Swiss Cyber Authorities Identify Crypto Trojans: Dridex, Gozi, Monerominer

Switzerland’s financial institutions continue to be exploited by cybercriminals, says the latest research report by cybercrime authorities. The only except in 2018 is that the targets are no longer banks but crypto exchanges. The research identified Monerominer virus, as the sixth most significant malware thanks to the anonymous nature of the virtual asset.

MELANI Research

The organization Reporting and Analysis Centre for Information Assurance (MELANI) has shared the details of the recent cyber threats assailing Swiss internet space in recent times.  

Most important findings of the research outfit have been the Trojan Dridexwhich in its characteristic is an e-banking threat but has been re-worked to exploit the latent insecurities of cryptocurrency operations.  The virus had made its first appearance in 2012 as Cridex. The latest study reports that the configuration files of the virus had notably increased the number of crypto exchanges it had targeted. 

The second such significant virus it found was Gozi. Researchers in 2009 had first unearthed the virus. In its latest avatar, the virus has morphed sufficiently to exploit digital assets. Not surprisingly, the research also found that Gozi targets were no longer just banks but the cryptocurrency exchanges. 

Gozi was found to be the ninth most prevalent virus disturbing the cyberspace in Switzerland where banks and cryptocurrency dominant the internet. 

For the very first time, the virus was found to be ‘malvertising’ in order to infect the network as early as possible. 

The concept of malvertising is of recent origins. It is a method where advertisements are malware and victims are cheated into downloading these advertisements. The method the malware uses is to place the advertisements above the results displayed by the search engines. Hence, users are confused and often mislead into clicking on these malware advertisements.

Two million undiscovered variants 

The third most significant virus that the research of the premier Swiss Cyber organization has discovered is the Monerominer.  As a matter of fact, this has been the most significant of the cryptocurrency viruses that the agency has been able to identify thus far. The incidence of these threats has been as high as sixth most common malware threat infecting Switzerland. 

Additionally, the virus also doubles as a malware bot. The impact of this malware is huge. The bot has the capacity to download and also run other malware. This will lead to more information being stolen from the account. The bot also records the keystrokes and will encrypt the hard drive matter. After which it will demand ransom from the victim in the form of cryptocurrencies to release the data it holds encrypted. Thus the impact of this bot-virus is long lasting and impacts a wide section of the cryptocurrency users as well as fiat-currency users. 

Monerominer does not stop at the bot version either.  Researchers have lately discovered the range and depth of this CoinHive script.  Over two million variations remained undiscovered!

#Cybercrime

Cybersecurity Crumbles as self destructing Windows Installer Virus proliferate

Published

9 hours ago

on

November 8, 2018

Cyber Security industry warnings of Script-based virus proliferating in search of coins in 2018 have come true. Script based virus has reached epidemic proportions, and contingency security measures are the need of the hour, warn experts in crypto-threat experts. 

Trend Micro is one of the security firms engaged in threat detection was unsettled to discover that coin miners were actually riding on Windows Installer-like installation packages to bring in malware to the system. The legitimate-looking packages could easily hoodwink local security levels. Most importantly, the malware was self-destructive making it impossible for users to detect the presence of the virus in the background.

Threats amplified by a coin-mining virus

Cybersecurity needs and threats appear to have amplified by x times the number of cryptocurrencies being born. Malware of every type tries to crypto-jack using scripts being hidden in every conceivable downloaded app, productivity tool or advertisement. These crypto-snaring virus have come riding on updates to programs such as Adobe Flash, hacking of government sites, routers as well as advertisements. 

The reasons for crypto-jacking have been widely reported. Criminals profit by way of robbing coins mined by others or use the computing power of unsuspecting victims typically government institutions which house massive computational infrastructure to stealthily my coins in the background. Researchers have been able to identify nearly $250,000 in profits being made by these crypto-jackers.

Windows Installer 

One of the latest virus-heists for cryptocoins has been the use of Windows Installer MSI file on the machine of the victim. Windows Installer is considered to be a legitimate application for installing software. The real component thus becomes ‘less suspicious and will also allow’ it to bypass security filters.

The trick that the hackers will typically use is that the malware directory will contain files which are usually decoys. The installer will operate like a script and will counteract anti-malware processes which run on any machine. Additionally, it will also control the mining module of the cryptocurrency.

Self-destructing 

The highlight of the research is that the malware includes a self-destruction mechanism so that the tracks are covered. The research report indicates that the detection, as well as analysis, shall become more difficult in terms of the malware deleting every file in its installation directory. In the process, all the traces of installation are removed from the system. 

The researchers have found it very difficult to link back to the originating country. It has found that the proxy-installation package uses Cyrillic, a language which is the default script for many a crypto-mining virus. 

Even as the adoption of cryptocurrencies begins to gather momentum, cyber-jacking is one of the biggest trade-offs. As for the price of these non-fiat currencies increases or their value in terms of fiat currencies like the US Dollar increase, they appear more and more attractive to criminals.

