Connect with us
CLOSE

Bitcoin Scams

Cryptojacking Code Found In 11 Open (And Infected) Libraries

Published

on

bzx defi protocol

Thousands of open libraries have been infected by a new type of a cryptojacking code which aims to initiate malicious mining. The latest cryptocurrency news show that the code was already found in 11 open source code libraries written in Ruby which have been downloaded thousands of times so far.

According to the industry news outlet Decrypt and its reports on August 21, the cryptojacking code has been added to the 11 open source Ruby libraries distributed on the RubyGems platform. The report also features that the infected libraries were downloaded more than 3,500 times.

The altcoin news note that the hackers reportedly downloaded the software, infected it with the malware (using the cryptojacking code) and re-posted it on RubyGems. The malicious code was first noticed by a GitHub user who posted on the network reporting the issue on August 19. The user also pointed out that when executed, the library downloaded even more code from the test hosting service Pastebin – triggering malicious mining.

The cryptojacking code and malware also sent the address of the infected host to the attacker alongside the environment variables which may have included credentials. As some users pointed out, RubyGems contributors should enable two-factor authentication on their accounts mostly because of potential compromises and infecting many other system.

As the best cryptocurrency news sites reported, five of the libraries which were infected were cryptocurrency-specific, meaning that there were names like doge-coin, bitcoin_vanity, coin_base and blockchain_wallet spread around. The last two were the most downloaded, with coin_base having more than 424 downloads while blockchain_wallet had 423.

However, this cryptojacking code is nothing new in the world of viruses and infected mining. As we recently reported, the cybersecurity company Varonis has discovered a new cryptojacking virus which is dubbed “Norman” – that aims to mine the cryptocurrency Monero (XMR) and evade detection without the user knowing what’s happening in the background.

A report published on our site earlier this year has also shown that cryptojacking is prime example of a shift towards discreet cyberattacks – something that is trending right now. So far, we have seen so many variants of pieces of malware which are spreading or being loaded.

DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at editor@dcforecasts.com

Continue Reading
Comments

Bitcoin Scams

How To Avoid The Dangerous Adobe Flash Malware Named “Shlayer”

Published

on

By

how to avoid
A recent investigation by the Kaspersky team focused on the Adobe Flash malware known as "Shlayer" outlining steps on how to avoid it. As you may know if you read our Bitcoin scam news before, the malware deploys an "Any Search" bar on a victim's computer through fake Adobe Flash updates and is the most popular Mac malware out there. Ars Technica is another company which came with a detailed breakdown of the investigation which is worth a read, but you should know the easy way to keep your Mac safe from this Shlayer malware and how to avoid it as well as other similar viruses. Simply put, the easiest way to learn how to avoid the dangerous Adobe Flash malware is the be smarter about what you are clicking on. Even though you can circumvent ads like these with an adblocking browser or content-blocking extension or an antivirus or anti-malware program, the best way to avoid them is common sense. The truth is, you should not rely on extra software to spot potential malware attacks masquerading as Flash Player updates, video plugins or pirated content at this point. The Adobe Flash malware "Shlayer" might be a few years old but the classic malware setup is using fake Flash Player downloads to install things you don't want. So, the obvious way is to learn how to avoid it. Besides, lash has been largely abandoned by web developers and will soon lose legacy support on Chrome and other browsers. That said, you should know how to avoid this malware but also avoid focusing on programs like these. There is absolutely no reason to install, update or use Flash Player to access online content in 2020 except for rare cases. But none of those exceptions includes watching illegal streams of sports events, leaked movies and more. And if you need to download Flash, you should get it directly from Adobe's official website. The Shlayer Adobe Flash malware made a lot of waves in the crypto news earlier this year for apparently affecting 1 in 10 Mac devices. Whether you are  trying to download the app for crypto-related purposes or not, you should always be 100% careful and know the risks.
`
Continue Reading

Bitcoin Scams

Chinese Exchange Fcoin Closes, Still Owes Users $125 Million

Published

on

By

chinese exchange fcoin
The latest Bitcoin scam news show that scams can even come from an exchange. The simple example is the Chinese exchange Fcoin which recently revealed that it may not be able to pay the 7,000 to 13,000 in BTC (around $67 million to $125 million) that it owes its users. According to Zhang, the exchange has not been hacked and is not an exit scam. Still, evidence suggests that it might be exactly that. Zhang claims that the shutdown is a result of series of internal data errors and decisions which are too complicated to explain. As he said:
“This is a problem that is a little too complicated to be explained in a single sentence, the time span is also large, and the two story development lines are advancing and affecting each other at the same time, leading to the final outcome.”
The Chinese exchange Fcoin is now in the cryptonews. After its launch in May, the reported trading volumes became some of the biggest in the world overnight thanks to a new business model called "transaction mining." Later on, one Reddit user reported that this volume was actually fake - which is when the problems started. The exchange was later on described as a scam by many and the suspicions about its business model turned out true. There was no airdrop nor ICO at launch and the Chinese exchange Fcoin distributed 51% of its native tokens to users for reimbursing transaction fees. The CEO of Binance, Changpeng Zhao, has publicly called FCoin a Ponzi scheme since the middle of 2018, commenting on Zhang's post in a tweet which read:
“I rarely called out anyone, with exceptions. On Chinese social media, I called FCoin a pyramid scheme in mid-2018. Their founder calls his own plan a "better invention than #Bitcoin". That did it for me. Who would say such a thing? About themselves? Except scammers.”
https://twitter.com/cz_binance/status/1229446449152348161 To this, Zhang replied saying that there have been some errors which the Chinese exchange FCoin detected - but did not explain why it failed to address such problems before it is too late.
‘With the deepening of the investigation, we found a large number of existing data problems of dividends and mining returns, and these problems have existed for many days. As a result, a large number of users have already been through operations such as buying and selling various currencies and withdrawing cash, causing the pollution of assets.”
The platform was suspended a few days ago by its own account for risk control, which caused a lot of speculation that the project was shutting down and the operators are vanishing. In the last few sentences on his blog post, however, Zhang said that he will do everything to give back the money to users via email personally - and compensate FCoin user losses with the profits he would make from other projects.
`
Continue Reading

