Category Archives: bitcoin

Cryptocurrency startup Komodo hacks itself to protect its users’ funds from hackers

The Cryptocurrency startup Komodo hacked itself to protect the funds of its users and avoid that hackers steal them exploiting a flaw in its Agama wallet.

The story I’m going to tell you is amazing, the Cryptocurrency startup Komodo hacked itself after discovered a backdoor in its Agama wallet.

Komodo’s Agama Wallet allows users to store KMD and BTC cryptocurrencies, but the presence of a backdoor posed a serious risk to them.

Komodo Agama Wallet 1

Once discovered the flaw, the company decided to exploit it to protect the funds, anticipating the hackers and moving them to a secure location.

“Today, Komodo were made aware of an issue with one of the libraries used by the Agama wallet, potentially putting some user funds at risk.” reads a blog post published by the company.

“After discovering the vulnerability, our Cyber Security Team used the same exploit to gain control of a lot of affected seeds and secure the funds at risk.” 

The experts at the company moved around 8 million KMD and 96 BTC from its Agama flawed wallets to safe wallets RSgD2cmm3niFRu2kwwtrEHoHMywJdkbkeF(KMD) and 1GsdquSqABxP2i7ghUjAXdtdujHjVYLgqk (BTC) under their control.

The owners of those wallets that have not been swept, or that have other assets than KMD and BTC, have to move all their funds from Agama to a new address as soon as possible. Komodo provided a list of safe wallets and other information on its support page.

Experts pointed out that the Verus version of Agama wallet is not affected by this vulnerability, its latest version supports Komodo in both lite mode and native mode.

The backdoor in the Agama wallet app was discovered by experts at the security team of the npm JavaScript package repository.

“The attack was carried out by using a pattern that is becoming more and more popular; publishing a “useful” package (electron-native-notify) to npm, waiting until it was in use by the target, and then updating it to include a malicious payload.” reads the post published by the npm, Inc. security team.

Npm security team spotted a supply chain attack, hackers used a malicious update for the electron-native-notify (version 1.1.6) JavaScript library. It included a malicious code designed to steal cryptocurrency wallet seeds and other login passphrases.

“The GitHub user sawlysawly published this commit on Mar 8th which added electron-native-notify^1.1.5 as a dependency to the EasyDEX-GUI application (which is used as part of the Agama wallet).” continues the security team at npm.

The experts discovered that the attackers targeted the Agama cryptocurrency wallet which was using the EasyDEX-GUI application that was loading the now-malicious electron-native-notify library.

The backdoor was added to the electron-native-notify library on March 8, and it was included in the main Agama wallet on April 13, when Komodo released Agama version 0.3.5.

This means that users that logged in to any version of Agama wallet after 13 April likely had their wallet credentials compromised.

The npm experts also published a video that shows how the vulnerable version of Agama wallet sends the private seed associated with a waller to a remote server in the background.

Komodo experts used the same technique to transfer the funds of the company clients to a safe wallet before hackers could have stolen them.

Pierluigi Paganini

(SecurityAffairs – Komodo, hacking)

The post Cryptocurrency startup Komodo hacks itself to protect its users’ funds from hackers appeared first on Security Affairs.

The Guardian view on cybercrime: the law must be enforced | Editorial

Governments and police must take crime on the internet seriously. It is where we all live now

About half of all property crime in the developed world now takes place online. When so much of our lives, and almost all of our money, have been digitised, this is not surprising – but it has some surprising consequences. For one thing, the decline in reported property crimes trumpeted by successive British governments between 2005 and 2015 turns out to have been an illusion. Because banks were not required to report fraud to the police after 2005, they often didn’t. It would have made both banks and police look bad to have all that crime known and nothing done about it. The cost of the resulting ignorance was paid by the rest of government, and by the public, too, deprived of accurate and reliable knowledge. Since then, the total number of property crimes reported has risen from about 6m to 11m a year as the figures have taken computerised crime into account.

