Crypto Money Laundering, Fraud and Mining Malware Drive Increase in FinCEN SARs

Colleagues, over the past year Financial Crimes Enforcement Network (FinCEN) – a branch of the US Treasury - has reported a significant increase in Suspicious Activity Reports (SARs). Money laundering, fraud and mining malware complaints by financial institutions have all contributed to a rise in SARs to over 1500 per month. It is no wonder that the rise in SARs is directly correlated with in growth in cryptocurrency market capitalization. And in turn, cybercrime – which are at the core of SARs – also correlates the number and trading volume of cryptocurrencies. FinCEN offers an online SAR Stats reporting tool in their web site. Bottom line: The Cryptocurrency Academy and Cyber Security Defender propose the formation of cybercrime protection alliance between the US Treasury, financial institutions, crypto exchanges and security vendors with the goal of reducing cybercrime related to the cryptocurrency ecosystem. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/) 

How will Bitcoin’s emerging crypto monopoly impact global cryptocurrency markets?

Colleagues, despite an aggregate decline in total cryptocurrency market cap since early CY2018, Bitcoin’s percent of total market value has reached staggering 50% threshold. Data also reveal that the top 5 cryptocurrencies – Bitcoin, Ethereum, Bitcoin Cash, Litecoin and Ripple – control almost 60% of the global crypto market. View the data from CoinMarketCap tracking stats. The Cryptocurrency Academy and the Cyber Security Defender draw two key conclusions from these numbers. First, is the definitive market vale concentration – which is nearing monopoly status – around Bitcoin. Thus, the extended crypto ecosystem needs to serve customers by developing tools and applications which are purpose-built for Bitcoin. Second, is the rapid bi-furcation of the global cryptocurrency market between the “Big 5” and the second-tier cryptocurrencies which serve niche geographic- and application-specific markets. We believe that bad actors – such as Russia, Iran, North Korea, Syria, ISIS, and AOAP - will be the primary users of this cryptocurrency underclass of as they seek to evade economic sanctions and conduct nefarious financial transactions with little-to-no transparency. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/) 

Cyber Attacks Targeting Crypto Mining Continue to Infect Hundreds of Thousands of Devices

Colleagues, 2018 has seen the meteoric rise in cyber-attacks focusing on crypto mining applications. Thus, it is no surprise that over 170,000 consumer devices in Brazil which operate under MicroTik routers were infected with Coinhive mining software. Both SkyBox and Trustwave security firms affirms such attacks. We reported earlier this week that some 32% of cyber-attacks now involve crypto mining which far outweighs the relatively modest 8% of ransomware attacks. The weakest link in the crypto ecosystem appears to be network routers. Our previous post cited Cisco routers. Now MicroTik is also on the target list. Bottom line: Whether corporate or service provider networks, router hygiene is of utmost importance. Keeping all security software and patches up-to-date has become more critical than ever. We recommend that IT professionals managing routers increase their vigilance by:  A) Tracking security threats, and B) Maintaining security software. Each router vendor maintain security threat alerts and mitigation tactics on their web sites. Bottom line: The cyber threat against network routers by nefarious crypto miners is likely to get much worse until vendors can make a quantum leap forward in their security measures. Share your comments today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

Does the US SEC Hold the Fate of Cryptocurrencies in its Hands?

Colleagues, according to CoinMarketCap the total market capitalization of cryptocurrencies worldwide has reached an 8 ½ month low of some $225 billion. Moreover, cryptocurrency prices in aggregate have precipitously dropped over the past 11 days. Alternatively the US equities – Dow, S&P, NASDAQ and Russell 2K – have had a strong run during the last month following mediocre performance in H1 2018. Some speculate that crypto values are negatively impacted by a US SEC decision to delay approval of a new ETF. Others simply believe that crypto prices are simply overvalued. And finally, a small number of pundits, believe that cryptos have a negative risk-reward profile. The Cryptocurrency Academy believes this overall downturn is a viable market correction as crypto market is becoming more concentrated on the top 3-5 currencies with Bitcoin dominance approaching 50% of global crypto market capitalization. The past year has seen a tsunami of ICOs, expansion of crypto exchanges and investment funds – ETFs in particular. We expect total crypto market cap to continue its rise toward the end of 2018. Bottom line: Traders and investors alike should stay with the market leading currencies, exchanges and mining operators and stay away from the dubious investment vehicle and short-sighted fluctuations. Share your comments today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)  

How susceptible are Twitter and Facebook to spreading malicious cryptocurrency botnets?

Colleagues, yesterday Duo Security reported that some 88 million Twitter accounts fell prey to a malicious botnet spreading a fraudulent cryptocurrency giveaway program. Many of us, myself included, saw messages from this botnet and simply paid no attention. Nonetheless, the security issued a paper at the Black Hat 2018 conference entitled “Don’t @ Me – Hunting Twitter Bots at Scale.” The paper describes the “Anatomy of a Twitter Bot” on page 14 of the report. We know that Facebook and Twitter have purportedly taken major steps to reinforce their platform and account security in recent months given pressure from the US Congress and the European Union. Bottom line: How secure are social media platforms against penetration by and in turn spreading malware such as the Twitter botnet? The fact that the about 88 million accounts we effected strongly suggests that social media take a quantum leap in security to ensure their users remain secure. As of this writing Twitter has not publically affirmed this attack. Duo Security plans to publish mitigation tactics for this malware on GitHub in the coming days. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

What level of cyber risk does the Telegram Passport app pose to the cryptocurrency ecosystem?

