Last Week In Blockchain and CyberSecurity News - June 25, 2019

Facebook Announces Libra Cryptocurrency

Last week, Facebook revealed the details of its upcoming cryptocurrency, Libra, and launched the blockchain’s testnet. Libra is a stablecoin that will let individuals to send and receive money with nearly zero fees. Libra will also allow customers to use the cryptocurrency at partner locations such as grocery stores or online markets. Facebook will not fully control Libra but instead have a single vote in its governance alongside other founding members of the Libra Association, which includes Visa and Uber among others.  

Facebook is also launching a subsidiary wallet for the Libra coin, Calibra. The wallet will allegedly protect users’ privacy by never analyzing Libra payments. Facebook and other founding members of the Libra Association will earn interest on the traditional assets that back every Libra coin.  

To learn more, take a look at the white paper explaining Libra. The public launch is planned for the first half of 2020.   

Read more here

OpenSSH Introduces a Security Feature to Prevent Side-Channel Attacks

Damien Miller, a Google security researcher and one of the top OpenSSH and OpenBSD developers, added protection against side-channel attacks to the OpenSSH code last week. Side channel attacks are known to leak data from a computer’s memory and allow malicious actors to steal critical information. A side channel attack against OpenSSH could allow “an unprivileged attacker [to] exploit memory read vulnerabilities to steal secret SSH private keys from the memory of the target system.”    

The latest version of OpenSSH addresses this vulnerability by encrypting the private keys before storing them into the system memory. Miller explained that OpenSSH would likely remove this protection against side-channel attacks in a few years when “computer architecture becomes less unsafe.”  

Read more here

NASA Hacked: 500 MB of Mission Data Stolen Through a Raspberry Pi Computer

NASA recently confirmed that its Jet Propulsion Laboratory (JPL) was hacked last year allowing an attacker to steal 500 MB of data related to the space agency’s missions. The information was stolen through a Raspberry Pi computer, which is priced around $36 for the basic board. In an audit report, JPL discovered that an account was compromised by a hacker and remained “undetected for 10 months, stealing 23 files in the process.”  
 

Two of the files the hacker stole contained information related to the International Traffic in Arms Regulations, which “controls the transfer of military and space-related technology, related to the Mars Science Laboratory Mission.” It was found that system administrators did not properly track devices to the network, and that devices and applications do not need verification to access certain parts of the system the audit report states other “critical vulnerabilities” at JPL system still exist.  

Get more information here

Botnet Exploits Android Debug Bridge to Mine Cryptocurrency on Your Device

A new botnet that abuses SSH and the Android Debug Bridge (ADB) has spread to over 20 countries. Usually Android devices have the ADB developer function disabled by default; however, some do ship with this feature enabled, opening them up to exploitation. As open ADB ports do not have authentication imposes as a default setting, the botnet is able to spread from the infected host to “any vulnerable system which has previously shared an SSH connection.”  

Once it infects the device, it will execute a payload pulled from the attackers’ servers “allowing the botnet to select one of three potential miners depending on the victim system's manufacturer, architecture, processor type, and hardware.” The malware will also modify the device’s hosts file to block competing miners.  

Read more here

Phishing Attack Exposes Data of 645,000 Oregon DHS Clients

Last week, the Department of Human Services (DHS) in Oregon notified over half a million clients that their personal info was exposed in a data breach earlier this year. On January 8, nine DHS employees fell for a phishing campaign that allowed attackers access to employee mailboxes.  

Over two million email messages and their attachments were exposed to hackers. The data breach includes: “first and last names, physical addresses, dates of birth, social security numbers (SSNs), case numbers, protected health information (PHI), and other details used in various DHS programs.” Around 645,000 individuals were exposed. DHS is now providing 12 months of identity theft monitoring and recovery services free of charge to those affected by the breach.  

Read more here