Connect with us

#Cybercrime

Cybersecurity Crumbles as self destructing Windows Installer Virus proliferate

Published

on

Script based virus has reached epidemic proportions, and contingency security measures are the need of the hour, warn experts in crypto-threat experts.

Cyber Security industry warnings of Script-based virus proliferating in search of coins in 2018 have come true. Script based virus has reached epidemic proportions, and contingency security measures are the need of the hour, warn experts in crypto-threat experts.

Trend Micro is one of the security firms engaged in threat detection was unsettled to discover that coin miners were actually riding on Windows Installer-like installation packages to bring in malware to the system. The legitimate-looking packages could easily hoodwink local security levels. Most importantly, the malware was self-destructive making it impossible for users to detect the presence of the virus in the background.

 

Threats amplified by a coin-mining virus

Cybersecurity needs and threats appear to have amplified by x times the number of cryptocurrencies being born. Malware of every type tries to crypto-jack using scripts being hidden in every conceivable downloaded app, productivity tool or advertisement. These crypto-snaring virus have come riding on updates to programs such as Adobe Flash, hacking of government sites, routers as well as advertisements.

The reasons for crypto-jacking have been widely reported. Criminals profit by way of robbing coins mined by others or use the computing power of unsuspecting victims typically government institutions which house massive computational infrastructure to stealthily my coins in the background. Researchers have been able to identify nearly $250,000 in profits being made by these crypto-jackers.

 

Windows Installer

One of the latest virus-heists for cryptocoins has been the use of Windows Installer MSI file on the machine of the victim. Windows Installer is considered to be a legitimate application for installing software. The real component thus becomes ‘less suspicious and will also allow’ it to bypass security filters.

The trick that the hackers will typically use is that the malware directory will contain files which are usually decoys. The installer will operate like a script and will counteract anti-malware processes which run on any machine. Additionally, it will also control the mining module of the cryptocurrency.

 

Self-destructing

The highlight of the research is that the malware includes a self-destruction mechanism so that the tracks are covered. The research report indicates that the detection, as well as analysis, shall become more difficult in terms of the malware deleting every file in its installation directory. In the process, all the traces of installation are removed from the system.

The researchers have found it very difficult to link back to the originating country. It has found that the proxy-installation package uses Cyrillic, a language which is the default script for many a crypto-mining virus.

Even as the adoption of cryptocurrencies begins to gather momentum, cyber-jacking is one of the biggest trade-offs. As for the price of these non-fiat currencies increases or their value in terms of fiat currencies like the US Dollar increase, they appear more and more attractive to criminals.

#Bitcoin

Bitcoin and Dark web: Transactions increasing, Values decreasing

Published

on

The bitcoin transactions on the dark web, underground illegal marketplace have doubled in the last year (2018) in comparison to 2017.

The bitcoin transactions on the dark web, underground illegal marketplace have doubled in the last year (2018) in comparison to 2017 while the value of the transactions has decreased from around $700 million in 2017 to $600 million in 2018 as revealed by Chainalysis’s report.

 

Dark web not affected by the bear market:

It seems that the dark web is not affected by the bear market trend which led to the price of bitcoin to fall from over $19000 to around $3200 last year. Even during the bear market, the transactions on the dark web have been rising.

According to the report by Chainalysis, a blockchain analysis company, the value of the total transactions on the dark web was around $700 million in 2018 while the value of bitcoin transactions in 2018 was around $600. This was probably due to the shut down of dark web markets such as AlphaBay and Hansa in 2017.

The dark web websites have been experiencing massive growth in terms of the number of cryptocurrency transactions even though the prices of these cryptocurrencies have seen a tremendous decline over the past year. According to Kim Grauer, the senior economist at Chainalysis, the buyers and sellers on these dark web marketplaces really do not care about the price of bitcoin or other cryptocurrencies while transacting. She also believes the in the coming time, the value of these transactions may further decrease as the governments are taking strict measures in order to shut down these markets.

 

Binance using Chainalysis:

Binance, which is one of the largest cryptocurrency exchanges revealed last year that it was using Chainalysis’s KYC and anti-money laundering software to prevent any illicit transactions on the exchange. The software by Chainalysis is used by companies to perform investigations in terms of financial transactions. The same software is also being used by many institutional clients of security firms for compliance.

Continue Reading

Trending