Connect with us

Bitcoin News

This Elusive Malware Has Been Targeting Crypto Wallets for a Year

Published

on

Operating for a year now, insidious malware ElectroRAT is bringing 2020 into 2021 and targeting crypto wallets.

A researcher at cybersecurity firm Intezer has identified and documented the inner workings of ElectroRAT, which has been targeting and draining victims’ funds.

According to the researcher, Avigayil Mechtinger, the malware operation includes a variety of detailed tools that dupes victims, including a “marketing campaign, custom cryptocurrency-related applications and a new Remote Access Tool (RAT) written from scratch.”

The malware is called ElectroRAT because it’s a remote access tool that was embedded in apps built on Electron, an app-building platform. Hence, ElectroRAT. 

“It’s unsurprising to see novel malware being published, especially during a bull market in which the value of cryptocurrency is shooting up and making such attacks more profitable,” said Jameson Lopp, chief technology officer (CTO) at crypto custody startup Casa

Over the past few months, bitcoin and other cryptocurrencies have entered a bull market, seeing prices skyrocket across the industry.

What is ElectroRAT?

ElectroRat malware is written in the open-source programming language Golang, which is good for cross-platform functionality and is targeted at multiple operating systems, including macOS, Linux, and Windows. 

As part of the malware operation, the attackers set up “domain registrations, websites, trojanized applications and fake social media accounts,” according to the report. 

In the report, Mechtinger notes that while attackers commonly try to collect private keys used to access people’s wallets, seeing original tools like ElectroRAT and the various apps written “from scratch” and targeting multiple operating systems is quite rare. 

A visual summary of the scope of ElectroRAT
(Intezer)

“Writing the malware from scratch has also allowed the campaign to fly under the radar for almost a year by evading all antivirus detections,” wrote Mechtinger in the report. 

Lopp echoed these comments, and said it’s particularly interesting the malware is being compiled for and targeting all three major operating systems. 

“The value majority of malware tends to be Windows-only due to the wide install base and the weaker security of the operating system,” said Lopp. “In the case of bitcoin, malware authors may reason that a lot of early adopters are more technical people who run Linux.”

How it works

To lure in victims, the ElectroRat attackers created three different domains and apps operating on multiple operating systems.

The pages to download the apps were created specifically for this operation and designed to look like legitimate entities. 

The associated apps specifically appeal to and target cryptocurrency users. “Jamm” and “eTrade” are trade management apps; “DaoPoker” is a poker app that uses cryptocurrency. 

Using fake social media and user profiles, as well as paying a social media influencer for their advertising, the attacker pumped the apps, including promoting them in targeted cryptocurrency and blockchain forums like bitcointalk and SteemCoinPan. The posts encouraged readers to look at the professional-looking websites and download the apps when, in reality, they were also downloading the malware. 

The front end of the eTrade app
(Intezer)

For example, the DaoPoker Twitter page had 417 followers while a social media advertiser with over 25,000 followers on Twitter promoted eTrade. As of writing, the DaoPoker twitter page is still live. 

While the apps look legitimate at first glance on the front end, they are running nefarious background activities, targeting users’ cryptocurrency wallets. They are also still active. 

“Hackers want to get your cryptocurrency, and they are willing to go far with it – spend months of work to create fake companies, fake reputation and innocent-looking applications that hide malware to steal your coins,” said Mechtinger. 

What it does

“ElectroRAT has various capabilities,” said Mechtinger in an email. “It can take screenshots, key logs, upload folders/files from a victim’s machine and more. Upon execution, it establishes commands with its command-and control-server and waits for commands.” 

The report suggests the malware specifically targets cryptocurrency users for the purpose of attacking their crypto wallets, noting that victims were observed commenting on posts related to the popular Ethereum wallet app Metamask. Based on the researchers’ observations of the malware’s behaviors, it’s possible more than 6.5 thousand people had been compromised. 

How to avoid it

The first step is the best step and that’s not to download any of these apps, full stop. 

In general, when you’re looking into new apps, Lopp suggests avoiding shady websites and forums. Only install software that is well-known and properly reviewed; look for apps with lengthy reputation histories and sizable install bases. 

“Don’t use wallets that store the private keys on your laptop/desktop; private keys should be stored on dedicated hardware devices,” said Lopp. 

This point reinforces the importance of storing your crypto in cold hardware wallets and writing down seed phrases rather than just storing them on your computer. Both of these techniques make them inaccessible to malware that trolls your online activity. 

A victim commenting on the malicious activity of one of the ElectroRAT apps
(Intezer)

There are secondary steps that can be taken if you think your computer might have already been compromised. 

“To make sure you are not infected we recommend [you] take proactive action and scan your devices for malicious activity,” said Mechtinger.

In the report, Mechtinger suggests that if you think you’re a victim of this scam, you need to kill the processes running and delete all files related to the malware. You also need to make sure your machine is clean and running non-malicious code. Intezer has created Endpoint Scanner for Windows environments and Intezer Protect, a free community tool for Linux users. More detailed information about detection can be found in the original report. 

And, of course, you should move your funds to a new crypto wallet and change all your passwords. 

A higher bitcoin price attracts more malware

With the price of bitcoin continuing to rise, Mechtinger doesn’t see attacks like this slowing down. In fact, they’re likely to increase. 

“There are high capitals at stake, which is classic for financially motivated hackers,” she said. 

Lopp said we will see attackers devote greater and greater resources to coming up with new ways to part people from their private keys. 

“While a novel attack takes much greater effort to develop, the rewards are also potentially higher because it’s more likely to fool people because the knowledge of that style of attack has not been disseminated through the user base,” he said.  “That is, people are more likely to expose themselves to the attack unknowingly.”

Disclosure

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading
Advertisement

Bitcoin News

Crypto exchange BTCNEXT seeking Japan license

Published

on

BTCNEXT, an Asian based cryptocurrency exchange, earlier this month announced it received notification from the Japan Financial Services Agency (FSA) that it must suspend services for Japanese residents.

As part of Noah Ark Technologies Ltd., BTCNEXT operates with a Virtual Currency Exchange license issued by the Cagayan special economic zone and Freeport Philippines.

The BTCNEXT team says that its legal department is currently working with the FSA in regards to getting a Japanese license and will take necessary steps to ensure full compliance with all FSA requests.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

NEO Price Prediction: Long-term (NEO) Value Forecast – June 2

Published

on

  • The long-term outlook is in a bullish trend.
  • The 1.618 in the fibs at $19.17 is the bulls target in the long-term.

NEO/USD Long-term Trend: Bullish

Supply zone: $20.00, $30.00, $40.00
Demand zone: $2.00, $1.00, $0.50

NEO continues in the uptrend in its long-term outlook. The strong pressure on the cryptocurrency by the bulls’ comeback at the 61.8 on 18th May has kept price up with new high each week. $12.59 and $15.04 in the supply area were the highs on 20th and 30th May respectively.

The new week is started on a bullish note with today’s opening candle at $13.72 higher than last week opening price at $11.45, an indication that the bulls are more in the market.

Price is above the two EMAs that are fanned apart which suggest strength in the trend and in this case the uptrend.

The journey to 1.618 of the fib extension with price at $19.17 in the supply area is the bulls target in the long-term as the bullish momentum increase and more bullish candle open and closed above the two EMAS.

The views and opinion as expressed here do not reflect that of BitcoinExchangeGuide.com and do not constitute financial advice. Always do your own research.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Why Bitcoin’s ‘Culture War’ Matters

Published

on

Michael J. Casey is the chairman of CoinDesk’s advisory board and a senior advisor for blockchain research at MIT’s Digital Currency Initiative.


Let’s talk about bitcoin, toxicity and inclusiveness.

(Boy, my Twitter feed is going to have fun over the next few days.)

To start with, let me take a position: I stand with those people, especially women, who’ve lately been calling out maltreatment from members of the bitcoin community and citing rude and abusive behavior as proof of that community’s lack of inclusiveness. These are people who believe in cryptocurrency technology’s potential but feel discouraged to believe that they belong to the community’s dominant white-male subculture. If this technology is to fulfill its global potential, the community associated with it must confront this problem.

But the real point of this column is not to just defend these critics. It’s to debunk one of the more common positions adopted by those who take issue with their complaints, particularly on Twitter. In doing so, I hope to emphasize just how important the concepts of “community” and “culture” are to the healthy development of crypto technology and the ecosystem growing around it.

Hammer culture?

The line that’s most often thrown back at those calling out incivility is that bitcoin is nothing more than a technology, a tool, and that it’s meaningless to attach to it value judgments relating to human behavior. Bitcoin is amoral, apolitical and a-cultural, the argument goes, and like any technology it is used by good and bad people alike.

These pundits, warning of a political correctness-based threat to free speech, will then advise the injured party to take issue directly with the bad actors but refrain from agitating for community-wide change.

A perfect example of the genre came from outspoken lawyer Preston Byrne.

Clever, yes. But it’s extremely unhelpful, because the examples given do not share equivalent terms of reference.

Byrne’s “hammer” refers solely to the steel implement that tradesmen use. By contrast, people complaining about “bitcoin” are clearly using the word in a much wider context than in merely a reference to the code, to the ones and zeros that comprise the bitcoin protocol. They are inherently talking about the wider ecosystem and community gathered around the idea of bitcoin.

So, let’s equalize the terms, shall we? We can turn each of these nouns into a modifier of the word “community.”

