FireEye (a cybersecurity company) has claimed that are performing attacks against cryptocurrency and video game enterprises. In its report: “Unlike other observed Chinese espionage operators, APT41 conducts explicit financially motivated activity, which has included the use of tools that are otherwise exclusively used in campaigns supporting state interests. The late-night to early morning activity of APT41’s financially motivated operations…”
Coinone (a cryptocurrency exchange based in South Korea) has partnered with CertiK (cybersecurity audit company) and Xangle (a disclosures firm) to provide more safety and transparency for their crypto investors. This is no surprise after Bithumb of south Korea suffered from 2 hacking attacks and facing increased scrutiny by the South Korean tax authorities and FATF guidelines started to impact financial institutions in Seoul.
A report has been published by cybersecurity firm Skybox Security titled ‘2019 Vulnerability and Threat Trends: Mid-Year Update’ has unveiled that cryptocurrency ransomware, botnets is on rise as crypto mining malware take backseat. The report stated: “Vulnerabilities in container software have increased by 46% in the first half of 2019 compared to the same period in 2018. Looking at the two year trend of container vulnerabilities published in first halves, container vulnerabilities have increased by 240%.”
WISeKey, WISeCoin AG and the New Mingwah Blockchain Technology (Shenzhen) Co Join Hands To Improve CoinID wallet security
A partnership between WISeKey, WISeCoin AG and the New Mingwah Blockchain Technology (Shenzhen) Co. has been established with the aim in enhancing the security of their CoinID wallet. The CEO of WISEKey, Carlos Moreira explained, “Adding our unique layers of security to applications like CoinID is an integral part of our mission and strategy to ensure the integrity of emerging technologies and the security of their users.”
A decentralised exchange protocol 0x has unveiled to public that it has detected vulnerability in its code and has temporarily shutdown its operations. The breach was noticed at first by Sam Sun, a third party security service firm. 0x’s cofounder Will Warren commented, “This vulnerability would allow an attacker to fill certain orders with invalid signatures. This vulnerability does not affect the ZRX token contract; your digital assets are safe.”
Monero developers have identified nine security flaws in their platform, and one of them big enough to be exploited to steal XMR from cryptocurrency exchanges. The developers expounded, “By mining a specially crafted block, that still passes daemon verification an attacker can create a miner transaction that appears to the wallet to include sum of XMR picked by the attacker. It is our belief that this can be exploited to steal money from exchanges,”
Guard core Labs has discovered that as many as 50,000 servers worldwide have allegedly been infected with an advanced crypto jacking malware that mines the privacy-focused open-source cryptocurrency turtle coin (TRTL). Guard core Labs notes that the malware campaign is not a regular typical crypto-miner attack, as it relies on techniques commonly seen in advanced persistent threat groups, including fake certificates and privilege escalation exploits.
Online cryptocurrency paper wallet creator WalletGenerator.net previously ran on code that caused private key/public key pairs to be issued to multiple users. After researching the live code, Denley concluded that the keys were deterministically generated on the live version of the website, not randomly. Cryptocurrency paper wallet creator WalletGenerator.net ran on code that caused the same key pairs to be issued multiple times, until recently.
The cryptocurrency market has been reeling from the loss of more than $1.6 billion in today’s values from cryptocurrency thefts since 2014, and the vast majority of the events are linked to insufficient wallet security. Sepior, the leader in threshold cryptography that enables trusted transactions, has announced Sepior Thresholds, the industry’s first threshold signature wallet security technology based on threshold multiparty computation (MPC).
A decentralized platform, Status which provides a messenger, crypto wallet, and a browser has claimed to implemented new security features. In its Tweet: “To enjoy decentralized communication, we must be confident that our messages, transactions, identities, and funds are safe. Learn more about some of the implementations, processes, and personnel in place to ensure security.”