Connect with us


Detect and Defend: Google Cloud’s New Cryptomining Protection Program




Google Cloud has announced the launch of its Cryptomining Protection Program, an innovative initiative aimed at providing enhanced security against cryptomining attacks. The program, offered exclusively to Security Command Center (SCC) Premium customers, includes financial protection of up to $1 million to cover unauthorized compute expenses associated with undetected attacks.

In the past, threat actors have frequently exploited weak and default passwords to gain access to Google Cloud accounts, with cryptomining being the preferred method of attack in 65% of cases, as revealed by the Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report.

“Security Command Center has rapidly become one of the most widely utilized tools for safeguarding Google Cloud environments,” stated Jess Leroy, senior director of product management at Google Cloud. “Fortune 10 companies, as well as SMB organizations worldwide, rely on Security Command Center Premium to protect their Google Cloud environments.”

The Cryptomining Protection Program is exclusively available to SCC Premium customers due to the comprehensive threat detection capabilities integrated into the Google Cloud infrastructure. This includes advanced cryptomining attack detection, which forms the foundation of the financial protection program.

To identify and mitigate such attacks, SCC Premium employs state-of-the-art techniques, such as scanning virtual machine memory for malware. This approach enables Google Cloud to detect threats that may go unnoticed by external security tools relying solely on cloud logs and API data analysis. By integrating the detection capabilities into the cloud infrastructure itself, Google Cloud can proactively identify and counter potential threats before they cause significant harm.

Moreover, SCC Premium offers additional features, including the detection of compromised identities, which are often the entry point for attackers. By identifying excessive failed attempts, unusual impersonation chains, dormant service account activity, and other anomalous behavior, SCC Premium enhances overall security posture.

Customers enrolled in the SCC Premium program automatically qualify for the Cryptomining Protection Program, provided they adhere to the program’s terms and conditions, including the implementation of Cryptomining Detection Best Practices. In the event that Google or Security Command Center Premium fails to detect and notify a customer of a cryptomining attack within their compute engine VM environment, resulting in unauthorized compute engine costs, the customer can request cloud credits within 30 days from the start of the attack to cover the incurred expenses.

Upon raising such an issue, Google’s dedicated support team collaborates closely with the customer to determine the precise compute engine costs arising from the cryptomining attack. Under the program, customers are eligible to receive cloud credits, with a maximum limit of up to US$1 million within any 12-month period.

With the introduction of the Cryptomining Protection Program, Google Cloud continues to prioritize the security and protection of its users’ digital assets, offering peace of mind and a robust defense against emerging threats in the cryptocurrency landscape.

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at [email protected]


Telecom Giant Vodafone Bringing Crypto to the Masses Via SIM Cards

June G. Bauer



The major telecom company Vodafone has unveiled an ambitious plan to integrate cryptocurrency wallets directly into the SIM cards used by mobile phones on its network. This cutting-edge move aims to make blockchain technology and crypto easily accessible to millions of smartphone users worldwide.

What’s Happening?

Vodafone, one of the largest mobile operators based in the UK, intends to combine crypto wallets with the subscriber identity module (SIM) cards inside phones. SIM cards are little chips that allow mobile devices to connect to a carrier’s network.

By embedding a crypto wallet into these ubiquitous SIM cards, Vodafone wants to introduce blockchain and virtual currency technology to the masses through the smartphones we all use daily.

The Bigger Blockchain Picture

This crypto SIM integration is part of Vodafone’s bigger blockchain strategy. The company has developed its own “PairPoint Digital Asset Broker” platform to enable secure digital identities and transactions across different blockchains.

Vodafone’s blockchain lead David Palmer emphasized in an interview that mobile phones are the main way billions access digital services and commerce. So partnering blockchain with SIM card tech is crucial for widespread adoption.

By 2023, there will be over 8 billion mobile phones in use globally. And estimates suggest crypto wallets on smartphones could reach 5.6 billion by 2030 as digital money goes mainstream.

Financial Restructuring

The crypto wallet announcement comes as Vodafone seeks to restructure its finances and raise billions in new funds through debt offerings and loans over the next couple years.

