Dub 15

Global Banking System Under Threat As Hackers Crack NSA, SWIFT Again

· April 15, 2017 · 2:00 pm

Hacker group Shadow Brokers has allegedly proved the US National Security Agency (NSA) hacked SWIFT international banking network.


NSA ‘Documents And Files’ Show SWIFT Transactions ‘Monitored’

In “documents and files” released Friday, Reuters reports, the group said it had evidence the NSA used SWIFT to “monitor money flows among some Middle Eastern and Latin American banks.”

The news marks the second time Shadow Brokers has laid claim to compromising NSA secrets. In August 2016, the group said it had entered an agency affiliate and taken details of cyberweapons, which it planned to auction for one million bitcoins.

If true, it is also a further blow to SWIFT, which last year recorded several high-level security failures worth hundreds of millions of dollars.

“NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more,” Mustafa Al-Bassam, computer science researcher at University College London, commented on the findings.

Bitcoin Core Dev: Implications Beyond Spying ‘Burning Question’

Reactions from within the cryptocurrency community meanwhile focussed on the broader implications of Shadow Brokers’ latest attack.

Core developer Wladimir van der Laan wrote on Twitter “(finding) indication of tools for manipulation of banks/markets, more than spying” was now the “burning question.”

As the traditional financial system comes under increasing threat from cyber criminals, Bitcoin could emerge as the go-to method for storing wealth thanks to its decentralized blockchain and SHA 256 encryption, especially when compared to the ‘honeypot’ of banks’ centralized databases.

Microsoft Back In Spying Spotlight

The released data does not only focus on SWIFT, but also on Microsoft. Having been outed as involved in NSA spying activities by Wikileaks’ Vault 7 dump in March, the corporation this time is facing stolen code for compromising Windows, “at least some of which still work.”

In a responsorial statement, Microsoft protested ignorance. No official correspondence regarding the threat had been received.

“Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” it told Reuters.

Windows 10

Regarding the specifics of the SWIFT hack, it appears Dubai-headquarted service bureau Eastnets could be a major target.

Like Microsoft, the SWIFT intermediary denied any malicious activity had occurred.

The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded,” the BBC quotes a spokesperson as saying. “The EastNets Network Internal Security Unit has run a complete check of its servers and found no hacker compromise or any vulnerabilities.”

NSA spying activities are claimed to have affected not just companies, but politicians and even everyday consumers.

As part of Vault 7, WikiLeaks suggested end-user electronic devices such as smartphones and smart TVs could have become microphones for intelligence officers to listen in on.

Even Donald Trump and his family may have fallen victim.

What do you think about the Shadow Brokers’ latest claims? Let us know in the comments below!


Images courtesy of Swift, Twitter, Shutterstock

Show comments

Share
Bře 26

7 Ways Criminals Can Steal Your Bitcoins

· March 26, 2017 · 3:00 am

Cybercriminals are becoming more sophisticated. We have compiled a list of  7 ways criminals can steal your Bitcoins and how you can protect yourself from them.


Top 7 Threats to You Bitcoin

One of the defining aspects of Bitcoin is that it puts you in charge of your own finances. No one but you will dictate where you can spend your money or who to send it to. There is no censorship, there is only complete financial freedom. But freedom comes at a cost. If you lose your Bitcoins, send them somewhere by accident or if they’re stolen, there is no entity that will return them to you, they are lost for good.

This is one of the reasons why Bitcoin has become a hub for all types of scams and cons. Cyber criminals are now becoming more sophisticated and finding new ways of stealing your hard-earned bits out from under your nose. Long-time users have seen their fair share of scams and are usually not drawn to them, but new users may be easily fooled by the prospect of making an easy profit.

Bitcoinist_Security Vulnerabilities

This is a huge problem for Bitcoin. Although variations of the same scams also exist with national currencies, these have a certain trust factor that is provided by the government that issues them. No one will stop using a national currency like the US Dollar just because they were scammed out of their dollars. With Bitcoin, however, users may feel like the fault is in the network and distance themselves from it. 

Bitcoinist has compiled a list of the most common methods cybercriminals use to steal your Bitcoins. If you’re getting started with Bitcoin, then this article may save you some money and heartache.