Bitcoin Scams

Bitcoin Robbery: 5 Biggest BTC Scams In History

Published

on

By

bitcoin robbery
The term Bitcoin robbery is used by a lot of people who have been scammed to show how much Bitcoin (BTC) they lost, how they felt etc. In today's crypto news, we are listing the biggest Bitcoin scams and report the top cases where most BTC was stolen from users. Bitcoin hackers stealing $500,000 in 2011 In early 2011, a Bitcoin Talk forum user with a nickname @allinvain made over 25,000 BTC from mining. This was a period when BTC was at $20 which made his Bitcoins worth around $500,000. Then, on June 13, he woke up to see a huge chunk of his Balance gone. The Bitcoin robbery victim could have around $250 million right now. Hackers bring down the world's (then) largest exchange A Russian named Alexander Vinnik owned Bitcoin exchange called BTC-e. Even though the law enforcement officials alleged that he knowingly accepted stolen Bitcoins from Mt. Gox - the case went viral in the Bitcoin news then. 'Bitcoin Savings And Trust' Scheme Was Shut Down The Bitcoin Savings And Trust was a classic Ponzi scheme which lured customers with a promise of high returns. Many described it as a Bitcoin robbery and the scheme finally shut down in August 2012 and a year later, the government indicted the main guy behind it - Tendon Shavers. Bitfloor suffers a catastrophic attack and loses 24,000 Bitcoins The Bitfloor exchange was the target of a Bitcoin robbery in September 2012, saying goodbye to more than 24,000 Bitcoins which were then worth around $250,000. The exchange did not have that much BTC in reserve so it was made insolvent by this theft. Even though it resumed its operations a week later, the effort was unsuccessful and the exchange closed its doors for good in April 2013. A major exchange loses 120,000 in BTC to hackers In August 2016, the Bitcoin exchange Bitfinex announced that it lost $77 million worth of Bitcoins in a Bitcoin robbery organized by multiple hackers. The company foisted the costs on to users and forced them to take a 36% reduction in the value of their deposits. This has been one of the biggest Bitcoin scams up to date. If you want to get more information on the latest Bitcoin robberies, keep on reading our blog!
`
Continue Reading

Bitcoin Scams

Altsbit Crypto Exchange Suffers Hack Attack, Lost 95% Of Funds

Published

on

By

Altsbit
The Altsbit crypto exchange based in Italy was the latest to suffer a bitcoin robbery or a hack attack with its hot wallet being completely emptied by cybercriminals. In our latest crypto news, we take a closer look at what exactly happened. Altsbit announced the news of the hack in a tweet that was published on Thursday and the announcement read:
‘’Unfortunately, we have to notify you with the fact that our exchange was hacked during the night and almost all funds from BTC, ETH, ARRR and VRSC were stolen. A small part of the funds are safe on cold wallets.’’
From the announcement, it seems that Altbits had almost all of the funds on the hot wallets despite their major vulnerability to malicious cyber intrusions. The Italian crypto exchange will provide a full report on the lost funds soon and we will be able to see exactly how big of damage the theft made. In the follow-up tweets of the exchange, however, can be seen that the hackers stole 1,066 Komodo tokens and 283,375 Verus coins. This combined the value of both stolen cryptos stands at about $27,000. At press time, Altsbit had a 24-hour trading volume of $14.8 million with 98% of its trading activity coming from the ARRR/BTC pair which is the native token of the pirate Chain. Reacting to the news of the hack, some of the supporters of decentralized exchanges noted the vulnerabilities of the platforms that are centralized. However, centralized platforms still command the grater trading volume as the DEX services have a notoriously hard way of navigating the user interfaces. As for the security situation with centralized crypto exchange platforms, the 2020 crypto crime reports by Chainlink show that the exchanges seem to be better equipped to deal with the hackers. Despite the increase in the number of hack attacks, the blockchain analysis firm explained that the total amount of stolen funds in the hacks declined dramatically from the previous year. One of the important strategies that exchanges use is to limit their hot wallet holdings and this will show any inside involvement since the hackers are less sable to drain the vast crypto sums from vulnerable hot wallets. The North Korean hack group Lazarus, is suspected of being behind most of the crypto exchanges in the Asian Pacific and now it seems that it is changing its attack vectors. The group utilizes phishing malware on popular messaging platforms such as Telegram.
`
Continue Reading

Newsletter

For Updates & Exclusive Offers
enter your email below





NEWS CATEGORIES

ADVERTISEMENT

cryptocurrency review
FO5F93F47156 - Cryptojacking Code Found In 11 Open (And Infected) Libraries

ADVERTISEMENT

Medium Rectangle 300 200 2 Animated - Cryptojacking Code Found In 11 Open (And Infected) Libraries

ADVERTISEMENT

oasistrade banner

ADVERTISEMENT

300 250 - Cryptojacking Code Found In 11 Open (And Infected) Libraries
FO710FC3F2305 1 - Cryptojacking Code Found In 11 Open (And Infected) Libraries

ADVERTISEMENT

300 600 3 - Cryptojacking Code Found In 11 Open (And Infected) Libraries

Trending Worldwide