Connect with us

Security

Smominru Malware Hijacked Half-Million PCs to To Mine Monero

M. Ali

Published

on

Over half million Windows based PCs have been infected with Smominru malware that installs a custom version of XMRig is to mine Monero. This was revealed in a recent report that was published recently by Carbon Black Security.

Smominru also steals information from vulnerable targets ( including external IP addresses, internal IP addresses, domain information, usernames and passwords) and send it over to a command and control server (C&C or C2) owned by Smominru’s operators. Access to the hacked systems are being sold on Dark Web at a rate of $6.75 each.

Smominru operators are using different techniques to infect machines. They mainly rely on the use of the EternalBlue (CVE-2017-0144) exploit, but they’ve also deployed EsteemAudit (CVE-2017-0176), both aimed at taking over machines running unpatched Windows OS.

Smominru is not a new malware, it has been around for almost three years now. Last year, Smominru made around $2.3 million for it’s operators (source).

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at [email protected]

Continue Reading
Advertisement
Comments

Altcoins

IOTA Releases an Updated Wallet To Fix Trinity’s Security Vulnerability

M. Ali

Published

on

By

IOTA Hack

IOTA’s team has released an updated version of it’s own Trinity wallet to fix some serious security vulnerabilities that allowed hackers to exploit Trinity wallet that was released by IOTA last summer. The new updates is available for Trinity Desktop, Android and IOS

Almost all IOTA’s users who have opened any version of Trinity (Desktop or Mobile) since the 17th of December 2019 are affected by this attack. Yet, only 10 wallets were hacked if not more.

A Reddit post about the recent attack

Iota team said that they are working with law enforcement and cybersecurity experts to track down the attackers. Yet, IOTA has revealed very few details about the attack.

A large amount of IOTA tokens have been stolen. The team predicts that $300,000 to $1.2 million worth of IOTA has been stolen so far. According to IOTA’s Team, the hack started on or around 25 January 2020 and that only Trinity Desktop users’ seeds were potentially compromised.

IOTA will implement a KYC procedure involving a third party that will enable all users who had their tokens stolen to reclaim them.

What is IOTA?

IOTA is a free and scaleable transaction settlement and data transfer layer for the Internet of Things (IoT). It is based on a novel distributed ledger technology, the Tangle, which overcomes the inefficiencies of current Blockchain designs and introduces a new way of reaching consensus in a decentralized peer-to-peer system.

IOTA USD price chart for the last 7 days:

Continue Reading

Exchanges

Poloniex Exchange Forces Password Reset After an Alleged Data Leak

June G. Bauer

Published

on

Poloniex data leak

Yesterday, Poloniex cryptocurrency exchange sent an email to some of its users alerting them about a potential security breach after an alleged list containing Poloniex’s users email addresses and passwords was posted on twitter, which could be used by hackers to gain access to their Poloniex accounts.

While almost all of the email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses listed that do have an account with us, including yours.

the exchange wrote in its email notification to the affected users.
A screenshot of Ploniex’s email

It’s unclear how the email addresses and passwords were posted on Twitter in the first place and what percentage of the leaked data contained current data from Poloniex customers. That left many users bewildered whether the leak is real or not.

The daily trading volume on Poloniex exchange is $138,972,143, which makes it within the top 50 cryptocurrency exchanges.

Last November, TRON founder Justin Sun confirmed that he was one of the investors who acquired Poloniex from Circle group.

Continue Reading

Exchanges

Graviex Blames Malicious DDoS Attack After The Exchange Went Offline

June G. Bauer

Published

on

Graviex-Ddos-Attacks

Mysterious attackers have taken down Graviex cryptocurrency exchange over the last couple of days using DDoS (distributed denial-of-service) attacks.

The DDoS attacks took place on Sunday and Monday, December 29 and 30 , and have targeted Graviex’s main exchange website. During the DDoS, attackers successfully managed to overload two of Graviex’s network providers and managed bring down Graviex’ external connections to other ISPs.

The attackers, which appears to actually own a DDoS botnet contacted Graviex’s team demanding ransom payments,but the exchange refused to pay.

At the time of writing, the exchange now appears to be online and fully functional.

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

Continue Reading

Popular