Continue Reading

#Bitcoin

France Amends its 2019 Budget Bill to Reduce Tax On Cryptocurrencies

Published

1 day ago

on

November 8, 2018

Very often, taxing gains from cryptocurrencies lead to confusion among investors around the globe. For its part, the governments are also trying their best to remove the uncertainty on treating the gains from virtual assets. As a result, the percentage of tax varied from the regular capital gains tax. Given this background, France has adopted an amendment to its 2019 budget bill that reduces capital gains tax on bitcoin from 36.2 percent to 30 percent. The move could be interpreted in several ways.

Non-Real Estate Assets

For instance, the reduction in tax rate could be taken as a move to encourage bitcoin and other digital coins. However, the government is transparent in its thinking, i.e., to bring the transactions in respect of cryptocurrencies on par with any other non-real estate assets. Incidentally, this segment has attracted a flat tax rate of 30 percent only. The finance commission has adopted the budget amendment in the Parliament’s lower house. However, it is not enough to become a full-fledged law.

For the final version of the bill, it must be approved by a more full Parliament and only then it will become a law. If things go as planned, then the new tax rate will come into effect in January 2019. In any case, the move assumed significance since, at one point in time, taxes in France has hit 45 percent for gains from cryptocurrencies. However, this has been reduced by the Council of State by bringing it on par with the capital gains of movable property.

Exception of Earnings

There was a considerable reduction in tax rate. At the same time, earnings from the mining of digital currencies were exempted since it is taxed as non-commercial profits. Also, such income is treated as income from professional activity, which comes under industrial and commercial benefits. The country’s president, Emmanuel Macron, is doing all that he can to transform the country into a business haven and that included virtual currencies. 

For instance, he has unveiled the “Action Plan for Business Growth and Transformation” (PACTE) early this year with the objective of making it easy for enterprises to operate in the country. This included legal framework for fundraising exercises with the help of token sales, which is emerging rapidly. This was followed by guidelines for initial coin offerings (ICOs) in September. At that time, France finance minister, Bruno Le Maire, indicated that the regulations would allow Authority des Marches Financiers (AMF) to approve the ICOS.

Specific Guarantees

The financial regulator was also empowered to permit enterprises to float ICOs in the country. However, it has placed restrictions, i.e., only if “those projects provide specific guarantees for investors.” This meant that those raising money through tokens would have to provide complete disclosure to the AMF. The government was keen that investors should be provided with whatever disclosures available so that they make informed decisions.

Before this, the regulator has raised concern on the absence of regulation in respect of digital token sales. The AMF felt that there existed an inherent risk thus increasing the possibility of incurring losses by investors. Similarly, the regulator was concerned about using the virtual asset for illegal purposes like terror funding and money laundering.

Continue Reading

Adoption

Issues and Problems in Cryptocurrency: Some Ailments and More

Published

1 day ago

on

November 8, 2018

Cryptocurrency Atmosphere

There exists an enthusiastic atmosphere around the adoption of cryptocurrency and its use in everyday commercial activities. But there is traction despite positive sentiment towards such use prevailing across investor and the technology adopters. Why is cryptocurrency adoption so riddled that mass-adoption of the decentralized currency is defeated? 

Issues and ailments which are affecting the cryptocurrency industry are as follows:

For fiat-currency users to adopt the ways of the cryptocurrency, the biggest challenge is having or owning their wallet and learning to manage it. Providers are offering centralized wallets in this juncture as well.  Users will be able to use it transfer money at a fast pace and also offer a degree of reliability. Banks will also be sure that funds provided are legitimate immediately. 

At the same time, developers do not take the opportunity to connect their product with the end-users, because of ‘zero-marketing.’ Mainstream users need more than technology and need it to be explained for common use. 

Besides devs do not take the opportunity to back their product and ensure it is not exploited by scam-users and their technology besmeared. This further adds to the confusion for a regular investor. 

An extension of this issue is that the user experience of these technology-first services is also so limited that users are not very into using these products. There has to be the integration of services from linking banks to using the trading platform so that there is seamless use. Investors cannot be left hanging due to one platform not linking without a hitch with the next service. 

The 5 –year life cycles which most devs assume is logically correct for cryptocurrencies is not understood by the common user. The lack of insurance for any money stolen is also a big issue here. The instances where exchanges have quickly replaced coins hijacked from it for their use has been partially effective in restoring the faith of users in these coins. However, for a permanent long-term solution, insurance is most necessary. 

On the trading-end of cryptocurrency, there have to be cyclic phases built for bull and bear runs in contrast to what is currently happening. Users will have to look beyond gatekeeping cryptos. It is currently a challenge for the user not to be able to access commercial chain services like the groceries or the stationary stores or the florist. Thus there is a divide a thin line for full conversion of the mainstream user to switch from their cents and dollars to the satoshis and other coins. There is also an increasing urgency to remove the barriers of adoption such as fake FUDs. Again ICOs which were scamming in 2017 appeared to be controlled in 2018, with many of the countries blocking such offers. Chinese have already banned it, and other countries too are taking a very stringent stance in blocking such ICOs.

It is very important for the techno-crypters to encourage mainstreamers to provide the necessary atmosphere and to allow the next bull run to ensure mass adoption.

Source: https://coinnounce.com/swiss-cyber-authorities-identify-crypto-trojans-dridex-gozi-monerominer/