Category Archives: Cryptocurrencies

Bitcoin Price Scrapes the Barrel While Stellar (XLM) Losses Fall in Line

Bitcoin returned to its lowest valuation of the year on Friday, as the last week of cautious upward movement by the crypto market came to a crashing halt. Just last week BTC fell to a dollar valuation in the high $3,200 range – a fifteen-month low at the time. After seven days of false hope […]

The post Bitcoin Price Scrapes the Barrel While Stellar (XLM) Losses Fall in Line appeared first on Hacked: Hacking Finance.

Crypto Update: Majors Testing Lows Following Broad Selloff

The major cryptocurrencies have been once again under pressure in the past 24 hours and most of the coins got very close to their recent lows, even as the losses are limited for now. While the top coins avoided a breakdown, given the overwhelmingly bearish long-term picture and the steep short-term trend, odds continue to […]

The post Crypto Update: Majors Testing Lows Following Broad Selloff appeared first on Hacked: Hacking Finance.

Monero Price Analysis: Wider Adoption Seen as Bity Adds XMR Support to Their ATM Network

Swiss-based cryptocurrency organization, Bity, has added their support for XMR for use at ATM terminals. XMR/USD trading up on Friday, with gains of over 3% at the time of writing. Despite this, weekly chart view still points to the downside. XMR/USD is trading in positive territory on Friday, having gained over 3% during the session. […]

The post Monero Price Analysis: Wider Adoption Seen as Bity Adds XMR Support to Their ATM Network appeared first on Hacked: Hacking Finance.

IOTA Price Analysis: Audi and IOTA Partnership Moving Strong; Price Behaviour Not Reflecting That

IOTA and Audi partnership is said to be progressing forward, according to Audi representative. Price action for IOTA remains tilted to the downside, and a bearish technical set up eyed. IOTA (MIOTA) price remains very much depressed, in line with current stubborn market conditions. It continues to trade around the lowest levels seen since July […]

The post IOTA Price Analysis: Audi and IOTA Partnership Moving Strong; Price Behaviour Not Reflecting That appeared first on Hacked: Hacking Finance.

Why Investors Should be Paying Attention to Counterparty (XCP)

With more than 1,500 coins in existence and new ones being pitched every day, it is easy for this space to turn into a repetitive slog where everyone has “the new thing”, but offers only a slight mutation of everything before it. Most of the time, new projects are built on the Ethereum blockchain, so […]

The post Why Investors Should be Paying Attention to Counterparty (XCP) appeared first on Hacked: Hacking Finance.

Crypto Update: Bear Market Lows in Jeopardy After Latest Failed Bounce

The cryptocurrency segment switched directions yet again, as, after a weak bounce on Wednesday, the major coins are headed back towards their recent bear market lows today. While the losses are not significant, for now, given the bearish long-term picture and the vicinity of the lows, another leg lower in the downtrend could soon begin, […]

The post Crypto Update: Bear Market Lows in Jeopardy After Latest Failed Bounce appeared first on Hacked: Hacking Finance.

Binance Coin Price Analysis: BNB Still in Trouble Despite Recent Strong Fundamental Prospects

BNB/USDT moving within an ascending channel formation, subject to a breakout to the downside. There is much anticipation ahead of Binance’s DEX launch, expected in early 2019. Binance Coin (BNB) has made a decent recovery since being slammed in November and into the early part of December. The price had initially dropped a whopping 58%, […]

The post Binance Coin Price Analysis: BNB Still in Trouble Despite Recent Strong Fundamental Prospects appeared first on Hacked: Hacking Finance.

Pessimism Spreads and Blocks Out Opportunities for Bitcoin, Ripple and Ethereum

BTC/USD is in a key technical scenario. The dominant pessimism is likely to turn upside down. ETH/USD rejects leadership again and the market languishes. The weekend is approaching without significant changes among the main protagonists of the Crypto board. I am reviewing the dominant emotional state in social networks and pessimism rules. The gloom sets […]

The post Pessimism Spreads and Blocks Out Opportunities for Bitcoin, Ripple and Ethereum appeared first on Hacked: Hacking Finance.

Altcoin House of Sand: Only BTC, LTC and XRP Remain From Five Years Ago

If anyone is in need of a harsh reminder of the precarious nature of the altcoin market, one could do worse than to browse historical cryptocurrency data charts. Of particular note is the severe lack of presence by a vast majority of coins which would have been considered major altcoins just five years ago. Bitcoin, […]

The post Altcoin House of Sand: Only BTC, LTC and XRP Remain From Five Years Ago appeared first on Hacked: Hacking Finance.

Bitcoin SV Under Pressure Despite Growing Support Base

Bitcoin SV was the worst-performing cryptocurrency in the top-ten on Thursday. The coin that previously demonstrated inverse price action with the rest of its peers now finds itself struggling to regain momentum despite signs of early adoption across the market. BSV Update Over the last 24 hours, the BSV price has fallen an average of […]

The post Bitcoin SV Under Pressure Despite Growing Support Base appeared first on Hacked: Hacking Finance.

Spiral of Bad Incentives: EOS Block Producers No Longer In Profit

The profitability of maintaining and producing blocks for the EOS blockchain is already null and void, according to a recent survey. Of the twenty-six block producers who took part in the survey, all of them indicated that the current coin price of EOS has left them at a financial loss. Barely Hanging On Block producers […]

The post Spiral of Bad Incentives: EOS Block Producers No Longer In Profit appeared first on Hacked: Hacking Finance.

Cardano Price Analysis: ADA Moving Within A Deadly Range Block

ADA remains vulnerable to further downside pressure, and there is potential for another 50% drop. IOHK launch two new Cardano tools, ‘Plutus’ and Marlowe for smart contract writing. Cardano’s ADA price has been very much depressed for the past five weeks now, dropping well over 60% within this period. As a result, ADA/BTC it has […]

The post Cardano Price Analysis: ADA Moving Within A Deadly Range Block appeared first on Hacked: Hacking Finance.

Zcash Price Analysis: ZEC/USD Shaping Up for Another Potential Fall; Coinbase Giving Zcash Away

  Zcash saw a decent bounce on Wednesday, jumping over 6%, but technical there are still some vulnerabilities. Coinbase as part of their ‘12 days of Coinbase’ campaign, will be giving away ZEC to families in need in Venezuela. ZEC/USD enjoyed a string of gains on Wednesday, jumping as much as 6% in the session. […]

The post Zcash Price Analysis: ZEC/USD Shaping Up for Another Potential Fall; Coinbase Giving Zcash Away appeared first on Hacked: Hacking Finance.

Crypto Update: Another Rally Attempt in Crypto-Land

The major cryptocurrencies are all trading slightly higher today, following two bearish days that brought them back to last week lows, and for now, another breakdown has been avoided, despite the overwhelmingly bearish broader picture. The modest bounce left our trend model on sell signals across the board, and odds continue to favor new lows […]

The post Crypto Update: Another Rally Attempt in Crypto-Land appeared first on Hacked: Hacking Finance.

Crypto Markets Stabilize in Low-Volume Trading; Kraken Value at $4 Billion

Cryptocurrency prices stabilized on Wednesday, stemming early-week volatility that pushed the majors toward new yearly lows. Kraken, one of the largest U.S.-based exchanges, has reached out to traders about a potential private offering. No End to the Downtrend The cryptocurrency market capitalization recovered around $111 billion early Wednesday after coming within striking distance of new […]

The post Crypto Markets Stabilize in Low-Volume Trading; Kraken Value at $4 Billion appeared first on Hacked: Hacking Finance.

EOS Price Analysis: Cardano Founder Charles Hoskinson Warns of Regulatory Action Against EOS

Charles Hoskinson projects some form of action from the SEC on EOS. EOS/USD enjoys a relief rally on Wednesday, as price moves further north following recent bounce. The EOS price hasn’t done much but decline of late. Back in August, EOS/USD entered into a very stubborn narrowing range. The price had been confined within this […]

The post EOS Price Analysis: Cardano Founder Charles Hoskinson Warns of Regulatory Action Against EOS appeared first on Hacked: Hacking Finance.

What Investors Should Know About Gulden

Despite Bitcoin’s widespread reputation, it isn’t used by the common man. Many cryptocurrencies have popped up that aim to address this, but Gulden does this in a unique way. Rather than being purely “technological” in their innovations, they are target Holland and doing their best to remain Dutch-centric. Introducing Gulden Gulden (NLG) is the name […]

The post What Investors Should Know About Gulden appeared first on Hacked: Hacking Finance.

Stellar Price Analysis: XLM/USD on the Road to Losing the $0.10 Mark; Coinbase Can’t Save XLM for Now

XLM bears are pressing hard for a drop below the big $0.10 mark, as markets remains down across the board. There could be room for another 8% price drop if support is broken, looking via the XLM/BTC chart view. Stellar’s XLM is subject to giving up the big $0.10 level. Across the board there have […]

The post Stellar Price Analysis: XLM/USD on the Road to Losing the $0.10 Mark; Coinbase Can’t Save XLM for Now appeared first on Hacked: Hacking Finance.

Factom’s (FCT) Bullish Month Halted by 35% Sell-Off in 12 Hours; Round Two Ahead?

Factom (FCT) appears to be paying the price for its recent foray outwith market bounds after the coin price sunk 35% over twelve hours on Tuesday. The drop compounds a near week-long reversal for FCT in which the coin lost over 55% of its value. Factom’s Bullish Month Factom (FCT) felt a miraculous 391% increase […]

The post Factom’s (FCT) Bullish Month Halted by 35% Sell-Off in 12 Hours; Round Two Ahead? appeared first on Hacked: Hacking Finance.

Crypto Update: New Lows in Sight Again as Slide Continues

The cryptocurrency segment continues to be under heavy selling pressure following the weekend rally attempt, and although all of the majors are still above last week’s lows, the strong short-term downtrend remains dominant. The long-term picture is overwhelmingly bearish as well, and there are coins showing meaningful relative strength, so sellers are clearly still clearly […]

The post Crypto Update: New Lows in Sight Again as Slide Continues appeared first on Hacked: Hacking Finance.

Ethereum Price Analysis: ETH/USD is a Sitting Duck Under $100; with Jitters Heading into Constantinople Upgrade

ETH/USD is subject to further downside, as the price produces another range-block. There is some nervous anticipation across the community heading into the Constantinople upgrade. ETH/USD is a sitting duck underneath the big psychological $100 mark. Just like every other cryptocurrency, Ethereum (ETH) remains firmly on the back foot. Over the past five weeks, the […]

The post Ethereum Price Analysis: ETH/USD is a Sitting Duck Under $100; with Jitters Heading into Constantinople Upgrade appeared first on Hacked: Hacking Finance.

IOTA Price Bucks Market Trend as Foundation Goes on Hiring Spree

IOTA (MIOTA) managed to resist the market downturn leading into Tuesday, holding its value level while the rest of the major alts took a plunge. In contrast to the recent spate of redundancies and layoffs which hit the crypto scene in the last few weeks, the IOTA Foundation has been on a hiring spree of […]

The post IOTA Price Bucks Market Trend as Foundation Goes on Hiring Spree appeared first on Hacked: Hacking Finance.

No, It’s Not Just You. Crypto Funds are Also Seeing Red

While your cryptocurrency holdings may be severely underwater, at least you do not have to publicly disclose it. It is coming to that time of year that all of the cryptocurrency funds have to report the quarterly numbers, and they are not looking pretty. They are all coming to grips with the impact of previous […]

The post No, It’s Not Just You. Crypto Funds are Also Seeing Red appeared first on Hacked: Hacking Finance.

Crypto Update: Weekend Bounce Fails to Turn Bearish Tide

The major cryptocurrencies continue to be stuck in declining trends, despite the bounce that followed the latest technical breakdown in the segment. The top coins failed to recover above the prior bear market lows sustainably, and today, the market turned lower again, with the weakest currencies already threatening with new lows. The long-term picture remains […]

The post Crypto Update: Weekend Bounce Fails to Turn Bearish Tide appeared first on Hacked: Hacking Finance.

Crypto Markets Turn Red Following Sunday Bounce; Bitmain Closes Israeli Operation

Cryptocurrency prices were back on the defensive Monday, with bitcoin and the major altcoins falling between 3% and 7% through the midday session. The latest bout of turbulence followed a modest relief rally on Sunday that once again proved to be short lived. Market Update The combined value of all coins in circulation reached a […]

The post Crypto Markets Turn Red Following Sunday Bounce; Bitmain Closes Israeli Operation appeared first on Hacked: Hacking Finance.

MobileGo (MGO) Is Up More Than 40% Since Thanksgiving

The last few weeks have been an extremely challenging time for crypto enthusiasts.  Major coins like Bitcoin (BTC) and Ethereum (ETH) have been demolished while many smaller alternative coins have done even worse.  Fortunately, there are still a few bright spots left in the market that traders may want to turn their attention toward.  One […]

The post MobileGo (MGO) Is Up More Than 40% Since Thanksgiving appeared first on Hacked: Hacking Finance.

Litecoin Price Analysis: If Current Demand Zone Fails to Hold Then Next Stop Is $3

LTC/USD is at serious danger of another hard fall should the range-block seen be breached. Back in December 2013, the price was at current levels and fell down to $1 over a two-year period. Litecoin has been heavily weighted to the downside of late. The selling pressure intensified through the month of November. This month, […]

The post Litecoin Price Analysis: If Current Demand Zone Fails to Hold Then Next Stop Is $3 appeared first on Hacked: Hacking Finance.

XRP Price Analysis: XRP/USD Behavior Suggests of One More Deep Pullback

XRP/USD price action is moving within a range-block, subject to an extended move lower. American Express are singing praises above the speed of Ripple’s technology. XRP/USD price has stabilized, after the renewed chunky wave of selling pressure that hit the market. The price last week was forced to drop a whopping 30%. This came following […]

The post XRP Price Analysis: XRP/USD Behavior Suggests of One More Deep Pullback appeared first on Hacked: Hacking Finance.

TRON Update: New DEX, Accepted Proposal, and Justin Sun Helps Granny Buy TRX

TRON (TRX) saw little to no positive price movement leading into Monday morning, instead it gave up around 1.5% of its value as trade volumes fell 45% since the weekend. More activity was to be found on the ever-active Twitter feed of TRON CEO and founder, Justin Sun, as he detailed plans for an upcoming […]

The post TRON Update: New DEX, Accepted Proposal, and Justin Sun Helps Granny Buy TRX appeared first on Hacked: Hacking Finance.

EOS Price Recovers 22% From Recent Lows; EOS/USDT Trades Dominate

EOS (EOS) turned the tide on recent losses on Sunday, and gained 22.8% on its value amid a generally green day for the crypto market. EOS had fallen to a series of new yearly lows in previous weeks, falling as low as $1.56 on Friday, Dec 7th – a thirteen month low. That was the […]

The post EOS Price Recovers 22% From Recent Lows; EOS/USDT Trades Dominate appeared first on Hacked: Hacking Finance.

Sunday’s Top Performers: DEX, aelf, EOS, MaidSafeCoin, Bytom

About a dozen cryptocurrencies reported double-digit gains on Sunday in the wake of another steep selloff that drove coin values to their lowest in over a year. The crypto market as a whole is down nearly $100 billion from month-ago levels, leaving little doubt as to the direction of the underlying trend. Below is a […]

The post Sunday’s Top Performers: DEX, aelf, EOS, MaidSafeCoin, Bytom appeared first on Hacked: Hacking Finance.

Dash Price Analysis: DASH Sees Change in Sentiment, with Help from KFC Adoption Announcement

KFC to start accepting DASH payments in Venezula, as adoption across the country continues. DASH/USDT has seen a firm bounce, producing a daily hammer candlestick, indicating of a reversal on the cards. DASH/USDT has bounced over the past three sessions, a promising change from the bearish sentiment seen. Through the month of November, which was […]

The post Dash Price Analysis: DASH Sees Change in Sentiment, with Help from KFC Adoption Announcement appeared first on Hacked: Hacking Finance.

Why is the Waves Price on the Move all of a Sudden? Vostock on Horizon?

The valuation of Waves (WAVES) has been in flux since the end of November, when a fall to the ninety cents range (an eighteen-month low)  was met with a 151% surge which peaked earlier this week. That was followed by a 41% drop-off which made it look like Waves had fallen victim to a typical […]

The post Why is the Waves Price on the Move all of a Sudden? Vostock on Horizon? appeared first on Hacked: Hacking Finance.

