Vulnerabilities Shake Trust In Blockchain Voting App; West Virginia Turns Back to Paper

  • Blockchain-Based Voting App Voatz to No Longer Be Used in West Virginia
  • Citing its vulnerabilities, Voatz will be replaced by a Democracy Live service

The blockchain-based voting app, Voatz, will no longer be used by West Virginia. The news comes after researchers discovered vulnerabilities within the app.

On February 29, it was reported by NBC News that West Virginia’s secretary of state, Mac Warner, announced that disabled and overseas voter will not be able to use mobile apps in to vote for the state’s primaries.

Democracy Live Service to Be Used Instead

Instead of Voatz, W. Virginia voters will have to use a Democracy Live service, which allows them to fill out an online ballot and return it through the post.

The Voatz app was piloted by West Virginia in the 2010’s general midterm election.

In February, legislation that mandates electronic voting in all state’s counties was introduced. As reported by NBS, an agreement was signed between the state of West Virginia and Voatz, which means the app would have had to be used for voting throughout 2020.

MIT and DHS Studies Put Down Voatz

West Virginia began to lose confidence in Voatz after a couple of studies demonstrated serious vulnerabilities within the app. One such study was published by the Department of Homeland Security (DHS) and another one by MIT in February, revealed Voatz app’s security vulnerabilities.

These vulnerabilities could have led to the ballot being hacked and the identity of voters being compromised.

However, the DHS’ Cybersecurity and Infrastructure Security Agency (CISA) reached the conclusion that there were no active threats on the Voatz network during the US midterm elections from September 2019.

Voatz commented that it has addressed the recommendations made by the DHS.

Bugs Discovered by MIT Could Not be Exploited in Practice

An election auditor that was responsible for supervising the Voatz system during the Utah County’s rollout said that some of the bugs discovered by the MIT researchers couldn’t be exploited in practice.

Here’s what the general counsel to the West Virginia’s secretary of state, Donald Kersey, said about the matter:

“If the public doesn’t want it or is skeptical to the point they’re not confident in the results, we have to take that into consideration.”

Read Original/a>
Author: Oana Ularu

Researchers Exploit Canon DSLR Camera and Demand Bitcoin Ransomware in Latest Hack Attack

Cybersecurity researchers are always looking for flawed systems in order to expose vulnerabilities. The latest effort was made by a group of researchers who hacked a Canon EOS 80D DSLR camera in order to test a ransomware scheme.

The researchers from Check Point Research used the Picture Transfer Protocol (PTP) of the camera in order to exploit the system and hold all the photos away from the user. PTP services are generally used to transfer images and can be exploited in order to prevent the user from doing it.

Many new cameras have it as you can transfer photos using WiFi instead of a USB device, but this opens up a breach that hackers can you to take your photos and then ask ransomware for them if you ever want to have them back.

If a hacker is able to put malicious code into the camera, he can take control of the pictures and then demand ransomware. During their tests, the researchers discovered a way of doing it to encrypt the storage systems of the device.

After that, they could contact the victims and offer the keys to decrypt the camera’s files in exchange for money.

The researchers affirmed that hackers have achieved a moderate level of success with this kind of threat, especially by targetting photographers and other people who rely a lot on photos.

Canon developers were warned about the vulnerability this year, so they patched it up before Check Point Research made it public. Because of this, at the moment, the hack is not supposed to work on any kind of model in the market.

Read Original/a>
Author: Gabriel Machado

ShapeShift Addresses Recent Vulnerability on KeepKey Wallet


ShapeShift, a crypto hardware wallet company has recently talked about the vulnerabilities that were found on its KeepKey wallets. According to the company, someone recently submitted a report that a vulnerability was found in the system.

This issue could be used to read the screen of the wallet and to do a side-channel attack. Basically, people could use it in order to discover sensitive information by looking at the screen remotely.

However, in order to be able to use this vulnerability, the hacker would need to engage in a very complex process. For instance, in order to see the information on the screen, the energy consumption of the victim’s device would need to be monitored with an oscillometer.

This would require considerable physical access, so there are ways that are much more easy to get information. What does this mean? The vulnerability does exist, but it is highly impractical.

It would be simply easier to use other strategies such as simply looking at the screen, as you have to be in near physical space to exploit this vulnerability.

According to ShapeShift, it would be highly difficult to successfully interpret the data even in the case that the device was actually hacked via this complicated process. Because of this, the company claimed that it was unlikely that people would use this method to steal money or information.

Also, many recovery phrases are shown at the same time on the screen, so it is hard to tell which words are the right ones using this new method.

[Author Alert] The author’s opinions above are solely based on their own self-conducted research. Assume any and all authors are using, holding, trading and/or buying cryptoassets mentioned as a portion of his or her financial portfolio. Use information at your own risk, do you own research, never invest more than you are willing to lose.

Read Original/a>
Author: Gabriel Machado

New XMRig Cryptojacking Malware Found by Trend Micro Is Attacking Devices Around the World

  • Trend Micro found malware that uses current vulnerabilities in web pages and other sources.
  • At-risk individuals can update their device’s software with the most current verified patches to be protected.

The cryptocurrency investors of the world are probably pretty happy to see the Coinhive crypto mining script offline, but that doesn’t mean that cryptojacking is over. In fact, recent research by Trend Micro indicates that there’s a new collection of malware that is going after users’ hardware, in an effort to mine cryptocurrency.

According to reports from The Next Web’s Hard Fork, Trend Micro states that the malware is deployed on many web servers while applying brute-force attacks. As the user’s hardware encounters the malware, it downloads Monero cryptocurrency miner XMRig. The most active malware in May was BlackSquid, and the majority of its attacks appeared to be in Thailand and the United States. “BlackSquid” is the name that Trend Micro has given the malware family.

Right now, as far as Trend Micro can tell, there are eight exploits used by BlackSquid, including EternalBlue, DoublePulsar, three security flaws in servers (CVE-2014-6287, CVE-2017-12615, CVE-2017-8464), and three vulnerabilities in web applications (ThinkPHP). However, Hark Fork warns that these exploits are hardly the most worrisome details of the malware.

The BlackSquid family of malware still has a lot of hidden tactics, like anti-virtualization, anti-debugging, and anti-sandboxing. All of these protocols happen before installation starts, which basically means that it will only download to the user’s hardware if it has determined that the malware will be undetected. As one computer on the network is infected, the malware goes after connected systems to make the attack more widespread.

The attacks themselves come through webpages that are already infected, web servers that the malware has compromised, or infected removable hardware. In the event that the malware is successfully undetected, it installs their variation of the XMRig, and it also looks for a video card to help with mining. Essentially, the attack goes after absolutely everything it can to improve the attacker’s likelihood of getting a return.

Even though there is a chance of major damage for an infected system, it is going after exploits and vulnerabilities that are already known. Protecting against the attack is relatively simple since the vulnerabilities have already been patched. Make sure that any network connected has the most updated version of its own software, and that all of the current patches from verified sources have already been installed.

Researchers believe the malware to be still in the testing stage, and that there are multiple features that may still need to be trialed. That being said, this may not be the last time that BlackSquid arises in the industry as a worrisome malware.

Read Original/a>
Author: Krystle M