Moonday Mornings: The SEC wants to know about your blockchain

If you’re reading this, you survived January. It also means you survived the weekend, which you should by now know, means only one thing. It’s time for the wrap of the weekend’s news with Moonday Mornings.

1. Some Chinese blockchain entrepreneurs are taking what can only be described as creative action to overcome the longest bear market in history , South China Morning Post reports. One enthusiast, Pan Yanlin, quit the startup she founded to become a full time blockchain vlogger (whatever that is). Only the views on her videos are too low to provide a sustainable income, so she has turned to a Chinese TV dating show in the hope it might help. We’re getting used to reading about the latest company to be hit by the “ crypto winter ,” but maybe we should spare a thought for those individuals that got caught up in storm, too.

2. Swiss cybersecurity firm WISeKey has opened a Blockchain Center of Excellence in the World Trade Center in Geneva. The center aims to help blockchain startups research and promote the technology. The center is part of a partnership with the Blockchain Research Institute (BRI), which has the greater goal of setting up more centers of this type all over the world. The Geneva center joins WISeKey’s Malaysian center which was launched earlier this year . Here’s to decentralization!

3. According to a statement , the Securities and Exchange Commission (SEC) is looking for information about the most popular blockchains, how they are used, and the details included in cryptocurrency transactions. We’ve heard some pretty dystopian things about how the UK government is looking to use blockchain to track identities , and the US government is looking at techniques for privacy coin forensics ; this is right up there. Though it doesn’t mean the SEC will be successful, this is just a request for any information that might help the SEC when investigating blockchain and cryptocurrency cases.

4. A Californian college student has pleaded guilty to stealing over $5 million in cryptocurrency by “SIM-swapping” the phone numbers of his victims. 20 year old Joel Ortiz will face 10 years in prison, according to Motherboard . Despite instances of SIM-swapping growing in recent months, the Santa Clara County authorities dealing with this case believe it to be the first successful conviction of its type. SIM-swapping is used by hackers to access sensitive information and bypass two-factor authentication system required to access many cryptocurrency wallets and exchanges.

5. A Canadian cryptocurrency exchange has found itself in a difficult situation after its founder past away and seemingly took $137 million worth of his customer’s cryptoassets with him, Ars Technica reports. QuadrigaCX is unable to access the funds as the late Gerry Cotten was the only member of the Quadriga team that had access to the private keys associated with the digital coins. The laptop Cotten used for business is encrypted and no one in his estate knows the recovery phrase making the coins inaccessible. Research into whether the funds can be rescued is currently on going.

Well there you have it, another weekend of cryptocurrency and blockchain news caught up with.

What with all these centers of excellence, the SEC looking for analysis tools and information, and a successful conviction of a sim-swapper, it might sound like the authorities are finally getting their heads around this thing.

New cryptocurrency mining malware is spreading across Thailand and the US

With the infamous cryptocurrency mining script Coinhive now offline , you’d be forgiven for thinking crypto-jacking was a thing of the past. Sadly though, security researchers have uncovered a new malware family that’s attacking hardware to get it to secretly mine cryptocurrency.

Researchers from Trend Micro have identified a malware which uses numerous web server exploits and brute-force attacks. The malware downloads and installs XMRig, a Monero cryptocurrency miner, according to the researchers’ findings, in an article spotted by ZDNet .

BlackSquid was most active in the last week of May, with most of its attacks hitting Thailand and the US, according to the researchers.

Trend Micro is naming the malware family “BlackSquid” after the registries it creates and its main file names. By no coincidence, BlackSquid utilizes eight known exploits including: EternalBlue , DoublePulsar , three server security flaws (CVE-2014-6287, CVE-2017-12615, CVE-2017-8464), and three web application (ThinkPHP) vulnerabilities.

Most alarmingly though, is that BlackSquid employs a number of tactics to remain hidden. It uses anti-virtualization, anti-debugging, and anti-sandboxing before it continues with installation. The malware only installs itself if it thinks it will go undetected.

It also has “wormlike” behavior for lateral propagation, researchers say. In plain English, after one computer on a network is infected, the malware will try to infect other systems on the network to spread the infection.

How does BlackSquid infect a system?

BlackSquid attacks systems through infected webpages, compromised web servers, or removable or network drives (infected USB drives for example).

If it goes undetected, the malware goes on to install a version of the XMRig cryptocurrency mining script. The attack doesn’t stop here though, as the malware also scans the infected system for a video card.

Video card GPUs can make great cryptocurrency miners . If BlackSquid finds a GPU, it will use a second XMRig component to make use of the hardware’s resources. In short, the malware looks to exploit everything it can in a system to maximize cryptocurrency return for attackers.

That said, Trend Micro warns the malware could deliver other payloads in future attacks.

Indeed, while BlackSquid might sound terrifying and could cause significant damage, it’s making use of known exploits and vulnerabilities. These vulnerabilities have already been patched, so protecting yourself is simple. Ensure your system is up to date, and all the latest patches – from legitimate sources – are installed.

Researchers also point out that this malware appears to be in a testing state, with many of its features flagged for further trial. If true, this might not be the last we hear of BlackSquid.

Indeed, it might not be the end for crypto-jacking attacks. In May 2019, research from cybersecurity firm Malwarebytes said its software was blocking over 1 million requests to Coinhive competitor CoinLoot.

SEC unsurprisingly slaps Russian firm with $270K fine for misleading ICO promotions

The United States Securities and Exchange Commission (SEC) has settled a fine with a Russian firm that was pushing initial coin offerings (ICOs) without disclosing the fact that it had accepted payment to do so.

Late yesterday, the SEC announced it has reached a $268,998 settlement with ICO Rating. According to the SEC, ICO Rating promoted cryptocurrency projects between December 2017 and July 2018 – the infamous boom period – that should have been classified as securities.

As a result, ICO Rating should have disclosed the fact that it accepted payment to promote some coins and tokens.

ICO Rating positions itself as “a rating agency that issues independent analytical research.” Perhaps ironically now in hindsight, the website also says its mission is “to help the market achieve the necessary standards of quality, transparency and reliability.”

It seems the company itself can’t even meet basic standards of transparency with this latest news.

ICO Rating has neither admitted nor denied the SEC‘s claims. However, it has agreed cease and desist from committing any future violations of the same nature. It also agreed to repay its ill-gotten gains and prejudgment interest totaling $106,998, and a civil penalty of $162,000.

Indeed, this news is hardly surprising. An investigation by Breaker last year , found that half of the crypto -media outlets they contacted would accept money to publish information about ICOs as if it were independent editorial content.

Hunter Jones

Hunter Jones

Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *