Google Moves to Prevent Cryptojacking via Illicit Chrome Extensions

Colleagues, as we have previously reported cyber security attacks, specifically cryptojacking via Internet browsers, has risen some 400% YoY from 2017 through H1 2018. Google Chrome commands almost 67% market share according to data from Statista. Earlier this year Google banned cryptocurrency-related ads from AdWords and placed major restrictions on apps and extensions on Google Play and the Chrome Web Store. Therefore, it comes as welcomed news for individual and corporate Chrome users that Google has taken the next step of adding more stringent rules for developers of Chrome extensions. Chrome, Firefox and Safari have been the primary targets of cyber criminals seeking to perform crypto mining by way of installing malicious code (aka illegal extensions) to mobile and desktop browsers alike. The Chrome Web Store’s Developer Program Policies clearly states “Do not create an extension that requires users to accept bundles of unrelated functionality”.  Nevertheless, written policies are no better than the vendor’s enforcement practices and penalties. We will report back in Q1 2019 on the initial impact these stricter policies have on mitigating the cryptojacking tsunami impacting Chrome users … and hopefully stemming the tide of illicit crypto mining. Share a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

What impact will Siacoin’s bricking of Bitmain and Innosilicon hardware have on cryptocurrency mining?

Colleagues, Siacoin is indeed a third-tier cryptocurrency when compared to Bitcoin, Ethereum, Ripple and Litecoin. CoinMarketCap ranks Siancoin’s market cap at 40^th on its global list of digital currencies. ASIC mining demand for Siacoin is dwarfed by comparison to its tier-1 competitors. So is there any bona fide reason to fuss over Siacoin’s decision – derived from an anonymous Reddit community vote – to implement a fork, which will obsolete Bitmain and Innosilicon ASICs from mining Siacoin. Our assessment leads the Cryptocurrency Academy to a two-fold answer. First, users Obelisk hardware from Nebulous to mining Siacoin are big winners – they will have a de facto monopoly on Siacoin mining. Second, within the context of the global cryptocurrency ecosystem this decision is nothing more than a blip on the radar screens of Bitmain and Innosilicon … business as usual. Share a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Bitcoin, Ethereum and Monero at the core of a new cryptocurrency money-laundering scheme

Colleagues, the lack of transaction transparency and money laundering have long been the Achilles heel of the crypto ecosystem. A recent Wall Street Journal study revealed that some $88m in cryptocurrencies from 2500 wallets was laundered through exchanges including Shape Shift. To date this exchange (and others) have allowed investors to anonymously trade digital assets – mostly Bitcoin that holds 50% market capitalization share among cryptocurrencies – without needing to create an account. To its credit ShapeShift is replacing its “account less” trading model with a new “loyalty program” which requires users to create a traceable account. Money laundering has long been a high priority of entities such as the US Drug Enforcement Agency and Europol … and so-called crypto laundering is reaching epic proportions. Having reported all too many times on this topic we believe that first and third world governments need to implement strict regulations requiring the transparency of crypto trading and exchanges alike. Share a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

The Perennial Tug of War Between the US SEC and CFTC – Are Crypto Assets “Securities” or “Commodities”?

Colleagues, the fraudulent representation or claim of a “security” or “commodity” in the US can be tired as a federal or a state level crime. Nevertheless, fraud is fraud. So ruled a district judge regarding the cryptocurrency My Big Coin Pay scam. Co-defendants Mark Gillespie and Randall Crater are alleged to have use investments – categorized as commodities - in My Big Coin Pay for personal use and gain. Sovereign nations, their governments and court systems around the world are struggling to regulate digital assets. One of the foremost dilemmas is whether cryptocurrencies are securities or commodities. To outsiders the distinction may appear meaningless, however, to government regulators and the exchanges upon which these assets are traded the difference in critical. In the US, the issue will ultimately depend upon the decisions of the judicial system along with the US SEC and the Commodities Futures Trading Commission (CFTC). Although the issue of My Big Coin Pay may be decided for now, the much larger issue will likely not be resolved at the federal level for another 2-3 years. Share a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

US SEC Cyber Unit Sues PlexCoin Founders for Illicit Cryptocurrency Scheme

Colleagues, the promise of a 13-fold appreciation in one month lies at the core of the US SEC’s lawsuit against PlexCoin co-founders Sabrina Paradis-Royer and Dominic Lacroix. The defendants are charged with an illicit PlexCoin ICO scheme. Although fraudulent ICOs are not a daily occurrence, they are far too common. Moreover, they represent one more reason why the US SEC – and its counterparts abroad – are reluctant to classify cryptocurrencies as legitimate “securities” tradeable on leading stock exchanges. That is why even the most prominent digital assets including Bitcoin, Ethereum, Ripple and the like are confined to crypto only exchanges like BitFinex, Binance and Huobi. Bottom line: We predict that within 24-36 months the US SEC will define and implement a strict framework for regulating cryptocurrencies and allowing only those assets, which meet the most stringent requirements bona fide “securities” status. As we continuously stress crypto investors must perform their due diligence and are urged to stay with proven currencies traded on legitimate exchanges. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Cybercrime involving $60m in Zaif crypto exchange raises yet another red flag concerning security

Colleagues, Zaif is a small cryptocurrency exchange based in Japan. Although Zaif on ranks as the 45^th largest exchange based upon daily trading volume by CoinMarketCap, a crypto theft worth $60m USD is reason for concern. The exchange processed some $43B per day in cryptocurrencies. The Japanese Financial Services Authority (FSA) is investing this cybercrime and questioning why Tech Bureau – Zaif’s parent company – waited several days to report this incident. Bottom line: Whether this was an “inside job” by a disgruntled Tech Bureau employee or an external cyber-attack is unknown at this time. What we do know is two-fold. First, Japan is an early adopter and supporter of cryptocurrencies. Second, there has been a meteoric rise in the number and value of cybercrimes specifically targeting crypto exchanges during the past two years. Where possible, we highly recommend that crypto traders and investors alike perform their due diligence and stay with top tier exchanges such as BitForex, BitMEX, Binance, OKex and Huobi. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Cyber Threat Alliance Confirms a 400% Spike in Cryptojacking Mining Attacks from 2017 to 2018

Colleagues, although the numbers are alarming they also confirm what many of us assumed to be true. Cyber-attacks focused on cryptocurrency mining (aka “cryptojacking”) has sky rocketed by some 400% YoY between 2017 and 2018. As reported by the CTA entitled “The Illicit Cryptocurrency Mining Threat” indicates that EternalBlue, perhaps the world’s most pervasive cyber-attack in history, targets Microsoft’s Server Message Block (SMB) protocol via port 445 is the leading culprit. Researchers suspect that North Korea is the likely source behind EternalBlue’s root cause – the infamous WannaCry ransomware. Bottom line: The global crypto ecosystem continues to be the most common target of cybercrime, which ultimately serves to thwart mass market adoption of cryptocurrencies. Crypto ecosystem members need closer ties and cooperation with their cyber security peers in order to mitigate the relentless rise in cryptojacking is cryptocurrencies are to move to the mainstream.   Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)