true someday, the world could see an unparalleled blackout that could disrupt the way we live in the present day, to the very core.

And what can we do about it?

“Nothing, really,” Schneier added.

Nothing until we are aware and talking about it and do some probing of our own to look for that unknown intruder.

Images from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

10 Comments

10 Comments

  1. Pete RePete

    September 14, 2016 at 4:13 pm

    Surely we know the source of the ddos probe no?

    • unpundit

      September 14, 2016 at 10:01 pm

      DDOS attacks do not have a sing’e source, by definition.

  2. Илья Найдов

    September 14, 2016 at 4:50 pm

    It’s done by our country’s cyberweaponry… Russia…

  3. Wild Bill Kinda

    September 14, 2016 at 6:09 pm

    That was how the banking sites were affected a while back with a DDOS attack, by taking down their DNS server.

  4. tinus42

    September 14, 2016 at 10:24 pm

    This article is useless without specifics, “Someone” maybe just one guy in his mom’s basement. I bet there is someone who has plans to nuke the sun.

    • Giulio Prisco

      September 15, 2016 at 5:35 am

      Schneier says “I am unable to give details, because these companies spoke with me under condition of anonymity.”

  5. Lord Diamond

    September 17, 2016 at 5:09 am

    zionists, fbi, russia? who knows… as long as tech and cyber security continue to rapidly evolve we’ll be fine.

  6. Ade

    September 19, 2016 at 1:24 am

    Hopefully defences are being shored up and strengthened as we speak.

  7. Orchideric

    September 19, 2016 at 4:09 am

    A cryptographer warns us about the internet having DDoS attacks. You’ve gotta be kidding me?

  8. newsuperhuman

    October 3, 2016 at 5:50 am

    We know who the “unknown quantities” are – the US, China, Russia, UK, Germany, etc. No mystery here.

You must be logged in to post a comment Login

Leave a Reply

Cyberespionage

North Korea is now Targeting Crypto Users with Macs

Published

on

AppleJeus Malware Hack

The Lazarus group has earned quite a reputation for themselves in cyber-security circles.

This group of North Korean hackers have been responsible for some of the most well known intrusions in the past few years. For example, they were behind the Sony Pictures hack in 2014, the Bangladesh central bank heist in 2016 and the Wannacry ransomware outbreak in 2017.

It is safe to say that these are quite effective operators.

However, with the popularity of cryptocurrencies, the Lazarus group has changed their attack vectors and are targeting every day users with Malware.

The latest report now has the hackers using MacOS malware to hoover up information from those cryptocurrency users who work on Macbooks.

“AppleJeus”

This was the first time that the Lazarus group has developed malware to target Mac users. Indeed, Mac operating systems are far less susceptible to Malware than Windows based systems.

It was a surprise for researchers at Kaspersky Lab to have learned about the latest Lazarus attempt to target users with there macOS malware. They have labelled it “AppleJeus”.

This was first spotted on machines that were being used by cryptocurrency company in Asia. Indeed, this is no coincidence as the Lazarus group has often targeted cryptocurrency related businesses and exchanges in South Korea.

How Does it Work?

AppleJeus hides itself inside the code of a seemingly legitimate piece of cryptocurrency trading software called Celas Trade Pro. The user will download the app from the website of the developer. When it is first downloaded, there are no signs that anything could be off. The app appears to operate normally.

Celas Trade Screenshot

Screenshot of Celas Trade, the offending program. Source: kaspersky labs

Once the app is installed on the device, it will request to update the software. This sort of request is present in authentic software and as such will not trigger any alerts. However, there is malicious code that is inside of this update.

The moment that the update is installed, it will scan the computer and gather as much information as possible. This will then be sent back the hacker’s server so that they can make a decision on whether the person is worth attacking.

If they think that there is valuable information (or cryptocurrency) on the machine then they will instruct the software to install a trojan called “Fallchill”. For those who do not know, Trojans are malicious malware that will install a “backdoor” into the machine

Fallchill is a particularly robust trojan and can gather a great deal of information from the machine. This includes data such as financial information, login credentials and of course, information about cryptocurrency trading accounts.

Once the hackers have this personal information, they can either access your online accounts or they can conduct other spear phishing attacks against you. It is indeed a troubling development and according to Vitaly Kamluk of Kaspersky:

“For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies”

So now that you know North Korea is actively trying to get their hands on your cryptocurrency, how do you protect yourself?

