Crypto

now browsing by tag

 
 

A #15-year-old #hacked the #secure Ledger #crypto #wallet

A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a “supply chain attack” – meaning a hack that could compromise the device before it was shipped to the customer – and another attack that could allow a hacker to steal private keys after the device was initialized.

Rashid is not affiliated directly with any Ledger competitors although there was some suggestion that he did some work on Trezor and other competing hardware wallets. His response:

Bay Area Crypto Day

General Cybersecurity Conference

 May 25, 2018 | Stanford, California, United States

Cybersecurity Conference Description

The Bay Area Crypto Day is a recurrent one-day workshop about cryptography research, held at different locations in the Bay Area.

Read More….

advertisement:

The post Bay Area Crypto Day appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Attackers #Increasingly #Turning to Personal #WordPress Sites to Mine #Crypto

Source: National Cyber Security – Produced By Gregory Evans

Attackers #Increasingly #Turning to Personal #WordPress Sites to Mine #Crypto

We’ve heard the many stories about hackers looking to mine cryptos making their way into large businesses computer networks to do their deeds. However, average people with WordPress sites are just as vulnerable, and they are increasingly being targeted.

A WordPress research firm just released a report detailing the growing problem, and it includes ways to detect hackers, as well as ways to keep them out in the first place.

Here, we’ll go over their findings.

WordPress site owners beware

The thought of a company hacking large companies to mine digital currencies took many by surprise. The most striking was Showtime, whose hit was discovered in September. We recently told you about Politifact, which was hit this month.

These grabbed headlines, but individuals with WordPress that may be used just for their personal blogs are just as vulnerable, according to research site Wordfence.

It found that these mainstream sites are increasingly being targeted. Consider that an estimated 25% of websites worldwide are powered by WordPress, and you can see why the popularity of these mining attacks would likely rise too, notes Wordfence.

It says it’s been monitoring the crypto mining malware situation closely over the course of October and is starting to see attacks attempting to upload mining malware, and site cleaning customers that are already infected.

The attacks we have analyzed are all trying to exploit well-known security vulnerabilities that have been around for a long time; for example, the Gravity Forms exploit from mid-2016, or the Joomla com_jce exploit from early 2014. We have also seen quite a few attempts to insert mining code using compromised WordPress administrator accounts, as well as some attacks using compromised FTP accounts.

Money driver

The research firm Checkpoint analyzed the profit potential for an attacker planting this malware, and found successful hackers who can attack an average of 1,000 users at the same time across all infected sites would generate $2,398 a month.

Due to the lucrativeness of these schemes, they will continue to grow. It was noted that although that attacks that attempt to embed cryptomining malware are currently unsophisticated, these attackers are thought to likely increase their skills just because of the money they stand to make.

Also expected is for attacks on higher-traffic websites to increase because there’s more money to be made with them.

Protect yourself

The tool of choice to protect your computer from crypto mining attacks is CoinHive.

Checkpoint notes the risks of not protecting yourself from this very real threat:

Aside from damaging their machines, users put themselves at risk for DOS attacks and additional injected code. It will become ever more necessary to ensure that users are protected from such attempts.

While popular, we told you how CoinHive still may not keep these devious, bad actors out. Such was the case of Politifact, in which CoinHive could not have done anything to prevent that particular incident.

The lesson to be learned is that you should be on guard if you have a WordPress site, as attackers are increasingly seeing these popular sites as prey.

The post Attackers #Increasingly #Turning to Personal #WordPress Sites to Mine #Crypto appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Crypto currency hacks: Hacking the unhackable

Source: National Cyber Security – Produced By Gregory Evans

When asked to name a cryptocurrency you’d likely think of Bitcoin, but today there are now over 900 cryptocurrencies on the market. In theory, the blockchain that cryptocurrencies use should be un-hackable and yet last month we saw hackers make off with $32 million worth of the cryptocurrency Ether. Before…

The post Crypto currency hacks: Hacking the unhackable appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

HeartBleed – Critical Crypto Bug Exposes Yahoo Mail

OpenSSL is considered as a certificate for security but what when OpenSSL itself have a bug. That’s the reason Yahoo mail’s passwords were exposed. Heartbleed is a bug which is the result of a mundane coding error in OpenSSL.

OpenSSL is for implementing HTTPS encryption in websites, e-mail servers, and applications. The result of a missing bounds check in the source code, Heartbleed allows attackers to recover large chunks of private computer memory that handle OpenSSL processes. The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website’s entire cryptographic certificate.

After this bug and a huge loss to Yahoo Mail, OpenSSL developers have released version 1.0.1g that readers should install immediately on any vulnerable machines they maintain. But given the stakes and the time it takes to update millions of servers, the risks remain high.

This worked as by sending many requests at a time and get an entry into website through a hole because of heavy traffic. The bug allows to eavesdropping in a website who is using OpenSSL library.

The OpenSSL patch is only the starting point on the path of Heartbleed recovery. Website operators should strongly consider replacing their X.509 certificates after applying the update and getting all users and administrators to change passwords as well.

Source: http://whogothack.blogspot.co.uk/2014/04/heartbleed-critical-crypto-bug-exposes.html#.Vik8h_mqqko

The post HeartBleed – Critical Crypto Bug Exposes Yahoo Mail appeared first on Am I Hacker Proof.

View full post on Am I Hacker Proof

Heartbleed snatched CloudFlare Crypto Keys!

Private crypto keys are accessible to Heartbleed hackers, new data shows. Cloudflare published preliminary findings that seemed to indicate that it would be difficult, if not impossible, to use Heartbleed to get the vital key that essentially unlocks the secure sockets layer padlock in millions of browsers. To be extra-sure, Cloudflare launched “The Heartbleed Challenge” to see how other people exploiting Heartbleed might fare. The company set up an nginx server running a Heartbleed-vulnerable version of OpenSSL and invited the Internet at large to steal its private key.
Four people have been able to see server keys and certificates in a test.

The results are a strong indication that merely updating servers to a version of OpenSSL that’s not vulnerable to Heartbleed isn’t enough. Because Heartbleed exploits don’t by default show up in server logs, there’s no way for sites that were vulnerable to rule out the possibility the private certificate key was plucked out of memory by hackers. Anyone possessing the private key can use it to host an impostor site that is virtually impossible for most end users to detect. Anyone visiting the bogus site would see the same https prefix and padlock icon accompanying the site’s authentic server.

The demonstration that it’s possible to extract private SSL certificates means that out of an abundance of caution, administrators of sites that used vulnerable versions of OpenSSL should revoke and replace old certificates with new ones as soon as possible. Given the huge number of sites affected, the revelation could create problems.

Source: http://whogothack.blogspot.co.uk/2014/04/heartbleed-snatched-cloudflare-crypto.html#.VhgG3_mqqko

The post Heartbleed snatched CloudFlare Crypto Keys! appeared first on Am I Hacker Proof.

View full post on Am I Hacker Proof