While it might sound silly to talk about a “hammer community,” there may well be groups of hammer-obsessed souls who debate questions of design and ease of use at meetups and in chat rooms. If so, I’m going to guess that that community would probably also be predominantly male.

But the real issue is that such a hammer community is going to be far less important to the future design and evolution of hammer technology than bitcoin’s community is to its. I’m no expert, but I don’t see a great deal of change in hammer technology having occurred over the centuries and I’m not sure people expect much in the future. As such, we don’t see much jockeying among users to ensure that proposals for hammer upgrades are implemented and standardized to their preferred design.

By contrast, the open-source technology behind bitcoin is in a constant state of evolution. It is, by definition, under development, which is why we talk about the engineers who work on it as “developers,” not “custodians.” As such, there is a constant battle of interests over who gets to modify the code. Exhibit A: the block-size debate.

Counter-arguing that those who don’t like the process can just fork the code, as the large-blockers did, and set up their own new community, doesn’t cut it for me. Bitcoin is the brand that matters. Any newcomer will struggle to achieve the same network effects. Secession just isn’t viable for anyone who likes its current design but doesn’t like how its future is being defined.

Also, is there a “hammer ecosystem?” Maybe. But beyond producers of nails, and perhaps steel and rubber or wood suppliers, you can hardly call it a complex ecosystem.

Bitcoin, by contrast, which purports to reinvent the global system of money, has attracted an inherently vast array of different technology providers, all of whom have competing interests in how it is designed, managed and marketed to the world. I’m not just talking about businesses applications built on top of it, but also the developers of related encryption, payment channel, smart contract and other vitally important technologies, all of which are themselves in a constant state of flux.

(I’m guessing that the exhibition halls at hammer conventions don’t have quite the same spread of offerings as cryptocurrency events such as Consensus.)

Saying that bitcoin is nothing but a tool, is like saying that music is nothing but a system for ordering different audible tones.

Money = community

When Paul Vigna and I wrote The Age of Cryptocurrency, we spent a lot of time chronicling the emergence of the community that had formed around bitcoin, which we saw as fundamental to its success. It struck us that the notion of a bitcoin community was so prominent — the “c” word was always being bandied about — because bitcoin embodied a profound and sweeping social idea. It offered nothing less than a reinvention of money, a revolution in the entire system for coordinating human value exchange.

Money only works to the extent that there is widespread belief in it, that people buy into its core myth. Money, Felix Martin says, is a social technology, by which he means that its functionality and usability depend far less on the physical qualities of the token that represents it than on the collective agreement among large communities of people that their token captures, represents and communicates transferable value. This is true whether we’re talking about gold, dollar bills, entries in a bank account, or cryptocurrency.

By extension, then, for any form of money to succeed, it must sustain a vibrant, growing community.

Communities = culture

The thing about communities is that they inevitably develop cultures. In self-defining their boundaries of belonging, they develop shared ways of seeing and language — akin to a kind of social protocol – that regulate (in a very unofficial, and quite subconscious way) their members’ behavior.

As they evolve, cultures can become more or less open, more or less inclusive, more or less abrasive in their treatment of outsiders. And inevitably, these cultural features will either encourage or impede the growth of the community.

All this should hardly be a revelation. Anthropology, the study of culture, is a globally widespread and influential field (one that is now appropriately turning its attention to cryptocurrency communities.)

Studies of U.S. culture, from Alexis de Tocqueville down, have rightly pointed to the inclusiveness of the founding fathers’ ideas as a key driver of its economic expansion. In fact, American culture is arguably its most important ingredient for success, a social manifestation of Joseph Nye’s notion of the United States’ “soft power.”

So, yes, bitcoin culture really, really matters. If the compelling ideas behind permissionless, peer-to-peer exchange and censorship-resistant money that attract people of all stripes to it are to retain those people’s interest and grow in influence, the bitcoin community needs to evolve a more inclusive culture.

The only way to do that is to spur the kind of open debates that have always driven the progress of human culture — those which shifted norms and mores to the point that it became unacceptable to own slaves, to spit in public, or to jump a queue.

So, listen up, bitcoin. It’s time to confront your toxicity.

Hazard drums image via Shutterstock

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Holiday Spending up 14.6% as E-Commerce Beats Brick-and-Mortar

Published

on

E-commerce sales hit record highs this year as Americans continue to move their holiday shopping online.

According to Mastercard’s SpendingPulse report, online retail grew 18.8% over last year’s holiday season. That’s enough to make online sales a record 14.6% of holiday shoppers total spend, the report says.

Online consumers this year spent 17% more on apparel, 8.8% more on jewelry, 10.7% more on electronics, and 6.9% more at department stores. 

Overall, holiday spending jumped 3.4% compared to 2018.

