Connect with us


Backdoor coin-mining hacks are spreading as prices rise



Backdoor coin-mining hacks are spreading as prices rise

Please be very diligent if you decide to invest in Crypto currency, this is the biggest boom in exponential growth we have seen in recent years, only use verified sites like Coinbase and Crypto pay. DO NOT rush in to things, be tech savvy and stay aware of exactly what and who you are dealing with. If you would like to look at a very secure site when they have real projections on investments then read this post on USI Tech

The cryptocurrency boom has given rise to a new kind of malware attack, with attacks growing ever more frequent as coin prices rise. A report today from Symantec details a surge in coin-mining scripts, which are often planted by hackers in the background of public websites. Once running, the script uses the visitor’s CPU to mine cryptocurrency, a power-intensive process that can be far more lucrative than traditional malware.

In need of some cool content to watch!

Here is my most recent upload | My most popular upload | My awesome RSS Feed

I will always add, although not used in this video review, that if you want the best possible experience I would use a VPN, why well it for one enables geo located content to be viewed and it ensures you stay anonymous online, just check the fancy graphic below. Read a little more about the fantastic service over at

Anti-virus tools like Symantec’s typically identify and block such programs, giving the firm a clear view into how widespread the miners are on the open web. Miner programs seem to track tightly with the price of Monero itself, which means they’ve seen a surge of activity in recent weeks using the Backdoor coin-mining hacks.

Symantec’s data shows daily detections clearing three million for the first time at the end of November, just as prices were beginning to rise above $200. Notably, Monero’s price has risen considerably since that data, clearing $350 per coin on December 16.

Backdoor coin-mining hacks are spreading as prices rise

Malicious mining programs typically mine the Monero currency rather than Bitcoin or Ethereum, drawn largely by Monero’s CPU-friendly hashing algorithm. Cryptocurrency prices tend to be tightly correlated, so Monero’s price has largely risen in sync with Bitcoin itself. So as you can see that Backdoor coin-mining hacks are spreading as prices rise

The most popular background miner is Coinhive, which surfaced in September and was quickly blocked by a number of security firms. Coinhive’s official site has since disappeared in favor of an opt-in variant, but Symantec’s research shows the original plugin is alive and well.

The plugins are most profitable when they can run in the background for significant periods of time, due to the nature of cryptocurrency mining. That’s made mining plugins particularly attractive for streaming sites, although they’re usually installed by third-party hackers without the permission of the site owners themselves. In September, Coinhive was discovered in the background of two Showtime websites. The application also been discovered in Chrome extensions and briefly installed by Pirate Bay as a purposeful revenue measure.

Symantec also discovered miners in a number Android apps. The resulting work would have been far less effective on an underpowered mobile CPUs, but it hasn’t slowed the growth of the tactic. Symantec listed 35 separate Android apps with mining functions in 2017 so far, a 34 percent increase from last year.

Stay safe Backdoor coin-mining hacks exist and they are on the rise.

A lover of all things tech, love all things that uses creative juices (not an innuendo) an avid blogger and part time vlogger, now stop reading and go check out some awesome posts on this site.

Continue Reading


United Bitcoin May Be the Most Controversial Fork to Date 2018



Back on December 12 the well-known developer Jeff Garzik launched a Bitcoin Core (BTC) based fork called United Bitcoin (UBTC) after Segwit2x failed. At block height 498,777 the snapshot took place, and the UBTC network began just like the rest of the forks in existence, but claiming the tokens is far more complicated than one would think

The Promises of United Bitcoin

A few months ago we reported on the UBTC project created by Jeff Garzik, his partner at the blockchain company, Bloq, chairman Matthew Roszak, and Bitbank Group’s Songxiu Hua. The team says it plans to create a credit currency system pegged against various fiat currencies alongside a native smart contract feature. The entire network is modeled after the bitcoin core blockchain prior to December 12, and all active wallet holders are able to receive UBTC at a 1:1 rate. The catch is inactive wallets will go towards the UB Foundation to support innovative blockchain development.

Over the past few weeks, the UBTC team have made some videos detailing their project’s goals to be serious cryptocurrency contender. One particular documentary shows Garzik describing why he thinks UBTC can be a digital asset that engages and unites with the entire cryptocurrency ecosystem. “If I could start with a clean slate what technologies would I include?” Garzik asks an audience during the video. Matthew Roszak says that United Bitcoin will encompass three really important pieces technology, community, and tokenomics by relying on cross-industry innovation.