The company plans to take on $2.9 billion in total debt, including $1.8 billion in direct loans. Some of this financial overhaul relates to issues at Vodafone’s Indian subsidiary Vodafone Idea Ltd.

While navigating these monetary hurdles, Vodafone still sees major opportunities in emerging technologies like blockchain and aims to be an innovator helping drive mainstream crypto adoption through the SIM card strategy.

Continue Reading


No Evidence of Hack, Says Bitfinex CTO Amid Ransomware Gang’s Allegations





In the world of cybersecurity, claims of data breaches can cause significant concern and speculation. Recently, a ransomware group named FSOCIETY claimed to have successfully hacked several organizations, including the cryptocurrency exchange Bitfinex. However, Bitfinex’s Chief Technology Officer (CTO), Paolo Ardoino, has dismissed these rumors, stating that a thorough analysis of their systems revealed no evidence of a breach.

According to Ardoino, who is also the CEO of Tether, less than 25% of the email addresses allegedly stolen from Bitfinex’s servers match legitimate users. This casts doubt on the validity of FSOCIETY’s claims regarding the supposed hack.

The ransomware group, styled after the fictional hacking group from the TV show “Mr. Robot,” claimed to have breached several victims, including Rutgers University, consulting firm SBC Global, and a cryptocurrency exchange they referred to as “Coinmoma,” which is likely a misspelling of Coinmama.

Ardoino expressed skepticism about the group’s claims, stating that if they had indeed hacked Bitfinex, they would have demanded a ransom through the exchange’s bug bounty program, customer support channels, emails, or social media accounts. However, Bitfinex received no such requests from FSOCIETY.

Furthermore, Ardoino shared a message from a security researcher suggesting that the real motivation behind the alleged hacks might be to promote FSOCIETY’s ransomware tools, which they reportedly sell access to in exchange for a subscription fee and a commission on stolen profits. Ardoino questioned the group’s need to sell their tools for $299 if they had truly hacked a major exchange like Bitfinex.

It’s worth noting that Bitfinex has previously fallen victim to a significant hack in 2016, resulting in the theft of a substantial amount of Bitcoin. Two individuals, including crypto rapper ‘Razzlekhan,’ pleaded guilty to money laundering charges in connection with that incident.

Hacking group FSOCIETY published claims

While the claims made by FSOCIETY have yet to be verified by the alleged victims, Bitfinex’s CTO remains firm in his stance that no breach has occurred. As cybersecurity threats continue to evolve, it is crucial for organizations to remain vigilant and take proactive measures to protect their systems and users’ data.

Continue Reading


Indian Police Seize 268 Bitcoins Worth $17 Million in Crypto Bust




Indian authorities have seized a large sum of bitcoins from a resident of Haldwani, a city in the northern Indian state of Uttarakhand. The seized cryptocurrency stash of 268 bitcoins is worth around $17 million at current prices.

The Enforcement Directorate (ED), a law enforcement agency that investigates financial crimes, carried out the bitcoin seizure. They arrested Parvinder Singh from his home in Haldwani after a raid prompted by information from US authorities.

Singh is allegedly part of an international drug trafficking syndicate called “The Singh Organization.” The criminal group used dark web marketplaces like Silk Road to sell drugs in the US, UK and other European countries.

To hide their illegal activities, the syndicate laundered the drùg money by converting it into bitcoins and other cryptocurrencies. ED officials said Singh and his associates received around 8,488 bitcoins over the years from their drùg sales on the dark web.

The bitcoin seizure was a rare collaboration between Indian and US law enforcement agencies. American officials have been investigating Singh and his accomplice Banmeet Singh for their roles in the international drùg cartel.

Cryptocurrencies like bitcoin are popular among criminals due to the anonymity they provide. However, this case shows authorities are getting better at tracing illegal crypto transactions and bringing the perpetrators to justice.

The investigation is still ongoing, and more arrests and seizures are expected as officials unravel the entire money laundering operation of The Singh Organization.

Continue Reading