Category Archives: ethereum

Crypto Update: Coins Pop Higher as Consolidation Continues

Trading activity increased in the major coins today, amid a mixed news flow, and for now, bulls scored a small victory following last week’s bearish price action. Bitcoin, Ethereum and most of the largest digital currencies gained several percents, despite the weekend’s deterioration, and although the technical setup didn’t change significantly, an immediate breakdown has […]

The post Crypto Update: Coins Pop Higher as Consolidation Continues appeared first on Hacked: Hacking Finance.

Crypto Critics: Fractured Facts

I have another confession.  As a long time investor, I believed in the theory of efficient markets. This basically means that every participant in the market has immediate and complete access to all information facts like price, earnings and other data.   I made the mistake in applying this theory to cryptocurrencies. Lately, this has […]

The post Crypto Critics: Fractured Facts appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Consolidate Above Support but Downtrend Still Intact

It has been a very quiet weekend for the major cryptocurrencies so far, as the predominantly bearish week ended with range trading and a collapse in volumes across the board. Most of the top coins failed to gain back the ground they lost during the steep selloff, with only Binance Coin and VeChain showing meaningful […]

The post Crypto Update: Coins Consolidate Above Support but Downtrend Still Intact appeared first on Hacked: Hacking Finance.

Long-Term Cryptocurrency Analysis: Bull Market in Jeopardy

As the crucial rally attempt that we pointed out in our previous long-term analysis failed, and the major coins sold off heavily afterwards, the segment is now in a difficult situation. While Bitcoin and especially Ethereum are still in bullish setups, the most valuable coin is now close to a major breakdown that could lead […]

The post Long-Term Cryptocurrency Analysis: Bull Market in Jeopardy appeared first on Hacked: Hacking Finance.

Crypto Psycho:  Crazy Price Action

Say what you will about the cryptocurrency bubble of 2017 not making sense, what about the action lately?  Prices are acting terribly. Professor John Griffin claims last year’s bitcoin rally was manufactured by Bitfinex. Economist Nouriel Roubini proclaims bitcoin is going to zero. The founder of Crypto Asset Management says about bitcoin: “We are shorting […]

The post Crypto Psycho:  Crazy Price Action appeared first on Hacked: Hacking Finance.

Crypto Update: Ethereum Leads Rebound, Boosted by the SEC

The cryptocurrency segment experienced a sudden bullish surge in late trading today, following the words of a top-level SEC official that substantially eased regulatory fears, which were among the leading negative drivers this year. The director said that the institution won’t treat ETH as a security, and it doesn’t see value in regulating it. The positive […]

The post Crypto Update: Ethereum Leads Rebound, Boosted by the SEC appeared first on Hacked: Hacking Finance.

Crypto Roundup: India Mulls New Regulation, Coinbase Targets High Rollers and Ethereum Is Not a Security

New developments around regulation and institutional adoption continue to flood the cryptocurrency markets, giving investors some reprieve from the gut-wrenching decline in prices. The potential for a policy U-turn in India tops the latest roundup amid reports that a government-appointed panel has opposed the central bank’s sweeping ban on cryptocurrency. Meanwhile, the largest digital currency […]

The post Crypto Roundup: India Mulls New Regulation, Coinbase Targets High Rollers and Ethereum Is Not a Security appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Dumped Again as Bitcoin Nears $6000

The bloody week continued in the cryptocurrency segment on Fed-day too as the major coins suffered another hit, falling around 10% on average compared to yesterday’s price levels. The move dragged down the previously relatively stronger coins too, and that led to further deterioration of the short-term technical picture, as several key support levels were […]

The post Crypto Update: Coins Dumped Again as Bitcoin Nears $6000 appeared first on Hacked: Hacking Finance.

Technical Analysis: Bitcoin Trades at $6500 as Crucial Support Levels Fall

The cryptocurrency market suffered a big hit in past three days, as all of the major coins sold off heavily after Sunday’s Coinrail hack.  Following the failure of the recent crucial rally attempt, the plunge of Bitcoin and major altcoins sent shockwaves throughout the segment, pushing several majors, like BTC, DASH, Monero, and NEO to […]

The post Technical Analysis: Bitcoin Trades at $6500 as Crucial Support Levels Fall appeared first on Hacked: Hacking Finance.

