A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …

Charles Hoskinson suggests applying stylometric techniques to find Satoshi Nakamoto, but there is a caveat. Stylometrics In an April 5 interview, Ethereum (ETH) co-founder and founder of Cardano (ADA) Charles Hoskinson suggested that the most effective way to find the person or team behind Bitcoin (BTC) is to apply stylometric techniques. Stylometry is the application of the study of linguistic style, usually to written language. This technique had been previously applied to Satoshi Nakamoto’s writing without conclusive results. Use the code instead Hoskinson suggested instead of using Nakamoto’s writing, use his code. Hoskinson explained to Cointelegraph why this could be …

Cybersecurity researchers have identified a persistent and ambitious campaign that targets thousands of Docker servers daily with a Bitcoin (BTC) miner. In a report published on April 3, Aqua Security issued a threat alert over the attack, which has ostensibly “been going on for months, with thousands of attempts taking place nearly on a daily basis.” The researchers warn: “These are the highest numbers we’ve seen in some time, far exceeding what we have witnessed to date.” Such scope and ambition indicate that the illicit Bitcoin mining campaign is unlikely to be “an improvised endeavor,” as the actors behind it …

Cybersecurity firm, Guardicore Labs, revealed the identification of a malicious crypto-mining botnet that has been operating for nearly two years on April 1. The threat actor, dubbed ‘Vollgar’ based on its mining of the little-known altcoin, Vollar (VSD), targets Windows machines running MS-SQL servers — of which Guardicore estimates there are just 500,000 in existence worldwide. However, despite their scarcity, MS-SQL servers offer sizable processing power in addition to typically storing valuable information such as usernames, passwords, and credit card details. Sophisticated crypto-mining malware network identified Once a server is infected, Vollgar “diligently and thoroughly kills other threat actors’ processes,” …

Singapore-based unicorn startup Acronis released its latest cybersecurity survey on March 31 today, highlighting that 86% of IT professionals are concerned about cryptojacking. According to the 2020 World Cyber Protection Week Survey, there is a growing fear among IT experts in the face of cryptojacking attacks, as the study shows that 30% of personal users and 13% of professional users wouldn't know if their data or computer's resources were modified unexpectedly, as such threat does. The report also stresses that awareness and concerns about cyber-threatening methods like cryptojacking have been increasing in the last two years, surging by 33% since …

Black hat hacker group, Maze, claims to have used ransomware to compromise the systems of insurance giant, Chubb. They also claim to have stolen the firm’s data. Brett Callow, threat analyst at cybersecurity firm, Emsisoft, told Cointelegraph on March 27 that Maze published the claim on its website. While the website does not provide any direct proof of the hack so far, Callow pointed out facts that give the claim an air of credibility: “Maze’s past victims include governments, law firms, healthcare providers, manufacturers, medical research companies, healthcare providers and more.” Maze’s modus operandi Callow explained that the group usually …

The cybercriminals behind the crypto mining Stantinko botnet have devised some ingenious methods to evade detection. Malware analyst Vladislav Hrčka from cybersecurity firm ESET sounded almost impressed as he unveiled the firm’s latest findings, and potential countermeasures, in a blog post. “The criminals behind the Stantinko botnet are constantly improving and developing new modules that often contain non-standard and interesting techniques,” he wrote. The half-million strong botnet has been active since 2012 and was spread via malware embedded in pirated content. It mainly targets users in Russia, Ukraine, Belarus and Kazakhstan. It originally focused on click fraud, ad injection, social …

Opportunistic hackers are increasingly seeking to dupe victims using websites or applications purporting to provide information or services pertaining to coronavirus. Cybersecurity threat researchers, DomainTools, have identified that the website coronavirusapp.site facilitates the installation of a new ransomware called “CovidLock.” The website prompts its visitors to install an Android application that purportedly tracks updates regarding the spread of COVID-19, claiming to notify users when an individual infected with coronavirus is in their vicinity using heatmap visuals. CovidLock ransomware launches screen lock attack on unwitting victims Despite appearing to display certification from the World Health Organization and the Centers for Disease …

A recent presentation from the U.S. Federal Bureau of Investigation, or FBI, shows ransomware hackers have pilfered massive amounts of Bitcoin (BTC) since 2013. Between October 2013 and November 2019, victims paid roughly $144 million in BTC to ransomware hackers, FBI supervisor Joel DeCapua indicated at a Feb. 24 RSA conference. Ransomware takes control During a ransomware breach, nefarious parties take control of a person or entity’s computer systems, demanding payment, often in BTC, to unlock victims’ platforms. DeCapua noted almost all ransomware payments are sent in Bitcoin, and that the bureau's number does not include other related losses victims …

2019 demonstrated that cyber-attacks are getting more numerous in the cryptocurrency industry, while hardware remains vulnerable and high-profile data leaks are becoming more common. Even worse, the trend is a continuing one. Way back in June 2018, Kaspersky Lab security experts reported an increase in the amount of malware targeting the cryptocurrency market. They noted a trend toward the spread of two types of malware: for hacking cryptocurrency wallets and for malicious Bitcoin (BTC) mining. As cybercrimes using digital money have begun to affect more countries and involve more advanced technologies, entire states and government organizations have come to grips …

Cybersecurity firm Trend Micro has detected that hacking group Outlaw has been updating its toolkit for stealing enterprises’ data for nearly half a year at this point. Outlaw — who had ostensibly been silent since last June — became active again in December, with upgrades on their kits’ capabilities, which now target more systems, according to an analysis from Trend Micro published on Feb. 10. The kits in question are designed to steal data from the automotive and finance industries. The new capabilities of the kits The group’s new developments include scanner parameters and targets, advanced breaching techniques used for …

Edge, the web browser of information technology giant Microsoft, now blocks cryptojacking malware. A Microsoft Edge spokesperson told Cointelegraph on Feb. 10 that the latest version of the web browser features a new PUA (Potentially Unwanted Apps) blocking feature that may block some illicit cryptocurrency mining malware. When asked about whether Microsoft plans to protect Edge users from illicit cryptocurrency miners, the spokesperson said that “this will be a particular area of focus.” As cryptojacking is increasingly becoming a cybersecurity threat, efforts to tackle the issue are also scaling up. A new cybersecurity feature Cryptojacking is the practice of illicitly …