Cardano Price Analysis: ADA Subject to Further Downside, Despite Charles Hoskinson Singing Praises of Progress

Cardano founder, Charles Hoskinson, said, “Cardano’s future is looking very bright!” in a tweet update. ADA/USDT is back within consolidation mode, ahead of another potential squeeze to the downside. Cardano’s native token ADA remains under heavy pressure to the downside. The pick in momentum lower, which came in November, has seen the price fall over 60%. […]

The post Cardano Price Analysis: ADA Subject to Further Downside, Despite Charles Hoskinson Singing Praises of Progress appeared first on Hacked: Hacking Finance.

Ethereum Price Analysis: ETH/USD Spikes 17% as Constantinople Set to Launch in Jan; $60 Still in Sight

Ethereum developers report that Constantinople hard fork is estimated on 16th January 2019. ETH/USD could be driven down further to May 2017 low, around the $60 territory. Constantinople Set for January Implementation ETH/USD in the late part of trading on Friday surged some chunky 17%. An update on the highly anticipated Constantinople hard fork launch […]

The post Ethereum Price Analysis: ETH/USD Spikes 17% as Constantinople Set to Launch in Jan; $60 Still in Sight appeared first on Hacked: Hacking Finance.

Coinbase to ‘Explore Support’ for Over 30 Altcoins; XRP, Cardano, EOS, NEO & More

Coinbase has announced plans to ‘explore support’ for over thirty cryptocurrencies, with major altcoins such as XRP, EOS, Cardano and Stellar up for consideration. Just yesterday Coinbase Pro surprised everyone by suddenly accepting inbound transfers of four new ERC-20 tokens: Loom Network (LOOM), Civic (CVC), districtOx (DNT) and Decentraland (MANA). Coinbase Gets Alt-Happy The addition […]

The post Coinbase to ‘Explore Support’ for Over 30 Altcoins; XRP, Cardano, EOS, NEO & More appeared first on Hacked: Hacking Finance.

Coinbase Announces Four New ERC-20 Tokens; Prices Surge

Coinbase Pro announced plans to list four new ERC-20 tokens on Friday, triggering a flurry of buys which saw all four soar to double digit growth. As per the announcement, inbound transfers have already begun for Decentraland (MANA), districtOx (DNT), Loom Network (LOOM) and Civic (CVC). Coinbase Focuses on ERC-20 Coinbase announced its intention to […]

The post Coinbase Announces Four New ERC-20 Tokens; Prices Surge appeared first on Hacked: Hacking Finance.

Crypto Update: Sell-Off Deepens as Majors Break Key Levels

The past 24 hours saw another crucial bearish move in the cryptocurrency segment, with the majority of the top coins violating their prior bear market lows and starting another leg lower in the damaging downtrend. Even the relatively stronger coins turned bearish in our trend model with regards to the short-term time-frame while staying bearish […]

The post Crypto Update: Sell-Off Deepens as Majors Break Key Levels appeared first on Hacked: Hacking Finance.

Tron Price Analysis: Justin Sun Makes Offer to EOS and ETH Developers; TRX/USD Outperforms

TRX has been outperforming its peers in the session on Friday, within a sea of red. Tron founder Justin Sun makes an offer to EOS and ETH developers. The Tron price is witnessing decent bounce to the upside in comparison to many of its peers. Gains of some 3% in the session on Friday have […]

The post Tron Price Analysis: Justin Sun Makes Offer to EOS and ETH Developers; TRX/USD Outperforms appeared first on Hacked: Hacking Finance.

XRP Price Analysis: XRP/USD Finally Approaching the Real Big Bull Buying Levels

XRP/USD tanks to drop below $0.3000 mark, lowest level since September. Eyes are on the big bull buying area of $0.3000-$0.2000. Historically has proven to see large interest come into play at this level. XRP/USD was slammed aggressively this week, as selling pressure heavily intensified late Thursday into Friday. The market resuming the chunky downside […]

The post XRP Price Analysis: XRP/USD Finally Approaching the Real Big Bull Buying Levels appeared first on Hacked: Hacking Finance.

Market Plunge Shakes Up Bitcoin Cash (BCH); Satoshi Vision (BSV) Takes Fifth Largest Cap

The global cryptocurrency market plunged a further 13% leading into Friday morning, compounding 20% losses since the start of the week. Multiple altcoins lost close to 30% of their value overnight, while Bitcoin fell to the $3,300 range and saw its overall dominance boosted to 55.4% – its highest since September. Meanwhile, there was a […]

The post Market Plunge Shakes Up Bitcoin Cash (BCH); Satoshi Vision (BSV) Takes Fifth Largest Cap appeared first on Hacked: Hacking Finance.

Why Investors Should be Paying Attention to Genesis Vision

A funny trend has emerged as the blockchain industry has gained steam. People are generally excited to “disrupt” legacy industries and start cutting out middlemen. Part of this is a frustration with the status quo, another part is a desire to not see the rich keep getting richer, and finally, people are sick of getting […]

The post Why Investors Should be Paying Attention to Genesis Vision appeared first on Hacked: Hacking Finance.

Stellar Price Analysis: XLM/USD Bears Tear Through Critical Support

XLM/USD has recent bottom area breached firmly by the market bears. XLM/BTC suggests there is still some further room for another squeeze to the downside. Stellar Lumens is really heading to no man’s land. XLM/USD is running at its fifth consecutive session in the red, dropping a chunky 25% within this period. The selling pressure […]

The post Stellar Price Analysis: XLM/USD Bears Tear Through Critical Support appeared first on Hacked: Hacking Finance.

Are Crypto News Sites Allowing Freedom Of Thought?

As the interest in cryptocurrencies has exploded during the past couple years, crypto news sites have been on the rise.  These sites are quickly becoming an invaluable resource for traders who enjoy learning about new crypto projects and trade ideas.  The content distributed through these platforms is typically created by a combination of full-time staff […]

The post Are Crypto News Sites Allowing Freedom Of Thought? appeared first on Hacked: Hacking Finance.

Crypto Update: Altcoins Remain Under Pressure as Bitcoin Holds Support

The cryptocurrency segment continues to trade with a bearish bias, with almost all majors challenging their bear market lows in the past 24 hours. While a broad breakdown has been avoided so far, in the case of the top coins, there is still no sign of meaningful bullish momentum or a developing leadership, so odds […]

The post Crypto Update: Altcoins Remain Under Pressure as Bitcoin Holds Support appeared first on Hacked: Hacking Finance.

Cryptocurrency Market Comes Within $4 Billion of New Yearly Low

Cryptocurrency prices extended their slide on Thursday, as the total market cap came within striking distance of new yearly lows, signaling the continuation of the bottoming process. Market Update The total value of cryptocurrencies reached a low of $119.2 billion on Thursday, falling within a comparable range of last month’s swing low. The crypto market […]

The post Cryptocurrency Market Comes Within $4 Billion of New Yearly Low appeared first on Hacked: Hacking Finance.

Figuring Out if Crypto Mining Makes Sense for You

Everyone is always talking about making money investing in crypto, but there are lots of other ways to make money betting on this sector. One way that isn’t discussed nearly enough is mining. Now, the actual act of setting up a mining rig is way outside the realm of my expertise, but several cloud mining […]

The post Figuring Out if Crypto Mining Makes Sense for You appeared first on Hacked: Hacking Finance.

Maker Price Analysis: MKR/USD Jumps 6%, While Rest of the Market Slumps

Maker is outperforming most of its peers with the recent gains produced. The surge higher has put MKR into the top 20 cryptocurrencies by market cap. Maker (MKR) initially made solid gains as much as 6% on Tuesday before cooling. This move was very much out-performing the rest of the market. This being part of […]

The post Maker Price Analysis: MKR/USD Jumps 6%, While Rest of the Market Slumps appeared first on Hacked: Hacking Finance.

Bitcoin Cash Price Analysis: BCH/USD Tumbles Further into the Abyss, and Not Even Roger Ver Can Save it

BCH/USD has broken the recent bottom area of $150, making room for another wave of selling. Roger Ver, speaking to Bloomberg in Tokyo, was bullish on the long-term fundamentals of cryptocurrencies in general. The Bitcoin Cash price continues to get slammed by the market bears, with a lack of mercy being shown. BCH/USD is currently […]

The post Bitcoin Cash Price Analysis: BCH/USD Tumbles Further into the Abyss, and Not Even Roger Ver Can Save it appeared first on Hacked: Hacking Finance.

Why Investors Should Pay Attention to Gnosis

Ever since I started learning about the blockchain industry, I’ve been constantly astounded at the various use cases being applied to it. One such use case is with Gnosis, a prediction market company with high aspirations. Gnosis Prediction Market A prediction market is basically a mechanism for turning user predictions into an aggregate forecast of […]

The post Why Investors Should Pay Attention to Gnosis appeared first on Hacked: Hacking Finance.

Crypto Update: Bitcoin Eyes $4000 as Consolidation Continues

The crypto-segment is having a positive day so far today, with the top coins all being higher, recovering a large part of yesterday’ s losses. While the major cryptocurrencies still don’t show signs of strong bullish momentum, and the market is clearly controlled by sellers, the declining volatility of the recent period is an encouraging […]

The post Crypto Update: Bitcoin Eyes $4000 as Consolidation Continues appeared first on Hacked: Hacking Finance.

Waves Jumps 57% Overnight on Mobile Wallet Rollout; 139% Gains Since Recent Low

Waves (WAVES) jumped 57% in value leading into Tuesday, compounding nine days of near continuous growth which has seen the coin grow 139% against the dollar. This marks a huge turnaroudn for the coin which only last month was nursing 94.9% losses over the year. The blockchain platform, which comprises smart contracts, token issuances and […]

The post Waves Jumps 57% Overnight on Mobile Wallet Rollout; 139% Gains Since Recent Low appeared first on Hacked: Hacking Finance.

Are Cryptocurrency Exchanges Asking Low Volume Coins For Bribes?

Over the last few years, as cryptocurrency trading volume has soared, there has been tremendous growth in the number of exchanges.  Crypto trading volume really took off in 2017 as retail traders and institutional money flooded into the market.  This presented an opportunity for savvy entrepreneurs to stake their claim and start an exchange.  Unfortunately, […]

The post Are Cryptocurrency Exchanges Asking Low Volume Coins For Bribes? appeared first on Hacked: Hacking Finance.

IOTA Price Analysis: IOTA Announce Another New Partnership, but Bulls Must Breakout from Bearish Set-Up

IOTA announces new collaboration with RIDDLE&CODE for transactions on IOTA Tangle. Bearish technical set up is still eyed for IOT/USD; bulls must breakout, or be punished. IOTA Collaborates RIDDLE&CODE A new partnership has recently been announced from the IOTA Foundation with RIDDLE&CODE, a blockchain-based hardware and software company. This collaboration is set to facilitate transactions […]

The post IOTA Price Analysis: IOTA Announce Another New Partnership, but Bulls Must Breakout from Bearish Set-Up appeared first on Hacked: Hacking Finance.

Crypto Divergence: Over 55% Swing Between TRON and EOS in Last Week

There was a +55% swing between the growth rates of the major altcoins in the last week, as the trio of dips in November continue to leave the crypto market all shook up and out of lockstep. TRON (TRX) and EOS (EOS) were pushed further apart this week, with TRX gaining +26% and EOS losing […]

The post Crypto Divergence: Over 55% Swing Between TRON and EOS in Last Week appeared first on Hacked: Hacking Finance.

Diversification Strategies in the Crypto Markets

In the past, we’ve talked about how cryptocurrencies can serve as diversification against the risks currently inherent in the rest of the economy, but what about diversification within crypto? How can we make sure to capture a lot of the “alpha” within the sector without diversifying out many of our returns? These are questions we […]

The post Diversification Strategies in the Crypto Markets appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Struggle to Gain Momentum as Sellers Remain in Control

Despite the recovery during the weekend, the major cryptocurrencies failed to gain substantial ground, with even the relatively stronger coins getting stuck below their recent short-term swing highs. Most of the top coins are now back below their initial panic lows, and despite the recent stability and the strength in some of the coins, the […]

The post Crypto Update: Coins Struggle to Gain Momentum as Sellers Remain in Control appeared first on Hacked: Hacking Finance.

Tron Price Analysis: Despite Hard Fall, TRX/USD Forming a Bullish Flag Pattern

The TRX/USD price is under pressure after the big 48% bull run seen last week. Justin Sun goes head to head with Ethereum’s Vitalik Buterin, boasting of huge transaction volume. Tron Ecosystem Growth Tron continues to see solid growth, with data to back it up. The foundation’s Dapp ecosystem is expanding in a strong and […]

The post Tron Price Analysis: Despite Hard Fall, TRX/USD Forming a Bullish Flag Pattern appeared first on Hacked: Hacking Finance.

EOS Price Slide Continues; 25% Weekly Loss; Blockchain Transactions Hit New Record

EOS (EOS) fell a further 25% in the last week en route to today’s coin price in the $2.50 range – a new yearly low for the coin, and a valuation not witnessed since November 2017. Despite hitting a new thirteen-month low, EOS blockchain transactions soared to new heights on Monday, reaching 47,582,321 transactions over […]

The post EOS Price Slide Continues; 25% Weekly Loss; Blockchain Transactions Hit New Record appeared first on Hacked: Hacking Finance.

Crypto Downtrend Intensifies as Market Sheds $16 Billion from Last Week’s High

Cryptocurrency prices extended their slide mid-morning, as bitcoin plunged below $3,900 and the major altcoins fell between 4-10%. At the time of writing, the crypto market cap was $11 shy of a new yearly low, a sign that the bears were still very much in control. Crypto Markets Slump The crypto-market downtrend has accelerated in […]

The post Crypto Downtrend Intensifies as Market Sheds $16 Billion from Last Week’s High appeared first on Hacked: Hacking Finance.

Mithril (MITH) Price Spikes 60%; Gains Social Media App and Trust Wallet Addition

Mithril (MITH) jumped 60% in value leading into Sunday, helped by a 400% increase to trade volumes and the arrival of a couple of pieces of strong fundamental news. MITH tokens will soon be compatible with the Binance-owned Trust wallet, and was also recently added to the GDAC exchange, were trading began this week. Meanwhile, […]

The post Mithril (MITH) Price Spikes 60%; Gains Social Media App and Trust Wallet Addition appeared first on Hacked: Hacking Finance.

Bitcoin Dips Below $4,200 as Crypto Markets Run Into Familiar Resistance

Bitcoin and the broader cryptocurrency market ran into familiar resistance on Sunday, as the bulls failed to inspire new highs during the much lighter weekend trading cycle. Cryptoassets are coming off one of their worst months in history, opening the door to bargain hunters and long-term supports to boost their holdings. Market Update The cryptocurrency […]

The post Bitcoin Dips Below $4,200 as Crypto Markets Run Into Familiar Resistance appeared first on Hacked: Hacking Finance.

FREE Coin Spikes 32,553% In One Week After 99.7% Drop Off in Same Month

FREE Coin (FREE) hit the headlines back in early November when it entered into the market cap top hundred off the back of a 950% two-day spike. Now the (almost free) coin is on the move again after surging 32,553% in just over a week. Even more remarkable than that number is the fact that […]

The post FREE Coin Spikes 32,553% In One Week After 99.7% Drop Off in Same Month appeared first on Hacked: Hacking Finance.

Ethereum Price Analysis: Is this a Bottoming or Set-up for Another Deep Drop?

ETH/USD price does not appear to be out of danger yet, given current technical set up possibilities. For greater buying pressure to be seen, the bulls must break $130 to the upside. ETH/USD price action continues to show little signs of commitment, from either the bear or bull camps. Since the hard selling from 7th […]

The post Ethereum Price Analysis: Is this a Bottoming or Set-up for Another Deep Drop? appeared first on Hacked: Hacking Finance.

Crypto Update: Bitcoin Leads Weekend Recovery as Consolidation Continues

The major cryptocurrencies started the weekend in a positive fashion, recovering from yesterday’s selloff and stabilizing the short-term technical patterns. The current consolidation kept the possible failed breakdown formation in play in the case of the relatively stronger coins, such as Bitcoin and Litecoin, and although the bearish long-term picture is still not in any […]

The post Crypto Update: Bitcoin Leads Weekend Recovery as Consolidation Continues appeared first on Hacked: Hacking Finance.

