Over 100M Unique Users in the Crypto Ecosystem; University of Cambridge Digital Asset Study

The 3rd Global CryptoAsset Benchmarking Study, an initiative by Cambridge researchers to analyze the developing growth of the industry, has estimated that over 100 million people in the world currently hold BTC or alternative crypto assets. According to this publication, the number of new digital wallets increased significantly, with around 191 million accounts opened in Q3, 2020 alone.

Going by these stats, the number of new people who own crypto assets has skyrocketed compared to the 2018 estimates, which barely hit 36 million. The research attributes this growth to an increase in activity and awareness within the main functions of the crypto ecosystem. Other metrics highlighted include mining, off-chain service provision, regulatory compliance, and improvement in IT infrastructure.

A Vibrant Outlook

Despite taking a hit after the 2017 ICO boom, crypto onboarding has been at its highest post the bubble. More off-chain service providers have launched to on-ramp newbies through fiat-crypto ecosystems and vice versa. Notably, the usage demographics were found to vary between different regions greatly; for instance, crypto exchanges domiciled out of APAC emerged as more crypto-focused trading platforms. Reads the report:

“While North American and European firms primarily serve crypto asset hedge funds and traditional institutional investors …

a notable share of APAC service providers deals with miners (41%), in part explained by the high level of mining activities in the region, especially in China.”

Regulatory and Compliance

As for the regulatory scope, much still has to be done according to figures revealed by the research. Over 2 out of 5 firms surveyed have obtained a license or are in the process of doing so. This is despite the FATF Travel Rule coming in place last year, requiring all Virtual Asset Service Providers (VASPs) to comply with new KYC/AML standards.

However, the research also argues that general compliance has increased, and some of those who are not licensed are because their activities do not fall within current regulatory frameworks or established guidelines.

“However, the remaining 58% should not be perceived as the share of entities conducting unregulated activities or evading regulations: some surveyed service providers are engaged in activities that do not yet warrant any authorization process.”

IT Security

With scamming being prevalent in the crypto ecosystem, the research notes that at least 90% of the VASPs keep the entrusted assets in cold storage. Nonetheless, there’s always a downside risk attributed to insurance since this line of service is yet to make in-roads into the crypto market. Had it not been the case, ‘Those who do have insurance plans are primarily insured against cybercrimes, professional errors, hazards, and loss or theft of private keys.’

Read Original/a>
Author: Edwin Munyui

Researchers Expose Key Security Weaknesses on Crypto Exchanges

  • Cybersecurity researchers exposed key flaws in cryptocurrency exchanges that could see users lose a fortune.
  • The researchers – Jean-Philippe Aumasson, cofounder of a crypto technology firm, Taurus Group, and vice president at Kudelski Security and Omer Shlomovits, creator of mobile crypto wallet, ZenGo – declined to name the exchanges at risk.

During Wired’s Black Hat Security Conference, held on Aug. 6, Aumasson and Shlomovits discussed three key flaws on crypto exchanges storage of users’ funds. According to their research, crypto exchanges are time and again falling to these weaknesses due to weak or failure to correctly implement the security protocols.

Crypto exchanges have significantly improved their security, especially in safeguarding users’ private keys. Unlike traditional bank vaults, crypto exchanges do not store all the private keys in one place to avoid a single point of failure attacks. To enhance security, the exchanges split up the private keys into different components so that no single party directly has access to the funds.

However, the “complex” procedure of securing private keys through splits raises some flaws in implementation.

One of the major flaws lies in having a malicious insider “exploiting a vulnerability in an open-source library” in one of the major exchanges, the researchers said. The vulnerability of the library arises in the refresh function. They further declined to give the name of the exchange due to security reasons.

Many of the top exchanges have a refresh function of the split private keys held by each person to prevent attackers from slowly gathering each part of the “split private key” and gaining access to the wallet funds. According to Aummasson:

“The refresh mechanism (vulnerable library) allowed one of the key holders to initiate a refresh and then manipulate the process, so some components of the key changed, and others stayed the same.”