$20 Million Worth of Ethereum Stolen Due to Geth Vulnerability

While hackers already hunt for ways to steal money, some vulnerabilities further allow them for successful crypto hacks. Recently, experts

$20 Million Worth of Ethereum Stolen Due to Geth Vulnerability on Latest Hacking News.

Experts warn hackers have already stolen over $20 Million from Ethereum clients exposing interface on port 8545

Cybercriminal group has managed to steal a total of 38,642 Ether, worth more than $20,500,000, from clients exposing the unsecured interface on port 8545.

Cybercriminals have raked over 20 million dollars in the past few months by hijacking poorly configured Ethereum nodes exposed online are continuing their operations.

In March, security experts from Qihoo 360 Netlab reported a hacking campaign aimed at Ethereum nodes exposed online, crooks were scanning for port 8545 to find wallets that exposed their JSON-RPC.

According to the researchers, the cybercrime gang stole 3.96234 Ether (between $2,000  and $3,000)., but currently, they have tracked another criminal gang that already stolen an amazing amount of funds that are available in their wallets.

Researchers claim the cybercriminal group has managed to steal a total of 38,642 Ether, worth more than $20,500,000.

“If you have honeypot running on port 8545, you should be able to see the requests in the payload, which has the wallet addresses,” states Qihoo 360 Netlab team. “And there are quite a few IPs scanning heavily on this port now.”

Geth is a popular client for running Ethereum node allowing users to manage them remotely through the JSON-RPC interface.

Developers can use this programmatic API to build applications that can retrieve private keys, transfer funds, or retrieve personal details of the owner of the wallet.

The hackers moved stolen funds to the Ethereum account having the address 0x957cD4Ff9b3894FC78b5134A8DC72b032fFbC464.
Ethereum port 8545

The good news is that the JSON-RPC interface comes disabled by default in most apps.

In May 2018, crooks used the Mirai-based Satori botnet to scan the Internet for Ethereum mining software that were left accidentally left exposed online.

Unfortunately there are several groups that are actively scanning the Internet for insecure JSON-RPC interface to steal funds from unsecured cryptocurrency wallets.

Development team have to secure their applications by only allowing connections to the geth client originating from the local computer, another alternative consists in the implementation of authentication mechanism for remote RPC connections.

Experts believe the hackers will increase their scanning for port 8545 also thanks the availability online of tools that automate the process.

Pierluigi Paganini

(Security Affairs –port 8545, hacking)

The post Experts warn hackers have already stolen over $20 Million from Ethereum clients exposing interface on port 8545 appeared first on Security Affairs.

Hackers Stole Over $20 Million in Ethereum from Insecurely Configured Clients

Security researchers have been warning about cybercriminals who have made over 20 million dollars in just past few months by hijacking insecurely configured Ethereum nodes exposed on the Internet. Qihoo 360 Netlab in March tweeted about a group of cybercriminals who were scanning the Internet for port 8545 to find insecure geth clients running Ethereum nodes and, at that time, stole 3.96234

Crypto Update: Quiet Days in Crypto Land

The major coins have been drifting sideways for several days now, with progressively declining volatility and trading volumes. Bitcoin, Ethereum, and Ripple are all stuck below key resistance levels, while holding up above primary support, leaving the technical setup unchanged. Out of the top 10 coins, only EOS experienced relatively larger swings, but it also […]

The post Crypto Update: Quiet Days in Crypto Land appeared first on Hacked: Hacking Finance.

Crypto Update: EOS Eyes Breakout as Major Coins Settle Down

The cryptocurrency segment has been trading in a bullish short-term consolidation pattern, with the largest coin staying in very short ranges throughout the day. The majority of the digital currencies are sporting small gains, but no crucial levels have been broken with regards to the top ten coins, leaving the technical setup unchanged. Small-cap coins […]

The post Crypto Update: EOS Eyes Breakout as Major Coins Settle Down appeared first on Hacked: Hacking Finance.

