Cybercrime involving $60m in Zaif crypto exchange raises yet another red flag concerning security

Colleagues, Zaif is a small cryptocurrency exchange based in Japan. Although Zaif on ranks as the 45^th largest exchange based upon daily trading volume by CoinMarketCap, a crypto theft worth $60m USD is reason for concern. The exchange processed some $43B per day in cryptocurrencies. The Japanese Financial Services Authority (FSA) is investing this cybercrime and questioning why Tech Bureau – Zaif’s parent company – waited several days to report this incident. Bottom line: Whether this was an “inside job” by a disgruntled Tech Bureau employee or an external cyber-attack is unknown at this time. What we do know is two-fold. First, Japan is an early adopter and supporter of cryptocurrencies. Second, there has been a meteoric rise in the number and value of cybercrimes specifically targeting crypto exchanges during the past two years. Where possible, we highly recommend that crypto traders and investors alike perform their due diligence and stay with top tier exchanges such as BitForex, BitMEX, Binance, OKex and Huobi. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Cyber Threat Alliance Confirms a 400% Spike in Cryptojacking Mining Attacks from 2017 to 2018

Colleagues, although the numbers are alarming they also confirm what many of us assumed to be true. Cyber-attacks focused on cryptocurrency mining (aka “cryptojacking”) has sky rocketed by some 400% YoY between 2017 and 2018. As reported by the CTA entitled “The Illicit Cryptocurrency Mining Threat” indicates that EternalBlue, perhaps the world’s most pervasive cyber-attack in history, targets Microsoft’s Server Message Block (SMB) protocol via port 445 is the leading culprit. Researchers suspect that North Korea is the likely source behind EternalBlue’s root cause – the infamous WannaCry ransomware. Bottom line: The global crypto ecosystem continues to be the most common target of cybercrime, which ultimately serves to thwart mass market adoption of cryptocurrencies. Crypto ecosystem members need closer ties and cooperation with their cyber security peers in order to mitigate the relentless rise in cryptojacking is cryptocurrencies are to move to the mainstream.   Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

CVE Report for Bitcoin Core Revealed a Security Flaw that Could Bring Down Part of the Network

Colleagues, the recent Common Vulnerabilities and Exposures Report (CVE-2018-17144 Full Disclosure) states, “a fix for which was released on September 18th in Bitcoin Core versions 0.16.3 and 0.17.0rc4, includes both a Denial of Service component and a critical inflation vulnerability”. A cybercriminal exploited this bug to create new Bitcoin, which in turn would have deflated Bitcoin value by increasing the supply of the currency above the 21 million hard-cap. Matt Corallo, Bitcoin Core developer and Chaincode engineer acknowledged that if this bug has gone undetected someone could have launched a cyber-attack to print an unlimited number of BTCs. According to CoinMarketCap, global Bitcoin market capitalization exceeds $115.6B USD far outpacing Ethereum, which is valued at $24.6 USD. Bottom line: The world’s most valuable (and popular) cryptocurrency is prone to vulnerabilities and is subject to cyber crime. This is just one reason why regulators such as the US SEC question is legitimacy as a financial “security”. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Bitfury and Bitmain Launch New Mining ASICs – Can They Bring New Life to Crypto Mining?

Colleagues, crypto mining has been under siege from relentless cybercrime attacks, which have risen dramatically in 2018. Nevertheless, while mining vendors AMD and NVidia have struggled, Bitmain and Bitfury have introduce new 7nm and 14 nm ASICs this week. Bitfury serves as a hardware and software vendor of crypto mining and Blockchain technology. Bitmain is the world’s largest crypto mining company that also develops and sells its own mining ASICs. These announcement come during the World Digital Mining Summit takes place in Tbilisi, Georgia. Bottom line: Can new ASICs breathe new life into the beleaguered mining segment of the worldwide crypto ecosystem … especially given the onslaught of cyber-attacks across the globe? We would offer two conclusions: First, the mining sector in aggregate will continue to grow … although the rate of growth in 2016-2018 will be difficult to sustain. Second, there will significant consolidation in cypto mining ASIC segment during the next two years with Bitmain and Bitfury extending their leadership roles. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

The Spector of $2b in 2018 Cyber Crime Targeting Cryptocurrencies Threatens Market Adoption

Colleagues, according to CoinMarketCap the worldwide market capitalization for digital assets reached some $760b in December 2017 and currently hoover around $240b. Coindesk reports that the Japanese market lost $540m due to crypto crime in H1 2018. Globally, cyber security firm Carbon Black has confirmed $1.1b worth of cryptocurrencies were stolen in the same time period. The numbers are alarming, they continue to grow and represent the single largest threat to the market adoption of cryptocurrencies across the global economy. Conventional malware, fraudulent ICOs, attacks on crypto exchanges and crypto jacking which targets mining vendors and pools tops the list of cybercrime tactics. We offer two basic conclusions: First, it is highly likely that crypto theft will top $2b around the world in 2018. Second, the rise in cybercrime focused on digital assets heightens the concern of government regulators in the US and abroad that cryptocurrencies should not be categorized as legitimate “securities”. These factors are major barriers to adoption across the crypto ecosystem. We do believe that digital assets will take 2-3 years to cross the chasm from truly speculative investments to viable securities traded on market stock exchanges … foremost the US NASDAQ. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Issuing fraudulent investments is the latest cyber security risk to the cryptocurrency ecosystem

Colleagues, the US Texas Securities Commission has issued cease and desist orders against three offshore entities suspected of issuing fraudulent cryptocurrency investment schemes. The orders target Ultimate Assets LLC, DigitalBank Ltd. and Coins Miner Investment Ltd.  All three entities purport to represent Coinbase, a prominent U.S. crypto exchange. The charges stem from crypto and forex trading services, false claims of meeting with the president of Ripple and soliciting funds to develop a claimed secure crypto wallet. Bottom line: The global crypto ecosystem is under siege from cyber criminals on all fronts. The three firms identified above a just the latest in a long list of bad actors targeting crypto investors, wallets, exchanges and underlying Blockchain technology. The most common motive across these nefarious actions is financial gain. We have and will continue to warn legitimate players in the crypto ecosystem to take major security and human factors measures to protect their business concerns. Send a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Can Fbot Help Prevent Crypto Mining Cyber Attacks by Destroying “com.ufo.miner” Malware?

Colleagues, we have extensively reported on the dramatic rise in crypto mining cyber-attacks in 2018 that have plagued the crypto ecosystem. Enter Fbot. Security researchers are unclear if Fbot is a friend or foe with regard to crypto mining. However, they have confirmed that Fbot is designed to propagate, scan and install itself over “com.ufo.miner“ malware which targets vulnerable browser software. According to NetLab 360, com.ufo.miner has its origins in monero ADB Miner Android-based software. At first glance, it would appear that Fbot might be a tool of unknown origin, which can reduce browser vulnerability to cyber-attacks. The key question is whether Fbot has an ulterior motive – that is to destroy com.ufo.miner and clear the path for another form of crypto mining malware to be installed in its place. Share a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)