And Then There Were Two: Stellar, Cardano on Move as Coinbase Listees Narrow Down

Stellar (XLM) and Cardano (ADA) were on the move on Saturday as the broader market again attempted another upswing. XLM and ADA hit 8% and 9% gains respectively, and both coins could be subject to increased speculation as the year draws to an end following the recent listing of Zcash (ZEC) by Coinbase. Three of […]

The post And Then There Were Two: Stellar, Cardano on Move as Coinbase Listees Narrow Down appeared first on Hacked: Hacking Finance.

Ethereum-Based DEX Token Hits Big Time After 475% Monthly Growth

Another new entrant to the market cap top hundred appeared on Saturday, as CoinMarketCap began to integrate trade data from DEX (DEX). The Ethereum-based token has only been trading since October, and despite its now large market cap it has just 159 active addresses on the blockchain according to Etherscan. However, that seemingly small number […]

The post Ethereum-Based DEX Token Hits Big Time After 475% Monthly Growth appeared first on Hacked: Hacking Finance.

Why Investors Should Pay Attention to COVAL

The last few weeks have been somewhat of a bloodbath in the markets, but that hasn’t stopped a few cryptocurrencies from emerging to show some potential as investments. One such company is COVAL, which stands for Circuits of Value and was developed with the primary purpose of creating off-chain storage methods for cryptocurrencies. What Makes […]

The post Why Investors Should Pay Attention to COVAL appeared first on Hacked: Hacking Finance.

EOS Price Same as One Year Ago; CTO Dan Larimer Shakes Investors Confidence?

The valuation of EOS (EOS) hit the same valuation as one calendar year ago on Friday, as the coin price continued to tumble in the wake of the latest failed market rally. EOS losses have been out of step with the rest of the market, however, and the coin continues to mine new yearly lows […]

The post EOS Price Same as One Year Ago; CTO Dan Larimer Shakes Investors Confidence? appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Pull Back Following Strongest Rally in Weeks

The cryptocurrency segment is seeing red once again today following the strongest rally attempt since the structural breakdown in Bitcoin, which led to a damaging leg lower in the ongoing bear market. The major coins are all pulled back from their recent swing highs, and most of them dipped back below last week’s initial panic […]

The post Crypto Update: Coins Pull Back Following Strongest Rally in Weeks appeared first on Hacked: Hacking Finance.

Stellar Price Analysis: XLM Overtakes Bitcoin Cash After 25% Bull Run

XLM sees ‘flippening’ of Bitcoin Cash, moving to the fourth largest coin by market cap. Bull run cools after running into a new area of resistance around the former demand zone. The XLM/USD pair between the 27-29th November was making strong progress to the upside, having gained a chunky 25% within that period. This came […]

The post Stellar Price Analysis: XLM Overtakes Bitcoin Cash After 25% Bull Run appeared first on Hacked: Hacking Finance.

4 Reasons Why Traders Shouldn’t Miss Out On ABCC Exchange

As most crypto traders are aware, 2018 has been a bloodbath beyond anyone’s wildest imagination.  Most, if not all, gains from 2017 have been wiped out.  And while the pain will certainly end at some point, it’s unclear when that will be.  But as Harvey Dent famously said in The Dark Knight, “the night is […]

The post 4 Reasons Why Traders Shouldn’t Miss Out On ABCC Exchange appeared first on Hacked: Hacking Finance.

Aim for 3x Returns with VITE

VITE is a new generation high-performance platform for decentralized applications. A distinctive feature of the project is an asynchronous data architecture. One of VITE’s strategic investors is the Loopring project, whose founder (Daniel Wang) serves as an advisor to VITE. Main features Below is a rundown of the main features of the VITE platform: DAG […]

The post Aim for 3x Returns with VITE appeared first on Hacked: Hacking Finance.

Tron Price Analysis: TRON to Launch Gaming Fund Worth $100 Million; TRX/USD Cools from Recent Surge

  The Tron foundation are set to launch a $100 million gaming fund, ‘Tron Arcade’. TRX/USD bulls have run out of steam for now, after entering into a new area of resistance. TRX/USD has been a huge out-performer of late, having racked up 50% worth of gains. The rally of the price began after a […]

The post Tron Price Analysis: TRON to Launch Gaming Fund Worth $100 Million; TRX/USD Cools from Recent Surge appeared first on Hacked: Hacking Finance.

Zcash Price Jumps on Unexpected Coinbase Listing; ZEC/USDC Pair Goes Live

After weeks of anticipation regarding which of the Stellar (XLM), Cardano (ADA) and Zcash (ZEC) trifecta would be next listed on Coinbase Pro, the exchange announced today that ZEC has won through. Unlike with the listings of Basic Attention Token (BAT) and Ox (ZRX) earlier in the year, the announcement was sudden and unexpected, effectively […]

The post Zcash Price Jumps on Unexpected Coinbase Listing; ZEC/USDC Pair Goes Live appeared first on Hacked: Hacking Finance.

XRP Price Analysis: XRP/USD Pulls Back for the Potential of Greater Upside

  XRP/USD cooled marginally on Thursday to make way for a further bull run. The price completed a technical move, breaking out and then retesting a pennant structure.  XRP/USD cooled during the session on Thursday, after a decent run of gains seen in the week so far. The price was seen down a marginal 3%, […]

The post XRP Price Analysis: XRP/USD Pulls Back for the Potential of Greater Upside appeared first on Hacked: Hacking Finance.

Investor Watch: Holochain Provides Solid Returns Despite Bear Market

Holochain is a distributed network project with autonomous capabilities for users embedded directly into its architecture and protocols. The creators of Holochain claim that the distribution of their proposed type of storage and data processing can change the order of coordination and interaction. Thanks to digital integration, under the control of the user, Holo can […]

The post Investor Watch: Holochain Provides Solid Returns Despite Bear Market appeared first on Hacked: Hacking Finance.

VanEck Confirms Nasdaq Will Launch Bitcoin Futures 2.0 Next Year

It’s official: Nasdaq will begin offering bitcoin futures contracts in early 2019 as part of a wider effort to boost cryptocurrency adoption, according to VanEck, a leading fund manager. Nasdaq joins a growing list of major market players that are adding credence to the view that cryptocurrencies are here to stay. Bitcoin Futures 2.0 In […]

The post VanEck Confirms Nasdaq Will Launch Bitcoin Futures 2.0 Next Year appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Extend Bounce as Selling Pressure Eases

The top cryptocurrencies continue to trade with a bullish short-term bias, and thanks to the two-day rally, the technical picture improved across the board. The odds of a failed breakdown pattern increased in the segment, with Bitcoin clearly recovering above the prior low, joining Litecoin in the move, even as most of the major altcoins […]

The post Crypto Update: Coins Extend Bounce as Selling Pressure Eases appeared first on Hacked: Hacking Finance.

Zcash Price Analysis: ZEC/USD Jumps 30% in Recovery as Foundation Teases Reference Wallet Design

  ZEC/USD bulls are making a strong case for recovery, as price makes 30% advance. Zcash foundation teases the design concepts of its awaited reference wallet. ZEC/USD is on a strong road to recovery following the latest bottom. The price has gained over 30% after the sellers became very much exhausted. A drop of around […]

The post Zcash Price Analysis: ZEC/USD Jumps 30% in Recovery as Foundation Teases Reference Wallet Design appeared first on Hacked: Hacking Finance.

TRON (TRX) Leads Pack with 34% Growth as Crypto Market Rebounds

TRON (TRX) saw a 34% increase to its coin price on Wednesday, as the global crypto market underwent a 16% rebound. TRX led the major altcoins, and recovered more than twice the value of EOS (EOS) and Bitcoin Cash (BCH) during the much awaited pump, while the gains made by Bitcoin (BTC) were more in […]

The post TRON (TRX) Leads Pack with 34% Growth as Crypto Market Rebounds appeared first on Hacked: Hacking Finance.

Goldman Sachs Executive: Cryptocurrency Selloff “Healthy” for the Ecosystem, Custody is the Key to Future Growth

Goldman Sachs Group Inc. has yet to venture into cryptocurrencies, but believes the future of the digital asset class is brighter now that rampant speculation has been weeded out of the market. Justin Schmidt, who heads the bank’s digital asset unit, says the market is healthier today as the focus shifts to institutional-grade service offerings. […]

The post Goldman Sachs Executive: Cryptocurrency Selloff “Healthy” for the Ecosystem, Custody is the Key to Future Growth appeared first on Hacked: Hacking Finance.

Crypto Update: Weakening Bearish Momentum Leads to Another Rally Attempt

The cryptocurrency segment is having its most bullish day in a long while, as despite the failed rally attempt on Monday, the top coins held up above their lows and launched another bounce. While that didn’t change the overwhelmingly bearish overall picture, it confirmed the weakening of the negative momentum, at least in the case […]

The post Crypto Update: Weakening Bearish Momentum Leads to Another Rally Attempt appeared first on Hacked: Hacking Finance.

Market-Wide Liquidity on the Decrease, While More ICOs Withdraw Their Ethereum

Despite Bitcoin and altcoin prices dropping to their lowest levels in a year or more, overall market liquidity is still on the decrease. Essentially, despite the current availability of bargain-basement prices, more traders are leaving the crypto space the further we get into 2018’s bear market. That’s according to data released by information and analysis […]

The post Market-Wide Liquidity on the Decrease, While More ICOs Withdraw Their Ethereum appeared first on Hacked: Hacking Finance.

Kaspersky Security Bulletin 2018. Story of the year: miners

Cryptocurrency miners that infect the computers of unsuspecting users essentially operate according to the same business model as ransomware programs: the victim’s computing power is harnessed to enrich the cybercriminals. Only in the case of miners, it might be quite a while before the user notices that 70–80% of their CPU or graphics card power is being used to generate virtual coins. Encrypted documents and ransomware messages are far harder to miss.

Cryptominers usually find their way onto user computers and corporate machines along with adware, hacked games, and other pirated content. What’s more, the present “entry threshold” — that is, the actual process of creating a miner — is rather low: cybercriminals are assisted by ready-to-use affiliate programs, open mining pools, and miner builders. If that weren’t enough, there is another way to steal computing resources through a webpage-embedded mining script that starts when the user opens the site in a browser.  A separate category of cybercriminals are those who target not private computers, but the servers of large companies, for which the infection process is considerably more resource-intense.

2018 began with a rise in the number of miner-related attacks. However, after a drop in the value of the main cryptocurrencies, which lasted from January to February, infection activity noticeably declined. General interest in cryptocurrencies also waned.  Yet the graph clearly shows that while the number of cryptominer attacks decreased, the threat is still current. As for how the November collapse in the Bitcoin exchange rate will affect the number of infections, time will tell.

Number of unique users attacked by miners in Q1–Q3 2018 (download)

Hidden mining software was very popular among botnet owners, as confirmed by our statistics on files downloaded by zombie networks: Q1 2018 saw a boom in cryptominers, and the share of this malware in the first half of the year was 4.6% of the total number of files downloaded by botnets. For comparison, in Q2 2017 this figure was 2.9%. It follows from the data that cybercriminals have come to view botnets as a means of spreading software for mining cryptocurrencies.

H2 2017 H1 2017
1 Lethic 17.0% njRAT 5.2%
2 Neutrino.POS 4.6% Lethic 5.0%
3 njRAT 3.7% Khalesi 4.9%
4 Emotet 3.5% Miners 4.6%
5 Miners 2.9% Neutrino.POS 2.2%
6 Smoke 1.8% Edur 1.3%
7 Cutwail 0.7% PassView 1.3%
8 Ransomware 0.7% Jimmy 1.1%
9 SpyEye 0.5% Gandcrab 1.1%
10 Snojan 0.3% Cutwail 1.1%

Most downloaded threats, H2 2017–H1 2018

Still on the topic of botnets, it is impossible not to mention that in Q3 2018 we registered a decline in the number of DDoS attacks, the most likely reason being, according to our experts, the “reprofiling” of botnets from DDoS attacks to cryptocurrency mining. This was induced not only by the high popularity of cryptocurrencies, but also the high competition in the “DDoS market”, which made the attacks less expensive for clients, but not for the botnetters themselves, who still have to cope with more than a few less-than-legal “organizational issues.”

Mining differs favorably for cybercriminals in that, if executed properly, it can be impossible for the owner of an infected machine to detect, and thus the chances of encountering the cyberpolice are far lower. And the reprofiling of existing server capacity completely hides its owner from the eyes of the law. Evidence suggests that the owners of many well-known botnets have switched their attack vector toward mining.  For example, the DDoS activity of the Yoyo botnet dropped dramatically, although there is no data about it being dismantled.

Moreover, mining has started to command as much (or more) attention as ransomware: this year we encountered several examples of reprofiled malware with added functionality for cryptocurrency mining. And the techniques used by the creators of miners have become more sophisticated.

For instance, an interesting miner implementation, which we dubbed PowerGhost, caught our eye in July this year. The malware can stealthily establish itself in the system and spread inside large corporate networks, infecting workstations and servers alike. To go unnoticed by users and security solutions for as long as possible, the miner employs various fileless techniques. Infection occurs remotely using exploits or remote management tools (Windows Management Instrumentation), and involves running a single-line powershell script that downloads the main body of the malware and immediately starts it without writing to the hard drive.

Another example of reprofiling is the ransomware Trojan Trojan-Ransom.Win32.Rakhni, the first samples of which were detected by Kaspersky Lab back in 2013. Its mining functions are a 2018 innovation. At the same time, their activation depends on whether the folder %AppData%\Bitcoin is present on the infected machine. If it exists, the loader downloads the ransomware. If there is no such folder and, in addition, the computer has more than two logical processors, a miner is downloaded. To keep the malware hidden in the system, the developers made it look like an Adobe product. This can be seen by the icon and the name of the executable file, as well as the fake digital signature, which uses Adobe Systems Incorporated as the company name.

Another piece of malware that has learned how to seed computers with mining utilities is the previously adware-only PBot. The malware spreads through affiliate sites that inject scripts into their pages for redirecting users to sponsored links. The standard distribution scheme looks as follows:

  1. The user visits one of the sites in the affiliate network.
  2. Clicking anywhere on the page causes a new browser window to appear, where an intermediate link opens.
  3. The link directs the user to the PBot download page, which is tasked with downloading and running the malware by deceptive means.

The most common coin among all illegally mined cryptocurrencies is Monero (xmr). This is due to its anonymous algorithm, relatively high market value, and ease of sale, since it is accepted by most major cryptocurrency exchanges. For botnets mining this coin illegally, it is important that CPU resources can be utilized. By some accounts, a total of $175 million has been mined illegally, representing around 5% of all Monero currently in circulation.

Factors affecting the distribution of miners

The conclusion based on data we obtained from various sources is that legislative control over cryptocurrencies has little impact on the spread of hidden mining. For example, in Algeria and Vietnam cryptocurrencies are either prohibited or severely restricted under domestic law. Yet Vietnam is third in the ranking of leading countries by number of miner attacks, and Algeria is sixth. Meanwhile, Iran, which is presently drafting legislation to govern cryptocurrency and developing plans to issue its own “coins,” is in seventh place.

Country Cryptocurrency status % of attacks
Kazakhstan Not prohibited, Not legalized 16.75%
Vietnam Issuance (mining) prohibited 13.00%
Indonesia Recognized as an exchange commodity 12.87%
Ukraine Circulation governed by law 11.19%
Russia Legislation under consideration 10.71%
Algeria Prohibited 9.03%
Iran Legislation in preparation, creation of own cryptocurrency planned 7.21%
India Ban under consideration, hearings in progress 7.20%
Thailand Circulation governed by law 6.76%
Taiwan Not prohibited 5.81%

Top 10 countries by share of miner attacks, January–October 2018 (includes only countries with more than 500,000 Kaspersky Lab clients)

At the other end of the scale, US users were the least affected by cryptominters (1.33% of the total number of attacks), followed by users in Switzerland (1.56%) and Britain (1.66%).

Map representing countries with the lowest share of miner attacks, January–October 2018 (includes only countries with more than 500,000 Kaspersky Lab clients) (download)

The prevalence of miners is not impacted by the cost of electricity, which varies greatly from country to country. Again, this factor is not a consideration for cybercriminals as they exploit third-party resources.

Distribution methods

Looking at the distribution of pirated software in countries with the highest number of miner attacks, one sees a clear correlation: the more freely unlicensed software is distributed, the more miners there are. This is confirmed by our statistics, which indicates that miners most often land on victim computers together with pirated software.

Another penetration vector for miners is adware installers distributed using social engineering. More sophisticated options (for example, propagation through vulnerabilities such as EternalBlue) are aimed at server capacities and are less frequently encountered.

And it should not be forgotten that USB drives have been used to distribute cryptocurrency mining software since at least 2015. The percentage of detections of the popular Bitcoin miner Trojan.Win64.Miner.all on removable devices is growing annually by about one-sixth. In 2018, one in ten users affected by malware transmitted through flash drives was the victim of this particular miner (roughly 9.22%; for comparison, in 2017 it was 6.7%, and in 2016 4.2%).

Millions of unique users found to have malware in the root directory, which is the main sign of infection via removable drives, 2013–2018. Source: KSN (download)

Trojan.Win32.Miner.ays/Trojan.Win.64.Miner.all was detected in India (23.7%), Russia (18.45%), and Kazakhstan (14.38%), but some cases were also logged in Asia, Africa, and Europe (Britain, Germany, the Netherlands, Switzerland, Spain, Belgium, Austria, Italy, Denmark, Sweden), as well as the US, Canada, and Japan.

Share of users impacted by Bitcoin miners on removable drives, 2018. Source: KSN (includes only countries with more than 10,000 Kaspersky Lab clients) (download)

Conclusion

Summing up the past year, we can highlight the following bullet points:

  1. Given the growing value and popularity of cryptocurrencies, cybercriminals are investing resources in the development of new mining technologies, which, according to our data, are gradually replacing ransomware Trojans.
  2. Hidden mining activity declines when cryptocurrency prices fall.
  3. The spread of hidden mining is not impacted by factors such as domestic legislative control or cost of electricity.
  4. Miners often get on victims’ computers during the download of unlicensed content or installation of pirated software. As a consequence, this type of threat is most prevalent in countries with poor regulation of the unlicensed software market, as well a low level of overall digital literacy among users.

Kaspersky Security Bulletin 2018. Story of the year: miners” (English, PDF)

Securelist: Kaspersky Security Bulletin 2018. Story of the year: miners

Cryptocurrency miners that infect the computers of unsuspecting users essentially operate according to the same business model as ransomware programs: the victim’s computing power is harnessed to enrich the cybercriminals. Only in the case of miners, it might be quite a while before the user notices that 70–80% of their CPU or graphics card power is being used to generate virtual coins. Encrypted documents and ransomware messages are far harder to miss.

Cryptominers usually find their way onto user computers and corporate machines along with adware, hacked games, and other pirated content. What’s more, the present “entry threshold” — that is, the actual process of creating a miner — is rather low: cybercriminals are assisted by ready-to-use affiliate programs, open mining pools, and miner builders. If that weren’t enough, there is another way to steal computing resources through a webpage-embedded mining script that starts when the user opens the site in a browser.  A separate category of cybercriminals are those who target not private computers, but the servers of large companies, for which the infection process is considerably more resource-intense.

2018 began with a rise in the number of miner-related attacks. However, after a drop in the value of the main cryptocurrencies, which lasted from January to February, infection activity noticeably declined. General interest in cryptocurrencies also waned.  Yet the graph clearly shows that while the number of cryptominer attacks decreased, the threat is still current. As for how the November collapse in the Bitcoin exchange rate will affect the number of infections, time will tell.

&&

Number of unique users attacked by miners in Q1–Q3 2018 (download)

Hidden mining software was very popular among botnet owners, as confirmed by our statistics on files downloaded by zombie networks: Q1 2018 saw a boom in cryptominers, and the share of this malware in the first half of the year was 4.6% of the total number of files downloaded by botnets. For comparison, in Q2 2017 this figure was 2.9%. It follows from the data that cybercriminals have come to view botnets as a means of spreading software for mining cryptocurrencies.

H2 2017 H1 2017
1 Lethic 17.0% njRAT 5.2%
2 Neutrino.POS 4.6% Lethic 5.0%
3 njRAT 3.7% Khalesi 4.9%
4 Emotet 3.5% Miners 4.6%
5 Miners 2.9% Neutrino.POS 2.2%
6 Smoke 1.8% Edur 1.3%
7 Cutwail 0.7% PassView 1.3%
8 Ransomware 0.7% Jimmy 1.1%
9 SpyEye 0.5% Gandcrab 1.1%
10 Snojan 0.3% Cutwail 1.1%

Most downloaded threats, H2 2017–H1 2018

Still on the topic of botnets, it is impossible not to mention that in Q3 2018 we registered a decline in the number of DDoS attacks, the most likely reason being, according to our experts, the “reprofiling” of botnets from DDoS attacks to cryptocurrency mining. This was induced not only by the high popularity of cryptocurrencies, but also the high competition in the “DDoS market”, which made the attacks less expensive for clients, but not for the botnetters themselves, who still have to cope with more than a few less-than-legal “organizational issues.”

Mining differs favorably for cybercriminals in that, if executed properly, it can be impossible for the owner of an infected machine to detect, and thus the chances of encountering the cyberpolice are far lower. And the reprofiling of existing server capacity completely hides its owner from the eyes of the law. Evidence suggests that the owners of many well-known botnets have switched their attack vector toward mining.  For example, the DDoS activity of the Yoyo botnet dropped dramatically, although there is no data about it being dismantled.

Moreover, mining has started to command as much (or more) attention as ransomware: this year we encountered several examples of reprofiled malware with added functionality for cryptocurrency mining. And the techniques used by the creators of miners have become more sophisticated.

For instance, an interesting miner implementation, which we dubbed PowerGhost, caught our eye in July this year. The malware can stealthily establish itself in the system and spread inside large corporate networks, infecting workstations and servers alike. To go unnoticed by users and security solutions for as long as possible, the miner employs various fileless techniques. Infection occurs remotely using exploits or remote management tools (Windows Management Instrumentation), and involves running a single-line powershell script that downloads the main body of the malware and immediately starts it without writing to the hard drive.

Another example of reprofiling is the ransomware Trojan Trojan-Ransom.Win32.Rakhni, the first samples of which were detected by Kaspersky Lab back in 2013. Its mining functions are a 2018 innovation. At the same time, their activation depends on whether the folder %AppData%\Bitcoin is present on the infected machine. If it exists, the loader downloads the ransomware. If there is no such folder and, in addition, the computer has more than two logical processors, a miner is downloaded. To keep the malware hidden in the system, the developers made it look like an Adobe product. This can be seen by the icon and the name of the executable file, as well as the fake digital signature, which uses Adobe Systems Incorporated as the company name.

Another piece of malware that has learned how to seed computers with mining utilities is the previously adware-only PBot. The malware spreads through affiliate sites that inject scripts into their pages for redirecting users to sponsored links. The standard distribution scheme looks as follows:

  1. The user visits one of the sites in the affiliate network.
  2. Clicking anywhere on the page causes a new browser window to appear, where an intermediate link opens.
  3. The link directs the user to the PBot download page, which is tasked with downloading and running the malware by deceptive means.

The most common coin among all illegally mined cryptocurrencies is Monero (xmr). This is due to its anonymous algorithm, relatively high market value, and ease of sale, since it is accepted by most major cryptocurrency exchanges. For botnets mining this coin illegally, it is important that CPU resources can be utilized. By some accounts, a total of $175 million has been mined illegally, representing around 5% of all Monero currently in circulation.

Factors affecting the distribution of miners

The conclusion based on data we obtained from various sources is that legislative control over cryptocurrencies has little impact on the spread of hidden mining. For example, in Algeria and Vietnam cryptocurrencies are either prohibited or severely restricted under domestic law. Yet Vietnam is third in the ranking of leading countries by number of miner attacks, and Algeria is sixth. Meanwhile, Iran, which is presently drafting legislation to govern cryptocurrency and developing plans to issue its own “coins,” is in seventh place.

Country Cryptocurrency status % of attacks
Kazakhstan Not prohibited, Not legalized 16.75%
Vietnam Issuance (mining) prohibited 13.00%
Indonesia Recognized as an exchange commodity 12.87%
Ukraine Circulation governed by law 11.19%
Russia Legislation under consideration 10.71%
Algeria Prohibited 9.03%
Iran Legislation in preparation, creation of own cryptocurrency planned 7.21%
India Ban under consideration, hearings in progress 7.20%
Thailand Circulation governed by law 6.76%
Taiwan Not prohibited 5.81%

Top 10 countries by share of miner attacks, January–October 2018 (includes only countries with more than 500,000 Kaspersky Lab clients)

At the other end of the scale, US users were the least affected by cryptominters (1.33% of the total number of attacks), followed by users in Switzerland (1.56%) and Britain (1.66%).

&&

Map representing countries with the lowest share of miner attacks, January–October 2018 (includes only countries with more than 500,000 Kaspersky Lab clients) (download)

The prevalence of miners is not impacted by the cost of electricity, which varies greatly from country to country. Again, this factor is not a consideration for cybercriminals as they exploit third-party resources.

Distribution methods

Looking at the distribution of pirated software in countries with the highest number of miner attacks, one sees a clear correlation: the more freely unlicensed software is distributed, the more miners there are. This is confirmed by our statistics, which indicates that miners most often land on victim computers together with pirated software.

Another penetration vector for miners is adware installers distributed using social engineering. More sophisticated options (for example, propagation through vulnerabilities such as EternalBlue) are aimed at server capacities and are less frequently encountered.

And it should not be forgotten that USB drives have been used to distribute cryptocurrency mining software since at least 2015. The percentage of detections of the popular Bitcoin miner Trojan.Win64.Miner.all on removable devices is growing annually by about one-sixth. In 2018, one in ten users affected by malware transmitted through flash drives was the victim of this particular miner (roughly 9.22%; for comparison, in 2017 it was 6.7%, and in 2016 4.2%).

&&

Millions of unique users found to have malware in the root directory, which is the main sign of infection via removable drives, 2013–2018. Source: KSN (download)

Trojan.Win32.Miner.ays/Trojan.Win.64.Miner.all was detected in India (23.7%), Russia (18.45%), and Kazakhstan (14.38%), but some cases were also logged in Asia, Africa, and Europe (Britain, Germany, the Netherlands, Switzerland, Spain, Belgium, Austria, Italy, Denmark, Sweden), as well as the US, Canada, and Japan.

&&

Share of users impacted by Bitcoin miners on removable drives, 2018. Source: KSN (includes only countries with more than 10,000 Kaspersky Lab clients) (download)

Conclusion

Summing up the past year, we can highlight the following bullet points:

  1. Given the growing value and popularity of cryptocurrencies, cybercriminals are investing resources in the development of new mining technologies, which, according to our data, are gradually replacing ransomware Trojans.
  2. Hidden mining activity declines when cryptocurrency prices fall.
  3. The spread of hidden mining is not impacted by factors such as domestic legislative control or cost of electricity.
  4. Miners often get on victims’ computers during the download of unlicensed content or installation of pirated software. As a consequence, this type of threat is most prevalent in countries with poor regulation of the unlicensed software market, as well a low level of overall digital literacy among users.

Kaspersky Security Bulletin 2018. Story of the year: miners” (English, PDF)



Securelist

Market Rebound Hits Altcoins First; Bitcoin Gets Mixed Messages From SEC

The global crypto market underwent a 6% upswing leading into Tuesday evening, with the majority of the value finding its way to the altcoin market. This looks like just another fluctuation, with the new global high of $126 billion still lower than yesterday’s peak of $131 billion. Meanwhile, U.S Securities and Exchange Commision Chairman, Jim […]

The post Market Rebound Hits Altcoins First; Bitcoin Gets Mixed Messages From SEC appeared first on Hacked: Hacking Finance.

XRP Price Analysis: XRP/USD’s Punishing Pennant Set-up

  Bears will be looking to pile on the pressure below the $0.3500 area. The 4-hour chart view can see XRP/USD having formed another pennant pattern, subject to a potential break lower. XRP/USD over the last two sessions has stabilized somewhat but continues to nurse losses. The bulls sent out false hope on Sunday, after […]

The post XRP Price Analysis: XRP/USD’s Punishing Pennant Set-up appeared first on Hacked: Hacking Finance.

SEC Chairman Says Most Crypto ICOs are Securities; Bloodbath For Tokens?

It may be the wrong time for crypto investors to hold onto tokens issued by initial coin offering (ICO) projects. On CNBC, Jay Clayton, the chairman of the U.S. Securities and Exchange Commission (SEC) emphasized once again that most ICOs that are being talked about by investors in the global cryptocurrency market are considered securities […]

The post SEC Chairman Says Most Crypto ICOs are Securities; Bloodbath For Tokens? appeared first on Hacked: Hacking Finance.

EOS Price Hits Yearly Low; 87% Losses Since $4 Billion ICO

EOS (EOS) struck a new low on Tuesday, reverting to a price not seen since November of 2017. Unlike most coins and tokens which peaked in December-January, EOS reached its all-time high in April of this year, marking the culmination of a year-long ICO in which $4 billion was raised. That means the coin’s 87% […]

The post EOS Price Hits Yearly Low; 87% Losses Since $4 Billion ICO appeared first on Hacked: Hacking Finance.

Crypto Update: Bounce Fails Again as Bearish Forces Remain Dominant

While yesterday’s there was a chance for a short-term reversal in the cryptocurrency segment, due to the weakening bearish momentum and an encouraging bounce in some of the majors, the rally failed, and a lot of top coins hit new lows afterward. Our trend model remains on sell signals in most cases, and although the […]

The post Crypto Update: Bounce Fails Again as Bearish Forces Remain Dominant appeared first on Hacked: Hacking Finance.

After Much Speculation, Nasdaq Set to Launch Bitcoin Futures Market

Nasdaq Inc., the world’s second-largest stock exchange, is planning to launch its very own bitcoin futures product no later than Q1 2019. The announcement serves as a subtle reminder to investors that, despite the recent price collapse, institutional appetite in cryptocurrency is only growing. Nasdaq Joins the Futures Race According to Bloomberg, Nasdaq is currently […]

The post After Much Speculation, Nasdaq Set to Launch Bitcoin Futures Market appeared first on Hacked: Hacking Finance.

Litecoin Price Analysis: LTC/USD a Buy Today, Tomorrow a Sell?

  The Litecoin price on Tuesday attempts at stabilization, but given the recent pattern, this could be sold again on Wednesday. LTC/USD weekly chart still looks worrying, and there could even be room for a complete market correction, sending the price as low as $4. The Litecoin price has been heavily dictated by the bears […]

The post Litecoin Price Analysis: LTC/USD a Buy Today, Tomorrow a Sell? appeared first on Hacked: Hacking Finance.

Can Encrypgen (DNA) Generate a 30x Return in 2019?

Although I’ve written previously about Encrypgen (DNA), the recent crypto crash has made this one of the best investments since the California Gold Rush of the 1800s.  A lot of my time is spent scouring the crypto landscape looking for projects that have both a real-world use and a significant undervaluation.  Encrypgen checks both boxes! […]

The post Can Encrypgen (DNA) Generate a 30x Return in 2019? appeared first on Hacked: Hacking Finance.

Tron Price Analysis: TRX/USD is Forming a Bottom Area, Readying a Recovery

  TRX/USD buyers are heavily defending the 1 cent price territory, as a bottom area gradually forms. Tron foundation continues to provide positive updates and Justin Sun once again takes aim at Ethereum. While selling pressure for TRX/USD is still somewhat intense, there are signs that a bottom area is forming. Buyers are doing their […]

The post Tron Price Analysis: TRX/USD is Forming a Bottom Area, Readying a Recovery appeared first on Hacked: Hacking Finance.

Security Tokens and STOs: A New Financial Frontier

There were a lot of promises during the 2017 ICO boom. Brand new start-ups offering utility tokens that had no utility, on a blockchain that was not needed. 2018 was a wake-up call for the cryptocurrency community. An indication that the ICO status quo was not written in stone and that valid alternatives needed to […]

The post Security Tokens and STOs: A New Financial Frontier appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Bounce Back but Bear Trap Not Yet Confirmed

The cryptocurrency segment is finally showing early signs of strength following the weekend’s selloff that took most of the majors to new bear market lows. Compared to the steep declines of the past couple of weeks, the bearish momentum has been relatively weak, and some of the top coins managed to climb back to, or […]

The post Crypto Update: Coins Bounce Back but Bear Trap Not Yet Confirmed appeared first on Hacked: Hacking Finance.

