Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

'Tor and Bitcoin Hinder Anti-Piracy Efforts' ( 103

An anonymous reader writes: A new report published by the European Union Intellectual Property Office identifies a wide range of 'business models' that are used by pirate sites. The organization, which announced a new collaboration with Europol this week, signals Bitcoin and the Tor network as two key threats to ongoing anti-piracy efforts. According to the research, several infringing business models rely on encryption-based technologies. The Tor network and Bitcoin, for example, are repeatedly mentioned as part of this "shadow landscape." "It more and more relies on new encrypted technologies like the TOR browser and the Bitcoin virtual currency, which are employed by infringers of IPR to generate income and hide the proceeds of crime from the authorities," the report reads.

Ex-Google Engineer Launches Blockchain-Based System For Banks ( 62

An anonymous reader quotes a report from Reuters: A former Google engineer, whose speech recognition software is used in more than a billion Android smartphones, has launched a company that uses blockchain technology to build a new operating system for banks. Paul Taylor, a Cambridge University academic with an expertise in artificial intelligence, speech synthesis and machine learning, started working on the system, called Vault OS, two years ago in a basement in London's Shoreditch district, known for being a tech start-up hub. The technology, which underpins the digital currency bitcoin, creates a shared database in which participants can trace every transaction ever made. The ledger is tamper-proof and transparent, meaning that transactions can be processed without the need for third-party verification. The system also negates the need for costly in-house data centers, as it uses cloud-based systems, which banks can use on a "pay-as-you-go" basis, which means that there is no single point of failure. Taylor said major high-street banks were spending around a billion pounds ($1.3 billion) a year on computer technology, much of which he said was being used for propping up the current "legacy" systems rather than on any innovative technology. The start-up has been working with about ten banks, Taylor said, at least one of which would be starting a trial using the new system in August. He expects the system to be up-and-running within about a year. In banking-related news, a Congressional report shows that China's spies hacked into computers at the Federal Deposit Insurance Corporation (FDIC) from 2010 until 2013 and American government officials tried to cover it up.

Bitcoin 'Miners' Face Fight For Survival As New Supply Halves ( 164

SpzToid quotes a report from Reuters: On Saturday, the reward for [bitcoin] miners will be slashed in half. Written into bitcoin's code when it was invented in 2008 was a rule dictating that the prize would be halved every four years, in a step designed to keep a lid on bitcoin inflation. From around 1700 GMT on Saturday, instead of 25 bitcoins up for grabs globally every 10 minutes, worth around $16,000 at the current rate BTC=BTSP, there will be just 12.5. That means only the mining companies with the leanest operations will survive the ensuing profit hit. "The most important thing is to be the most efficient miner," said Streng, the 26-year-old co-founder of German firm Genesis Mining, which has "mining farms" in Canada, the United States and eastern Europe, as well as in Iceland. "When the others drop out, that means that they leave the market and give you a bigger share of the pie."

How China Took Control of Bitcoin ( 165

Slashdot reader Rick Zeman quotes the New York Times: In its early conception, Bitcoin was to exist beyond the control of any single government or country. It would be based everywhere and nowhere... Yet despite the talk of a borderless currency, a handful of Chinese companies have effectively assumed majority control of the Bitcoin network. They have done so through canny investments and vast farms of computer servers dispersed around the country...there are fears that China's government could decide, at some point, to pressure miners in the country to use their influence to alter the rules of the Bitcoin network. The government's intervention in 2013 suggests that Bitcoin is not too small to escape notice.
United Kingdom

Will Brexit Hurt International Cyber-Security? ( 197

The Brexit shock continues to reverberate throughout the global economic and policy worlds. Andrea Limbago from the security company Endgame responds to a poll showing that most security professionals have concerns about Brexit: Will it weaken cybersecurity because of additional bureaucratic hurdles to information sharing with the EU, as well limited cross-national collaboration in fighting cyber criminals? There is also concern about the possibility of a brain drain -- in-demand security talent pool fleeing the UK -- which could increasingly impact security and data protection.
Limbago suggests tech workers in Britain's financial sector may feel the impact, "with Bitcoin surging and the pound dropping.... London's role as the financial hub is now threatened thanks to the Brexit, the rise of digital currencies, and the EU's move toward greater digital integration." And there's also the possibility of "a push for digital sovereignty and greater national control over the Internet." But another poll found that 64% of information security professionals didn't think Brexit would affect Britain's ability to defend against cyber-attacks. Can security professionals continue their inter-nation cooperation, elevating data and security concerns over new administrative differences between Europe and the U.K.?