Colleagues, the Telegram Passport app promised ease of use and security for the cryptocurrency community and other end-users by storing your personal data in its cloud-based app. The company it wants to bring Blockchain-based payments to the Telegram chat app, which is popular among the crypto community and third party developers can access the Passport Integration Guide. Security researchers have identified two weaknesses inherit in this app. First, Telegram uses SHA-512 to hash passwords. And second, it is prone to spearphishing, insider threats or simply a rogue USB stick. Cryptocurrencies and exchanges may be the chief beneficiaries of this authentication model. Telegram says developers can integrate it in their apps and services at no cost. The first company to support Passport is UK-based ePayments. Bottom line: the Cyber Security Defender questions just how pervasively Passport will be used among the crypto ecosystem. Moreover, Telegram may need to strengthen Passport’s 256 bit security algorithm as soon as a better protocol becomes available. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

PowerGhost cryptojacking malware poses a new threat which jeopardizes legitimate cryptocurrency mining

Colleagues, crypto mining remains one of the weakest links in the cryptocurrency ecosystem and in turn a high priority target for cyber criminals. Although not as numerous as personal computers and laptops, corporate servers and workstations typically far more computing power which makes them such attractive targets to cryptojackers. PowerGhost, recently reported by Kaspersky Lab’s is a fileless malware which injects a one-line PowerShell script is run that downloads the miner’s body and immediately launches it without writing it to the hard drive. This malware has been detected in third world countries including Tukey, India, Brazil and Columbia. Malware like PowerGhost is especially a threat to cloud-based computing environments.  Now that the prevalence of the problem has been observed and noted, service providers may wish to extend capabilities they already have to find and flag this content. Bottom line: Cyber criminals relentlessly exploit the weakest point in any ecosystem. Given the meteoric growth of the cryptocurrency ecosystem all participants needs to be equally relentless in keeping their OS and application software up-to-date and installing patches as soon as they are released. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

How exposed are traders and investors to Crypto Exchange Fraud?

Colleagues, while cryptocurrency fraud is nothing new, the vast proliferation of exchanges, ICOs and investment funds should send a strong signal to traders and investors alike: Exercise extreme caution and perform 360 degree due diligence before you invest. Yes, many exchanges, ICOs and funds are legitimate. Nonetheless, the recent arrest of Jon Montroll by U.S. authorities in connection with crypto exchange site WeExchange and securities investment platform BitFunder and crypto exchange site WeExchange raise even more red flags. Some of the most common fraudulent tactics taken by crypto criminals include ICOs with no real coins (e.g. HoweyCoins), pump and dump strategies, pyramid and Ponzi schemes and crypto exchanges with questionable track records … at best. The Cryptocurrency Academy offers two baseline recommendations. First, for traders do not deposit personal funds that you are not prepared to loose. Stay with the established top-tier exchanges like CEX.io, Kraken, Coinbase, CoinMama, GDAX (CoinBase Pro) and Paxful. For institutional investors, use trusted investment firms and banks who will perform the due diligence for you – at a cost – however, also provide a much higher level of security and confidence. The growing list of players here include JP Morgan, Goldman Sachs as well as professionally managed crypto funds from the likes of Fidelity, Vanguard and Charles Schwab. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

Will Dark DAO attacks undermine Blockchain delegated “proof of stake” voting and threaten Cryptocurrencies?

Colleagues, decentralized autonomous organization (aka “Dark DAO”) is a clear and present danger to the integrity of Blockchain voting. In an effort to formalize software decision-making process using smart contracts, Blockchain initiatives such as Decred, Tron, Polkadot, Tezos and EOS have used this technique to manage the governance of their code. Dark DAO strategies seek to manipulate the voting process. Low voter turnout gives Dark DAO cyber criminals the upper hand by allowing them to control the decision-making process. Bottom line: Dark DAO places power in the hands of the few which then seek to dominate voter participation. Thus, not only does Dark DAO effect Blockchains, but potentially undermines the cryptocurrencies on which they are based. Mitigation strategies appear questionable at best. More to come on this crucial subject. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/) 

Has Cryptojacking become the method of choice among cyber criminals?

Colleagues, some 32% of cyber-attacks as of mid-2018 are attributable to crypto mining malware as compared to only 7% of attacks coming from more traditional ransomware. These figures come from SkyBox Security’s 2018 Mid-Year Vulnerability Threat Report. Some analysts believe this shift is due to 1) The dramatic increase in global crypto mining activity, and 2) A trend for victims of ransomware attacks to simply refuse to pay the price – financial or other – demanded by the attacks. Some 21% of cryptojacking attacks are due to the cyber criminals targeting Cisco routers, including the VPNFilter, ASA and Smart Install. How can the top tier mining companies such as Bitmain, Hut 8, Bitfury Mines, Genesis Mining Enigma, Bcause LLC and GigaWatt mitigate this pervasive threat? Start by closely implementing any and all patches - and related tactics - from the Cisco Security Advisories (or other router vendors such as Juniper and Huawei). Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cryptocurrencyacademy.blogspot.com/)