Augur: The Odds Are In Their Favor

When I first took a look at Augur it didn’t have the typical vibe of a current ICO.  That could be because the company’s ICO took place way back in 2014 long before ICOs became the buzz they are today.  Founders managed to raise a few million dollars and spent the next several years delivering […]

The post Augur: The Odds Are In Their Favor appeared first on Hacked: Hacking Finance.

Crypto Update: Bitcoin Gathers Strength as Crucial Rally Still Intact

The largest cryptocurrencies are little changed after a choppy Wednesday session, despite a late day sell-off that briefly dragged down all of the top coins. Bitcoin emerged quickly from the dip, and after a period of clear relative weakness, the most valuable digital currency is close to finally giving a short-term buy signal in our […]

The post Crypto Update: Bitcoin Gathers Strength as Crucial Rally Still Intact appeared first on Hacked: Hacking Finance.

Crypto Picks: Two Ideas For June

Now that the mayhem of May is behind, where do we go from here? For what it’s worth, I believe June will end up looking more like April than May.  Yes, there will be some cryptos performing better than others but a rising market should benefit most. One reason for the short term optimism comes […]

The post Crypto Picks: Two Ideas For June appeared first on Hacked: Hacking Finance.

Long-Term Cryptocurrency Analysis: Crucial Rally Attempt

The crypto segment is at a very important point from a technical perspective following the strong late-April rally and the subsequent correction. The major coins formed a bottom last week after triggering long-term buy signals and now a very important rally attempt is underway. Several weaker coins drifted back to their April lows, with Bitcoin […]

The post Long-Term Cryptocurrency Analysis: Crucial Rally Attempt appeared first on Hacked: Hacking Finance.

The Ethereum Killers – A Hit Still Waiting to Be Carried Out

When a new cryptocurrency comes along promising decentralized app creation, smart contracts and token creation services, they inevitably describe themselves using the immortal term – Ethereum Killer. Since its launch in 2014, Ethereum has risen quickly to prominence, and has been secure in the No.2 place in market cap rankings for a while now. But […]

The post The Ethereum Killers – A Hit Still Waiting to Be Carried Out appeared first on Hacked: Hacking Finance.

Crypto Update: Buy Signals Popping Up

The weekend started out on a clearly positive note in the cryptocurrency segment, with the major coins adding around 3% on average compared to Friday’s price levels. What’s more is that several coins finally triggered short-term buy signals following a long period when selling pressure dominated the market. While the majority of the top digital […]

The post Crypto Update: Buy Signals Popping Up appeared first on Hacked: Hacking Finance.

Crypto Update: IOTA Hits $1.9 as Range Trading Continues

The major cryptocurrencies are still trading without clear direction, although most of the coins are slightly in the red in US trading. The biggest outlier is IOTA, as the only coin that triggered a buy signal in our trend model since the Monday bottom is now up by almost 40% off the lows. The top […]

The post Crypto Update: IOTA Hits $1.9 as Range Trading Continues appeared first on Hacked: Hacking Finance.

Blog: Breaking Randomness in the Ethereum Universe [part 1]

It is widely acknowledged that generating secure random numbers on the Ethereum blockchain is difficult due to its deterministic nature. Each time a smart contract’s function is called inside of a transaction, it must be replayed and verified by the rest of the network. This is crucial so that it is not possible for a miner to manipulate the internal state during execution and modify the result for their own benefit. For example, if the Ethereum Virtual Machine (EVM) provided functionality to generate a random number using a cryptographically secure random source on the miner’s system, it would not be possible to confirm that the random number generated had not been manipulated by the miner. Another more important reason however, is that this would not be determinsitic and if ether is transferred or alternative code paths are taken based on decisions made inside the function as a result of the generated number, the contract’s ether balance and storage state may be inconsistent with the view of the rest of the network.

This post is the first in a three-part series where we will look at some of the techniques developers are using to generate numbers that appear to be random in the deterministic Ethereum environment, and look at how it is possible in-practice to exploit these random number generators for our advantage. Our first post will focus on generating random numbers on-chain and what the security implications of doing so are. In the remaining two posts we will review another two commonly used techniques including using oracles and participatory schemes where numbers are provided via multiple participants.