While this would not permit the attacker to steal the funds, the exchange could permanently be locked out of access on all its funds.

The second flaw is from an unnamed digital asset management firm whereby an attacker in control of exchange would compromise the relationship between the exchange and its customers. This attack also focuses on private key shuffling, whereby the attacker draws the users’ private keys after multiple key shuffles. With the private keys, funds are in the hands of the attacker.

Finally, a key generation attack, first noticed on Binance exchange (who solved the issue partially in March). Attackers target the very beginning of the key generation process when the trusted parties derive random numbers for the ‘zero-knowledge proof” security mechanism.

In Binance’s case, the open-source library never audited or checked the random numbers, which could enable a hacker to send their random values to the “split private key” trusted parties and, in return, extract everyone’s portion of the private key – accessing the funds.

These problems stem from a person with privilege in the crypto exchanges initiating the attack, the researchers concluded.

Read Original/a>
Author: Lujan Odera

BIS Latest Report Discusses How Payment Are Evolving With Tokenization and CBDC’s

Bank of International Settlements (BIS) researchers focusing on the payments’ future, reveals their latest quarterly report released on Sunday.

The paper has 138 pages and looks at what’s on the horizon in the financial sector, especially since tokenization, central bank digital currencies (CBDCs) and cross-border payments are starting to be more and more in trend.

Conclusions on Tokenization

According to BIS, the tokenization of securities on distributed ledgers can streamline the settlement cycle and become too efficient for some investors to bear with it, seeing traders are used with slow settlement cycles, liquidity management concerns and intermediaries. The report also says DLT and smart contracts are still to be proven when it comes to settlement and clearing, reading further that:

“The ability of tokenized systems to interoperate with account-based systems will be key to their success.”

What About CBDCs?

Another one of the big stories circulating in the world of banking is that of CBDCs, so BIS didn’t hesitate to address it too. It clarifies that there’s no use to develop digital money if it wouldn’t bring any advantages and while the existing payment systems work, saying retailers wouldn’t want to use a system that’s not in demand, whereas most consumers find cash or credit cards much more convenient.

Trying to answer the question of how decentralized a CBDC system would be, the research says decentralization indeed eliminates the risk of the entire system’s failure, but it brings about new vulnerabilities. Here’s what the report reads exactly:

“The key vulnerability of a conventional architecture is the failure of the top node, for example via a targeted hacking attack. The key vulnerability of DLT is the consensus mechanism, which may be put under pressure, for example, by a denial-of-service type of attack.”

Meanwhile, some banks have publicly stated they don’t see DLT as the salvation that’s rumored to be, whereas others are pushing forward with trials on DLT-based CBDCs.

BIS Report on Payments

Agustin Carstens, the General Manager at BIS, said the impact of a completely different and brand-new backend payment infrastructure needs to be considered. Central banks have been put into working mode by Facebook’s Libra, so it’s not yet clear if stablecoins are going to bring the financial doom foreseen by some or not. BIS deemed the matter as unanswered and enduring, saying there’s a need for an international response. It brought its Innovation Hub into discussion, saying it may provide the looked-for global response.

The Innovation Hub will collaborate with monetary policy makers and bankers at developing frameworks on digital innovations. According to BIS, it has spokes in Hong Kong, Switzerland and Singapore, not to mention a good position for developing policies across different networks.

Read Original/a>
Author: Oana Ularu

New ‘Spider’ Crypto Routing Scheme By MIT Boost Blockchain Transactions By 4x

Massachusetts Institute of Technology researchers have developed a fresh technology that they claim will help ease the congestion on the cryptocurrency payments networks, Cointelegraph reports.

Dubbed Spider, the new crypto routing scheme will provide enhanced efficiency for payment channel networks commonly known as PCN. In a press statement, MIT claimed that Spider will help in reducing the time used for blockchain-based transactions as well as boost profits.