Europe's 'Net Neutrality' Rules Fail to Ban BitTorrent Throttling ( 81

Europe has finally agreed on a set of net neutrality rules. According to a report on TorrentFreak, these rules offer improvements for some individual members states, various activist groups and experts. But the current language would also allow ISPs to throttle BitTorrent traffic permanently if that would optimize overall "transmission quality." From the report (edited):"Europe's new net-neutrality rules should ban throttling BitTorrent, but they don't. They leave ISPs a loophole," said Holmes Wilson of Fight for the Future (FFTF), one of the driving forces behind the Save Net Neutrality campaign. "ISPs can say they're doing it for 'traffic management' purposes -- even when their networks aren't clogged, because the rules say they can throttle to 'prevent impending network congestion,'" he adds. In addition to file-sharing traffic, the proposed rules also allow Internet providers to interfere with encrypted traffic including VPN connections. Since encrypted traffic can't be classified through deep packet inspection, ISPs may choose to de-prioritize it altogether. In theory, ISPs may choose to throttle any type of traffic they want, as long as they frame it as a network congestion risk. "So if your ISP is lazy, or wants to cut corners and save money, they can throttle BitTorrent, or VPNs, or Bitcoin, or Tor, or any class of traffic they can identify," Wilson says.

New and Improved CryptXXX Ransomware Rakes In $45,000 In 3 Weeks ( 124

An anonymous reader writes:Whoever said crime doesn't pay didn't know about the booming ransomware market. A case in point, the latest version of the scourge known as CryptXXX, which raked in more than $45,000 in less than three weeks. Over the past few months, CryptXXX developers have gone back and forth with security researchers. The whitehats from Kaspersky Lab provided a free tool that allowed victims to decrypt their precious data without paying the ransom, which typically reaches $500 or more. Then, CryptXXX developers would tweak their code to defeat the get-out-of-jail decryptor. The researchers would regain the upper hand by exploiting another weakness and so on. Earlier this month, the developers released a new CryptXXX variant that to date still has no decryptor available. Between June 4 and June 21, according to a blog post published Monday by security firm SentinelOne, the Bitcoin address associated with the new version had received 70 bitcoins, which at current prices is valued at around $45,228. The figure doesn't include revenue generated from previous campaigns.

Crypto Ransomware Attacks Have Jumped 500% In The Last Year ( 36

Kaspersky Lab is reporting that the last year saw a 500% increase in the number of users who encountered crypto ransomware. Trailrunner7 shares an article from On The Wire: Data compiled by Kaspersky researchers from the company's cloud network shows that from April 2015 to March 2016, the volume of crypto ransomware encountered by users leapt from 131,111 to 718,536. That's a massive increase, especially considering the fact that ransomware is a somewhat mature threat. It didn't just burst onto the scene a couple of years ago. Kaspersky's researchers said the spike in crypto ransomware can be attributed to a small group of variants. "Looking at the malware groups that were active in the period covered by this report, it appears that a rather short list of suspects is responsible for most of the trouble caused by crypto-ransomware..."

It's difficult to overstate how much of an effect the emergence of ransomware has had on consumers, enterprises, and the security industry itself. The FBI has been warning users about crypto ransomware for some time now, and has consistently advised victims not to pay any ransoms. Security researchers have been publishing decryption tools for specific ransomware variants and law enforcement agencies have had some success in taking down ransomware gangs.

Enterprise targets now account for 13% of ransomware attacks, with attackers typically charging tens of thousands of dollars, the article reports, and "Recent attacks on networks at the University of Calgary and Hollywood Presbyterian Medical Center have demonstrated the brutal effectiveness of this strategy."

Australian 'Bitcoin Founder' Quietly Bidding For Patent Empire ( 45

An anonymous reader quotes a report from Reuters: Craig Wright, the Australian who claimed to be the inventor of bitcoin, is attempting to build a large patent portfolio around the digital currency and technology underpinning it, according to associates of his and documents reviewed by Reuters. Since February, Wright has filed more than 50 patent applications in Britain through Antigua-registered EITC Holdings Ltd, which a source close to the company confirmed was connected to Wright, government records show. Interviews with sources close to EITC Holdings Ltd, which has two of Wright's associates as directors, confirmed it was still working on filing patent applications and Britain's Intellectual Property Office has published another 11 patent applications filed by the company in the past week. The granting of even some of the patents would be significant for banking and other industries that are trying to exploit bitcoin technologies, as well as dozens of start-ups scurrying to build business models based around it. Patents that Wright has applied for range from a mechanism for paying securely for online content to an operating system for running an "internet of things" on blockchain. A patent schedule, one of a number of documents relating to the applications shown to Reuters by a person close to the EITC Holdings, outlines plans to apply for about 400 in total.
The Almighty Buck