Coins See Green: Cryptocurrency Market Cap Recovers $15 Billion as Bitcoin Cash, XRP Lead

The cryptocurrency market’s long road to recovery took a positive step forward on Monday, as coin values rebounded sharply from weekend lows with bitcoin cash, XRP and Litecoin leading the way higher. Market Update The combined value of all coins in circulation reached a high of $132 billion on Monday, according to CoinMarketCap. The total […]

The post Coins See Green: Cryptocurrency Market Cap Recovers $15 Billion as Bitcoin Cash, XRP Lead appeared first on Hacked: Hacking Finance.

Cryptocurrency threat predictions for 2019

Introduction – key events in 2018

2018 saw cryptocurrency become an established part of many people’s lives, and a more attractive target for cybercriminals across the world. To some extent, the malicious mining of cryptocurrencies even prevailed over the main threat of the last few years: ransomware.

However, in the second half of 2018, the blockchain and cryptocurrency industry faced a major development: falling prices for cryptocurrencies. The impact was felt across the landscape, with rapid decline in public interest, the activity of the crypto community and traders, and in the related activity of cybercriminals.

While this will certainly affect our forecasts for 2019, let’s see how the forecasts we made for this year worked out.

1. ‘Ransomware attacks will force users to buy cryptocurrency’

This prediction turned out to be partially true. In 2018, we saw a decline in the popularity of encryptors, combined with a rise in the malicious use of cryptocurrency miners. It transpired that it is safer for attackers to perform discreet mining on infected devices than to demand a ransom and attract attention. However, it is too early to dismiss ransomware as a major threat; it is still an effective method of infection and monetization of both individuals and organizations – and cryptocurrencies remain a more easily anonymized form of ransom payment.

2. ‘We will see targeted attacks with malicious miners’

This prediction did not come true. We observed mainly isolated incidents where miners were maliciously installed in an infected corporate network. There are several reasons for that:

  • Companies have learned to detect miners that are run on the computers of employees/administrators; both those installed by users themselves and by third parties without the knowledge of the user.
  • The attackers themselves do not appear to consider this a promising approach. Targeted and sophisticated attacks are more about gaining persistence in the network for the purpose of espionage or the theft of money or data. It is therefore better not to attract attention by crypto-mining.

3. ‘The rise of miners will continue and involve new actors’

This prediction also turned out to be partially true: the malicious use of cryptocurrency miners actively increased during the first quarter of 2018, peaking in March. Over the following months there was a gradual decrease in activity due to the drop in price for cryptocurrencies.

4. ‘There will be more web-mining’

Again, this prediction turned out to be partially true. The web mining of cryptocurrencies reached a peak in January 2018, after which it began to decline. Webmasters, hoping to use web mining as an alternative means of website monetization alongside advertising, did not usually notify users about any hidden mining taking place on their sites. This meant that web mining quickly became associated with malicious activity. After that, it was difficult to restore its reputation.

5. ‘The fall of ICOs (Initial Coin Offering)’

Yes and no. On the one hand, collecting money with the help of ICOs continued: projects became larger and the fees did not fall. On the other hand, many projects that collected impressive amounts through ICOs in 2017 were not be able to create the promised product in time during 2018, which inevitably affected the exchange price of the sold tokens.

Top three predictions for 2019

1. Excessive expectations about the use of blockchain beyond the cryptocurrency sphere will disappear

In the end, we expect this trend to be driven by people rather than the technology’s capability, as organizations and industries come to the conclusion that blockchain has a rather narrow scope of application, and most attempts to use in different ways are not justified. The reliable application of blockchain beyond cryptocurrency has been explored and experimented with for years, but there is little evidence of achievement. We expect 2019 to be the year people stop trying.

2. Cryptocurrencies as a means of payment will decline further

In 2017 a number of suppliers of goods and services announced that they would accept cryptocurrencies as a form of payment. However, in the face of huge commissions (an acute problem in December 2017), slow transfers, a large price for integration, and, most importantly, a small number of customers, its use as a method of payment declined steadily. In the end, the use of cryptocurrencies by a legitimate business simply does not make much sense.

3. There will be no return to 2017’s sky-high exchange rates

Until January 2018, there were immense highs and lows in the price of Bitcoin. But we do not expect these to return as the value of cryptocurrencies levels out to reflect their popularity. We believe there is a finite audience for whom cryptocurrencies are of interest, and once that limit is reached the price will not rise further.

 “Cryptocurrency threat predictions for 2019” (PDF)

Securelist: Cryptocurrency threat predictions for 2019

Introduction – key events in 2018

2018 saw cryptocurrency become an established part of many people’s lives, and a more attractive target for cybercriminals across the world. To some extent, the malicious mining of cryptocurrencies even prevailed over the main threat of the last few years: ransomware.

However, in the second half of 2018, the blockchain and cryptocurrency industry faced a major development: falling prices for cryptocurrencies. The impact was felt across the landscape, with rapid decline in public interest, the activity of the crypto community and traders, and in the related activity of cybercriminals.

While this will certainly affect our forecasts for 2019, let’s see how the forecasts we made for this year worked out.

1. ‘Ransomware attacks will force users to buy cryptocurrency’

This prediction turned out to be partially true. In 2018, we saw a decline in the popularity of encryptors, combined with a rise in the malicious use of cryptocurrency miners. It transpired that it is safer for attackers to perform discreet mining on infected devices than to demand a ransom and attract attention. However, it is too early to dismiss ransomware as a major threat; it is still an effective method of infection and monetization of both individuals and organizations – and cryptocurrencies remain a more easily anonymized form of ransom payment.

2. ‘We will see targeted attacks with malicious miners’

This prediction did not come true. We observed mainly isolated incidents where miners were maliciously installed in an infected corporate network. There are several reasons for that:

  • Companies have learned to detect miners that are run on the computers of employees/administrators; both those installed by users themselves and by third parties without the knowledge of the user.
  • The attackers themselves do not appear to consider this a promising approach. Targeted and sophisticated attacks are more about gaining persistence in the network for the purpose of espionage or the theft of money or data. It is therefore better not to attract attention by crypto-mining.

3. ‘The rise of miners will continue and involve new actors’

This prediction also turned out to be partially true: the malicious use of cryptocurrency miners actively increased during the first quarter of 2018, peaking in March. Over the following months there was a gradual decrease in activity due to the drop in price for cryptocurrencies.

4. ‘There will be more web-mining’

Again, this prediction turned out to be partially true. The web mining of cryptocurrencies reached a peak in January 2018, after which it began to decline. Webmasters, hoping to use web mining as an alternative means of website monetization alongside advertising, did not usually notify users about any hidden mining taking place on their sites. This meant that web mining quickly became associated with malicious activity. After that, it was difficult to restore its reputation.

5. ‘The fall of ICOs (Initial Coin Offering)’

Yes and no. On the one hand, collecting money with the help of ICOs continued: projects became larger and the fees did not fall. On the other hand, many projects that collected impressive amounts through ICOs in 2017 were not be able to create the promised product in time during 2018, which inevitably affected the exchange price of the sold tokens.

Top three predictions for 2019

1. Excessive expectations about the use of blockchain beyond the cryptocurrency sphere will disappear

In the end, we expect this trend to be driven by people rather than the technology’s capability, as organizations and industries come to the conclusion that blockchain has a rather narrow scope of application, and most attempts to use in different ways are not justified. The reliable application of blockchain beyond cryptocurrency has been explored and experimented with for years, but there is little evidence of achievement. We expect 2019 to be the year people stop trying.

2. Cryptocurrencies as a means of payment will decline further

In 2017 a number of suppliers of goods and services announced that they would accept cryptocurrencies as a form of payment. However, in the face of huge commissions (an acute problem in December 2017), slow transfers, a large price for integration, and, most importantly, a small number of customers, its use as a method of payment declined steadily. In the end, the use of cryptocurrencies by a legitimate business simply does not make much sense.

3. There will be no return to 2017’s sky-high exchange rates

Until January 2018, there were immense highs and lows in the price of Bitcoin. But we do not expect these to return as the value of cryptocurrencies levels out to reflect their popularity. We believe there is a finite audience for whom cryptocurrencies are of interest, and once that limit is reached the price will not rise further.

 “Cryptocurrency threat predictions for 2019” (PDF)



Securelist

Crypto Market Bounces 15%; Litecoin Leads Pack With 18% Price Rebound

The cryptocurrency market recovered 15% leading into Sunday night, rising to $132 billion overall after a brief dip down to $114 billion. Bitcoin dropped to the $3,500 range amid the carnage, while Ethereum dropped to $100 – an eighteen month low for the former king of the alts. The recovery bounce carried those coins to […]

The post Crypto Market Bounces 15%; Litecoin Leads Pack With 18% Price Rebound appeared first on Hacked: Hacking Finance.

Crypto Update: Another Steep Selloff Drags Majors to New Lows

The cryptocurrency segment got hit had yet again this weekend, as the mid-week bounce faded and the recent panic lows failed to hold up the top coins. The negative long-term market forces took hold of the segment again, and despite the deeply oversold momentum readings, the majors plunged to new lows. Bitcoin briefly violated the […]

The post Crypto Update: Another Steep Selloff Drags Majors to New Lows appeared first on Hacked: Hacking Finance.

Ethereum Price Analysis: ETH/USD Set for $100 Breach, What Next?

ETH/USD has dropped a chunky 55 percent since the 7th November. Bears continue to smash through key area of support. A daily closure below $109.80 (27th May 2017 low) could be devastating, in opening the door for a firm breach of the psychological $100 mark. Selling Pressure in the Highest Gear ETH/USD selling pressure intensity […]

The post Ethereum Price Analysis: ETH/USD Set for $100 Breach, What Next? appeared first on Hacked: Hacking Finance.

TRON’s Justin Sun: “Check Back in Two Years” as TRX Price Hits One Cent

TRON (TRX) underwent a 20% drop for the twenty-four period leading into Sunday as the coin price sunk to the one cent valuation for the first time since December 2017. Founder and CEO of TRON, Justin Sun, took to Twitter on Sunday to add some perspective to last night’s plunge, reminding TRX holders that DApp […]

The post TRON’s Justin Sun: “Check Back in Two Years” as TRX Price Hits One Cent appeared first on Hacked: Hacking Finance.

Crypto Selloff Deepens as Bitcoin Cash Hard Fork Proves More Costly Than Ever Predicted

Cryptocurrencies plunged anew on Saturday, as the majors struggled to establish a firm price floor following consecutive price declines over the past two weeks. Despite a whopping 41% drop over that stretch, a lack of adoption means prices are still searching for a bottom. As it turns out, the bitcoin cash hard fork instigated on […]

The post Crypto Selloff Deepens as Bitcoin Cash Hard Fork Proves More Costly Than Ever Predicted appeared first on Hacked: Hacking Finance.

One Year Later: How Is Stellar Stacking Up Against Ripple

We are now nearing 1 year after the frothiest crypto markets the world had ever seen, and one debate which was top-of-mind back then still rages on: Stellar or Ripple? As blockchain entered the mainstream, we were told how the technology had the potential to revolutionize nearly every industry. And if a company could find […]

The post One Year Later: How Is Stellar Stacking Up Against Ripple appeared first on Hacked: Hacking Finance.

Quarkchain Finally Delivering on Past Hype? 37% Growth Sends QKC Into Top Hundred

Anyone who was around for the peak of the ICO craze in early 2018 may remember Quarkchain (QKC). It was highly ranked on ICO spreadsheets, was backed by team members who named the likes of Google, Facebook and Dell as former employers, and was one of the most hyped coin offerings of the year. Quarkchain […]

The post Quarkchain Finally Delivering on Past Hype? 37% Growth Sends QKC Into Top Hundred appeared first on Hacked: Hacking Finance.

XRP Price Analysis: XRP/USD is One More Breach Away from $0.25

  XRP/USD remains very much vulnerable to another fall. Key levels to note: $0.4000, $0.3800 and then $0.3000-$0.2500. Price action has formed a consolidation block, which is subject to a breakout lower. Recent Price Developments XRP/USD remains firmly in the control of the market bears. The price running within its third consecutive daily session in […]

The post XRP Price Analysis: XRP/USD is One More Breach Away from $0.25 appeared first on Hacked: Hacking Finance.

Revain Bucks Trend With 24% Jump Amid Downturn; Added to Exodus Wallet

The review-focused altcoin, Revain (R), saw 24% gains on Black Friday while Bitcoin and the majority of coins and tokens continued to fall. The token recently gained compatibility with the Exodus wallet, as announced Friday. Revain Background Revain launched in 2017 amid some clear skepticism regarding what some saw as an unnecessary application of blockchain […]

The post Revain Bucks Trend With 24% Jump Amid Downturn; Added to Exodus Wallet appeared first on Hacked: Hacking Finance.

Why Investors Should Pay Attention to Polkadot

The “Internet of Blockchains” business is becoming increasingly saturated as time goes on. There are numerous competitors in the space, and choosing which ones to invest in isn’t getting any easier. There are two strategies you can take: choose the one you consider the best fundamental long-term bet among the many and invest in that; […]

The post Why Investors Should Pay Attention to Polkadot appeared first on Hacked: Hacking Finance.

Tron Price Analysis: If the Bulls Do Not Wake Up, Another 35% Drop May be Seen for TRX/USD

TRX/USD is subject to another deep fall given the current technical structure. News flow around Tron remains encouraging, following support from another exchange, Huobi. Social media space continues to get excited about Kobe Bryant being a key speaker at the Tron summit in 2019. TRX/USD over the past few weeks has been a victim of […]

The post Tron Price Analysis: If the Bulls Do Not Wake Up, Another 35% Drop May be Seen for TRX/USD appeared first on Hacked: Hacking Finance.

Crypto Update: Majors Test Lows After Consolidation

After a brief quiet period in the cryptocurrency segment, the top coins turned lower again in the second half of the day and approached their recent bear market lows. While Bitcoin only tested its panic low, Ethereum dipped below at and the still relatively strong Ripple also fell below the key long-term support zone that […]

The post Crypto Update: Majors Test Lows After Consolidation appeared first on Hacked: Hacking Finance.

Altcoin Trio Aurora (AOA), Augur (REP) and Ark (ARK) Soar to Double-Digit Gains

A trio of relatively small-cap altcoins hit double-digit growth for Thursday, Nov 22nd, amid a generally quiet day for the larger coins. Bitcoin remains anchored around the $4,500 position, while Ethereum has found a new home at $130 for the time being. Aurora (AOA) Price Aurora has a history of reliably volatile price movement, despite […]

The post Altcoin Trio Aurora (AOA), Augur (REP) and Ark (ARK) Soar to Double-Digit Gains appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Consolidate on Thanksgiving Day After Wild Ride

Volatility declined substantially today in the cryptocurrency segment following three days of heavy trading, with top coins consolidation after the recent leg of the market-wide crash. US markets have been closed for Thanksgiving Day, and although traditional financial markets had an active day, especially in Europe, volumes in the crypto-segment were much lower than in […]

The post Crypto Update: Coins Consolidate on Thanksgiving Day After Wild Ride appeared first on Hacked: Hacking Finance.

Cardano Price Analysis: ADA/USDT Vulnerable to Another Hard Fall

Cardano’s Charles Hoskinson provided some insight on timing for the 1.4 update and more. ADA/USDT, given market conditions and technical price structure, is subject to another break lower.  Cardano’s ADA is in just as much trouble as every other cryptocurrency, given the strong and very stubborn bear market. There still appears to be room for […]

The post Cardano Price Analysis: ADA/USDT Vulnerable to Another Hard Fall appeared first on Hacked: Hacking Finance.

How to Make Passive Income with VeChain

The cryptocurrency market is in a recession, and investments via ICO and trading have not generated profit for a long time. Nevertheless, this market still allows you to earn money, and now is the right time to look at it in terms of the possibility of obtaining passive income. I will consider the most promising […]

The post How to Make Passive Income with VeChain appeared first on Hacked: Hacking Finance.

Bitcoin Cash Resumes Defensive Posture as Calvin Ayre Backs Permanent Split

Bitcoin cash declined on Thursday, as the whirlwind surrounding last week’s contentious hard fork continued to influence market sentiment after the bitcoin ABC chain retained the BCH ticker symbol, setting the stage for a permanent split in the network. That notion was recently supported by Calvin Ayre, one of the leading protagonists of the competing […]

The post Bitcoin Cash Resumes Defensive Posture as Calvin Ayre Backs Permanent Split appeared first on Hacked: Hacking Finance.

