Thursday, April 16, 2020

Tries to Steal Crypto Through Fake Google Chrome Wallet Extensions by Mystery Hacker



Harry Denley, director of security at wallet provider MyCrypto, who identified the fake wallet extensions, said in a report Tuesday that Google has so far removed 49 extensions that purported to be well-known crypto wallets from its Chrome Web Store.

The fake extensions are basic phishing plays. Posing as legitimate wallets, they leak personal information inputted by users, such as private keys and passwords, to the hacker, who can then drain balances in a matter of seconds.

The fakes detected have so far claimed to be wallets such as Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey. Test amounts of crypto sent by Denley have not been picked up, suggesting that either the hacker has to manually empty wallets or that they are only interested in comparatively large balances.

On the Chrome Web Store, most of these apps had consistently good reviews written typically in simplistic or broken English. On the basis that the admin email appears to be a Russian one, it's possible the hacker could also be based there, Denley noted.

More than half of all malicious extensions reported have claimed to be hardware wallet maker Ledger – nearly double the next largest, MyEtherWallet, which was 22 percent of fake extensions. There's no obvious reason why the hacker decided to focus so much on Ledger, Denley said in his report.

When asked if there's a way to prevent hackers from creating new fake extensions, Denley told CoinDesk: "Not really, though Google could use the data from the 49 extensions we've flagged to build some detection – though it could be easily bypassed."

"Most of the malicious extensions had the same structure and same files which could be analysed," he said. "The only way I can think of limiting the victim pool is by education and normalising the behaviour of not entering raw secrets into [user interfaces]."

Denley has highlighted serious security threats in cryptocurrency wallets before. Last year, he wrote a paper showing how one supposedly secure wallet provider was in fact issuing the same private keys to multiple users.

Denley first detected the fake wallets back in February. Since then, the number of reported phishing attacks has risen exponentially on a month-on-month basis. Because the hacker has not yet been identified, it's possible they could continue creating fake wallet extensions ad infinitum. 


from Cryptocurrency News | Bitcoin News | Altcoins news
Tries to Steal Crypto Through Fake Google Chrome Wallet Extensions by Mystery Hacker

from Crypto Crew https://obenilcrew.blogspot.com/2020/04/tries-to-steal-crypto-through-fake.html
via Tries to Steal Crypto Through Fake Google Chrome Wallet Extensions by Mystery Hacker cryptoeconomi

Sunday, April 12, 2020

Amid Nth Room Sexual Exploitation Case Rumors,Huobi Korea Delists XMR



Huobi Korea announced on April 8 that they might be ending support for Monero (XMR) trading starting on April 9, 2020. They stated that this was thanks to "low trading volumes and anonymity functions". They didn't , however, reference the recent Nth room case, during which South Korean media has speculated the exploitation ring used XMR to finish anonymous transactions.

According to the South Korean newspaper, Sisa Journal, headlines covering the sexual exploitation case remained rampant within the country, with many news outlets suggesting that Monero has been used for criminal acts, specifically within the Nth case.

The quoted case is an ongoing criminal investigation that allegedly involved sexual exploitation and therefore the distribution of videos containing rapes among Telegram chat rooms.

Bithumb still lists XMR in South Korea despite the reports

Sisa Journal is additionally reporting that another cryptocurrency exchange, Bithumb, has been struggling for its decision to continue listing XMR for trade. consistent with local newspapers, it's the sole remaining Korean exchange to try to to so.

Huobi gave the subsequent official statement regarding Monero’s delisting decision:

“We decided to finish the transaction to stop things that would be caused by poor transaction volume and Monero’s anonymity.”

However, as Sisa Journal states, there's no conclusive evidence that XMR has been used for transactions within Telegram chat rooms, where it's been reported that 74 females are victims, and a few of them are minors.

The South Korean newspaper reports that the person accused of leading the sexual exploitation ring, Cho Joo-bin, preferred Monero payments for his or her untraceable attributes. it had been also allegedly wont to pay the chatroom’s admins a monthly salary.

Cryptocurrency exchanges aiding within the investigation

On Annunciation , Cointelegraph reported that four cryptocurrency exchanges reportedly are assisting local enforcement authorities within the investigations.

Upbit, Bithumb, Coinone, and Korbit are allegedly performing on trying to reveal the identity of these who transacted to realize access to the videos.


from Cryptocurrency News | Bitcoin News | Altcoins news
Amid Nth Room Sexual Exploitation Case Rumors,Huobi Korea Delists XMR

from Crypto Crew https://obenilcrew.blogspot.com/2020/04/amid-nth-room-sexual-exploitation-case.html
via Amid Nth Room Sexual Exploitation Case Rumors,Huobi Korea Delists XMR cryptoeconomi