The strong numbers came in spite of 2019’s unusually short holiday season, commonly defined as the period between Thanksgiving and Christmas. Shoppers had six days fewer than they had in 2018.

Steve Sadove, an advisor for MasterCard, said in a press release that retailers adapted to the shortened season. 

“Due to a later than usual Thanksgiving holiday, we saw retailers offering omnichannel sales earlier in the season, meeting consumers’ demand for the best deals across all channels and devices.”

Interestingly – or ominously – retailers who accepted crypto or managed crypto payments were slow to respond when we asked them how their holiday shopping season went. eGifter, a gift card trading service, noted that it had not yet “crunched the numbers” on holiday sales but that “We saw growth in overall crypto sales,” said Bill Egan, the site’s VP of Marketing.

“We saw more gifting with crypto in 2019, compared to buy-for-self use cases in prior years,” he said.

Payment processor BitPay found the holidays quite inspiring as well.

“We saw twice our daily averages of processed volume leading up to the holiday,” said BitPay’s CMO, Bill Zielke.

It will be interesting to see what kind of statistics surface over the next few seasons as e-commerce becomes king and crypto payments come to the fore.

Disclosure Read More

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Crypto Custodians Grapple With Germany’s New Rules

Published

on

Crypto firms in Germany are getting ready to exist under a new regime. 

Under a law going into effect Jan. 1 requiring digital asset custodians to be licensed, each company that currently custodies crypto and targets German clients must announce to Germany’s Financial Supervisory Authority (BaFin) its intention to get a license before April 1 and submit an application before Nov. 1.  

A clause allows current crypto custodians to keep serving German customers without being penalized if they declare their intent to apply, but those same companies are waiting on BaFin to release final regulations around the law.

“As long as the legislation is not in place, BaFin is not going to think about how to cope or how to deal with the legislation,” said BaFin press officer Norbert Pieper. The regulator declined further comment and Germany’s Federal Ministry of Finance did not respond to request for comment by press time.

Pieper added: “There is no date foreseeable [yet] by which we’ll be able to communicate the results of our assessment. We will certainly communicate that on our website.” 

While the final regulations haven’t been set yet, the new license requirement may not produce the same kind of exodus of crypto firms that New York saw after the BitLicense requirement, said Miha Grčar, head of business development at Bitstamp.

London-based Bitstamp, one of Europe’s largest crypto exchanges, plans to continue operating in Germany but declined to say whether it would apply for a license, said Grčar. Crypto firms could also use a white-labeled custody service to operate in Germany. 

Because the law is an “updated version of the existing banking regulation,” banks will likely have the most to gain from it, Grčar added. Companies that get the license will be German financial institutions, but not classified as banks.

The law also means that German regulators now see crypto as a “legitimate” industry, he said. 

Ulli Spankowski, chief digital officer and managing director of the crypto custody subsidiary of German stock exchange Boerse Stuttgart, called Blocknox, sees the license as a step forward for “the professionalism of the industry.” The subsidiary has already advised BaFin that it plans to apply.  

“There are other countries that won’t go for a full-fledged license,” he said. “If you want to get traditional, established players from the banking side, you need to give them this environment to feel safe.” 

DLC group is taking advantage of the new regulatory framework by offering consulting services for firms interested in applying, and its own white-labeled crypto custody service. 

Sven Hildebrandt, head of Distributed Ledger Consulting Group, is concerned some exchanges won’t understand the nuances of the new law.

“The law is only in German and no English translation of the law is out there,” he said. “What’s going to happen to exchanges? [Operating without a licence] is actually a felony and not a misdemeanor so that’s jail time.”

Hildebrandt predicts the costs of licensing will be similar to other German financial services licenses where firms will need two managing directors, an established German entity and 125,000 euros of starting capital. He also estimates installation will cost 250,000 to 350,000 euros and recurring yearly costs will be 350,000 euros. 

Switzerland-based Crypto Storage AG, a subsidiary of Crypto Finance AG, is opening a branch in Germany to offer crypto custody to banks and then financial technology startups. 

“Large banking houses will do custody business in the future,” Stijn Vander Straeten, CEO of Crypto Storage AG, said. “They are moving slowly, though. We’ll build it up now for a premium.” 

Berlin-based solarisBank this month opened a subsidiary called solaris Digital Assets to offer crypto custody as a service. So far, the bank has a handful of customers testing the service with more than 40 companies in the pipeline, said Alexis Hamel, managing director of solaris Digital Assets.

In addition to waiting for details from BaFin, crypto firms are also waiting to see if the law can be passported to other European Union states. 

“Germany is definitely at the forefront with the clearer regulation,” Hamel said. “We still need to see how other European countries level up.”

Disclosure Read More

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Copyright © 2022 The Crypto Report