Sources of Entropy in Ethereum

We have proposed that we cannot trust a single miner to generate a “high quality” random number for our smart contract and that if a “random” number is produced, the same number must be produced when other nodes of the network execute the smart contract code for verification. One method that is commonly used is the use of a Pseudorandom Number Generator (PRNG), which will produce a series of bytes that look random in a deterministic way, based on an initial private seed value and internal state.

The Ethereum blockchain provides a number of block properties that are not controllable by a single user of the network and are only somewhat controllable by miners, such as the timestamp and coinbase. When using these block properties as a source of entropy for an initial seed to a PRNG, it may well look sufficient as the output appears to look random and the seed value cannot be directly manipulated by users of the smart contract.

The following block variables are commonly used when generating random numbers on-chain:

  • block.blockhash(uint blockNumber): hash of the given block (only works for 256 most recent blocks excluding current)

  • block.number: current block number

  • block.coinbase: current block miner’s address

  • block.timestamp: current block timestamp as seconds since unix epoch 

The main advantages of using block properties as a seed for randomness is they are simple to implement and the resulting random numbers are immediately available to the smart contract. This simplicity, speed and lack of dependence on external parties or systems makes the use of block properties a desirable option. It is often assumed that when using block properties as a source of randomness, only miners would be in a position to cheat. For example, if the output number did not work in their favour, they can throw away the block and wait for a new block whereby the generated number worked in their favour. 

With the assumption that only miners are able to exploit the number generation using block properties as a seed, there are multiple blog posts, Reddit posts, and Stack Overflow threads regarding when it is safe to use these properties for random number generation. These often incorrectly state that it is acceptable to use block properties only when the potential payout is less than the mining reward, as it would not be beneficial for a malicious miner to throw out the block. However, this is not case, as we will see when we analyse and exploit the vulnerable smart contracts below.

Exploiting a Simple Number Guessing Smart-Contract

Firstly we will look a naïve, yet not uncommon implementation using the block.blockhash property. The GuessingGame smart contract allows the participant to guess a randomly generated number. If the participant guesses correctly they win twice their initial bet.

If we look at the badRandom function, we can see how the random number is generated by casting the blockhash of the previous block to an unsigned integer, then performing a modulus operation:

This will appear to provide a random value between 1 and 10 (unfortunately this also introduces a modulo bias meaning that some values are more likely than others). As the previous block number is not controllable by an attacker it cannot be manipulated to produce a random number in the attackers favour… however, the seed is known to the attacker. It is therefore possible to predict what the next winning number will be and beat the house. One potential problem with this approach, is that the attacker needs to take the current block number, get the blockhash, generate the next number and make sure their bet was placed in the very next block. 

This isn’t very feasible to do manually, however we can get around this by calculating the next winning number on-chain, then make an external contract call to the GuessingGame with the correct number. The following attacker contract will always predict the winning number when the cheat() function is called.

Another Vulnerable ‘Lottery’ Style Game

The above contract will allow us to always take away the winnings, however, can we still exploit this type of random number generation when the generation takes place at some point in the future? To explore this, we have the following lottery style smart contract where participants can buy a ticket in a draw. When enough tickets have been sold a winner can be selected. A common, but problematic, coding pattern is shown below:

By looking at the buyTicket function below, there is nothing the attacker can control when buying a ticket, other than waiting for specific tickets to be sold and buying theirs at a specific point, such as waiting for 2 to be sold and then attempting to purchase the 3rd.

Lets now look at how the winning ticket is chosen:

Firstly, there is a require statement to ensure that the winner can only be chosen once the required number of tickets have been sold. If this requirement is met the sale is over and a random number is generated. In this case we have no control over what the winnerIndex will be, however we can calculate who the winner will be before invoking the drawWinner() function. Allowing the attacker to wait until a blockhash is used that generates a random number making the attacker the winner.

The problem with this approach is that the attacker needs to know which ticket they have, or at which index in the drawParticipants array their account address is located. Within the blockchain, even private variables are readable by everyone, even if the contract does not directly expose them. The web3.eth.getStorageAt(contractAddress, index) method can be used to look into the contracts persistent storage and identify which ticket is the attackers.

