Connect with us

Security

Smominru Malware Hijacked Half-Million PCs to To Mine Monero

M. Ali

Published

on

Over half million Windows based PCs have been infected with Smominru malware that installs a custom version of XMRig is to mine Monero. This was revealed in a recent report that was published recently by Carbon Black Security.

Smominru also steals information from vulnerable targets ( including external IP addresses, internal IP addresses, domain information, usernames and passwords) and send it over to a command and control server (C&C or C2) owned by Smominru’s operators. Access to the hacked systems are being sold on Dark Web at a rate of $6.75 each.

Smominru operators are using different techniques to infect machines. They mainly rely on the use of the EternalBlue (CVE-2017-0144) exploit, but they’ve also deployed EsteemAudit (CVE-2017-0176), both aimed at taking over machines running unpatched Windows OS.

Smominru is not a new malware, it has been around for almost three years now. Last year, Smominru made around $2.3 million for it’s operators (source).

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at [email protected]

Continue Reading
Advertisement
Comments

Bitcoin

Bitcoin User Losses $16.2 Million in BTC After Using an Old Electrum Wallet

M. Ali

Published

on

By

An anonymous Bitcoin user is claiming to have lost $16,000,000 (1400 Bitcoins) due to installing an old Electrum wallet version that is running malicious servers.

The user created an issue and explained what happened on the official Electrum’s github page.

It seems the victim was using an infected version of Electrum wallet that asked him to install some sort of malicious updates that triggered the transfer of hist entire Bitcoin balance to a scammers address.

According to bitcoin blockchain the transfer of the stolen funds happened yesterday.

Electrum is a light client, which means it must connect to the blockchain through a server, which by default is chosen from a list of public Electrum servers. Anyone can operate such a public server and some users will be randomly connected to it.

When broadcasting a transaction on Electrum, it gets sent to the Electrum Server you are connected to for propagation to the network. The server should try to add the transaction to its mempool and further propagate it to other Bitcoin nodes.

it seems the attackers have set up a public Electrum Server targeting the old wallets’ users, which was tweaked so that instead of propagating the user’s transaction as it should, it always returns a malicious error message directing the Electrum clients to a phishing website to “upgrade” their Electrum version.

The only way to keep your Bitcoin and other digital currencies safe is to either use an offline wallet or a trusted hardware wallet.

Continue Reading

Bitcoin

Major Cryptocurrency Twitter Accounts Got Hacked

M. Ali

Published

on

By

Many popular cryptocurrency-related verified Twitter accounts got simultaneously compromised and tweeted an identical “CryptoForHealth” scam message. The hackers are shilling a scam-site to try and get individuals to send them Bitcoin.

Complete list of hacked accounts so far: – @cz_binance@AngeloBTC@SatoshiLite@bitcoin@justinsuntron@binance@coinbase@Tronfoundation@kucoincom@bitfinex@elonmusk@kucoincom

It’s unclear what entity hacked into the accounts or how they were able to gain access, though some Twitter comments suspect it may be a hack of Twitter’s application programming interface (API), a computing point of contact between two networks that allow certain interactions between the two.

Some twitter users claim that hackers got access to “Twitter Panel”, which is basically hacking one of the Twitter admins/employees. This gives direct admin access to accounts and allows individuals to chance e-mail & password.

Stay tuned for updates.

Continue Reading

Altcoins

IOTA Releases an Updated Wallet To Fix Trinity’s Security Vulnerability

M. Ali

Published

on

By

IOTA Hack

IOTA’s team has released an updated version of it’s own Trinity wallet to fix some serious security vulnerabilities that allowed hackers to exploit Trinity wallet that was released by IOTA last summer. The new updates is available for Trinity Desktop, Android and IOS

Almost all IOTA’s users who have opened any version of Trinity (Desktop or Mobile) since the 17th of December 2019 are affected by this attack. Yet, only 10 wallets were hacked if not more.

A Reddit post about the recent attack

Iota team said that they are working with law enforcement and cybersecurity experts to track down the attackers. Yet, IOTA has revealed very few details about the attack.

A large amount of IOTA tokens have been stolen. The team predicts that $300,000 to $1.2 million worth of IOTA has been stolen so far. According to IOTA’s Team, the hack started on or around 25 January 2020 and that only Trinity Desktop users’ seeds were potentially compromised.

IOTA will implement a KYC procedure involving a third party that will enable all users who had their tokens stolen to reclaim them.

What is IOTA?

IOTA is a free and scaleable transaction settlement and data transfer layer for the Internet of Things (IoT). It is based on a novel distributed ledger technology, the Tangle, which overcomes the inefficiencies of current Blockchain designs and introduces a new way of reaching consensus in a decentralized peer-to-peer system.

IOTA USD price chart for the last 7 days:

Continue Reading

Popular