Tag Archive for: Crypto

Google Cloud Adds Crypto Mining Malware Detection Tool By DailyCoin

/in


Google Cloud Adds Crypto Mining Malware Detection Tool

Google Cloud has expanded its range of security features to address the growing threat of illegal cryptocurrency mining as more companies adopt cloud storage technology.

To protect Google (NASDAQ:) Cloud clients and the virtual machines running on its infrastructure, the company unveiled its newest threat detection layer, Virtual Machine Threat Detection (VMTD).

Illegal cryptocurrency mining is one of the most common exploits of compromised remote storage accounts. Digital asset mining typically requires large amounts of computing power, which Google Cloud customers happen to pay for.

The new Virtual Machine Threat Detection (VMTD) tool utilizes an agentless memory scanning that assists in detecting cryptocurrency mining malware as well as other threats such as data exfiltration and ransomware in virtual machines.

This means that VMTD users will be empowered to detect malicious behavior in their VMs without installing any additional software that could impact performance or increase the risk of a potential attack.

“Not running an agent inside of their instance means less performance impact, lowered operational burden for agent deployment and management, and exposing less attack surface to potential adversaries,” explained the Google team.

The VMTD feature is currently only available as a public preview for Google Cloud’s Security Command Center Premium customers. The company expects to be able to make the tool available to all of its customers within the next few months. In the meantime, the Google Cloud team is planning the steady release of new detection capabilities and integrations for other aspects that fall under the Google Cloud infrastructure purview.

The Use of Hacked Accounts to Mine Crypto

As more organizations worldwide continue to shift to employing cloud services and technologies, they have become common targets for hackers.

Compromised cloud accounts make up the majority of illegal cryptocurrency mining exploits. According to Google, 86% of its compromised cloud instances were used to mine digital currencies in 2021. In some cases, malicious actors installed crypto mining malware just 22 seconds…

Source…

US Judge grants bail to Crypto couple in $4.5 billion hack

/in


A New York judge granted bail for two people charged with trying to launder billions of dollars worth of Bitcoin stolen in a 2016 hack of the Bitfinex currency exchange.

Ilya Lichtenstein and Heather Morgan appeared in a lower Manhattan federal courtroom Tuesday after being arrested at 7am in New York. The US government said it seized about $3.6 billion worth of cryptocurrency from the married couple, the largest financial seizure ever. The two allegedly conspired to launder 119,754 Bitcoin, currently valued at about $4.5 billion, stolen after a hacker breached Bitfinex’s systems.

The government initially asked the judge not to allow them to be released on bail. Each is facing the possibility of a 20-year prison sentence, so they have the motivation to run, a prosecutor told the judge. When the judge indicated she would set a bond, the government requested it be set at $100 million, an amount one of the defense lawyers called “laughable.”

The judge set bail for Morgan at $3 million and asked her parents to post their home as security. For Lichtenstein, bail was set at $5 million.

Lichtenstein, 34, holds dual US and Russian citizenship. He wore jeans and a gray shirt in the courtroom, his brown hair was slightly messy and he sported a paunch. Morgan, 31, appeared in court wearing a white hooded sweatshirt, her long hair down. They both wore masks, as did everyone else in the room, per court requirements.

They looked at the magistrate judge as she read them their rights. Neither of them spoke publicly during this initial appearance. Their lawyers – they have retained separate counsel – did the talking in court.

Morgan, who was born in Oregon and grew up in California, has foreign ties, the prosecutor said. She has lived in Hong Kong and Egypt and is studying Russian, according to her social media. She’s a journalist and economist and travels internationally for work, according to the government. Her father is a retired U.S. government biologist and her mother worked as a librarian….

Source…

A $320 Million Crypto Hack Sends the DeFi World Reeling

/in


This week WIRED broke the news that a lone US hacker had spent the last two weeks intermittently taking down North Korea’s internet. Yes, the entire country’s. The hacker, who goes by the handle P4x, says that he launched the campaign as retaliation for the Hermit Kingdom’s hacks of Western security researchers last year. Frustrated by the lack of US response, he took it upon himself to send a message. 

In another exclusive, we published internal messages from Trickbot, the notorious Russian cybercrime gang, that sheds new light on the group’s organizational structure. The exchanges, several of which took place amid a sustained ransomware assault against hundreds of US hospitals, also bring Trickbot’s ruthlessness, ambition, and sense of impunity into sharp focus.

Over in China, the Winter Olympics start this week, meaning you can indulge in your quadrennial biathlon obsession. Multiple countries have warned their athletes to bring burner phones to the games in light of the host country’s record of aggressive surveillance; participants have also been informed that speaking out against China’s human rights abuses against the Uyghur population could spark retaliation.

We also took a look at how concerned you should really be about the kernel-level anti-cheat systems that game developers have increasingly turned to. And in 2022, expect more cyberattacks to have real-world consequences, a troubling inevitability as criminal groups become ever more aggressive.

And there’s more! Each week, we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories.

Decentralized finance systems promise to do away with the intermediaries that slow down or complicate transactions. A major hack of a major DeFi protocol this week, though, underscores that the future of money comes with its own set of risks. Attackers targeting Wormhole, which offers a bridge between the Solana and Ethereum blockchains for cross-chain transactions, made off with $320 million in various cryptocurrencies. It’s the second-biggest known DeFi theft of all time, after a hacker stole $610 million from Poly Network, only to return the bulk of it eventually. There’s no sign that…

Source…

AnChain.AI CEO explains crypto hack, Tornado Cash, and emerging Web3 security sector

/in


AnChain.Al Co-Founder & CEO Victor Fang joins Yahoo Finance Live to break down the significance of the crypto.com hack, what this means for the future of the cryptocurrency market, the rise of Tornado Cash, and preventative steps one can take to protect themselves from hacks.

Video transcript

[MUSIC PLAYING]

BRAD SMITH: Welcome back to “Yahoo Finance Live,” everyone. Crypto hack attack. Bad actors were able to launder $15 million worth of Ethereum from a major crypto exchange using a service called Tornado Cash. And our next guest is here to explain how Tornado Cash works and the steps investors can take to protect themselves. That’s part of our “Crypto Corner” segment presented by tastyworks.

And with us today, we’ve got Victor Fang, who is the AnChain.AI co-founder and CEO. We’ve also got Yahoo Finance’s own David Hollerith joining us now. Let’s dive right in, in the interest of time here. Victor, I want to go to you first here. Help us break down the significance of this Crypto.com hack that took place and the significance that it places, once again, around security within the space too.

VICTOR FANG: Absolutely. Thanks for having me here. So, yeah, Crypto.com got hacked, right, and then $15 million being sent to Tornado Cash and other mixers a few days ago. And, I mean, we’ve been following these incident and I think it’s probably related to the two-factor authentication hack. It is not on the blockchain. I want to highlight is not on the blockchain or smart currency or anything like that, but it’s actually on the internet cybersecurity of the countermeasure that that company probably have done poorly. And this is actually all related to this emerging sector in cybersecurity called the Web3 Security. And Web3 Security is all around protecting crypto, smart contract, your NFTs, and all blockchain digital assets.

DAVID HOLLERITH: Yeah, so, Victor, can you try to explain–

VICTOR FANG: Yeah, and–

DAVID HOLLERITH: Can you explain what a mixing service is just to give our audience a little more context?

VICTOR FANG: Absolutely. So, so far, there are three different kinds of major mixing services, right? So I link the layer one, for example, Monero, Zcash, and another one is…

Source…