United Bitcoin: Jeff Garzik's Fork Represents a 'Clean Slate'

One Out of Only Two Miners Controls 70% of the Network’s Hashrate

United Bitcoin: Jeff Garzik's Fork Represents a 'Clean Slate'So far the network has minimal infrastructure and community support. At the time of publication, there are only two miners who are processing UBTC blocks; an unknown entity and the mining pool The mining pool has more than 70 percent of the network’s hashrate. The network’s total hashrate is only 50,811.47 TH/s and block intervals can range from an hour and a half, to occasional sporadic 20-40 minute blocks. The network has an extremely low amount of users as there are only 20 pending transactions right now. Blocks are averaging roughly 20-100 transactions, and most block sizes are well below 1MB even though UBTC has the capacity for 8MB blocks.

UBTC has its own full node wallet client for Linux, Windows, and Macintosh operating systems and the source code is available for review. According to the distribution repository, there will also be a lightweight client release soon. There are three other wallets that support the UBTC protocol. As far as exchanges most of them are based in Asia, and a great majority of them are unknown and exchange very little trade volume besides the exchange Okex. At the moment, according to Coinmarketcap statistics, one UBTC is worth $82 USD.

Required Identity Verification and Claiming Inactive Addresses: United Bitcoin Is the Most Controversial Fork to Date

The most controversial part of the project is the opt-in airdrop feature which basically means a bitcoin holder must give up some form of identification to obtain UBTC. In order to even get started with UBTC, a user must supply a valid email address and a mobile phone number. After this process, the registrant has to have a valid bitcoin address as well to receive the 1:1 distribution. Another contentious issue with UBTC is the Foundation’s claiming of “unused addresses” which means after a period of time inactive addresses will be used for future development. At the moment the team has added a “grace period” which has extended the timeframe so bitcoin holders can claim their UBTC.

Because of the ‘KYC-like’ requirements and the fact that the development team will claim Satoshi Nakamoto’s and the inactive addresses of many whales, makes UBTC one of the most vexed bitcoin forks to date. These two tendentious issues plus the fact that the network has very little infrastructure may have a hard time gaining the crypto-community it hopes to progress.

What do you think about the UBTC project? Would you claim these airdrop tokens knowing you have to tie your identity to the platform? What do you think about the development team claiming inactive addresses? Let us know what you think about this project in the comments below.

Images via Pixabay, United Bitcoin archives, and website.

Source link

Continue Reading


Report Claims 34,000 Ethereum Smart Contracts Are Vulnerable to Bugs



Over 34,000 ethereum smart contracts containing $4.4 million in ETH may be vulnerable to exploitation. That’s the conclusion reached by a quintet of researchers hailing from Singapore and the UK. Their technical report, which is currently undergoing peer review, suggests that millions of dollars in ether may be at risk from poorly coded smart contracts that contain a variety of bugs.

Smart Contracts Are Only as Smart as Their Creator

“Finding The Greedy, Prodigal, and Suicidal Contracts at Scale” is the provocative title of a research paper submitted by British and Singaporean students last week. Its authors have dived deep into ethereum smart contracts, “finding contracts that either lock funds indefinitely, leak them carelessly to arbitrary users, or can be killed by anyone”. This latter flaw is precisely what happened to Parity last November.

The dangers of relying on smart contracts that have not been independently audited are well-documented. In the past year, $500 million has been lost due to bad code, and around half of that figure involved ethereum. The most notorious case was the Parity bug which led to $168 million of ether being rendered permanently inaccessible, though there have been plenty of smaller incidents where inexperienced or inattentive developers have been caught out.

A Small Drop in a Big Ocean

The authors of the report claim to have used a tool to analyze almost one million smart contracts, of which 34,200 were found to be vulnerable, with 2,365 of these stemming from distinct projects. That means that around 3.4% of all smart contracts are potentially vulnerable to being hacked, broken, or otherwise exploited. Of the contracts that the research team flagged as being exploitable, “the maximal amount of Ether that could have been withdrawn…is nearly 4,905 Ether” worth $4.4 million.

The report continues: “In addition, 6,239 Ether (7.5 million US dollars) is locked inside posthumous contracts currently on the blockchain, of which 313 Ether (379,940 US dollars) have been sent to dead contracts after they have been killed.” One thing the report deliberately omits is the identity of the smart contracts flagged as being at risk. But with almost 1 in 20 contracts vulnerable, and a jackpot of over $4.5 million in ether up for grabs, determined attackers have every incentive to put this research to the test.

What do you think can be done to make smart contracts safer? Let us know in the comments section below.

Images courtesy of Shutterstock.

Need to calculate your bitcoin holdings? Check this tools section.

The post Report Claims 34,000 Ethereum Smart Contracts Are Vulnerable to Bugs appeared first on Bitcoin News.

Source link

Continue Reading