Ethereum Debate Marred By Second Digital Currency Heist ( 44

Thursday's news of a $50 million heist of digital currency at Ethereum. was followed today by reports of a second heist from the DAO, according to the Bitcoin News Service -- this one for just 22 Ether. "It appears this is just someone who wanted to test the exploit and see if they could use it to their advantage... " Slashdot reader Patrick O'Neill writes: The currency's community is currently debating a course forward for a currency who is built on the idea that it is governed by software and not human beings. One option is to fork the code, another is to do absolutely nothing at all."
Vitalik Buterin, the co-founder of Ethereum, posted Sunday that "Over the last day with the community's help we have crowdsourced a list of all of the major bugs with smart contracts on Ethereum so far, including both the DAO as well as various smaller 100-10000 ETH thefts and losses in games and token contracts." The list begins by including "The DAO (obviously)," but is followed by a warning that "progress in smart contract safety is necessarily going to be layered, incremental, and necessarily dependent on defense-in-depth. There will be further bugs, and we will learn further lessons; there will not be a single magic technology that solves everything."

The Daily Dot wrote Friday that "Because of the way the code in question is written, Etherum's developers and community have 27 days to decide what to do before the hackers are able to move the money and cash out... What's happening now amounts to a political campaign. But the debate is far from over. The clock is ticking now, the world is watching, and the next step of the cryptocurrency experiment is unfolding under a spotlight burning hotter every day."

Digital Currency Ethereum Is Cratering Amid Claims Of a $50 Million Hack ( 116

Digital currency Ethereum's value has dropped amid a hack on DAO (Decentralised Autonomous Organisation), an organisation with huge holdings of Ethereum (Wikipedia page). Its value is now below $15, down from more than $21 a few minutes ago. It is believed that as much as $50 million of the digital currency has been stolen. From a blog post on DAO: An attack has been found and exploited in the DAO, and the attacker is currently in the process of draining the ether contained in the DAO into a child DAO. The attack is a recursive calling vulnerability, where an attacker called the "split" function, and then calls the split function recursively inside of the split, thereby collecting ether many times over in a single transaction.From a Quartz report: It's no surprise that cryptocurrency markets are in a panic. Funds invested in the DAO represents more than 10% of all the ether in circulation ($81.8 million worth). A massive hack on the DAO's holdings would be roughly equivalent to a successful heist at a major financial institution.

Access To Thousands Of Compromised Government Servers Selling For $6 On Black Market 28

An anonymous reader writes: Researchers have uncovered an underground market selling information of over 70,000 compromised servers. Russia-based Kaspersky Lab revealed that the online forum, named xDedic, seems to be operated by a Russian-speaking organisation and allows hackers to pay for undetectable access to a wide range of servers, including those owned by government, corporate and academic groups in more than 170 countries. Access to a compromised server can be bought for as little as $6. This kit comes with relevant tools to instruct on launching denial-of-service attacks and spam campaigns on the targeted network, as well as allowing criminals to illegally produce bitcoin and breach online systems, such as retail payment platforms.

New Device Sold On The Dark Web Can Clone Up To 15 Contactless Cards Per Second ( 193

An anonymous reader writes from a report via Softpedia: "A criminal group going under the name of The CC Buddies is selling a hi-tech device on the Dark Web that's capable of copying details from contactless debit cards if held as close as eight centimeters away from a victim's card," reports Softpedia. The device, named Contactless Infusion X5, is extremely dangerous because it can copy up to 15 bank cards per second, something that may come in handy if a crook is going through a crowd at a concert or through a crowded subway cart. The device can collect data such as the card's number and expiration date. If the debit card's RFID chip stores information such as the card holder's name, home address, and a mini statement, X5 can steal that data as well. The X5 is sold on the Dark Web for only 1.2 Bitcoin (~$825), and its creators say that each buyer will receive the X5 device, a USB cable for charging and data transfers, and 20 blank plastic cards.

Ransomware Thieves Cost Canada University C$20,000 In Bitcoin ( 87

dkatana writes: The University of Calgary paid C$20,000 ransom this week after an attack on May 28 targeted computers used by staff and faculty members, crippling multiple systems and encrypting data files and email accounts. After determining that they were unable to recover the data the ransom was paid to "protect the quality and nature of the information we generate at the university," said an official in a press release.

The fact that higher education institutions are now being targeted by ransomware is raising serious questions about their ability to protect their data and critical information systems.