The attacker contract below will take the desired winner index, then calculate if that index is going to win the draw during the current block. If the desired winner is going to be selected, the drawWinner() function is called and the attacker takes home the contract balance. If the attacker is not going to win, the call returns before drawing the winner. The attacker just needs to repeatedly call the cheat(winnerIndex) function until the blockhash outputs a number that results in the correct winner. It is true that this process is going to cost the attacker in transaction fees for each repeated call, however this is likely to be negligible when compared to a games payout.

The primary drawback with this approach is that if the drawWinner() function is called by another participant, then the next winner may be chosen at a blocknumber which does not result in the attacker winning. Another issue is that depending on the number of participants, the attacker may need to submit a large number of transactions before they are chosen.

A partial mitigation?

As games are typically designed to be played by real players, rather than other smart contracts, we could look to identify whether the player’s address is a regular Externally Controlled Account (EOA) or a smart contract account. It appears this can currently be achieved by using inline assembly and the EXTCODESIZE opcode, which returns the size of the CODE property of an external Ethereum account using its address. For example, this could be implemented with the following:

This will restrict specific functions from only being called from Externally Owned Accounts and therefore mitigate the attacks outlined above. However, this does not mitigate against attacks from malicious miners and will likely break under future accounts created under the Ethereum account abstraction proposed in EIP-86 which is scheduled for Constantinople Metropolis stage 2.

The practise of generating pseudo-random numbers using block properties is highly discouraged. We have looked at how an attacker can actually exploit such PRNG implementations via external contract calls, which allow an attacker to predict the next number to be generated in the same block. Whilst a partial mitigation does exist to prevent the specific attacks mentioned, block properties and on-chain data are always public and therefore carry the risk that an attacker may be able to predict the winning number and use it for their advantage.    

In the following two parts of this series, we will analyse the use of generating random numbers using participatory schemes where numbers are provided via multiple participants, and through the use of external sources of randomness that are consumed via the use of Oracles.




Blog

Technical Analysis: Durable Bottom Forming?

The major cryptocurrencies are still consolidating after last week’s steep decline, with a failed breakdown on Monday and the subsequent recovery providing hope for bulls. The declining short-term trends remained intact in most cases, and correlations between the coins are still high, but bearish momentum is weakening in the segment. The decline that followed the […]

The post Technical Analysis: Durable Bottom Forming? appeared first on Hacked: Hacking Finance.

Trade Recommendation: Monaco/Ethereum

The Monaco/Ethereum pair (MCO/ETH) has been bearish since it generated a lower high of 0.042394 on October 31, 2017. On the same day, however, it broke below support of 0.025. The breakdown ignited a selling frenzy that saw the pair plummet to 0.011329 on November 24. At this price level, the pair flashed oversold readings. […]

The post Trade Recommendation: Monaco/Ethereum appeared first on Hacked: Hacking Finance.

Cryptocurrency Trading App Taylor loses 2,578 ETH in hack


The creators of Taylor, a cryptocurrency trading app, have claimed that they have lost about 2,578.98 Ether (which is currently valued at over $1.49 million) from the company’s wallet in an attack by an unidentified hacker.

Taylor posted on Medium on May 22, revealing that they had been hacked and almost all their funds stolen. The company said that apart from the Ether, TAY tokens were also stolen from the Team and Bounty pools, amounting to over 7 percent of the total supply.

“The only tokens that were not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making them inaccessible for now,” the report read.

The company wrote that since they are still investigating the attack, they cannot reveal much, but said, “What we can say is that it was not a smart contract exploit. Somehow the hacker got access to one of our devices and took control of one of our 1Password files.”

Taylor believes that the hacker is the same person or group that hacked CypheriumChain and stole over 17,000 ETH (amounting to about $9 million), as the hacker worked by collecting the amount from multiple sources into a single wallet then transferring it to a bigger wallet, which is allegedly the same wallet where the tokens from the CypheriumChain hack were transferred.

The team also noticed an attempt to dump the stolen TAY tokens on IDEX and asked them to delist TAY until they knew more about the situation, which means that the market is down for TAY and even legitimate token holders cannot trade.