Keeping Safe from AppleJeus

The most effetive way to protect yourself from this Malware is to make sure that you only download software that is well known and reputable. This of course goes without saying but it is far too often that relatively inexperienced cryptocurrency traders will avoid doing their research.

The researchers have recommended that people and businesses do not download the software of Celas Trade. Even though they appear to have a a good reputation and verified digital certificates, this cannot be fully trusted.

You should also consider investing in some effective anti-malware software that you should use to scan all files that you have downloaded. This should be done even if you trust the source because hackers have been known to infiltrate trusted websites.

Cryptocurrency Security 101

Even if you are unlucky enough to have your machine infected with crypto grabbing malware, basic crypto security best practices will still protect you.

If you do a great deal of online trading with your cryptocurrency then it is essential that you secure your accounts with 2 factor authentication. This way, you are at least able to reduce the number of attack vectors.

You should always secure your large cryptocurrency holdings in hardware wallet. This is because the wallets operate external from the machine and hence the trojan cannot read your private key information.

Caution and a healthy does of scepticism will protect you from the an unhealthy does of AppleJeus.

Featured Image via Fotolia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 3 rated postsNic is an ex Investment Banker and current crypto enthusiast. When he is not sitting behind six screens trading Bitcoin, he is maintaining his numerous mining rigs.




Feedback or Requests?

Continue Reading

Cyberespionage

The NSA Is Tracking Bitcoin Users, According to Snowden Papers

Published

on

The U.S. National Security Agency (NSA) used its vast powers to spy on and track down bitcoin users globally, according to classified documents released by Edward Snowden. The revelations send a chilling message to crypto investors that their activity may be monitored by federal agencies under the guise of anti-money laundering programs.

Deep State Targets Bitcoin Users

The spy agency used sophisticated techniques to monitor senders and receivers of digital currency as far back as 2013, according to several memos that were published by The Intercept. The classified reports also seemed to indicate that the NSA may have collected information from users’ personal computers.

The reports obscure the identity of the agents involved in the investigation, referring to them only with code names. One particularly telling passage was taken from a weekly report dated Mar. 2-8, 2013:

“S2F214 [the agent] is hoping to use the access for their mission of looking at organized crime and cyber targets that utilize online e-currency services to move and launder money. These illicit finance networks provide user access to international monetary systems, while providing a high-degree of anonymity.”

In a Mar. 15, 2013 report, the spy agency referred to bitcoin as the “#1 priority”.

Julian Assange commented on the newly leaked documents, where he called out various media platforms for neglecting to follow the WikiLeaks model

According to the documents, the NSA monitored bitcoin using a program called MONEYROCKET, which gathered information from the Middle East, Asia, Europe and South America. Interestingly, the reports show that bitcoin wasn’t the only area targeted by the NSA. Liberty Reserve, a now defunct digital currency service, also received careful attention.

Based in Costa Rica, Liberty Reserve was shut down in 2013 by the United States government for criminal activity. Prosecutors appealed to the controversial Patriot Act to dissolve the entity following an investigation with 16 other countries. The platform’s founder, Arthur Budovsky, and six others were charged with money laundering.

Financial Privacy

The recent documents released by Snowden sent a clear warning sign to cryptocurrency users that their financial information could be intercepted by big government agencies. Although some news outlets have used the documents to question bitcoin’s privacy features, many within the crypto community know that the original blockchain isn’t necessarily the most anonymous.

In fact, dark web criminals are beginning to disavow bitcoin for one of the many privacy coins in circulation today. Chief among them are Zcash and Monero. A report released in February also drew attention to the meteoric rise of Litecoin on the dark web.

Assessed purely in terms of privacy, many believe Zcash provides the best protections. Unlike other protocols, Zcash uses advanced encryption to obscure the sender’s address.