Ransomware

We’re going to start off with what can be considered one of the most profitable practices for cyber criminals, ransomware. Ransomware is not new, but Bitcoin has made it popular among hackers due to its efficiency as a decentralized payment system.

So, what is Ransomware? Ransomware is basically a virus that will encrypt all (or part of) your files. The program will then give you the option of paying a certain amount of money in order for the files to be decrypted. This type of malware has become highly popular due to its effectiveness and could even leave Vegas with you.

hackers-hacking-hacks

Hackers will usually target companies or organizations that cannot afford to be unavailable to their customers, ensuring a high success rate for the cyber criminals. 

However, anyone can fall victim to ransomware and individual users may be more vulnerable to them as they will often lack the tools or knowledge to try to decrypt their files on their own. Remember to always backup your important files and not to open or download any suspicious file. Having a good antivirus program in place is also advised.

Fake Wallets

This method is much less popular but has successfully scammed unknowing users out of their coins. Fake wallets are basically apps that initially look like a real wallet until it has the chance to steal your coins. These fake wallets are usually endorsed as being another legitimate wallet, often using the real wallet’s logo and name to fool users. They are basically like phishing (which we’ll also talk about) for wallets instead of websites or emails.

Bitcoinist coin wallet

Some fake wallets have even appeared on Apple’s App Store after successfully slipping through its vetting process. These misleading apps give both the real wallet and Bitcoin itself a bad name. Users can avoid this by downloading only from trustworthy sources like the wallet’s website and by confirming the name of the apps closely before downloading them. If you’re unsure, you can always ask the community on Reddit, Bitcointalk, and so forth.

Bitcoin Phishing

Phishing is basically a means of extracting sensitive information from victims. There are variations to the scheme but the most common ones are e-mails and fake websites. Scammers will try to trick the victim into giving them sensitive information regarding their Bitcoins like login details from an exchange or online wallet.

They will often do this by sending an email from an email address that looks official or by buying a domain name that is almost identical to the real website. An example of this would be the fake blocklchain[.]info.

Ponzi Schemes

Yes, Bitcoin and other cryptocurrencies are riddled with popular Ponzi schemes also known as pyramid schemes. These involve getting people to invest money and inviting more people to invest money, thus creating the pyramid effect. The new money is used to repay old investments and “the wheel keeps turning” until it can turn no more.

Pyramid / Ponzi Scheme

At a certain point, the scammers will walk away with everyone’s money. The best time to leave is usually accessed by the amount of money that the cybercriminals are currently holding and by the reputation the website has earned so far.

These schemes come in all shapes and sizes but they all have one thing in common, they want your coins and promise high returns for them. Two of the most popular disguises for these schemes are cloud mining websites that offer unrealistic returns and websites that claim to be employing some sort of automated trading algorithm to earn money on every trade.

To avoid being tricked by these, simply stay away from websites that seem to have unrealistic returns like 1% per day or 100% per month and so on. Avoid any vague business model that doesn’t really explain how the company makes profit and only trust websites after doing intensive research. There are ways of earning interest on your bitcoin like margin or p2p loans, but these will never yield as much as promised by pyramid schemes.

Fake Cryptocurrencies

There are some scams like this out there, the most famous of which is Onecoin. This scheme works by convincing victims that they are buying units of a successful cryptocurrency when they are in fact just paying for numbers to show up on a website. There is no actual Onecoin blockchain or network of miners.

onecoin

Fake cryptocurrency schemes will often sell coins in the form of educational packages or mining spots and they will also offer nonsensical promotions like splitting coins to double them. Although it sounds ridiculous, many users have fallen victim to this scam and some have lost entire life savings to it.

If you’re looking for a cryptocurrency to invest in, choose wisely and don’t be swayed with “developers” that promise the price of the coin will increase x times. A good rule to avoid these scams is to check if the coin exists on comparison websites like CryptoCompare or Coinmarketcap.

Scam ICOs

ICO, short for Initial Coin Offering, is a type of crowdfunding mechanism that is becoming increasingly popular within the blockchain space. The team behind a certain project will launch an ICO to sell tokens related to their project in exchange for Bitcoin, fiat or other cryptocurrencies. These tokens are usually equity based or they act like fuel to the platform, like Ether in the Ethereum platform.