“We are considering to issue a new token and swap the old one,” the company said. “The goal is to make sure the hacker does not receive the new token. We analyzed all transactions made by him, and we know exactly where the stolen tokens are.”

Taylor warned token owners to stop all trading of TAY tokens until more information is revealed and new tokens are sent out, “otherwise, you may lose your money and will not be able to receive the new token.”

“We reassure that we will spare no efforts to find a way to mitigate the implications of this incident for every single legit token holder. We are not going anywhere!” the company said after the attack.

E Hacking News – Latest Hacker News and IT Security News: Cryptocurrency Trading App Taylor loses 2,578 ETH in hack


The creators of Taylor, a cryptocurrency trading app, have claimed that they have lost about 2,578.98 Ether (which is currently valued at over $1.49 million) from the company’s wallet in an attack by an unidentified hacker.

Taylor posted on Medium on May 22, revealing that they had been hacked and almost all their funds stolen. The company said that apart from the Ether, TAY tokens were also stolen from the Team and Bounty pools, amounting to over 7 percent of the total supply.

“The only tokens that were not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making them inaccessible for now,” the report read.

The company wrote that since they are still investigating the attack, they cannot reveal much, but said, “What we can say is that it was not a smart contract exploit. Somehow the hacker got access to one of our devices and took control of one of our 1Password files.”

Taylor believes that the hacker is the same person or group that hacked CypheriumChain and stole over 17,000 ETH (amounting to about $9 million), as the hacker worked by collecting the amount from multiple sources into a single wallet then transferring it to a bigger wallet, which is allegedly the same wallet where the tokens from the CypheriumChain hack were transferred.

The team also noticed an attempt to dump the stolen TAY tokens on IDEX and asked them to delist TAY until they knew more about the situation, which means that the market is down for TAY and even legitimate token holders cannot trade.

“We are considering to issue a new token and swap the old one,” the company said. “The goal is to make sure the hacker does not receive the new token. We analyzed all transactions made by him, and we know exactly where the stolen tokens are.”

Taylor warned token owners to stop all trading of TAY tokens until more information is revealed and new tokens are sent out, “otherwise, you may lose your money and will not be able to receive the new token.”

“We reassure that we will spare no efforts to find a way to mitigate the implications of this incident for every single legit token holder. We are not going anywhere!” the company said after the attack.



E Hacking News - Latest Hacker News and IT Security News

Crypto Update: Bitcoin Hits $7000 Then $7500 amid Strong Snap-Back Rally

While the week started out on a negative note in the cryptocurrency segment, the tide has turned on Tuesday, as the major coins staged a rebound after hitting multi-week lows on Monday. While the rally is encouraging, the short-term downtrends remained intact, and for now, most of the coins are still not on buy signals […]

The post Crypto Update: Bitcoin Hits $7000 Then $7500 amid Strong Snap-Back Rally appeared first on Hacked: Hacking Finance.

Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as 'Blockchain 3.0,' that allows developers to build decentralized applications over blockchain

Ethereum Price Meltdown and What’s Causing It

Ethereum was the center of a vicious selloff recently, with prices falling as much as 14% over a 60-minute stretch. Hours later, the cryptocurrency had recovered from intraday lows but was among the worst performers in the top-100, as listed by CoinMarketCap. ETH/USD Price Levels Ether’s precipitous drop began around 23:49 UTC on Sunday, culminating […]

The post Ethereum Price Meltdown and What’s Causing It appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Suffer Another Hit as Bounce Fades

Bulls were only in control for a short period during the weekend, as the declining short-term trend continued in the cryptocurrency segment. Most of the majors hit marginal new lows today in early trading, and small caps are also under pressure, as correlations between the coins spiked higher again. Bitcoin is holding up relatively well […]

The post Crypto Update: Coins Suffer Another Hit as Bounce Fades appeared first on Hacked: Hacking Finance.