Privacy isn’t the only consideration cyber criminals weigh when deciding which cryptocurrency to exploit. According to Recorded Future researchers, transaction fees and speed are also important factors.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

 

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
3 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 5 (3 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 614 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Cryptocurrencies

Spectre And Meltdown Madness: What It Means For Ethereum

Published

on

To anyone who talks in terms of a cryptocurrency bubble, consider the following fun facts. In the short period of a few days following the bombshell announcement of Meltdown and Spectre, crypto prices responded in the following manner:

Bitcoin +18%

ETH +41%

Litecoin +30%

In my view, this is clear evidence of a market that is responding rationally to information coming from responsible sources. To appreciate what all the noise is about you must appreciate what Meltdown and Spectre are and why they present a danger to the big companies providing cloud storage for the corporate world.

Once this is clear, then you will better appreciate why Ether’s 41%+ short-term price spike left the others in the dust. But first lets dig into the Meltdown and Spectre situation.

The Secret Got Out

 On January 3 the secret about a new class of security vulnerabilities leaked out to the public. Not only was this seriously bad news but the leak also gave hackers advanced notice before anyone could begin to fix the twin problems.

The degree of seriousness is in the fact that almost all major microprocessor chips are vulnerable. This opens the door to hackers stealing information from personal as well as cloud services.

Researchers claim that Meltdown can be fixed with a patch. Shortly thereafter about every major player announced their patch. But there are two issues here. Will the patches fully solve they problem?

Casting A Cloud Over The Cloud

When a corporation becomes a cloud customer, even the largest share machines with other customers. This is the basic flaw in the centralized structure of cloud storage. Contrast this with the decentralized structure of blockchain technology and you begin to appreciate the force behind the sudden price spike in cryptocurrencies that we highlighted above.

Even though security tools and protocols are designed to separate customers date, the recently discovered Meltdown and Spectre flaws still leave serious vulnerabilities.

Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers.

Secondly, reports on cloud services like Amazon, Google and Microsoft claim that it creates as much as 30% slower computation speeds. That clearly won’t make for happy customers.

Jerky NetFlix

Virtually everyone reviewing the situation believes individual computer users are the least vulnerable. That may be true. Hackers are in the hunt for the biggest prize and that would be the big three cloud companies. But how do you think families are going to react if their Netflix stalls and buffers every few minutes?

In the final analysis, the Meltdown flaw affects virtually every computer chip fabricated by Intel in use today. You are talking about 90% of the Internet and business world. But Meltdown is just one flaw.

Spectre is the other flaw and this one is the more insidious of the two. There is no known fix. Intel, AMD and others have claimed how complex a project it would be for hackers to breech the Spectre vulnerability. That is pretty hollow comfort. After all, hasn’t the FBI security been breeched. Those guys were supposed to be airtight.

Boom Days For Blockchain

In so many ways, last year marked a tipping point in the spread and acceptance of blockchain technology. The uses for Bitcoin are probably best gauged by its record $20,000 price in December. For Ethereum, it may have been marked by the formation of the Enterprise Ethereum Alliance (EEA) in February and rise to over 300 members at year-end.

No sooner has 2018 begun that the Meltdown and Spectre flaws created unexpected excitement for investors in cryptocurrencies. If I were a software salesman out of work, I would be sending my resume to every crypto company offering to peddle their blockchain. It could be the easiest job since selling web design services in 1995.

The Ethereum platform with its smart contracts is not the only crypto capable of addressing this newly uncovered opportunity created by Meltdown and Spectre. You can safely bet this will attract many players and for good reason, today’s blockchain technology is a long way from fast enough for mass adoption. Blockchain security may be a step or two better in it present form than cloud storage, but it has its security issues as well.

Building the Ethereum Moat

 EEA founder Jeremy Millar is clearly a brand ambassador for Ethereum. He believes that CEOs hear the chatter about blockchain and are pre sold not having a clear picture what can be accomplished or the money saved using this technology. The important thing is for IT departments to have a respected brand to attach to their recommendations.

The EEA seeks to connect and inform and through this pioneering process spread the gospel of Ethereum. So far this is beginning to build a brand franchise for Ethereum.

The EEA is the largest blockchain body and is committed to using open-source Ethereum technology for enterprise blockchain solutions. EEA expects to see great advances in these areas in 2018 with Ethereum technologies.

It also helps when Wall Street banks uncover the potential for billions in savings on the trading desks through the applications of the Ethereum platform.

So, if you though the last year held plenty of excitement, the Meltdown and Spectre flaws promise to make this year every bit as much fun.

Featured image courtesy of Shutterstock.

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
14 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 5 (14 votes, average: 4.14 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 107 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending