Tag Archive for: cryptocurrency

Police deny ransom demand of Rs 200 crore in cryptocurrency as server remains down for 6th day

/in


Delhi AIIMS

All India Institutes of Medical Sciences (AIIMS).

Photo : IANS

New Delhi: The server of All India Institute of Medical Sciences (AIIMS), Delhi remained affected for the sixth consecutive day on Monday. The hackers, meanwhile, have allegedly demanded an estimated Rs 200 crore in cryptocurrency from the hospital authorities, official sources said on Monday.

However, the Delhi Police has claimed that no ransom demand, as being quoted by certain sections of the media, has been brought to the notice by the AIIMS authorities.

Meanwhile, the AIIMS computer facility on Monday wrote to all departments of the institute to make a backup of their files which are connected to the institute’s networks as they will have to be formatted and cleaned in the aftermath of the ransomware attack.

Reports said that it is being feared that the data of around 3 to 4 crore patients could have been compromised due to the hacking detected on Wednesday morning, reported PTI.

On Monday, AIIMS management informed that data restoration and server cleaning are in progress and the authorities are taking time due to the volume of data and large number of servers for hospital services.

“Measures are being taken for cyber security. All hospital services, including outpatient, in-patient, and laboratories continued to run on manual mode,” informed the hospital authorities.

On the other hand, Patient care services, including emergency, outpatient, inpatient, and laboratory are being managed manually as the server continued to remain down on Monday.

The India Computer Emergency Response Team (CERT-IN), Delhi Police, and representatives of the Ministry of Home Affairs have started an investigation into the ransomware attack, reported PTI.

On November 25, an extortion and cyber terrorism case was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police.

At present, internet services have been blocked on computers at the hospital on the recommendations of the investigating agencies, said officials.

It may be worth mentioning here that the AIIMS server has stored data of several VIPs, including former prime ministers, ministers, bureaucrats, and judges.

“Hackers have…

Source…

Blockchain security companies tackle cryptocurrency theft, ransom tracing

/in


According to data from the Rekt leaderboard, cybercriminals have stolen as much as $3 billion of investor funds through 141 various cryptocurrency exploits since January, putting 2022 on track to top 2021 levels of digital currency malfeasance. Comparitech’s cryptocurrency heists tracker indicates that since 2011, hackers have stolen $7.9 billion in cryptocurrency worth about $45.5 billion in today’s value.

Along with the increased dollar amounts of cryptocurrency thefts, the scams, hacks, and exploits of cryptocurrency, Web3 (a decentralized view of the web that incorporates blockchain technologies and token-based economics), and blockchain-related organizations are growing bolder and more lucrative for malicious hackers even as the value of cryptocurrencies stagnates. This month alone, Binance saw its BNB chain drained of $586 million, close to the all-time most significant cryptocurrency theft of $624 million from the Ronin Network in March 2022.

The threat actors in these and other instances likely didn’t keep all or even most of the astonishing amounts stolen but, in many cases, are increasingly granted handsome “bounties” in exchange for a return of some or most of the missing funds. Avraham Eisenberg, the man behind a $114 million exploit on Mango Markets in mid-October, got to keep $47 million of his allegedly ill-gotten gains in exchange for returning $67 million to the project.

A new crop of cybersecurity companies has emerged

The mind-boggling amount of money generated from crimes against an array of digital finance segments has no real parallels in the traditional cybersecurity world, which has yet to amass the expertise needed to discover, track, and remediate security incidents in the blockchain space. Part of the reason conventional cybersecurity professionals are reluctant to devote resources to the digital currency arena is the belief among many top experts that cryptocurrencies are little more than financial fraud, an opinion they feel is borne out by the current collapse in the cryptocurrency market.

Against this backdrop, a new crop of security companies has emerged to help Web3 firms cope with the chronic crime and assist…

Source…

$570 Million Hack on Binance Blockchain Exposes Serious Flaws in Cryptocurrency Systems

/in


Join Our Telegram channel to stay up to date on breaking news coverage

On Friday, Binance, the largest cryptocurrency exchange in the world, announced that $570 million had been stolen in a breach of the blockchain it operates to facilitate cross-network transfers of assets. The Binance Smart Chain network attack exposed vulnerability in DeFi, or computer-controlled financial transactions.

System Vulnerable but No Money Lost

In an interview with CNBC, Binance CEO Changpeng Zhao acknowledged that bug-free software is impossible to achieve. The hacker stressed that no users had lost any money, but warned that cross-chain bridges were especially susceptible to attacks and that the industry needs to improve its ability to learn from its mistakes.

A series of assaults have been discovered targeting weaknesses in cross-chain bridges, and the team will freely discuss the specifics of the postmortem and any lessons on how to deploy more sophisticated security measures to shore-up these vulnerabilities, Binance Smart Chain said in an apology blog post.

String of Hacks Cost Market Billions In 2022

The blockchain analysis firm Chainalysis predicted in August that $2 billion worth of cryptocurrencies will be stolen in 13 cross-chain bridge attacks, most of which would occur in 2022. Axie Infinity, a computer game fueled by cryptocurrency, suffered a $600 million hack in March. The amount of $325,000,000 was taken from the Wormhole system in February.

BC.Game Casino

These vulnerabilities illustrate how dependent DeFi platforms are on code for management and how, in times of crisis, decentralization may slow down efforts to fix problems. A group of users called validators manage the Binance chain ecosystem by holding tokens and voting on proposed code modifications.

Binance Smart Chain issued a statement explaining how it was able to prevent the situation from spreading by contacting community validators one by one. The closure is postponed, although the damage was kept to a minimum.

Final Decision in the Hands of Binance Smart Chain Community Members

It will now be up to the Binance Smart Chain community to decide on what to do next, which may include freezing the stolen cash and giving a bounty of up…

Source…

Rethinking Responsible Disclosure for Cryptocurrency Security

/in


The Biden administration has pointed, with alarm, to the national security implications of both cybersecurity and cryptocurrency. It’s just a matter of time before the government begins worrying about their intersection—cryptocurrency security. All of the United States’ international adversaries are in the business of exploiting bad cybersecurity, and many of them monetize their exploits using cryptocurrency. There’s nothing more natural for North Korean state hackers, Russian organized crime, or partially privatized cyberspies in China and Iran than to steal cryptocurrency to finance their national security operations. They’ll find an open door; because, as bad as overall cybersecurity is, the security of cryptocurrency is worse.

You only have to follow cryptocurrency news casually to be struck by the size and frequency of cryptocurrency security failures. That’s not your imagination, or press bias. Cryptocurrency really does have worse security than other digital technologies, and there’s a good chance it always will. 

Here’s why: In other parts of the digital economy, companies quickly patch security flaws, many of which have been found and responsibly disclosed by outside researchers. But as I’ll explain below, the “disclose-and-patch” cycle doesn’t work for cryptocurrency systems. There are ways to make disclose-and-patch work better for cryptocurrencies, but they will require compromises, institutional innovation, and maybe even new laws. That’s a tall order, but until it happens, cryptocurrency security will never match even the low security standard set by other digital technologies.

How Responsible Disclosure Works

Software security flaws like these are ubiquitous in digital products. Like writers who can’t see their own typos, most coders have trouble seeing how their software can be misused. The security flaws in their work are usually found by others, often years later. Indeed, security researchers are still finding serious holes in Windows today—30 years after it became the world’s dominant operating system.

Companies like Microsoft have improved their products’ security by making peace with those researchers. There was a time when…

Source…