Cryptography researchers have urged the Monero community to donate XMR in order to continue the development of the popular anonymous altcoin Monero.
Academics Brandon Gooddall (also known as Surae Noether) and Dr. Sarang Noether have launched crowdfunding campaigns to raise money to continue investigating the usefulness of Monero multi-sig wallets (wallets that require more than one key to send transactions).
The reason the academics have appealed to the community for funds is because Monero is proudly an open-source and non-profit cryptocurrency project.
As there is no defining, central organization to Monero, members of its Research Lab submit funding requests to the community. Both seek the equivalent of roughly $9,000 per month, each, in the Monero cryptocurrency (XMR).
In an email to Hard Fork, Monero founder and lead developer Riccardo Spagni, also known as ‘fluffypony,’ insisted on the necessity of the work to be funded.
Assange arrest leads Bitcoiners to donate over $30,000 to WikiLeaks in 6 days
WikiLeaks has raised more than $30,000 worth of Bitcoin since Julian Assange‘s confronting arrest last week .
In the six days following Hard Fork’s original report , a touch over 6 BTC ($31,800) has been sent to WikiLeaks‘ public address , spread across 299 donations.
Contributions in prominent altcoin Zcash (the only other cryptocurrency WikiLeaks accepts) also increased, with 16.25 ZEC ($1,100) sent since last Thursday. Until his arrest, its Zcash address had been mostly unused.
In fact, the flood of Bitcoin sent to WikiLeaks has boosted its daily average donation dramatically. WikiLeaks has, on average, been receiving 0.87 BTC ($4,500) per day, over the past week.
Earlier in April, WikiLeaks‘ wallet was receiving just 0.006 BTC ($312) each day.
The biggest donation since Assange left London‘s Ecuadorian embassy has been a single transfer of 1 BTC ($5,200), recorded just hours later.
In total, WikiLeaks‘ current Bitcoin address has garnered 8.38 BTC ($ 43,700). WikiLeaks also accepts fiat via traditional methods like Mastercard, Visa, bank transfer, and even hard cash – but there’s no data available for those.
WikiLeaks began taking Bitcoin donations way back in 2011 . Its previously nominated Bitcoin address actually received way more cryptocurrency, with over 4,000 BTC ($20 million) collected.
Since Ecuador revoked Assange’s political asylum (which effectively kept him out of reach for almost seven years), officials claim sites for the nation’s public institutions have been hit by 40 million cyber attacks related to “threats from those groups linked to Julian Assange.”
Assange is now in custody of the UK and is facing possible extradition to the US where he faces criminal charges over the Chelsea Manning whistleblowing saga . Assange is scheduled to appear in court in London on May 2.
Meet Panda, an illicit cryptocurrency mining crew terrorizing organizations worldwide
Cybersecurity researchers have profiled a hacking crew named “Panda” believed to have amassed roughly $90,000 worth of cryptocurrency via remote access tools (RATs) and illicit mining malware.
The Cisco Talos Intelligence Group noted that while Panda isn’t exactly sophisticated, it has persisted as one of the internet’s most active attackers in recent years.
Talos researchers highlighted the group’s willingness to continuously exploit vulnerable web applications worldwide as key to its success. By October last year, a configuration file featured in Panda malware had been downloaded more than 300,000 times.
“They also frequently update their targeting, using a variety of exploits to target multiple vulnerabilities, and is quick to start exploiting known vulnerabilities shortly after public POCs become available, becoming a menace to anyone slow to patch,” said the firm.
Panda has a big bag of RATs (and other exploits)
Panda was first detected in mid-2018 during the wildly successful “ MassMiner ” campaign. This was powered by a worm which leveraged multiple in-built exploits, and even brute-forced access to Microsoft SQL servers, to mine the alternative cryptocurrency Monero (XMR).
Now, Panda reportedly utilizes Mimikatz , an open-source program for stealing sensitive information from compromised systems, such as usernames and passwords.
Researchers also found Panda operates with exploits previously used by Shadow Brokers , a hacking crew that gained its reputation by publishing information taken from the US National Security Agency.
To date, Talos has confirmed that Panda has hit organizations in the banking, transportation, telecommunications, IT services, and healthcare industries.
This cryptocurrency mining crew could be of Chinese origin
Whoever is behind Panda doesn’t really care too much about operational security. For example, the group got its name as one related domain had been registered to a Chinese-speaking actor who went by the name “Panda.”
An analyzed malware sample also requested data using an IP geolocation service which provided the machine’s IP address and location in Chinese.
Even more curious, Talos analysts found Panda had been exploiting a vulnerability in the ThinkPHP web framework to spread its malware. Researchers report this software is particularly popular in China.
“Panda’s operational security remains poor, with many of their old and current domains all hosted on the same IP and their TTPs remaining relatively similar throughout campaigns,” wrote the firm. “The payloads themselves are also not very sophisticated.”
Still, Panda’s efforts are said generated around 1,215 XMR in profits, which today is worth around $90,000 — but the exact amount earned is dependent on when they sold their cryptocurrency.
That’s one prolific hacking panda.