Ethereum Price Analysis: Calm Before Another Potential Storm

  ETH/USD price action is moving within consolidation mode, after being allowed some consolidation gains during the previous session. Major weekly support levels to note are seen at $130 (July 2017) and then $110 (May 2017). ETH/USD was provided a consolidation bounce during yesterday’s session. The price managed to close marginally in the green, after […]

The post Ethereum Price Analysis: Calm Before Another Potential Storm appeared first on Hacked: Hacking Finance.

How to Make Passive Income Holding Ontology

The cryptocurrency market is in a recession and investment in ICOs has not brought desired results. Nevertheless, this market still allows you to earn money, and now is the right time to look into the possibility of obtaining passive income. I would like to start looking into the most promising projects in terms of passive […]

The post How to Make Passive Income Holding Ontology appeared first on Hacked: Hacking Finance.

DragonChain is Granted Patent on InterChain; DRGN Token Surges

The big news in the blockchain world today was that DragonChain had been granted a U.S. patent on their InterChain technology. The company was started by Disney in 2016 as an open-source software company, and is expected to fully morph into a for-profit company at some point down the line. It is not necessarily notable […]

The post DragonChain is Granted Patent on InterChain; DRGN Token Surges appeared first on Hacked: Hacking Finance.

Dash Price Bounces 11.8% on Recovery as Crypto-SMS Integration Continues

Dash (DASH) saw an 11.8% price increase on Wednesday evening, coinciding with the release of its second crypto-SMS app this week. Dash payment app, Dash Text, and point-of-sale app, Spark, have both integrated the text-payment service of CoinText in the past week, allowing non-smartphone users to send and receive Dash at the click of a […]

The post Dash Price Bounces 11.8% on Recovery as Crypto-SMS Integration Continues appeared first on Hacked: Hacking Finance.

Bitcoin Cash Rebounds from Record Low as CoinMarketCap Integrate Bitcoin ABC Pricing Data

After testing new yearly lows, bitcoin cash staged a modest relief rally on Wednesday as several virtual currency exchanges re-enabled BCH trades for the first time since last week’s hard fork. However, the relief rally shouldn’t be construed as a shift in direction as BCH remains severely hampered by resistance and is likely to continue […]

The post Bitcoin Cash Rebounds from Record Low as CoinMarketCap Integrate Bitcoin ABC Pricing Data appeared first on Hacked: Hacking Finance.

Electroneum Price Surges 38% as ETN Coin Gains HitBTC Listing

Electroneum (ETN) briefly saw 38% gains in the preceding twenty-four hour period, as the coin surged following its listing on the HitBTC exchange. HitBTC Lists Electroneum (ETN) As per the official blog announcement from the exchange: “We are happy to announce the long-awaited integration of Electroneum (ETN), the mobile-based cryptocurrency providing a digital payment solution […]

The post Electroneum Price Surges 38% as ETN Coin Gains HitBTC Listing appeared first on Hacked: Hacking Finance.

Zcash Price Analysis: ZEC/USD Flood Gates Open After Breakout and Retest from Pennant

ZEC/USD licking its wounds with deep double-digit losses as the market continues to take a beating. Next major areas of support are eyed at currently levels around $89.50 and then $75. Zcash has been under chunky selling pressure, no thanks to the larger weakness seen across the broader crypto market. The ZEC/USD exchange rate is […]

The post Zcash Price Analysis: ZEC/USD Flood Gates Open After Breakout and Retest from Pennant appeared first on Hacked: Hacking Finance.

Price Prediction for Bitcoin, Ripple, Ethereum: Crypto Bloody Tuesday Sees Falls that Shake Convictions

The BTC/USD hits a low of $4,212 and eyes $3,500 in the next few days. The XRP/USD panics below $0.41 but recovers $0.45 amid high uncertainty. The ETH/USD marks a trough at $125 and could move below $100. If Hollywood creates the script of what’s happening on the Crypto Board, they wouldn’t have done any […]

The post Price Prediction for Bitcoin, Ripple, Ethereum: Crypto Bloody Tuesday Sees Falls that Shake Convictions appeared first on Hacked: Hacking Finance.

Bitcoin Cash Price Analysis: BCH/USD Hard Flops as Price Moves Within the Abyss

  Bitcoin Cash price falls into uncharted territory, struggling to find a bottom. Weekly chart still points to further downside, RSI not within oversold territory as of yet. The Bitcoin Cash price remains heavily on the back foot, the standout under-performer across the major altcoins. BCH/USD is currently running at three consecutive sessions of losses. […]

The post Bitcoin Cash Price Analysis: BCH/USD Hard Flops as Price Moves Within the Abyss appeared first on Hacked: Hacking Finance.

TRON Price Slides 25% Overnight; TRX Hits New Low Despite BitTorrent Web Rollout

TRON (TRX) was struck by a 25% loss overnight, and by Tuesday morning had sunk all the way to the $0.012 range – a price level not seen since December of last year. That followed the rest of the market in yet another crash which wiped a further 18% off the value of Bitcoin, sending […]

The post TRON Price Slides 25% Overnight; TRX Hits New Low Despite BitTorrent Web Rollout appeared first on Hacked: Hacking Finance.

This Week’s Crypto Winners

The past week worked out to generally be a down market for most cryptocurrencies, but we saw several experience massive increases over the last 7 days. Nasdacoin Nasdacoin increased a whopping 158.75% to reach a price of $2.47 as of the date of publishing. Ranking as #93 in terms of market capitalization, much of this […]

The post This Week’s Crypto Winners appeared first on Hacked: Hacking Finance.

How Did Nasdacoin (NSD) Avoid the Crash? Game Changer or Ponzi Scheme?

Nasdacoin (NSD) began its sudden ascension into the market cap top hundred just as the market crash struck last week. From Nov 14th through Nov 15th, Nasdacoin went on a 429% growth surge, while the rest of the market was bleeding out in what proved to be only the first dip of a two-pronged fall. […]

The post How Did Nasdacoin (NSD) Avoid the Crash? Game Changer or Ponzi Scheme? appeared first on Hacked: Hacking Finance.

Litecoin Price Analysis: One Last Safety Net Ahead of $20 Territory

  Litecoin has been further slammed, dropping 35% over the past two weeks of trading. Should near-term demand area of $35-33 fail to hold, it will be very punishing. The Litecoin price remains firmly on the back foot, one of the standout under-performers in this current bear market, against some of the other major altcoins. […]

The post Litecoin Price Analysis: One Last Safety Net Ahead of $20 Territory appeared first on Hacked: Hacking Finance.

Why Investors Should Pay Attention to SkyCoin

Last week we talked about Substratum, an ecosystem coin that has been doing quite well, but it isn’t the only one on the market. With multiple coins popping up that address the same problems, some healthy competition emerges, and we see what happens when multiple solutions exist for the same problem. SkyCoin is one such […]

The post Why Investors Should Pay Attention to SkyCoin appeared first on Hacked: Hacking Finance.

Crypto Market Cap Plummets $42 Billion Over Six Days as Bitcoin Targets $5,000

A staggering selloff in the cryptocurrency market over the past six days has investors searching for an elusive bottom on major assets like bitcoin, bitcoin cash and Ethereum. However, the breakdown of key technical levels, combined with the complete disregard for fundamentals, suggest the bottoming process has not yet concluded. Crypto Selloff Deepens The combined […]

The post Crypto Market Cap Plummets $42 Billion Over Six Days as Bitcoin Targets $5,000 appeared first on Hacked: Hacking Finance.

Crypto Update: New Bear Market Lows Across the Board

The key long-term breakdown in the cryptocurrency segment that we observed last week continued in earnest today, with most of the majors hitting new bear market lows amid another wave of heavy selling. Bitcoin dropped below $5200 for the first time since last October, Ethereum violated the key $160 level, Litecoin plunged below $38, with […]

The post Crypto Update: New Bear Market Lows Across the Board appeared first on Hacked: Hacking Finance.

Tron Price Analysis: TRX/USD Forced to Seek Help from Major Demand Area Despite New Developments

TRX/USD under heavy downside pressure, dropping double digits. That is 13 consecutive sessions of losses. The price is within a known chunky buying area and a failure to attract the bulls could be catastrophic. TRX/USD took a heavy beating on Monday, down as much as 12% in early part of the session. This downside pressure […]

The post Tron Price Analysis: TRX/USD Forced to Seek Help from Major Demand Area Despite New Developments appeared first on Hacked: Hacking Finance.

Crypto Market Cap Turns Green as Signs of Tepid Recovery Emerge

With the exception of bitcoin cash (BCH), all major cryptocurrencies traded in positive territory on Sunday, offering mild optimism that the worst of the bear-market rout had passed. Coins with established use cases in traditional finance – XRP and Stellar Lumens – were clearly outperforming the market. Market Update The combined value of all cryptocurrencies […]

The post Crypto Market Cap Turns Green as Signs of Tepid Recovery Emerge appeared first on Hacked: Hacking Finance.

Digitex Futures (DGTX) Price Jumps 50% as Zero-Fee Exchange Nears Beta-Launch

Digitex Futures (DGTX) saw a 50% price increase from Saturday through Sunday, as Q4 launch date for its decentralized futures exchange draws near. According to the project website, over half a million traders have already signed up to the waiting list to be part of the exchange when it launches. While a hard date hasn’t […]

The post Digitex Futures (DGTX) Price Jumps 50% as Zero-Fee Exchange Nears Beta-Launch appeared first on Hacked: Hacking Finance.

Stellar Price Analysis: XLM/USD Pullback Means Bulls Can Run Free

  XLM/USD has seen the required retest of the broken pennant pattern, leaving the door open to greater upside. Technically the price developments appear to be stacked in the favor of the bulls. Recent Price Developments Stella’s XLM is on its way back up to the north. XLM/USD is running at two consecutive sessions in the […]

The post Stellar Price Analysis: XLM/USD Pullback Means Bulls Can Run Free appeared first on Hacked: Hacking Finance.

No Signs of Crypto Revival as Weekend Begins; XRP Overtakes Ethereum by a Wider Margin

Bitcoin and alternative cryptocurrencies remained under pressure Saturday following one of the worst drops of 2018, as the fallout from the bitcoin cash hard fork offered little reassurance that the market had moved past the divisive rhetoric. Market Update and XRP/Ethereum “Flippening” The combined market value of all cryptocurrencies averaged $183 billion on Saturday, according […]

The post No Signs of Crypto Revival as Weekend Begins; XRP Overtakes Ethereum by a Wider Margin appeared first on Hacked: Hacking Finance.

Factom (FCT) Rides Recovery to 65% Gains as Mortgage Service Adopts Blockchain

Factom (FCT) climbed 65% from Wednesday through Saturday, as it continued to ride the recovery wave while the rest of the market stalled. The price surge comes amid news that Factom’s Harmony blockchain-as-a-service (BaaS) technology is to be used by mortgage software and marketing firm, Equator, as a way to increase efficiency. Factom Price on […]

The post Factom (FCT) Rides Recovery to 65% Gains as Mortgage Service Adopts Blockchain appeared first on Hacked: Hacking Finance.

Ethereum Price Analysis: ETH/USD Has Big Opportunity to Fly Again

  ETH/USD is running at seven consecutive sessions of losses, dropping as much as 25%. Price action is moving within a strong demand area, which could very well see the price rocketing again. Current Price Action ETH/USD is stuck within a stubborn downward trend. The price is running at a seven consecutive session losing streak. […]

The post Ethereum Price Analysis: ETH/USD Has Big Opportunity to Fly Again appeared first on Hacked: Hacking Finance.

DigiByte (DGB) Recovers 15% as Testing Begins on ASIC-Defeating Algorithm

DigiByte (DGB) showed strong signs of recovery on Friday, as the coin price made up 15% of its value after the recent market dip. Testing has begun on a self-adjusting algorithm which changes itself every ten days. According to the DigiByte team, and founder Jared Tate, such a move would see the threat of ASIC […]

The post DigiByte (DGB) Recovers 15% as Testing Begins on ASIC-Defeating Algorithm appeared first on Hacked: Hacking Finance.

Tron (TRX) Recovers 10%; Data Indicators Point to Rapid Expansion

Tron (TRX) saw a rapid recovery bounce of 10% following the market wide rupture of the previous few days, a figure exceeded only by XRP (XRP) and Stellar (XLM) among the major altcoins. The recent crash wiped 15% off the value of Bitcoin, and $38 billion left the global market cap in the blink of […]

The post Tron (TRX) Recovers 10%; Data Indicators Point to Rapid Expansion appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Consolidate After Key Breakdown

The cryptocurrency segment is still under the influence of this week’s key technical breakdown that carried several majors below crucial support levels. Bitcoin’s moves have been dominating the market in recent days, and as the most valuable coin formed a short-term bottom, the top coins entered a choppy consolidation phase, retracing some of their steep […]

The post Crypto Update: Coins Consolidate After Key Breakdown appeared first on Hacked: Hacking Finance.

Zcash Price Analysis: $100 Bargain Buying

  ZEC/USD is running at four consecutive daily sessions closing in the red. Chunky buying interest looks healthy within the $100 price region. ZEC/USD is currently stuck within a very stubborn bearish trend, as seen across the crypto market wide. Several key areas have been breached, however the ZEC/USD bulls are heavily defending vital support […]

The post Zcash Price Analysis: $100 Bargain Buying appeared first on Hacked: Hacking Finance.

Litecoin Price Analysis: LTC/USD Has Fallen Through Vital Support; Where Next?

  Critical support for LTC/USD was breached just under the $50 area, leaving the door open to further downside pressure. LTC/USD is moving within a range/consolidation block, subject to another explosive move. LTC/USD has remained firmly within a downside trend, showing no signs of that shifting anytime soon. Out of the last ten sessions, LTC/USD […]

The post Litecoin Price Analysis: LTC/USD Has Fallen Through Vital Support; Where Next? appeared first on Hacked: Hacking Finance.

TRON Price Analysis: TRX/USD Moves Within Proven Buying Area

  TRX/USD flirting with a huge buying area, historically proven to see buyers swoop in. Justin Sun sings praises on 100 million $TRX trading volume for Tron DEX. TRX/USD has been suffering heavily, in line with a large bearish reversal seen across the board. The price is running sharply lower, closing on the daily in […]

The post TRON Price Analysis: TRX/USD Moves Within Proven Buying Area appeared first on Hacked: Hacking Finance.

Why Investors Should Be Paying Attention to WAX

Investing in trends is one of the best ways to get rich, because you don’t necessarily have to be right about the company, you just have to be right about the wave they’re going to surf. Examples of trends include marijuana, e-commerce, and most recently, video games. Another trend you are more likely to be […]

The post Why Investors Should Be Paying Attention to WAX appeared first on Hacked: Hacking Finance.

Crypto Markets on Edge as Bitcoin Cash Hard Fork Underway

The cryptocurrency market appears to have stabilized following a fresh run-in with yearly lows, as investors turned their attention to a highly contentious hard fork involving bitcoin cash. Based on latest available information, the hard fork began at roughly 16:40 UTC, with the dominant chain yet to emerge. Market Update Cryptocurrencies saw their collective market […]

The post Crypto Markets on Edge as Bitcoin Cash Hard Fork Underway appeared first on Hacked: Hacking Finance.

Long-Term Cryptocurrency Analysis: Bear Market Continues With Major Technical Breakdown

After months of choppy consolidation, yesterday, we saw the largest move in the cryptocurrency segment since April, which took the majors below key technical levels. Bitcoin’s drop is the most important event, since the most valuable coin violated a structurally important base support for the first time since its historic bull run to $20,000 started. […]

The post Long-Term Cryptocurrency Analysis: Bear Market Continues With Major Technical Breakdown appeared first on Hacked: Hacking Finance.

IT threat evolution Q3 2018

Targeted attacks and malware campaigns

Lazarus targets cryptocurrency exchange

Lazarus is a well-established threat actor that has conducted cyber-espionage and cybersabotage campaigns since at least 2009. In recent years, the group has launched campaigns against financial organizations around the globe. In August we reported that the group had successfully compromised several banks and infiltrated a number of global cryptocurrency exchanges and fintech companies. While assisting with an incident response operation, we learned that the victim had been infected with the help of a Trojanized cryptocurrency trading application that had been recommended to the company over email.

An unsuspecting employee had downloaded a third-party application from a legitimate looking website, infecting their computer with malware known as Fallchill, an old tool that Lazarus has recently started using again.

It seems as though Lazarus has found an elaborate way to create a legitimate looking site and inject a malicious payload into a ‘legitimate looking’ software update mechanism – in this case, creating a fake supply chain rather than compromising a real one. At any rate, the success of the Lazarus group in compromising supply chains suggests that it will continue to exploit this method of attack.

The attackers went the extra mile and developed malware for non-Windows platforms – they included a Mac OS version and the website suggests that a Linux version is coming soon. This is probably the first time that we’ve seen this APT group using malware for Mac OS. It would seem that in the chase after advanced users, software developers from supply chains and some high-profile targets, threat actors are forced to develop Mac OS malware tools. The fact that the Lazarus group has expanded its list of targeted operating systems should be a wake-up call for users of non-Windows platforms.

This campaign should be a lesson to all of us and a warning to businesses relying on third-party software. Do not automatically trust the code running on your systems. Neither a good-looking website, nor a solid company profile, nor digital certificates guarantee the absence of backdoors. Trust has to be earned and proven.

You can read our Operation AppleJeus report here.

LuckyMouse

Since March 2018, we have found several infections where a previously unknown Trojan was injected into the ‘lsass.exe’ system process memory. These implants were injected by the digitally signed 32- and 64-bit network filtering driver NDISProxy. Interestingly, this driver is signed with a digital certificate that belongs to the Chinese company LeagSoft, a developer of information security software based in Shenzhen, Guangdong. We informed the company about the issue via CN-CERT.

The campaign targeted Central Asian government organizations and we believe the attack was linked to a high-level meeting in the region. We believe that the Chinese-speaking threat actor LuckyMouse is responsible for this campaign. The choice of the Earthworm tunneler used in the attack is typical for Chinese-speaking actors. Also, one of the commands used by the attackers (“-s rssocks -d 103.75.190[.]28 -e 443”) creates a tunnel to a previously known LuckyMouse command-and-control (C2) server. The choice of victims in this campaign also aligns with the previous interests shown by this threat actor.

The malware consists of three modules: a custom C++ installer, the NDISProxy network filtering driver and a C++ Trojan:

We have not seen any indications of spear phishing or watering hole activity. We think the attackers spread their infectors through networks that were already compromised.

The Trojan is a full-featured RAT capable of executing common tasks such as command execution, and downloading and uploading files. The attackers use it to gather a target’s data, make lateral movements and create SOCKS tunnels to their C2 using the Earthworm tunneler. This tool is publicly available and is popular among Chinese-speaking actors. Given that the Trojan is an HTTPS server itself, we believe that the SOCKS tunnel is used for targets without an external IP, so that the C2 is able to send commands.

You can read our LuckyMouse report here.

Financial fraud on an industrial scale

Usually, attacks on industrial enterprises are associated with cyber-espionage or sabotage. However, we recently discovered a phishing campaign designed to steal money from such organizations – primarily manufacturing companies.

The attackers use standard phishing techniques to lure their victims into clicking on infected attachments, using emails disguised as commercial offers and other financial documents. The criminals use legitimate remote administration applications – either TeamViewer or RMS (Remote Manipulator System). These programs were employed to gain access to the device, then scan for information on current purchases, and financial and accounting software. The attackers then use different ploys to steal company money – for example, by replacing the banking details in transactions. At the time we published our report, on August 1, we had seen infections on around 800 computers, spread across at least 400 organizations in a wide array of industries – including manufacturing, oil and gas, metallurgy, engineering, energy, construction, mining and logistics. The campaign has been ongoing since October 2017.

Our research highlights that even when threat actors use simple techniques and known malware they can successfully attack industrial companies by using social engineering tricks and hiding their code in target systems – using legitimate remote administration software to evade detection by antivirus solutions. Remote administration capabilities give criminals full control of compromised systems, so possible attack scenarios are not limited to the theft of money. In the process of attacking their targets, the attackers steal sensitive data belonging to target organizations, their partners and customers, carry out surreptitious video surveillance of company employees and record audio and video using devices connected to infected machines. While the series of attacks targets primarily Russian organizations, the same tactics and tools could be successfully used in attacks against industrial companies anywhere.

You can find out more about how attackers use remote administration tools to compromise their targets here, and an overview of attacks on ICS systems in the first half of 2018 here.

Malware stories

Exploiting the digital gold rush

For some time now, we’ve been tracking a dramatic decline in ransomware and a massive growth in cryptocurrency mining. The number of people who encountered miners grew from 1,899,236 in 2016-17 to 2,735,611 in 2017-18. This is clearly because it’s a lucrative activity for cybercriminals – we estimate that mining botnets generated more than $7,000,000 in the second half of 2017. Not only are we seeing purpose-built cryptocurrency miners, we’re also seeing existing malware adding this functionality to their arsenal.

The ransomware Trojan Rakhni is a case in point. The malware loader chooses which component to install depending on the device. The malware, which we have seen in Russia, Kazakhstan, Ukraine, Germany and India, is distributed through spam mailings with malicious attachments. One of the samples we analysed masquerades as a financial document. When loaded, this appears to be a document viewer. The malware displays an error message explaining why nothing has opened. It then disables Windows Defender and installs forged digital certificates.


The malware checks to see if there are Bitcoin-related folders on the computer. If there are, it encrypts files and demands a ransom. If not, it installs a cryptocurrency miner. Finally, the malware tries to spread to other computers within the network. You can read our analysis of Rakhni here.

Cybercriminals don’t just use malware to cash in on the growing interest in cryptocurrencies; they also use established social engineering techniques to trick people out of their digital money. This includes sending links to phishing scams that mimic the authorization pages of popular crypto exchanges, to trick their victims into giving the scammers access to their crypto exchange account – and their money. In the first half of 2018, we saw 100,000 of these attempts to redirect people to such fake pages.

The same approach is used to gain access to online wallets, where the ‘hook’ is a warning that the victim will lose money if they don’t go through a formal identification process – the attackers, of course, harvest the details entered by the victim. This method works just as well where the victim is using an offline wallet stored on their computer.

Scammers also try to use the speculation around cryptocurrencies to trick people who don’t have a wallet: they lure them to fake crypto wallet sites, promising registration bonuses, including cryptocurrency. In some cases, they harvest personal data and redirect the victim to a legitimate site. In others, they open a real wallet for the victim, which is compromised from the outset. Online wallets and exchanges aren’t the only focus of the scammers; we have also seen spoof versions of services designed to facilitate transactions with digital coins stored on the victim’s computer.

Earlier this year, we provided some advice on choosing a crypto wallet.

We recently discovered a cryptocurrency miner, named PowerGhost, focused mainly on workstations and servers inside corporate networks – thereby hoping to commandeer the power of multiple processors in one fell swoop. It’s not uncommon to see cybercriminals infect clean software with a malicious miner to promote the spread of their malware. However, the creators of PowerGhost went further, using fileless methods to establish it in a compromised network. PowerGhost tries to log in to network user accounts using WMI (Windows Management Instrumentation), obtaining logins and passwords using the Mimikatz data extraction tool. The malware can also be distributed using the EternalBlue exploit (used last year in the WannaCry and ExPetr outbreaks). Once a device has been infected, PowerGhost tries to enhance its privileges using operating system vulnerabilities. Most of the attacks we’ve seen so far have been in India, Turkey, Brazil and Colombia.

KeyPass ransomware

The number of ransomware attacks has been declining in the last year or so. Nevertheless, this type of malware remains a problem and we continue to see the development of new ransomware families. Early in August, our anti-ransomware module started detecting the ‘KeyPass‘ Trojan. In just two days, we found this malware in more than 20 countries – Brazil and Vietnam were hardest hit, but we also found victims in Europe, Africa and the Far East.

We believe that the criminals behind KeyPass use fake installers that download the malware.

KeyPass encrypts all files, regardless of extension, on local drives and network shares that are accessible from the infected computer. It ignores some files located in directories that are hardcoded in the malware. Encrypted files are given the additional extension ‘KEYPASS’, and ransom notes called ‘!!!KEYPASS_DECRYPTION_INFO!!!.txt’ are saved in each directory containing encrypted files.

The creators of this Trojan implemented a very simplistic scheme. The malware uses the symmetric algorithm AES-256 in CFB mode with zero IV and the same 32-byte key for all files. The Trojan encrypts a maximum of 0x500000 bytes (~5 MB) of data at the start of each file.

Shortly after launch, the malware connects to its C2 server and obtains the encryption key and infection ID for the current victim. The data is transferred over plain HTTP in the JSON format. If the C2 is unavailable – for example, the infected computer is not connected to the internet, or the server is down – the malware uses a hardcoded key and ID. As a result, in the case of offline encryption, decryption of the victim’s files will be trivial.

Probably the most interesting feature of the KeyPass Trojan is its ability to take ‘manual control’. The Trojan contains a form that is hidden by default, but which can be shown after pressing a special button on the keyboard. This form allows the criminals to customize the encryption process by changing such parameters as the encryption key, the name of the ransom note, the text of the ransom, the victim ID, the extension of encrypted files and the list of directories to be excluded from encryption. This capability suggests that the criminals behind the Trojan might intend to use it in manual attacks.

Sextortion with a twist

Scams come in many forms, but the people behind them are always on the lookout for ways to lend credibility to the scam and maximise their opportunity to make money. One recent ‘sextortion’ scam uses stolen passwords for this purpose. The victim receives an email message claiming that their computer has been compromised and that the attacker has recorded a video of them watching pornographic material. The attackers threaten to send a copy of the video to the victim’s contacts unless they pay a ransom within 24 hours. The ransom demand is $1,400, payable in bitcoins.

The scammer includes a legitimate password in the message, in a bid to convince the victim that they have indeed been compromised. It seems that the passwords used are real, although in some cases at least they are very old. The passwords were probably obtained in an underground market and came from an earlier data breach.

The hunt for corporate passwords

It’s not just individuals who are targeted by phishing attacks – starting from early July, we saw malicious spam activity targeting corporate mailboxes. The messages contained an attachment with an .ISO extension that we detect as Loki Bot. The objective of the malware is to steal passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets, and then to forward the data to the criminals behind the attacks.

The messages are diverse in nature. They include fake notifications from well-known companies:

Or fake orders or offers:

The scammers pass off malicious files as financial documents: invoices, transfers, payments, etc. This is a fairly popular malicious spamming technique, with the message body usually consisting of no more than a few lines and the subject mentioning the fake attachment.

Each year we see an increase in spam attacks on the corporate sector aimed at obtaining confidential corporate information: intellectual property, authentication data, databases, bank accounts, etc. That’s why it’s essential for corporate security strategy to include both technical protection and staff education – to stop them becoming the entry-point for a cyberattack.

Botnets: the big picture

Spam mailshots with links to malware, and bots downloading other malware, are just two botnet deployment scenarios. The choice of payload is limited only by the imagination of the botnet operator or their customers. It might be ransomware, a banker, a miner, a backdoor, etc. Every day we intercept numerous file download commands sent to bots of various types and families. We recently presented the results of our analysis of botnet activity for H2 2017 and H1 2018.

Here are the main trends that we identified by analyzing the files downloaded by bots:

  • The share of miners in bot-distributed files is increasing, as cybercriminals have begun to view botnets as a tool for cryptocurrency mining.
  • The number of downloaded droppers is also on the rise, reflecting the fact that attacks are multi-stage and growing in complexity.
  • The share of banking Trojans among bot-downloaded files in 2018 decreased, but it’s too soon to speak of an overall reduction in number, since they are often delivered by droppers.
  • Increasingly, botnets are leased according to the needs of the customer, so in many cases it is difficult to pinpoint the ‘specialization’ of the botnet.

Using USB devices to spread malware

USB devices, which have been around for almost 20 years, offer an easy and convenient way to store and transfer digital files between computers that are not directly connected to each other or to the internet. This capability has been exploited by cyberthreat actors – most notably in the case of the state-sponsored threat Stuxnet, which used USB devices to inject malware into the network of an Iranian nuclear facility.

These days the use of USB devices as a business tool is declining, and there is greater awareness of the security risks associated with them. Nevertheless, millions of USB devices are still produced for use at home, in businesses and in marketing promotion campaigns such as trade show giveaways. So they remain a target for attackers.

Kaspersky Lab data for 2017 showed that one in four people worldwide were affected by a local cyber-incident, i.e. one not related to the internet. These attacks are detected directly on a victim’s computer and include infections caused by removable media such as USB devices.

We recently published a review of the current cyberthreat landscape for removable media, particularly USBs, and offered advice and recommendations for protecting these little devices and the data they carry.

Here is a summary of our findings.

  • USB devices and other removable media have been used to spread cryptocurrency mining software since at least 2015. Some victims were found to have been carrying the infection for years.
  • The rate of detection for the most popular bitcoin miner, Trojan.Win64.Miner.all, is growing by around one-sixth year-on-year.
  • Every tenth person infected via removable media in 2018 was targeted with this cryptocurrency miner: around 9.22% – up from 6.7% in 2017 and 4.2% in 2016.
  • Other malware spread through removable media includes the Windows LNK family of Trojans, which has been among the top three USB threats detected since at least 2016.
  • The Stuxnet exploit, CVE-2010-2568, remains one of the top 10 malicious exploits spread via removable media.
  • Emerging markets are the most vulnerable to malicious infection spread by removable media – with Asia, Africa and South America among the most affected – but isolated hits were also detected in countries in Europe and North America.
  • Dark Tequila, a complex banking malware reported in August 2018 has been claiming consumer and corporate victims in Mexico since at least 2013, with the infection spreading mainly through USB devices.

The use of smart devices is increasing. Some forecasts suggest that by 2020 the number of smart devices will exceed the world’s population several times over. Yet manufacturers still don’t prioritize security: there are no reminders to change the default password during initial setup or notifications about the release of new firmware versions, and the updating process itself can be complex for the average consumer. This makes IoT devices a prime target for cybercriminals. Easier to infect than PCs, they often play an important role in the home infrastructure: some manage internet traffic, others shoot video footage and still others control domestic devices – for example, air conditioning.

Malware for smart devices is increasing not only in quantity but also quality. More and more exploits are being weaponized by cybercriminals, and infected devices are used to launch DDoS attacks, to steal personal data and to mine cryptocurrency.

You can read our report on IoT threats here, including tips on how to reduce the risk of smart devices being infected.

A look at the Asacub mobile banking Trojan

The first version of Asacub, which we saw in June 2015, was a basic phishing app: it was able to send a list of the victim’s apps, browser history and contact list to a remote C2 server, send SMS messages to a specific phone number and turn off the screen on demand. This mobile Trojan has evolved since then, off the back of a large-scale distribution campaign by its creators in spring and summer 2017), helping it to claim top spot in last year’s ranking of mobile banking Trojans – out-performing other families such as Svpeng and Faketoken. The Trojan has claimed victims in a number of countries, but the latest version steals money from owners of Android devices connected to the mobile banking service of one of Russia’s largest banks.

The malware is spread via an SMS messages containing a link and an offer to view a photo or MMS message. The link directs the victim to a web page containing a similar sentence and a button for downloading the Trojan APK file to the device.

Asacub masquerades as an MMS app or a client of a popular free ads service.

Once installed, the Trojan starts to communicate with the C2 server. Data is transferred in JSON format and includes information about the victim’s device – smartphone model, operating system, mobile operator and Trojan version.

Asacub is able to withdraw funds from a bank card linked to the phone by sending an SMS for the transfer of funds to another account using the number of the card or mobile phone. Moreover, the Trojan intercepts SMS messages from the bank that contain one-time passwords and information about the balance of the linked bank card. Some versions of the Trojan can autonomously retrieve confirmation codes from such SMS messages and send them to the required number. What’s more, the victim can’t subsequently check the balance via mobile banking or change any settings, because after receiving a command with the code 40, the Trojan prevents the banking app from running on the phone.

You can read more here.

BusyGasper – the unfriendly spy

Early in 2018, our mobile intruder detection technology was triggered by a suspicious Android sample that turned out to belong to a new spyware family that we named BusyGasper. The malware isn’t sophisticated, but it does demonstrate some unusual features for this type of threat. BusyGasper is a unique spy implant with stand-out features such as device sensor listeners, including motion detectors that have been implemented with a degree of originality. It has an incredibly wide-ranging protocol – about 100 commands – and an ability to bypass the Doze battery saver. Like other modern Android spyware, it is capable of exfiltrating data from messaging applications – WhatsApp, Viber and Facebook. It also includes some keylogging tools – the malware processes every user tap, gathering its co-ordinates and calculating characters by matching given values with hardcoded ones.

