Tag Archive for: Bitcoins
16 Bitcoins stolen: the robbed is suing the parents of alleged thieves
With a civil suit, the American Andrew Schober wants to regain around 16 Bitcoins that were allegedly stolen from him by two young British people. Schober also took the parents of the two young men to court, reports security blogger Brian Krebs. At the time of the theft, the two alleged perpetrators were still minors and lived with their parents. According to the lawsuit, they are said to have developed and distributed malware for the theft. They also tried to launder the money they had obtained.
The from Krebs provided court documents According to Schober carried out a transaction of around 16.4 Bitcoin in January 2018 and then noticed that he no longer had control of his credit (the transaction in a block explorer). At that time it was worth around 187,000 US dollars, currently almost 800,000 US dollars, which was 95 percent of his assets at the time. He then hired experts who checked his PC and looked for traces of possible perpetrators.
Theft with a clipboard trick
The experts discovered a clipboard hijacker on his computer, which was hidden in specially prepared wallet software called “Electrum Atom”. Schober found a link to the software via a Reddit post that advertised a download with false promises.
Such hijacker malware exploits the fact that crypto-money addresses are usually not entered by hand due to their character length, but are copied and pasted via the clipboard. Whenever the victim copies an address for a transfer to the clipboard, the malicious application replaces it with another address under the control of its makers. If the address replaced in this way is used unnoticed in a transaction and the payment has been recorded in the blockchain, then the money is lost for the victim.
On the trail of the perpetrator
The month-long search for criminals, for which Schober reportedly paid US $ 10,000, finally led to the two Britons, who are now studying computer science. As evidence of their guilt, the lawsuit alleges, among other things, that one of the two suspicious pieces of code for the malware used is in the Github repository. One of the two also posted the question on Github in January 2018 as to how best to access the private key behind a…
Security lapse, not ‘hack’, likely behind FBI’s recovery of ransomware Bitcoins
Experts are still puzzling out how the FBI clawed back most of the bitcoins that a pipeline operator paid as ransom to an affiliate of the DarkSide hacker — but they say there’s nothing about the matter that shows the cryptocurrency network is insecure.
© Stockhead Australia
Bitcoin FBI
![Bitcoin FBI](https://www.bing.com/news/{"default":{"load":"default","w":"80","h":"45","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQWs0.img?h=450&w=799&m=6&q=60&o=f&l=f"},"size3column":{"load":"default","w":"62","h":"35","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQWs0.img?h=351&w=624&m=6&q=60&o=f&l=f"},"size2column":{"load":"default","w":"62","h":"35","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQWs0.img?h=351&w=624&m=6&q=60&o=f&l=f"}})
Rather, the hacker or hackers simple made some kind of elementary blunder that let the FBI take the coins, analysts said.
Load Error
“Basically it is theft from a wallet due to poor security practices from a wallet owner,” Jonothon Miller, managing director at crypto exchange Kraken Australia, told Stockhead.
“You can’t hack the bitcoin blockchain. It’s pretty much impossible and would break the whole network.”
The FBI wasn’t able to recover all 75 bitcoin paid by Colonial Pipeline, but they took back 63.7 coins – 85 per cent.
Court papers indicated that the FBI had the private key to the wallet — the rough equivalent of a password — but gave no indication as to how they got it.
“The ‘obtained the private key’ part of their statement is doing a lot of work,” Nicholas Weaver, a lecturer at the computer science department at University of California, Berkeley, told KrebsOnSecurity.
“It is ONLY the Colonial Pipeline ransom, and it looks to be only the affiliate’s take.”
There was some one speculation that ransom was able to be seized because the hackers had tried to move it through Coinbase — but both the exchange and the FBI shot that down.
2/ Coinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/wallet.
— Philip Martin (@SecurityGuyPhil) June 8, 2021
The FBI did not do this by seizing a Coinbase account, source familiar tells me.
— Kevin Collier (@kevincollier) June 7, 2021
Coinbase’s director of security also tweeted that a line in the FBI affidavit mentioning Northern California didn’t mean much.
7/ So how did they get the private key? Maybe some whiz-bang magic, but my guess would be it was some good ol’ fashioned police work to locate the target servers, and an MLAT request and/or some…
Bitcoin’s Greatest Feature Is Also Its Existential Threat
Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command-and-control server. With nowhere to go for instructions, the botnet is rendered useless. But over the years, botnet designers have come up with ways to make this counterattack harder. Now the content-delivery network Akamai has reported on a new method: a botnet that uses the Bitcoin blockchain ledger. Since the blockchain is globally accessible and hard to take down, the botnet’s operators appear to be safe.
It’s best to avoid explaining the mathematics of Bitcoin’s blockchain, but to understand the colossal implications here, you need to understand one concept. Blockchains are a type of “distributed ledger”: a record of all transactions since the beginning, and everyone using the blockchain needs to have access to—and reference—a copy of it. What if someone puts illegal material in the blockchain? Either everyone has a copy of it, or the blockchain’s security fails.
To be fair, not absolutely everyone who uses a blockchain holds a copy of the entire ledger. Many who buy cryptocurrencies like Bitcoin and Ethereum don’t bother using the ledger to verify their purchase. Many don’t actually hold the currency outright, and instead trust an exchange to do the transactions and hold the coins. But people need to continually verify the blockchain’s history on the ledger for the system to be secure. If they stopped, then it would be trivial to forge coins. That’s how the system works.
Some years ago, people started noticing all sorts of things embedded in the Bitcoin blockchain. There are digital images, including one of Nelson Mandela. There’s the Bitcoin logo, and the original paper describing Bitcoin by its alleged founder, the pseudonymous Satoshi Nakamoto. There are advertisements, and several prayers. There’s even illegal pornography and leaked classified documents. All of these were put in by anonymous Bitcoin users. But none of this, so far, appears to seriously threaten those in power in governments and corporations. Once someone adds something to the Bitcoin ledger, it becomes sacrosanct. Removing…