Long-Term Cryptocurrency Analysis: Correction Deepens but Leaders Remain Stable

As the major cryptocurrencies got hit hard this week, losing around 20% on average, the long-term picture in the segment got close to an entry point for investors. The overbought readings that developed during the late-April rally are now cleared and although the short-term trends are still clearly negative, we still expect the coins to […]

The post Long-Term Cryptocurrency Analysis: Correction Deepens but Leaders Remain Stable appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Spike Lower amid Regulatory Woes, Technical Breakdown

Following a period of directionless range trading in the segment, cryptocurrencies got hit hard yesterday, on a very busy day in financial markets. The largest coins and small caps are down by 20% in two days on average, with the total value of the market declining by around $70 billion. The Indian tax plan, and […]

The post Crypto Update: Coins Spike Lower amid Regulatory Woes, Technical Breakdown appeared first on Hacked: Hacking Finance.

Crypto Update: Coins Lose Ground as Range Trading Continues

While the weekend rally got bulls hope up that the consolidation phase might have ended, the technical setup hasn’t changed much in the segment, and today all of the major coins are lower again. The losses, which range from 2-5%, are not significant from a long-term standpoint, and most of the top coins are still […]

The post Crypto Update: Coins Lose Ground as Range Trading Continues appeared first on Hacked: Hacking Finance.

Google Courts Vitalik Buterin to Assist With Mysterious Cryptocurrency Project

Despite banning cryptocurrency ads, Google is exploring new applications of blockchain technology, according to Ethereum founder Vitalik Buterin, who was recently courted by the technology giant to assist in the mysterious project. A Job at Google? In a recent Twitter post, Vitalik Buterin revealed that Google’s human resources department had contacted him about a potential […]

The post Google Courts Vitalik Buterin to Assist With Mysterious Cryptocurrency Project appeared first on Hacked: Hacking Finance.

Crypto Update: Sideways Drift Continues as Bitcoin Fights with the $8400 Level

The largest coins attempted another rally towards the end of the weekend, but today the, not too strong, momentum faded and the majority of the majors is sliding lower today. The coins are in or close to the recent trading ranges, with the whole segment hovering in or near the recent ranges, without major changes […]

The post Crypto Update: Sideways Drift Continues as Bitcoin Fights with the $8400 Level appeared first on Hacked: Hacking Finance.

Crypto Update: Ethereum Back Above $700 as Coins Rise but Buy Signals Still Lacking

The major cryptocurrencies are all sporting gins today, with Ethereum, EOS, Stellar, and Monero leading the way higher percentage-wise. Despite the rally, the short-term technical setup is unchanged in most cases, with the top coins still on neutral trend signals, and with no buy signals having been triggered just yet. From a technical standpoint, Ethereum […]

The post Crypto Update: Ethereum Back Above $700 as Coins Rise but Buy Signals Still Lacking appeared first on Hacked: Hacking Finance.

Trade Recommendation: Ethereum

This is a longer term buy trade. Over the last 3-4 weeks the key level has been the Monthly Pivot Range high. You can see initially it was resistance, then a close above this level on April 23 signified a return to the bullish bias. This upside bias remains intact as you can see a […]

The post Trade Recommendation: Ethereum appeared first on Hacked: Hacking Finance.

Long-Term Cryptocurrency Analysis: Bitcoin Remains Under Pressure as Divergence Deepens

The segment has been drifting lower in a choppy fashion ever since our latest look at the long-term charts and the two-faced nature of the market is still apparent. Bitcoin and the other relatively weak majors, like Litecoin, Monero, Dash, and NEO are clearly lagging the leaders from a technical standpoint, while Ethereum is still […]

The post Long-Term Cryptocurrency Analysis: Bitcoin Remains Under Pressure as Divergence Deepens appeared first on Hacked: Hacking Finance.

Satori Botnet is targeting exposed Ethereum mining pools running the Claymore mining software

While a new variant of the dreaded Mirai botnet, so-called Wicked Mirai, emerged in the wild the operators of the Mirai Satori botnet appear very active.

Experts observed hackers using the Satori botnet to mass-scan the Internet for exposed Ethereum mining pools, they are scanning for devices with port 3333 exposed online.

The port 3333 is a port commonly used for remote management by a large number of cryptocurrency-mining equipment.

The activities were reported by several research teams, including Qihoo 360 Netlab, SANS ISC,  and GreyNoise Intelligence.

