Are Bitcoin Companies Vulnerable to Equation Group Style Attacks?

Published at: Feb. 21, 2015

Kaspersky recently uncovered Equation Group, a nasty cybercrime operation that embeds malware in hardware all around the world. It's hard to detect. Once malware is installed, it's difficult to get rid of. Even reinstalling the operating system doesn't help. The only way to extinguish the it once and for all, is to destroy your hard drive.

If this secret operation is so advanced, are Bitcoin companies vulnerable?

“Yes, Bitcoin organizations could definitely be subject to an Equation style attack.” said Ken Miller, former risk management for PayPal and current COO for Gem. The cyber-crime group has targeted personal hardrives as well as larger servers, he explained. Most Bitcoin institutions rely on single-signature schemes, as opposed to the more secure multi-signature, and this could be a vulnerability.

He added:

“So consequently, a hacker would only need to defeat 'password' like protections in order to gain access via a customer's device or a machine and move funds out of bitcoin wallets.”

Bitcoin exchanges store most of their bitcoins (95% or so) in offline cold storage, while the rest is stored in hot wallets that are vulnerable to attacks. So, for example, when the BitStamp exchange was hacked earlier this year, the issue was with the hot wallet. Most of BitStamp’s bitcoins were safe in cold storage, which was untouched. But Miller says that the 3-5% of online and vulnerable bitcoins will become much more valuable in absolute terms. If hacked, only bigger exchanges like Coinbase would be able to “sustain” that level of loss.

But while Equation Group style attacks could hypothetically affect bitcoin, Miller doubts that is the group's intention.

The Equation Group has been hidden for at least 14 years and could be the most advanced malware operation ever uncovered. Kaspersky released a 32-page paper summarizing its discoveries. While they didn't name the NSA outright, the security organization made a strong case that an intelligence agency was behind the operation.

In a mini-mystery, Kaspersky tried for weeks to decipher arabic plaintext before it went to Twitter for help. Some password cracking experts figured out the arabic plaintext, which means “unregistered” in English. It turned out that the group only targeted particular users, leaving the “unregistered” users unaffected by the attack. The puzzle showcases the Equation Group's “surgical precision” and uncanny ability. 

Miller said to take the Kaspersky Lab report with a “slight” grain of salt—it's a Russian organization pointing a finger at the U.S. after all. The Economist issued similar warnings, mentioning that the security outfit has a financial interest in pushing rumors of security vulnerabilities.

Nevertheless, in 2010 the firm uncovered the worm Stuxnet, designed by the NSA to take out Iranian nuclear plants. “Some computer-security firms cry wolf to attract attention; Kaspersky’s wolves have often proved to be real,” the article concluded.

While Equation Group is likely not targeting bitcoin, the advanced operations they describe could serve a warning for the future. Miller explained:

“All that said, bitcoin could be a target down the road for something massive like this, and has obviously been a target for less-sophisticated attacks, and the mass use of single-signature key management makes it an attractive option for organized crime, which often is run out of Russia, eastern Europe, and SE Asia.”

Did you enjoy this article? You may also be interested in reading these ones:

Kaspersky Lab: Bitcoin Closing in on Conventional Banking 3-Way Bitcoin Exchange Hack Dwarfed by 15-month $300 million Bank Heist How the Government Could Gain Access to Your Smartphone, Bitcoins
Tags
Bitcoin
Hardware
Related Posts
Pioneering hardware wallet brings enhanced staking to cold storage
Twelve months ago, the total value of cryptocurrency locked in staking programs was barely more than $1 billion. Today, there is $58 billion locked in decentralized finance, or DeFi. The adoption of DeFi has been a sea change that’s helped push the crypto industry into the mainstream, but it’s hardly the only one. Mainstream institutions including MicroStrategy and Tesla have poured billions of dollars into Bitcoin — and some have been buying the dip — while nonfungible tokens have evolved from CryptoKitties and CypherPunks to an artistic medium pulling in millions in bids for a new generation of digital artists …
Technology / June 8, 2021
Nvidia Pulls Through Crypto Winter — Quarterly Earnings Rise 16%
Major global chipmaker Nvidia, popular with cryptocurrency miners, has outstripped analysts’ expectations with its latest set of quarterly financials. The firm’s Second Quarter Fiscal 2020, published on Aug. 16, revealed $2.58 billion in revenue at earnings of $1.24 per share — as compared with $2.2 billion in the preceding quarter. Still 17% down from crypto-driven highs While the latest results reveal a solid 16% increase over the previous quarter, year-on-year revenue remains down by 17%. Nvidia had earned $3.12 billion during the same period for the fiscal year 2019 amid massive demand for GPUs from cryptocurrency miners. The firm’s outlook …
Bitcoin / Aug. 16, 2019
Bitcoin miner prices may fall if supply exceeds demand: F2Pool exec
The price of cryptocurrency mining hardware is likely to continue falling in the near future amid the ongoing crypto winter, according to an executive at major Bitcoin (BTC) mining pool F2Pool. Supporting 14.3% of the BTC network, F2Pool is one of the world’s biggest Bitcoin mining pools. On Tuesday, F2Pool released its latest mining industry update. Focusing on June 2022 BTC mining results, F2Pool’s report noted that the majority of Bitcoin mining companies like Core Scientific have opted to sell their self-mined Bitcoin recently. Bitfarms, a major Canadian BTC mining firm, sold 3,000 Bitcoin, or almost 50% of its entire …
Bitcoin / July 12, 2022
How to build a cryptocurrency mining rig
Cryptocurrency mining involves using a computer, or several computers, to validate transactions on a blockchain. Technically, these computers solve cryptographic equations and record data in a digital ledger. The more computers solving equations, the faster the blockchain can validate transactions. When miners verify the hashes of unconfirmed blocks, they receive a reward for each verified hash. Mining can be energy and computationally-intensive, requiring specialized hardware and crypto-mining software. Among the most mined (and most profitable) cryptocurrencies are Bitcoin (BTC), Monero (XMR), Ravencoin (RVN), and Dogecoin (DOGE). Ether (ETH) used to be part of this list but Ethereum has recently shifted …
Bitcoin / Oct. 18, 2022
Crypto miners in Russia capitalize on the bear market by hoarding ASIC devices
Cryptocurrency miners in Russia appear to be unbothered by the ongoing crisis of crypto mining as the local demand for mining hardware has reportedly been on the surge in Q4 2022. Some crypto mining hardware distributors in Russia have faced a significant spike in demand for mining-designed application-specific integrated circuit (ASIC) chips, the local news agency Kommersant reported on Dec. 1. Local dealer Chilkoot reported its ASIC sales in November and October exceeded its entire sales made in Q3. Over the past nine months, the distributor reportedly sold 65% more hardware than in 2021. “We are working with legal entities, …
Bitcoin / Dec. 2, 2022