Posted on

Ethereum Wallets, Mining Rigs Still Targeted by Hackers at Low Prices

Ethereum has been one of the hardest hit cryptocurrencies during this year’s bear market. Its woes are nowhere near over as mining hardware has been targeted by hackers looking to cash in before prices plummet even further.

In a recent report tech based news outlet ZDnet revealed that hackers have unleashed a large scale scanning network designed to target Ethereum wallets and mining hardware. The campaign has been running for at least a week since December 3 according to cyber security researchers.

The target specifically is port 8545 which is the standard port for the JSON-RPC interface used by Ethereum wallets and mining hardware. The API interface allows locally installed apps and services to scan for fund related and mining data.

Some less secure wallets and mining machinery leave this interface exposed publicly via the port which can then be compromised.  By default the interface does not have a password set and relies on the user configuring one. If left exposed hackers can exploit the port to access the interface and lift cryptocurrencies from the wallet.

This is not a new threat however as the Ethereum team issued a warning back in August about insecurely configured Ethereum clients. The recommendations included password protecting the interface or filtering traffic through the port using a firewall.

A number of mining rig vendors have already taken steps to mitigate the issue by removing the interface altogether or limiting usage of port 8545. There are still a lot of vulnerable Ethereum clients online however and the scans are ramping up.

According to Chinese cyber-security firm Qihoo 360 Netlab over $20 million in Ethereum at July’s exchange rate has already been stolen by one group. When crypto prices surged it was expected that scans and attacks would also be on the up.

What is surprising this time around is that there has been an uptick in scans despite the price of Ether entering what some have described as a death spiral. “Despite the price of cryptocurrency crashing into the gutter, free money is still free, even if it’s pennies a day,” Bad Packets LLC co-founder Toy Mursch told ZDnet.

Scan activity has tripled over the past week according to the cyber security firm. Further searches show that nearly 4,700 devices, mostly Geth mining equipment and Parity wallets, are currently exposing their 8545 port.

Cryptocurrency prices may be on the floor but that does not deter hackers from paying attention and seeking opportunities to grab some free loot.

The post Ethereum Wallets, Mining Rigs Still Targeted by Hackers at Low Prices appeared first on Ethereum World News.

Posted on

Verge Suffers Another Blow From Hackers

The integrity and reliability of Verge Currency has once again been questioned, following a massive blow that the blockchain suffered from hackers which is not the first of its kind.

A currency which taunts itself as being a “secure and anonymous”, telling people that “privacy has a choice” yesterday fell into the bait of hackers, where a malicious miner took over 51% of the network’s Hashrate.

The Wednesday April 4, attack was made known on a Bitcointalk forum, by a regular poster ocminer who stated that about 250,000 verge was carted away.

The attack, according to the forum was made possible due to the availability of some bugs in the altcoin’s code, giving the hackers the possibility to mine new blocks with a spoofed timestamp using the same algorithm.

“Usually to successfully mine XVG blocks, every “next” block must be of a different algo.. so for example scrypt,then x17, then lyra etc”.
“Due to several bugs in the XVG code, you can exploit this feature by mining blocks with a spoofed timestamp. When you submit a mined block (as a malicious miner or pool) you simply set a false timestamp to this block one hour ago and XVG will then “think” the last block mined on that algo was one hour ago.. Your next block, the subsequent block will then have the correct time.. And since it’s already an hour ago (at least that is what the network thinks) it will allow this block to be added to the main chain as well”, the forum post reads.

The attack went on for about 3 hours until Verge’s lead developer, Justin successfully proffered solution to the problem temporally after a second attempt with an emergency commit post. However, by that time, hundreds of blocks has been established by the hacker and it was irreversible.

In a bid to down play the attack, verge, on its twitter account posted:

Source: Twitter.

In a bid to compound the altcoin’s problem, the supposed hacker in a post said, “hey Verge Team, get some real developers and fix your code.
We have found another 2 exploits which can make quick hashes as well.”

Narrating an experience of the event, a Verge holder explained:

“I visited some hours ago the official Verge Twitter profile to read the news about the hash hack. While reading the tweet I noticed several messages offering a compensation for the attack by Verge”.

“Send x Eth and you get some bonus back. Sounded legit to me as it was affilated to the hash attack and I suffered from it as well having had some hours only orphaned blocks on all my baikals, hence I fall victim to this damn scam on the official twitter page”.

In another post, a user lodged a complaint stating: “based on what I see from the dev postings here it’s apparent that if ocminer had never brought this to everyone’s attention, the XVG team would have never admitted to or disclosed what happened. Trying to downplay and being flippant about the severity here is just pissing on the XVG faithful.”

It can also be recalled that last month, Verges Twitter account was also taken over by hackers where users were asked for coin.

Musing over the all the occurrence of heist, the developer is preparing a hard fork for the altcoin.