Starting from May 11, experts are observing the spike in activity of the Satori botnet.
satori botnet activity

According to the researchers at GreyNoise, threat actors are focused on equipment running the Claymore mining software, once the attackers have found a server running this software they will push instructions to force the device to join the ‘dwarfpool’ mining pool using the ETH wallet controlled by the attackers.

The experts noticed that most of the devices involved in the mass scanning are compromised GPON routers located in Mexico.

The experts monitored five botnets using the compromised GPON routers to scan for Claymore miners, one of them is the Satori botnet that is leveraging an exploit for the attack.

Below the details of the five botnets published by Netlab 360:

  • SatoriSatori is the infamous variant of the mirai botnet.
    • We first observed this botnet coming after the GPON vulnerable devices at 2018-05-10 05:51:18, several hours before our last publish.
    • It has quickly overtakes muhstik as the No.1 player.
  • Mettle: A malicious campaign based on IP addresses in Vietnam (C2 210.245.26.180:4441, scanner 118.70.80.143) and mettle open source control module
  • HajimeHajime pushed an update which adds the GPON’s exploits
  • Two Mirai variants: At least two malicious branches are actively exploiting this vulnerability to propagate mirai variants. One of them has been called omni by newskysecurity team.
  • imgay: This appears like a botnet that is under development. Its function is not finished yet.

“In our previous article, we mentioned since this GPON Vulnerability (CVE-2018-10561, CVE-2018-10562 ) announced, there have been at least five botnets family mettle, muhstik, mirai, hajime, satori actively exploit the vulnerability to build their zombie army in just 10 days.” reads a blog post published by Netlab 360.

“From our estimate, only 2% all GPON home router is affected, most of which located in Mexico.”

“The source of this scan is about 17k independent IP addresses, mainly from Uninet SA de CV, telmex.com, located in Mexico,”

Researchers at SANS ISC that analyzed the Satori botnet activity discovered the bot is currently exploiting the CVE-2018-1000049 remote code execution flaw that affects the Nanopool Claymore Dual Miner software.

The experts observed the availability online of proof-of-concept code for the CVE-2018-1000049 vulnerability.

“The scan is consistent with a vulnerability, CVE 2018-1000049, released in February [2]. The JSON RPC remote management API does provide a function to upload “reboot.bat”, a script that can then be executed remotely. The attacker can upload and execute an arbitrary command using this feature.” reads the analysis published by the SANS ISC.

“The port the API is listening on is specified when starting the miner, but it defaults to 3333. The feature allows for a “read-only” mode by specifying a negative port, which disables the most dangerous features. There doesn’t appear to be an option to require authentication.”

Pierluigi Paganini

(Security Affairs – Satori Botnet, hacking)

The post Satori Botnet is targeting exposed Ethereum mining pools running the Claymore mining software appeared first on Security Affairs.

Crypto Update: Ethereum Stuck at $700 as Choppy Trading Continues

Crypto traders are a having another slightly frustrating and directionless session, as the major digital currencies are all trading in narrow short-term ranges. Trading activity declined too, as volumes are down across the board, and the technicals are still not decisive. The weakness of Bitcoin and the strength of Ethereum are balancing the segment out, […]

The post Crypto Update: Ethereum Stuck at $700 as Choppy Trading Continues appeared first on Hacked: Hacking Finance.

Crypto Update: Another Bearish Session but Technical Damage Limited

While today’s trading has been dominated by sellers, so far, the cryptocurrency segment continues to trade without a clear direction, even as the bearish short-term bias is apparent in the case of the majors and especially Bitcoin. The most valuable coin continues to lag the leaders of the market, and it hit a new correction […]

The post Crypto Update: Another Bearish Session but Technical Damage Limited appeared first on Hacked: Hacking Finance.

Technical Analysis: Coins Stabilize After Correction, Bullish Trend Still On

Although the major cryptocurrencies are still well below the highs hit in late April, and none of the top coins resumed the uptrend yet, the market remains positive, with price action still being consistent with an ongoing recovery. The technical divide between Bitcoin and Ethereum is still dominant, with the ETH/BTC pair hovering around its […]

The post Technical Analysis: Coins Stabilize After Correction, Bullish Trend Still On appeared first on Hacked: Hacking Finance.