This Week In Blockchain and CyberSecurity News - January 4, 2019
Cryptocurrency Hardware Wallet Vulnerabilities Revealed
Hardware wallets have been praised to be one of the most secure methods of storing crypto. Unfortunately, nothing is truly secure as there may always be a bug or vulnerability within a device. Recently, hardware researchers were able to uncover three vulnerabilities that impact a range of hardware wallets including Trezor One, Ledger Nano S, and Ledger Blue. Out of the three vulnerabilities the researchers stated the supply chain attack was the easiest to perform. In this scenario, the attacker would obtain a wallet and install a receiver internally, allowing them to tamper with it. By using a simple radio antenna, they can comprise the device’s security and remotely trigger a transaction(within close proximity). The second vulnerability is the Bootloader Vulnerability. This vulnerability/bug exists in the Ledger Nano S’s use of the STM32 microcontroller. An attacker can abuse the bug to flash the chips with custom firmware, such as flashing the chip with a version of the game snake- which the developers conducted. This can be used to manipulate the microcontroller and compromise cryptocurrency transactions. There are built-in mitigations to prevent this type of attack, however, the researchers found a way to bypass them. The final vulnerability found is a side channel attack. By using software-defined radio equipment and artificial intelligence, researchers were able to capture radio waves attributed to different hardware wallets and sniffed out the pin numbers of the user. This attack was able to accurately determine the PIN password 90% of the time in the Ledger Blue devices.
Read more here!
Cyberattacks Target Newspapers In The U.S., Prevents Some From Publishing
Over the weekend several U.S. newspapers came under attack from hackers preventing many from printing and distributing their daily editions. Newspaper companies such as The Los Angeles Times, San Diego Union-Tribune, Chicago Tribune, and Baltimore Sun are just some that had printing issues on Saturday. According to the LA Times, the attacks appear to have originated from outside the U.S. and seem to involve a recently documented piece of ransomware tracked as Ryuk. According to an advisory published in August, the U.S. government has been tracking Ryuk and described its attacks as “highly targeted, well-resourced and planned.” While it is unclear how much money the cyber criminals were hoping to obtain in this specific demand past Ryuk random demands ranged from 15 bitcoin to 50 bitcoin. CyberSecurity company Check Point reported in August that Ryuk ransomware made well over $600,000 in only two weeks.
Read more about the attack here
Hackers Siphon Bitcoin In Electrum Wallet Attack
One of the more popular bitcoin wallet implementations suffered an attack which has already netted hackers over 250 bitcoin worth around $917,000. Electrum bitcoin wallet fell to an attack that involved creating a fake new version of the wallet and directing users to it through an official-login message. The notice stated that the user had to update their Electrum wallet and provided a malicious GitHub link. Once the user installed the program, the malware prompted users to enter their two-factor authentication codes. After the two-factor authentication codes were authorized, the hackers emptied the victims’ wallet balance and transferred the funds to their own bitcoin address. While Electrum has since modified its software, attackers have still added tens of malicious servers to the Electrum wallet network and new attacks are expected to occur.
Read more here
Cryptojacking- A Cyber Attack That Is On The Rise
A type of cyberattack is becoming increasingly popular and is further motivating criminals to infiltrate everything from home PCs to giant data centers. Cryptojacking is the use of a device’s resources and equipment to mine cryptocurrency. Sometimes with only a few lines of code to operate, hackers install software on computers, network servers, and mobile devices which can remain undetected. Using phishing attacks, or other deceptive tactics cyber criminals can trick an unsuspecting user to download and boot the malicious software. The software/script will then run in the background as the user operates their laptop. Another version of cryptojacking is when a victim visits a website a hacker has injected malicious code into. As the victim browses the website, the code automatically executes and harnesses the computer's resources to mine cryptocurrency. However, this type of crypto-mining only occurs while the website or ad is being displayed on the victim's computer. Making sure you are protected against crypto jacking and other types of malware are becoming increasingly important as cyber threats evolve and become more difficult to detect.
Read more on Cryptojacking here
Video game “Town Of Salem” Hacked Leaving More Than 7.6M With Compromised Data
BlankMediaGames confirmed that it suffered a data breach impacting more than 7.6 million players of popular browser-based game Town of Salem. Due to a vulnerability on their servers, a wide variety of information was stolen. The Information reportedly included in the hack is as listed: Usernames, Emails, Passwords, IP Addresses, Game and Forum Activity, Payment Information, and Billing Information of Certain Premium Users. On an online forum, more than two million passwords from the compromised database have already been decrypted and are available online. The breach itself occurred on December 28th but BlankMediaGames waited until after the holidays to disclose information about it. This incident is another example that exhibits the importance of keeping servers/customer information secure and developing a proper incident response plan to follow if a breach does occur.
Get more information here