Given the momentum that ICOs currently have, it’s no wonder that some cyber criminals are trying to trick investors with fake projects. Scam ICOs can be hosted by scam artists with no more than a convincing logo, website, fictional team and a few other tricks.

crowdfunding-for-events

Often times, the “company” will be able to gather considerable amounts of BTC without an actual product or nothing more than vaporware. A perfect example would be DeClouds, a scam that managed to steal 300 Bitcoins from unknowing investors who though they were investing in a cryptocurrency backed by precious metals.

Avoiding scam ICOs can be tricky and there are several things to look out for – Check out this guide on how to avoid scam ICOs.

Scammers on P2p Exchanges

These scams take place on peer-to-peer exchanges like LocalBitcoins and Paxful and they basically consist of people trying to rip you off during a currency exchange. These p2p exchanges allow users to trade coins directly between themselves using an external payment system like cash deposit, PayPal, credit cards and others. Unlike Bitcoin, these payment methods usually allow the user to dispute a transaction for various reasons.

Scammers will often use these markets to cash out hacked PayPal accounts or stolen credit cards in these markets. Some users will even use their real accounts but since most payment systems don’t offer seller protection for digital items, there isn’t much you can do in case of a chargeback.

This has created a market, where some users will sell Bitcoin for a considerable premium. However, users that do this have experience with these scams and have methods for verifying the buyer’s identity and so on.

To avoid this, only sell Bitcoin to established p2p traders and try to stay clear of chargeback-enabled payment methods like PayPal and Skrill. Remember that only those who control their private keys control their bitcoin. 

For a comprehensive list of fraudulent Bitcoin-related website, you can check out the Bad List here.

Are we missing any methods employed by cyber criminals? If so, let us know in the comment section.


Images courtesy of Shutterstock, AdobeStock

Show comments

Share
Úno 26

Bitcoin Demand Rises as U.S. Corporations are Stocking Up

· February 26, 2017 · 9:00 am

Bitcoin has attracted a great deal of interest over the last couple of years, and mainstream investing has skyrocketed with the ever-growing Bitcoin price. Now, a new market sector is starting to emerge as American corporations are stocking up on digital currency to combat cybercrime.


Corporations Fuel Bitcoin Demand as Ransomware Spreads

Hackers with an eye towards gaining valuable Bitcoins are hitting corporations more and more with dreaded ransomware, and this problem seems to be getting worse and worse. How to handle this growing epidemic is also a matter of some controversy. It seems to put companies in a no win situation.

“The official FBI policy is that you shouldn’t pay the ransom,” said Leo Taddeo, chief security officer for Crypt-zone to Newsfactor. Taddeo ran the cyber division of the FBI’s New York City office.

It’s an option to pay the ransom to get back up and running. Sometimes it’s the only option. But it has downsides. Paying ransom just invites the next attack.

2

A vicious cycle has begun. The more companies pay out in Bitcoin, the more attacks become likely. The more valuable Bitcoins become, the more attacks become likely. Those who do not pay the ransomware demands may lose the trust of their customers or their valuable business data altogether. From the criminal’s side of it, they can rationalize their dastardly deeds by blaming the victims for not expecting this outcome from now on.

“They’ll actually explore your system to see how much money they can squeeze from you,” said Andrei Barysevich, director of advanced collection at Recorded Future. “They actually think they are on the moral high ground. They think the companies should have paid more for security.”

Ransomware Attacks Hit $1 Billion

A corporate cyber-hitman can demand up to $75000 USD in Bitcoin, or about 65 BTC. Individuals can get hit as well, but they can only be taken for a few hundred dollars. Recorded Future, a Somerville, Mass., threat intelligence firm, says ransom payments skyrocketed 4,000 percent last year, reaching $1 billion. Another firm, Kaspersky Lab, estimates that a new business is attacked with ransomware every 40 seconds, becoming a true epidemic.