Posted on

Bitcoin Cryptocurrency Mining Platform NiceHash Hacked: $73 Million Reportedly Stolen

Hackers have stolen over $73 million in bitcoin after cryptocurrency mining platform NiceHash reported a security breach yesterday.

NiceHash, which lets people offer their computer capacity for bitcoin miners to mine cryptocurrencies in exchange for bitcoin, initially said yesterday morning on Twitter that it was undergoing ‘maintenance.’ A message posted to its website, however, now shows that its service is ‘unavailable,’ highlighting that a security breach had occurred and that all operations would cease for the next 24 hours.

In a statement, the company said:

“Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken. Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days. In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are co-operating with them as a matter of urgency.”

While the team didn’t disclose the amount of bitcoin stolen, a wallet address has been circulated by NiceHash users suggesting that 4,736.42 bitcoin has been stolen, a figure, at the time of publishing, that puts its value at $73.1 million.

In the company statement, the NiceHash teamed urged its users to change their online passwords as a precaution as it determines the full scope of what occurred, adding:

“We are truly sorry for any inconvenience that this may have caused and are committing every resource towards solving this issue as soon as possible.”

The security breach comes at a time when the digital currency is experiencing a surge in value. Yesterday, it was reported that bitcoin had scaled the $14,000 milestone, ahead of the upcoming launch of several bitcoin futures contracts. Today, bitcoin continues to go one step further and is currently trading at over $15,000, at $15,655, according to CoinMarketCap. This represents a near 60 percent rise in value over the past seven days.

With an increase in price, however, the digital currency becomes more attractive to criminals. So much so, that according to cybersecurity firms, cybercriminals are working at targeting victims with malware to mine digital coins. Anti-malware software company Malwarebytes, claims that it has prevented 250 million attempts to put coin-mining malware on computers.

Once the malware is on the computer it then works at 100 percent to get as much mining done as possible. However, even if a victim shuts down their computer, the malware can still function in the background as hidden browsers remain open enabling it to continue working.


– For more Cryptocurrency market related Updates and News Follow us on our Facebook and Twitter pages.

Posted on

Breaking: Tether Hacked for 30 Million, Sudden Cryptocurrency Market Crash?

Will be updated regularly

From tether.to website:

Yesterday, we discovered that funds were improperly removed from the Tether treasury wallet through malicious action by an external attacker. Tether integrators must take immediate action, as discussed below, to prevent further ecosystem disruption.

$30,950,010 USDT was removed from the Tether Treasury wallet on November 19, 2017 and sent to an unauthorized bitcoin address. As Tether is the issuer of the USDT managed asset, we will not redeem any of the stolen tokens, and we are in the process of attempting token recovery to prevent them from entering the broader ecosystem. The attacker is holding funds in the following address: 16tg2RJuEPtZooy18Wxn2me2RhUdC94N7r. If you receive any USDT tokens from the above address, or from any downstream address that receives these tokens, do not accept them, as they have been flagged and will not be redeemable by Tether for USD.

The following steps have been taken to address this matter:

  1. The tether.to back-end wallet service has been temporarily suspended. A thorough investigation on the cause of the attack is being undertaken to prevent similar actions in the future.
  2. We are providing new builds of Omni Core to the community. (Omni Core is the software used by Tether integrators to support Omni Layer transactions.) These builds should prevent any movement of the stolen coins from the attacker’s address. We strongly urge all Tether integrators to install this software immediately to prevent the coins from entering the ecosystem. Again, any tokens from the attacker’s address will not be redeemed. Accordingly, any and all exchanges, wallets, and other Tether integrators should install this software immediately in order to prevent loss:

    https://github.com/tetherto/omnicore/releases/tag/0.2.99.s

    Note that this software will cause a consensus change to currently running Omni Core clients, meaning that it is effectively a temporary hard fork to the Omni Layer. Integrators running this build will not accept any token sends from the attacker’s address, preventing the coins from moving further from the attacker’s address.

  3. We are working with the Omni Foundation to investigate ways that will allow Tether to reclaim stranded tokens and rectify the hard fork created by the above software. Once this protocol enhancement is complete, the Omni Foundation will provide updated binaries for all integrators to install. These builds will supersede the binaries provided above by Tether.to. After the protocol upgrades to the Omni Layer are in place, Tether will reclaim the stolen tokens and return them to treasury.

Tether issuances have not been affected by this attack, and all Tether tokens remain fully backed by assets in the Tether reserve. The only tokens that will not be redeemed are the ones that were stolen from Tether treasury yesterday. Those tokens will be returned to treasury once the Omni Layer protocol enhancements are in place. 

We will provide further updates as they come available, and we appreciate the community’s patience, understanding, and support while we work to rectify the situation in the best possible manner to everyone’s benefit.

 The Tether Team