The indirect costs to society are very much higher than the hundreds of millions that individuals lose. One example is the proliferation of plagiarism software online, which developed an entire industry in poor, English-speaking countries like Kenya, serving idle or ignorant students in England and North America. The effort required by schools and universities to guard against such fraud has been considerable, and its cost entirely disproportionate to the gains made by the perpetrators.

Continue reading...

Smashing Security #128: Shackled ankles, photo scrapes, and SIM card swaps

A bad software update causes big headaches for Dutch police, but brings temporary freedom to criminals. SIM swaps are in the news again as fraudsters steal millions. And does your cloud photo storage service have a dirty little secret?

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Rip Off Britain’s David McClelland.

Cryptojacking Up 4,000% How You Can Block the Bad Guys

Cryptojacking RisingThink about it: In the course of your everyday activities — like grocery shopping or riding public transportation — the human body comes in contact with an infinite number of germs. In much the same way, as we go about our digital routines — like shopping, browsing, or watching videos — our devices can also pick up countless, undetectable malware or javascript that can infect our devices.

Which is why it’s possible that hackers may be using malware or script to siphon power from your computer — power they desperately need to fuel their cryptocurrency mining business.

What’s Cryptocurrency?

Whoa, let’s back up. What’s cryptocurrency and why would people rip off other people’s computer power to get it? Cryptocurrencies are virtual coins that have a real monetary value attached to them. Each crypto transaction is verified and added to the public ledger (also called a blockchain). The single public ledger can’t be changed without fulfilling certain conditions. These transactions are compiled by cryptocurrency miners who compete with one another by solving the complex mathematical equations attached to the exchange. Their reward for solving the equation is bitcoin, which in the crypto world can equal thousands of dollars.

Power Surge

Cryptojacking RisingHere’s the catch: To solve these complex equations and get to crypto gold, crypto miners need a lot more hardware power than the average user possesses. So, inserting malicious code into websites, apps, and ads — and hoping you click — allows malicious crypto miners to siphon power from other people’s computers without their consent.

While mining cryptocurrency can often be a harmless hobby when malware or site code is attached to drain unsuspecting users CPU power, it’s considered cryptojacking, and it’s becoming more common.

Are you feeling a bit vulnerable? You aren’t alone. According to the most recent McAfee Labs Threats Report, cryptojacking has grown more than 4,000% in the past year.

Have you been hit?

One sign that you’ve been affected is that your computer or smartphone may slow down or have more glitches than normal. Crypto mining code runs quietly in the background while you go about your everyday work or browsing and it can go undetected for a long time.

How to prevent cryptojacking

Be proactive. Your first line of defense against a malware attack is to use a comprehensive security solution on your family computers and to keep that software updated.

Cryptojacking Blocker. This new McAfee product zeroes in on the cryptojacking threat and helps prevent websites from mining for cryptocurrency (see graphic below). Cryptojacking Blocker is included in all McAfee suites that include McAfee WebAdvisor. Users can update their existing WebAdvisor software to get Cryptojacking Blocker or download WebAdvisor for free.

Cryptojacking Rising

Discuss it with your family. Cryptojacking is a wild concept to explain or discuss at the dinner table, but kids need to fully understand the digital landscape and their responsibility in it. Discuss their role in helping to keep the family safe online and the motives of the bad guys who are always lurking in the background.

Smart clicks. One way illicit crypto miners get to your PC is through malicious links sent in legitimate-looking emails. Be aware of this scam (and many others) and think before you click on any links sent via email.

Stick with the legit. If a website, an app, or pop-up looks suspicious, it could contain malware or javascript that instantly starts working (mining power) when you load a compromised web page. Stick with reputable sites and apps and be extra cautious with how you interact with pop-ups.

Install updates immediately. Be sure to keep all your system software up-to-date when alerted to do so. This will help close any security gaps that hackers can exploit.

Strong passwords. These little combinations are critical to your family’s digital safety and can’t be ignored. Create unique passwords for different accounts and be sure to change out those passwords periodically.

To stay on top of the latest consumer and security threats that could impact your family, be sure to listen to our podcast Hackable? And, like us on Facebook.

The post Cryptojacking Up 4,000% How You Can Block the Bad Guys appeared first on McAfee Blogs.