Tech 11 January 2019Erik Gibbs
GitHub becoming a repository for crypto malware
There has been a lot of discussion over the past several months about the amount of Monero that is being syphoned off through cryptocurrency malware. A new study digs deeper into the subject and reveals that the majority of the illicit operations have their footing in a central location – the GitHub repository.
Researchers from the Universidad Carlos III de Madrid in Spain and King’s College London have put together a report (in pdf) that shows crypto-mining malware has allowed thieves to get away with 720,000 XMR tokens. This amounts to around 4.30% of the total circulating supply and could be worth an estimated $57 million. They also point out that most of the malware has been hosted by GitHub.
The report was also able to determine the destination for the bulk of the XMR mining malware. According to the researchers, most ended up in a single crypto mining pool, crypto-pool. Members of the pool have, to date, mined a minimum of 435,689 XMR, or roughly $47 million.
In stealing computer power in order to conduct illegal crypto mining operations, hackers can designate their actions to send the digital currency either to a mining pool or to their own wallets. By sending to a mining pool, there are better odds that mining payments will be received since large mining pools typically receive more blocks to mine. The use of a mining pool also reduces the dependency on special or expensive mining equipment.
In total, there were 2,472 cryptojacking campaigns, with almost all of them – 99% – earning under 100 XMR. The researchers added, “We also observe that while majority of the campaigns earn very little, there are a few campaigns overly profitable. This indicates that the core of this illicit business is monopolized by a small number of wealthy actors.”
GitHub and DropBox, a file-sharing service, were the two most common sources of the malware. The researchers explain that the hackers will use variations of Trojan horses that force the target to download and install the malware. They stated, “We observe that GitHub is the most popular site used to host the crypto-mining malware. This is because GitHub hosts most of the mining tools, which are directly downloaded — for malicious purposes — by droppers. Additionally, GitHub is also used to host modified versions of the miners (e.g., by removing the donation capabilities or adding further capabilities).”
GitHub and Dropbox aren’t alone, however. The researchers also indicated that malware was found hosted on Bitbucket, Google, Amazon Web Services, as attachments on Discord channels and as torrents.
Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Satoshi Vision (BSV) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BSV is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.
Tech 2 hours ago
New mining malware bypasses cloud security
New malware can target and disable cloud security products in order to mine the Monero cryptocurrency.
Tech 17 January 2019
Unwriter “breaks the rules” with his latest BitDB creation, Chronos
Unwriter, the prolific cryptocurrency developer, has been hard at work this week, introducing a series of new functions under the BitDB umbrella to make accessing data more easier.
Tech 17 January 2019
WWF monitoring food products via blockchain
World Wildlife Fund (WWF) Australia seeks to promote environmentally sound practices by the monitoring of food products with blockchain.