The malware has a multi-component structure and can download a payload or updates from its C2 server, which happens to be an FTP server belonging to the free Russian web hosting service Ucoz. It is noteworthy that BusyGasper supports the IRC protocol, which is rarely seen among Android malware. In addition, it can log in to the attacker’s email inbox, parse emails in a special folder for commands and save any payloads to a device from email attachments.

There is a hidden menu for controlling the different implants that seems to have been created for manual operator control. To activate the menu, the operator needs to call the hardcoded number 9909 from an infected device.

The operator can use this interface to type any command. It also shows a current malware log.

This particular operation has been active since May. We have found no evidence of spear phishing or other common infection method. Some clues, such as the existence of a hidden menu mentioned above, suggest a manual installation method – the attackers gaining physical access to a victim’s device in order to install the malware. This would explain the number of victims – less than 10 in total, all located in the Russia. There are no similarities to commercial spyware products or to other known spyware variants, which suggests that BusyGasper is self-developed and used by a single threat actor. At the same time, the lack of encryption, use of a public FTP server and the low OPSEC level could indicate that less skilled attackers are behind the malware.

Thinking outside the [sand]box

One of the security principles built into the Android operating system is that all apps must be isolated from one another. Each app, along with its private files, operate in ‘sandbox’ that can’t be accessed by other apps. The point is to ensure that, even if a malicious app infiltrates your device, it’s unable to access data held by legitimate apps – for example, the username and password for your online banking app, or your message history. Unsurprisingly, hackers try to find ways to circumvent this protection mechanism.

In August, at DEF CON 26, Checkpoint researcher, Slava Makkaveev, discussed a new way of escaping the Android sandbox, dubbed a ‘Man-in-the-Disk’ attack.

Android also has a shared external storage, named External Storage. Apps must ask the device owner for permission to access this storage area – the privileges required are not normally considered dangerous, and nearly every app asks for them, so there is nothing suspicious about the request per se. External storage is used for lots of useful things, such as to exchange files or transfer files between a smartphone and a computer. However, external storage is also often used for temporarily storing data downloaded from the internet. The data is first written to the shared part of the disk, and then transferred to an isolated area that only that particular app can access. For example, an app may temporarily use the area to store supplementary modules that it installs to expand its functionality, additional content such as dictionaries, or updates.

The problem is that any app with read/write access to the external storage can gain access to the files and modify them, adding something malicious. In a real-life scenario, you may install a seemingly harmless app, such as a game, that may nevertheless infect your smartphone with malware. Slava Makkaveev gave several examples in his DEF CON presentation.

Google researchers discovered that the same method of attack could be applied to the Android version of the popular game, Fortnite. To download the game, players need to install a helper app first, and it is supposed to download the game files. However, using the Man-in-the-Disk attack, someone can trick the helper into installing a malicious app. Fortnite developers – Epic Games – have already issued a new version of the installer. So, if you’re a Fortnite player, use version 2.1.0 or later to be sure that you’re safe. If you have Fortnite already installed, uninstall it and then reinstall it from scratch using the new version.

How safe are car sharing apps?

There has been a growth in car sharing services in recent years. Such services clearly provide flexibility for people wanting to get around major cities. However, it raises the question of security – how safe is the personal information of people using these services?

The obvious reason why cybercriminals might be interested in car sharing is because they want to ride in someone’s car at someone else’s expense. But this could be the least likely scenario – it’s a crime that requires a physical point of presence and there are ways to cross check if the person who makes the booking is the one who gets the ride. The selling of hijacked accounts might be a more viable reason – driven by demand from those who don’t have a driving license or who have been refused registration by the car sharing service’s security team. Offers of this nature already exist on the market. In addition, if someone manages to hijack someone else’s car sharing account, they can track all their trips and steal things that are left behind in the car. Finally, a car that is fraudulently rented in somebody else’s name can always be driven to some remote place and cannibalized for spare parts, or used for criminal activity.

We tested 13 apps to see if their developers have considered security.

First, we checked to see if the apps could be launched on an Android device with root privileges and to see how well the code is obfuscated. This is important because most Android apps can be decompiled, their code modified (for example, so that user credentials are sent to a C2 server), then re-assembled, signed with a new certificate and uploaded again to an app store. An attacker on a rooted device can infiltrate the app’s process and gain access to authentication data.

Second, we checked to see if it was possible to create a username and password when using a service. Many services use a person’s phone number as their username. This is quite easy for cybercriminals to obtain as people often forget to hide it on social media, while car sharing customers can be identified on social media by their hashtags and photos.

Third, we looked at how the apps work with certificates and if cybercriminals have any chance of launching successful Man-in-the-Middle attacks. We also checked how easy it is to overlay an app’s interface with a fake authorization window.

The results of our tests were not encouraging. It’s clear that app developers don’t fully understand the current threats to mobile platforms – this is true for both the design stage and when creating the infrastructure. A good first step would be to expand the functionality for notifying customers of suspicious activities – only one service currently sends notifications to customers about attempts to log in to their account from a different device. The majority of the apps we analysed are poorly designed from a security standpoint and need to be improved. Moreover, many of the programs are not only very similar to each other but are actually based on the same code.

You can read our report here, including advice for customers of car sharing services and recommendations for developers of car sharing apps.

Cyber Security Roundup for July 2018

The importance of assuring the security and testing quality of third-party provided applications is more than evident when you consider an NHS reported data breach of 150,000 patient records this month. The NHS said the breach was caused by a coding error in a GP application called SystmOne, developed by UK based 'The Phoenix Partnership' (TTP). The same assurances also applies to internally developed applications, case-in-point was a publically announced flaw with Thomas Cook's booking system discovered by a Norwegian security researcher. The research used to app flaw to access the names and flights details of Thomas Cook passengers and release details on his blog. Thomas Cook said the issue has since been fixed.

Third-Third party services also need to be security assured, as seen with the Typeform compromise. Typeform is a data collection company, on 27th June, hackers gained unauthorised access to one of its servers and accessed customer data. According to their official notification, Typeform said the hackers may have accessed the data held on a partial backup, and that they had fixed a security vulnerability to prevent reoccurrence. Typeform has not provided any details of the number of records compromised, but one of their customers, Monzo, said on its official blog that is was in the region of 20,000. Interestingly Monzo also declared ending their relationship with Typeform unless it wins their trust back. Travelodge one UK company known to be impacted by the Typeform breach and has warned its impacted customers. Typeform is used to manage Travelodge’s customer surveys and competitions.

Other companies known to be impacted by the Typeform breach include:

The Information Commissioner's Office (ICO) fined Facebook £500,000, the maximum possible, over the Cambridge Analytica data breach scandal, which impacted some 87 million Facebook users. Fortunately for Facebook, the breach occurred before the General Data Protection Regulation came into force in May, as the new GDPR empowers the ICO with much tougher financial penalties design to bring tech giants to book, let's be honest, £500k is petty cash for the social media giant.
Facebook-Cambridge Analytica data scandal
Facebook reveals its data-sharing VIPs
Cambridge Analytica boss spars with MPs

A UK government report criticised the security of Huawei products, concluded the government had "only limited assurance" Huawei kit posed no threat toUK national security. I remember being concerned many years ago when I heard BT had ditched US Cisco routers for Huawei routers to save money, not much was said about the national security aspect at the time. The UK gov report was written by the Huawei Cyber Security Evaluation Centre (HCSEC), which was set up in 2010 in response to concerns that BT and other UK companies reliance on the Chinese manufacturer's devices, by the way, that body is overseen by GCHQ.

Banking hacking group "MoneyTaker" has struck again, this time stealing a reported £700,000 from a Russia bank according to Group-IB. The group is thought to be behind several other hacking raids against UK, US, and Russian companies. The gang compromise a router which gave them access to the bank's internal network, from that entry point, they were able to find the specific system used to authorise cash transfers and then set up the bogus transfers to cash out £700K.


NEWS

Cyber Security Roundup for February 2018

February saw over 5,000 websites infected by cryptocurrency mining malware after a popular accessibility plugin called ‘BrowseAloud’ was compromised by hackers. This led to several UK Government and Councils websites going offline, including the Information Commissioner's Office, the Student Loans Company, and Manchester City, Camden and Croydon Council website. Symantec Researchers also announced that 'Crytojacking' attacks had increased 1,200% in the UK. Cryptojacking once involved the installation of cryptocurrency mining malware on users computers, but now it is more frequently used in-browser, by hacking a website and execute a malicious mining JavaScript as the user visits the compromised website, as with the case with the 'BrowseAloud' incident.

More than 25% of UK Councils are said to have suffered a breach in the last five years according to the privacy group Big Brother Watch, who said UK Councils are unprepared for Cyber Attacks.

There was a  fascinating report released about Artificial Intelligence (AI) Threat, written by 26 leading AI experts, the report forecasts the various malicious usages for AI, including with cybercrime, and manipulation of social media and national news media agendas.

GDPR preparation or panic, depending on your position, is gaining momentum with less than 100 days before the privacy regulation comes into force in late May. Here are some of the latest GDPR articles of note.

Digital Guardian released an interactive article where you can attempt to guess the value of various types of stolen data to cybercriminals -.Digital Guardian: Do you know your data's worth?

Bestvpns released a comprehensive infographic covering the 77 Facts About Cyber Crime we should all know about in 2018.

February was yet another frantic month for security updates, which saw Microsoft release over 50 patches, and there were new critical security updates by Adobe, Apple, Cisco, Dell, and Drupal.

NEWS
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
REPORTS

Cyber Security Roundup for January 2018

2018 started with a big security alert bang after Google Security Researchers disclosed serious security vulnerabilities in just about every computer processor in use on the planet. Named 'Meltdown' and 'Spectre’, when exploited by a hacker or malware, these vulnerabilities disclose confidential data. As a result, a whole raft of critical security updates was hastily released for computer and smartphone operating systems, web browsers, and processor drivers. While processor manufacturers have been rather lethargic in reacting and producing patches for the problem, software vendors such as Microsoft, Google and Apple have reacted quickly, releasing security updates to protect their customers from the vulnerable processors, kudos to them.

The UK Information Commission's Office (ICO) heavily criticised the Carphone Warehouse for security inadequacies and fined the company £400K following their 2015 data breach, when the personal data, including bank details, of millions of Carphone Warehouse customers, was stolen by hackers, in what the company at the time described as a "sophisticated cyber attack", where have we heard that excuse before? Certainly the ICO wasn't buying that after it investigated, reporting a large number Carphone Warehouse's security failures, which included the use of software that was six years out of day,  lack of “rigorous controls” over who had login details to systems; no antivirus protection running on the servers holding data, the same root password being used on every individual server, which was known to “some 30-40 members of staff”; and the needless storage of full credit card details. The Carphone Warephone should thank their lucky stars the breach didn't occur after the General Data Protection Regulation comes into force, as with such a damning list of security failures, the company may well have been fined considerably more by ICO, when it is granted vastly greater financial sanctions and powers when the GDPR kicks in May.

The National Cyber Security Centre warned the UK national infrastructure faces serious nation-state attacks, stating it is a matter of a "when" not an "if". There also claims that the cyberattacks against the Ukraine in recent years was down to Russia testing and tuning it's nation-state cyberattacking capabilities. 

At the Davos summit, the Maersk chairman revealed his company spent a massive £200m to £240m on recovering from the recent NotPeyta ransomware outbreak, after the malware 'totally destroyed' the Maersk network. That's a huge price to pay for not regularly patching your systems.

It's no surprise that cybercriminals continue to target cryptocurrencies given the high financial rewards on offer. The most notable attack was a £290k cyber-heist from BlackWallet, where the hackers redirected 700k BlackWallet users to a fake replica BlackWallet website after compromising BlackWallet's DNS server. The replica website ran a script that transferred user cryptocurrency into the hacker's wallet, the hacker then moved currency into a different wallet platform.

In the United States, 
the Federal Trade Commission (FTC) fined toy firm VTech US$ 650,000 (£482,000) for violating a US children's privacy laws. The FTC alleged the toy company violated (COPPA) Children's Online Privacy Protection Rule by collecting personal information from hundreds of thousands of children without providing direct notice.

It was reported that a POS malware infection at Forever21 and lapses in encryption was responsible for the theft of debit and credit card details from Forever21 stores late last year. Payment card data continues to be a high valued target for cyber crooks with sophisticated attack capabilities, who are willing to invest considerable resources to achieve their aims.

Several interesting cybersecurity reports were released in January,  the Online Trust Alliance Cyber Incident & Breach Trends Report: 2017 concluded that cyber incidents have doubled in 2017 and 93% were preventable. Carbon Black's 2017 Threat Report stated non-malware-based cyber-attacks were behind the majority of cyber-incidents reported in 2017, despite the proliferation of malware available to both the professional and amateur hackers. Carbon Black also reported that ransomware attacks are inflicting significantly higher costs and the number of attacks skyrocketed during the course of the year, no surprise there.  

Malwarebytes 2017 State of Malware Report said ransomware attacks on consumers and businesses slowed down towards the end of 2017 and were being replaced by spyware campaigns, which rose by over 800% year-on-year. Spyware campaigns not only allow hackers to steal precious enterprise and user data but also allows them to identify ideal attack points to launch powerful malware attacks. The Cisco 2018 Privacy Maturity Benchmark Study claimed 74% of privacy-immature organisations were hit by losses of more than £350,000, and companies that are privacy-mature have fewer data breaches and smaller losses from cyber-attacks.

NEWS

AWARENESS, EDUCATION AND THREAT INTELLIGENCE

REPORTS

Cyber Security Roundup for December 2017

UK supermarket giant Morrisons, lost a landmark data breach court case in December after a disgruntled Morrisons employee had stolen and posted the personal records of 100,000 co-workers online, the supermarket chain was held liable for the data breach by the UK High Court. The High Court ruling now allows those affected to claim compensation for the "upset and distress" caused. Morrisons said it believed it should not have been held responsible and would be appealing against the decision. If the appeal is lost it could open up the possibility of further class action lawsuits cases by individuals. Pending the GDPR becoming law in May 2018, such a court ruling sets a legal precedent for individuals to claim damages after personal data losses by companies through the courts as well. After May 2018, the GDPR grants individuals the right sue companies for damages following personal data breaches. So we can expect 'ambulance chasers' lawyers to pick up on this aspect of the GDPR, with class action lawsuits following data breaches, it well could become the new "P.P.I. industry"

Any businesses or individuals using Kaspersky should be aware the UK National Cyber Security Centre has warned government agencies against using the Russian supplier’s products and services, which follows a ban by US government departments in November. Barclays responded to the warning by stopping their free offering of Kaspersky anti-virus products to its customers. 2017 saw Cyber Security become a political football, so it is no real surprise that the UK and US once again blamed North Korea for the devasting WannaCry attacks earlier in the year, personally, I blame poor patch management and hackers, not the North Korea cyber army!

Nadine Dorries MP got herself in hot water after trying to defend now former political colleague Damian Green, following claims of Mr.Green accessed porn on his Parliment computer. This was activity was reported by a retired Police officer, which was said to be a breach of the data protection act. Nadine tweeted "my staff log onto my computer on my desk with my login everyday" to suggest anyone could have used Damian Green's PC to access the illicit websites. This led to widespread condemnation and a warning by ICO to MPs on password sharing. 

The fact illicit websites were not blocked by Parliament systems is one concerning lack security issue, but the flagrant disregard for basic cybersecurity by government MPs is gobsmacking, especially when you consider they are supposed to be understanding the risk and setting laws to protect UK citizens from cyber attacks and data breaches. Its another "slap palm on head" after the last UK Prime Minister announced he wanted to ban encryption.

2017 has seen huge rises in cryptocurrencies values, which has placed cryptocurrency brokers and user crypto coin wallets in the sights of cybercriminals. This month mining platform NiceHash was breached by hackers, who stole £51 million worth of Bitcoin and Bitcoin exchange Youbit, which lets people buy and sell Bitcoins and other virtual currencies, shut down and filed for bankruptcy after losing 17% of its assets in the cyber-attacks. I think we can expect further cryptocurrencies attacks in 2018 given the cryptocurrency bubble is yet to burst.

Faked LinkedIn profiles are nothing new, however, the German Intelligence Agency (BfV) said it had spotted China were using faked LinkedIn profiles to connect with and gather information on German officials and politicians, which is an interesting development.

Finally, Hackers were reported as taking advantage of poorly secured systems at UK private schools, and it was claimed hackers could turn off heating systems at UK schools and military bases.

NEWS
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
REPORTS