Last Week In Blockchain and CyberSecurity News - May 7, 2019
$356 Million in Cryptocurrency Stolen in First Three Months of 2019
According to a report by CipherTrace, cryptocurrency thieves have stolen at least $356 million and hacked five cryptocurrency exchanges within the first quarter of 2019. These hacks combined with Bitfinex’s alleged fraud involving the loss of $851 million could tally to more than $1.2 billion in cryptocurrency thefts, scams, and fraud. The exchanges losses include:
CoinBene and DragonEx~$46 million
CipherTrace’s report categorized the QuadrigaCX mystery as theft, rather than a hack or exit scam.
Other thefts, scams, and fraud: $59 million +
Dell Laptops and Computers Vulnerable to Remote Hijacks
Read more here
D-Link Cloud Camera Flaw Gives Hackers Access to Video Stream
According to ESET researchers, critical flaws in D-Link’s consumer WIFI cameras allow hackers to intercept and view recorded video, as well as manipulate the device’s firmware. The issue lies in the lack of encryption throughout the transmission of the video stream between D-Link’s cloud network to the camera, and the user client-side viewing app. In a report outlining the flaw, researchers state: “The viewer app and the camera communicate via a proxy server on port 2048, using a TCP tunnel based on a custom D-Link tunneling protocol. Unfortunately, only part of the traffic running through these tunnels is encrypted, leaving some of the most sensitive contents – such as the requests for camera IP and MAC addresses, version information, video, and audio streams, and extensive camera info – without encryption.” After exploiting this vulnerability, an attacker would be able to capture streamed video content for playback and obtain the current audio or video stream from that camera. A second bug can allow an attacker to replace the legitimate D-Link software firmware with their own backdoored version. ESET advises owners to ensure port 80 on their router is not exposed to the public internet. D-Link has addressed some of the flaws within their product; however, the vulnerabilities are not fully patched.
Get more information here
Hackers Used Microsoft Email Accounts to Steal User’s Cryptocurrency
The breach that affected Microsoft’s email services like Outlook, Hotmail and MSN have allegedly given hackers access to several cryptocurrency wallets. Hackers have used the breached email accounts to reset exchange passwords and then siphon cryptocurrency located on the exchange wallets. One victim on a Dutch tech forum claimed they lost over 1 bitcoin (~$5,400 at the time). Others have experienced similar issues and have complained on social medias such as Reddit and Twitter. Microsoft’s hack allowed hackers to access email metadata, read email content, and much more. This incident shines a light on the importance of utilizing 2-factor authentication with applications such as Google Authenticator or Authy to further secure sensitive information.
Read more here
Attackers Wiped GitHub/GitLab Repos and Left Ransom Notes
Individuals who use multiple Git-repository management platforms have been targeted by a wave of attacks from cyber criminals. The attacks targeted GitHub, GitLab, and Bitbucket users by wiping code and commits from multiple repositories and allegedly leaving ransom notes. After the attacker wipes all the commits, they leave a “warning” ransom note, stating:
“To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at firstname.lastname@example.org with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we don't receive your payment in the next 10 Days, we will make your code public or use them otherwise.”
According to GitLab’s company Director of Security Kathy Wang, GitLab has “strong evidence that the compromised accounts [had] account passwords stored in plaintext on a deployment of a related repository,” and encourages the use of password management tools to store passwords more securely. As of when this blog post was written, no one has paid the ransom to the cyber criminals.
Read more here