As per the press release, transactions in PCN are done with little action from the blockchain network. PCN enables the users to charge various accounts with a selected amount of cryptos. The payments are then done through a linkage of similar accounts whereby its only the opening and the closing of the said accounts are registered on the blockchain network.

Although conventional schemes utilize the shortest paths available to conclude a transaction and do not take into account the user’s balance, the new PCN technology depends on bidirectional joint accounts. In this case, payments are only routed to the channels with enough funds to complete the transactions. This, as per the press statement, will help to avoid a case where users within a joint account deals with lots of transactions leading to zero balance and making it hard to route additional transactions.

The researchers also explained that Spider will help in splitting every completed transaction into different smaller packets that can be distributed across various channels at divergent rates.

One of the key researchers of Spider technology is Vibhaalakshmi Sivaraman. He explained:

“Shortest-path routing can cause imbalances between accounts that deplete key payment channels and paralyze the system […] Routing money in a way that the funds of both users in each joint account are balanced allows us to reuse the same initial funds to support as many transactions as possible.”

Another crucial aspect of Spider is that it enables the queing of transactions when the accounts are congested rather than being rejected. The team also came up with an algorithm which will help in identifying the congested accounts.

The implementation of the Spider technology is scheduled to start before the end of this month.

Read Original/a>
Author: Joseph Kibe

Hackers Are Distributing a Vulnerable Tor Browser Version to Spy and Steal User’s Bitcoin

The researchers of the IT security company ESET have recently discovered a new way that hackers use to invade people’s computers. According to them, several hackers have been distributing a malicious version of the Tor Browser, which is generally used to access the deep web or to browse incognito.

This malicious version, however, is set to steal cryptocurrencies from the users and to spy on their computers. So far, the trojan has only led users to lose a very small amount of Bitcoin, but the problem is serious, so the researchers warned the users to be careful when using the software.

According to the researchers from ESET, the tokens are generally taken because the hackers change the address of the wallets when the user tries to make a payment using the fake browser.

Anton Cherepanov, the senior malware researcher at the company, affirmed that the wallets belonging to the criminals have received several transactions, however, most of them had small values. So far, the wallets have received only about 4.8 BTC ($38,700 USD), a huge gain for the hackers, but not a huge loss to people, as these transactions came from many different victims. He added;

“Each such wallet contains relatively large numbers of small transactions; we consider this a confirmation that these wallets indeed were used by the trojanized Tor Browser.”

Initially, the hackers targeted Russian users and then they decided to target other victims as well. The malicious software is being distributed by forums, according to Tor. The victim is generally redirected to one of two sites. The first site affirms that their software is out of date and they have to change it. This is when the victims get into the second site, in which they can download the fake app.

Read Original/a>
Author: Silvia A

Sucuri Discovers Fake WordPress Plugins Privately Mining Cryptocurrencies

The researchers of Sucuri just discovered a new threat that affects WordPress users. According to them, new malicious plugins for WordPress are appearing at a fast rate. These plugins are exploiting an issue by running the Linux binary code.

They get access to the computer of the person and then mine cryptos illegally. Most of the time, the victims do not even perceive that their computing power is being used until the criminals have already made a considerable amount of money from them. According to Sucuri, the plugins are also used as a way to maintain access to compromised servers, which are used for cryptojacking, too.

Most of the malware disguised as plugins are clones of software that are legitimate. However, a small part of them has been altered in a way that it makes easier for the hackers to invade the computer.

According to Sucuri, the hackers have been using several names for these fake plugins and they keep creating other ones so that more people will be fooled if the prior plugins are discovered. Some examples of plugins that contained malware were updrat123 and initiatorseo.

While all these plugins have different names, all of them are pretty similar to UpdraftPlus, a popular plugin used for backup and restore sites. This happened mainly for two reasons. It is easier to use something that already exists as a base and also to trick people into using it because they may mistake it for another piece of software.

Read Original/a>
Author: Gabriel Machado

New Crypto-Jacking Malware ‘Graboid’ Infects Thousands of Computers to Mine Monero (XMR)

Palo Alto Networks’ Unit 42 researchers discovered a new crypto-jacking malware that infected over 2000 victim’s computers.

The malware infects unsuspecting users’ computers to mine Monero (XMR), a privacy-based cryptocurrency. The crypto-jacking worm, named Graboid, spread using containers in the Docker Engine (Community Edition) to unsecured hosts’ computers.

Docker images spread the crypto-jacking malware

In a new intelligence report by the Unit 42 team, Graboid worm, targets Docker, a Linux and Windows based, platform as a service (PaaS) solution, which allows users to create, develop and deploy applications in a virtual environment.

The platform however is vulnerable to attacks from the newly found malware that on average mined XMR for 250 seconds with the miners active 63% of the time.




1Crypto-jacking malware, Graboid, activity overview. (Source: PaloAlto)

According to the report,

“The attacker compromised an unsecured Docker daemon, ran the malicious Docker container pulled from Docker Hub, downloaded a few scripts and a list of vulnerable hosts from C2 and repeatedly picked the next target to spread the worm.”

After identifying the 2,000+ cases of malicious activity on the Docker Engines (CE), Unit 42 partnered with Docker in a bid to stop the worm from spreading. Jay Chen, Unit 42’s Senior Cloud Vulnerability and Exploit Researcher, hopes tighter security protocols will be set on Docker images to reduce the instances of malware. He said,

“We’re continuing to see instances where the failure to properly configure containers can lead to the loss of sensitive information and as a result, default configurations can be significant security risks for organizations.”

Hike in crypto-jacking activities

In August, BEG reported over 850,000 computers were infected with another crypto-jacking software mining Monero on the users computers. Retadup Monero, was quickly stopped by Paris police officers after a tip off by Avast software security company.

On Oct.8, ESSET, a security firm, also discovered a new crypto-jacking software rampant in South and Latin America spreading on users’ computers. Casbaneiro, or Metamorfo, attacks users cryptocurrency wallets and banking services to reveal personal information.

Read Original/a>
Author: Lujan Odera

Dark Market Hackers Are Selling $800 In Bitcoin For $10k Cash To Help Launder Money: Armor Research

Security experts and researchers have recently identified an ongoing trend of illicit and lucrative transactions involving BTC to cash transactions. The security experts provided a glimpse into what is taking place in the dark web after analyzing dozens of transactions posted and executed in various forums and marketplaces.

The financial scammers are alleged to be selling bitcoin for between ten and twelve cents on the dollar for any willing buyer who is ready to provide a prepaid Bitcoin fee. This is according to Armor’s Threat Resistance Unit report for the third quarter of 2019 which focused on black market crypto transactions.

Evading Risks

The scheme being conducted by the cybercriminals has seen some of the money launderers providing buyers with bundles of cash. Normally, the amount ranges from $2,500 to $10,000. This is in exchange for a ten to twelve percent fee payable via Bitcoin.

When the buyer sends the cryptocurrency, they are requested to send the details of the Western Union, PayPal, or bank account where the money will be sent.

In essence, this type of transaction is simple in that it provides the crypto buyer with a sky-high return on the illicit purchases that they have made. This, in addition, helps do away with the need to use a money mule or the risk that may come with accessing an account that is already compromised.

According to the report, money mules are the people who transfer funds from compromised accounts in exchange for a transaction fee that ranges between ten to twelve percent of their actual value.

The actors in such transactions tend to open expensive business accounts in a bid to ensure that they will not trigger any fraud alerts that may arise after transacting in large money volumes. The accounts are also useful in guaranteeing that the actors will not draw any unwanted attention.

Outstandingly, this particular scheme is meant to benefit the people who are selling the stolen funds. This is because they do not get to take possession of the funds in question, but instead, only deal in their transfer. What this means is that the person who buys the funds will carry all the risks.