Bitcoinist_Kaspersky Labs CryptXXX Bitcoin Ransomware

Another problem is just because you have paid a cyber-criminal does not mean they will kindly do as they said and provide you decryption keys to restore your files. Criminals aren’t the most ethical people in the world, so you may have to pay a couple of times. Authorities say backing up all your computer files on a regular basis may be the best way to protect yourself.

This may save file information, but may not restore computer systems that are needed to continue running the business on a daily basis. It depends upon the attack if you will need to pay up or not. About 25% of companies never get restoration after an attack.

Have you been the victim of a ransomware attack? What’s the best way to prevent such an attack besides backing up your files? Share below!


Image provided by Business Insider, Shutterstock

Show comments

Share
Úno 12

Three Easy Ways to Improve Your Bitcoin Privacy & Security

· February 12, 2017 · 6:00 am

As the world of Bitcoin becomes bigger, more lucrative and more mainstream, there are going to be more eyes on the industry. Here are three easy ways to boost your privacy and security.


Spotlight On Your Security

Whether its surveillance from government agencies or hackers looking for bitcoins and information, here are three ways to improve your Bitcoin privacy that you may know, but aren’t exploiting.

Bitcoinist_Security Ransomware Cisco

Using Bitcoin is not anonymous, as most current users already know. The public Bitcoin blockchain will not reveal your identity directly, but your Bitcoin transfers can be tracked with block explorers. Some of the best ways to improve your privacy – at least until the protocol itself is upgraded with more privacy-enhancing applications – is by upgrading how you interact with the internet itself.

1) Tor Browser

Tor takes the proxy concept to your browser, directly. It’s a free option; you just have to download the browser. Tor is originally a government concept, so if you are trying to avoid government surveillance, it may not be right for you, but it is the first layer of protection and can give you peace of mind against the low-level online hacker.

Bitcoinist_Transparency Tor

This is a far better option than using the same IP every day, in your hometown, for your online banking and your Bitcoin usage. If you are just using your local network’s IP, you need to step up your game and step into the 21st century.

2) Using a VPN (Virtual Private Network)

This is something I have used for years that most people online, or who use Bitcoin, do not use. A VPN is a great way to use the internet more freely, and Bitcoin as well. The main benefit is these networks provide you with an encrypted service, just like Bitcoin does. Think of it as the most advanced proxy service you can buy.

circumventing the ban is easy with virtual private networks (VPNs) and proxies

A VPN gives you a choice of servers and IP addresses to choose from. The number of choices will depend upon your choice of VPN network, but the best provide hundreds of thousands of IPs that you can switch between on demand, or at any interval you choose. I set mine to switch every hour, automatically. Try to shop for a no-log VPN provider, so the VPNs themselves cannot track you. You may want to look into providers like Firetrust and Pritunl

And a VPN can give you better internet access. Maybe the servers in your area are not the fastest, or you live in an area where you have restricted access. With a VPN, you can test all the servers on their network, see which ones are the fastest, or in a less surveilled area, and you are getting more security and faster downloads. A win-win. It’s a great investment in your online peace of mind for $60 a year or so, and many of these services even accept Bitcoin for payment, too.

3) Take Your Bitcoins Offline

If you have all your Bitcoins in a common online wallet like Coinbase, it’s hard to say you are really taking Bitcoin privacy and security seriously. No offense to Coinbase or Blockchain, but no one should keep all their bitcoins in one basket.

It is hard to find an online wallet provider that hasn’t been hacked, or isn’t under attack every day for the next decade. Maybe they have outstanding security, but the criminals are coming up with new ways to steal every day, so why take the chance?

KeepKey

Only store Bitcoin in online wallets that you are comfortable losing to theft. A wise Bitcoin user with any real cache of bitcoins would keep 80-90% offline in a paper wallet or hardware wallet, such as Case wallet, Ledger, Trezor or KeepKey.

You only access these bitcoins when you choose to, and can take your wallet on the road with you, or keep it in a safe, offline. Take your Bitcoin wealth on the plane and not get harassed by customs. A $60-$99 investment that should give you peace of mind no matter where you roam.

What do you think is the best way to maintain your privacy and Bitcoin security? Let us know in the comments below!


Image provided by Abine, Shutterstock

Show comments

Share