Read Original/a>
Author: Daniel W

Researchers Exploit Canon DSLR Camera and Demand Bitcoin Ransomware in Latest Hack Attack

Cybersecurity researchers are always looking for flawed systems in order to expose vulnerabilities. The latest effort was made by a group of researchers who hacked a Canon EOS 80D DSLR camera in order to test a ransomware scheme.

The researchers from Check Point Research used the Picture Transfer Protocol (PTP) of the camera in order to exploit the system and hold all the photos away from the user. PTP services are generally used to transfer images and can be exploited in order to prevent the user from doing it.

Many new cameras have it as you can transfer photos using WiFi instead of a USB device, but this opens up a breach that hackers can you to take your photos and then ask ransomware for them if you ever want to have them back.

If a hacker is able to put malicious code into the camera, he can take control of the pictures and then demand ransomware. During their tests, the researchers discovered a way of doing it to encrypt the storage systems of the device.

After that, they could contact the victims and offer the keys to decrypt the camera’s files in exchange for money.

The researchers affirmed that hackers have achieved a moderate level of success with this kind of threat, especially by targetting photographers and other people who rely a lot on photos.

Canon developers were warned about the vulnerability this year, so they patched it up before Check Point Research made it public. Because of this, at the moment, the hack is not supposed to work on any kind of model in the market.

Read Original/a>
Author: Gabriel Machado

ESET Cybersecurity Researchers Discover A Virtual Crypto Mining Threat ‘LoudMiner’


Cyber Security Researchers at ESET- a cyber security firm- have uncovered a new threat in the form of a persistent and unusual mining software, which as of now has been categorized as Malware and has been dubbed- “LoudMiner”, Cointelegraph reports.

ESET says that LoudMiner utilizes a virtualization software on Windows and QEMU on macOS — to mine crypto on a Tiny Core Linux virtual machine, and has the capacity to infect computers from different operating systems.

The miner operates within pirated applications and comes packaged with virtualization software,a Linux image and additional files.

The miner allegedly utilizes XMRig which is an open source software that is utilized in mining Monero, the privacy focused altcoin. It also uses a mining pool, therefore reportedly preventing the researchers from retracing any transactions.

The report released by the researchers indicate that for macOS as well as windows, the fraudulent miner operates within pirated apps that are shoved together with virtualization software a Linux image and additional files.

When one downloads desired software, LoudMiner is installed first but hides itself and will only be noticed after rebooting. The Linux virtual machine is launched and the mining starts.

ESET said that the miner affects apps that deal with audio production that mostly operate on computers that have high processing power, whose high CPU consumption due to crypto mining activities, will not make the users suspicious.

In addition, the fraudsters also take advantage of the fact that such complicated apps are mostly complex and enormous so as to hide their virtual machine images. The digital technologists added:

“The decision to use virtual machines instead of a leaner solution is quite remarkable and this is not something we routinely see.”

At the moment ESET had discovered three strains of the miner targeted at macOS systems, and just one for Windows thus far.

The researchers said that in order to identify a particular mining session, a file containing the IP address of the machine and the day’s date is created by the ‘idgenerator’ script and its output is sent to the C2 server by the “updater.sh script.”

Quit Downloading Pirated Commercial Software

To avoid the threat, age-old advice applies: Don’t download pirated copies of commercial software.

Nonetheless, the researchers Malik also offered some hints to identify when an application contains unwanted code. Red flags include a trust popup from an unexpected, ‘additional’ installer; high CPU consumption by a process one did not install (QEMU or VirtualBox in this case); a new service added to the startup services list; and network connections to curious domain names (such as system-update info or system-check services).

“The decision to use virtual machines instead of a leaner solution is quite remarkable and this is not something we routinely see.”- said the researchers.

What’s your take on the discovery of the crypto mining threat? Let us know in the comments section.

Read Original/a>
Author: Joseph Kibe