IT World Canada has more details, noting that the university has reported the incident to the police, and that Trend Micro "has seen a 20% uptick in malicious requests to command and control infrastructure from infected machines over the last three months" -- several thousand requests a day.

Over 100M Accounts of Russia's Largest Social Network VK On Sale ( 28

Accounts of over 100 million users of, Russia's largest social network is being traded on the digital underground. A hacker who goes by the alias "Peace," listed the date for sale on a dark web marketplace. Vice's Motherboard publication reports that it received a dataset of over 100,544,934 records from Peace. From the report: According to Peace, the passwords were already in plain text when the site was hacked, and were not cracked at a later date. Peace is selling the data for 1 bitcoin, or around $570 at today's exchange rates. Out of 100 randomly selected email addresses from the larger dataset, 92 corresponded to active accounts on the site, Motherboard found. A Russian friend contacted by Motherboard confirmed that the password was correct.The report adds that the actual hack occurred between 2011 and 2013, and that Peace has data of another 70 million users that it isn't selling right now.

Mark Zuckerberg's Twitter and Pinterest Accounts Hacked ( 99

An anonymous reader writes: Saudi Arabian hacking group OurMine yesterday claimed responsibility for the defacement of Mark Zuckerberg's Twitter and Pinterest accounts, claiming additionally that the Facebook CEO re-used the very low-security password 'dadada' across the accounts. The hack was facilitated by the 2012 data breach of unsalted LinkedIn passwords, offered for sale by hacker 'peace' last month at an equivalent price in Bitcoin of approximately $2,200.The aforementioned group said to have hacked Zuckerberg's Instagram account as well, a claim that has since been refuted by a Facebook spokesperson. Zuckerberg's Google+ account remains intact if you're wondering.

Bitcoin Sting Operation Nabs Egyptian Dentist ( 121

An anonymous reader writes:A 30-year-old dentist has been apprehended by Egyptian authorities for conducting bitcoin-to-dollar transactions on, a popular digital currency trading portal... According to today's post on the Facebook page of The Ministry of the Interior, Mr. Ahmed was captured with $13,900 in cash, as well as a cellular phone and a smart tablet that were used in the trading operation. Authorities setup Ahmed by contacting him about a potential deal on LocalBitcoins, where Ahmed was selling the digital currency for $570 per coin.
The strangest part of the article is "it is unclear what specific law Mr. Ahmed was breaking, as there are no regulations on digital currencies in Egypt."

Bitcoin Price Jumps 21% Over 4 Days, Reaching a 21-Month High ( 106

An anonymous reader shares a TechCrunch report: Bitcoin is back! Or at least, there are positive signs indicating that bitcoin might not be as dead as everybody thought. Bitcoins are now trading at $547.40 on Bitfinex (the largest USD/bitcoin exchange according to Bitcoinity). And it represents a big 21.4 percent price jump over just four days. Today's price represents a 21-month high. Surprisingly, bitcoin prices had been relatively stable for the last two months before this weekend's jump. What's the reason behind this jump? It's hard to say. Huobi and OKCoin, the two dominant Chinese exchanges, have seen many new sign-ups, as well as many buy orders. Increasingly, bitcoin's price variations are correlated with macroeconomic trends in China. These trends tell us that China still fears a deflation.

Miami Money-Laundering Case May Define Whether Bitcoin Is Really Money ( 121

David Gilbert, reporting for IBTimes: Michell Espinoza, a 32-year-old computer programmer, was arrested for attempted money-laundering in 2014 when he sold $1,500 worth of bitcoin to undercover FBI agents who said they were going to use them to buy stolen credit cards. Now in a Florida courtroom, Espinoza and his lawyers are trying to get the charges dismissed on the grounds that bitcoin, under Florida law, should not be defined as actual money. (Editor's note: the source has annoying auto-playing videos. Alternatively you can use the link below.) This is thought to be the first case of its kind and the ruling by Miami-Dade Circuit Judge Teresa Mary Pooler will be watched with great interest not only in the U.S., but around the world. "This is the most fascinating thing I've heard in this courtroom in a long time," Pooler said on Friday. A ruling is not expected for several weeks yet.The report also cites the take of Charles Evans, Associate Professor of Finance and Economics at Barry University, who provided evidence on behalf of the defense and told the court that bitcoin, in his opinion, is not money. He said, "Basically, it's poker chips that people are willing to buy from you." Miami Herald has more details.

Researchers Criticize New DAO Ethereum VC Fund ( 39

Three cryptocurrency experts published a scientific paper Friday detailing seven attacks that could influence how the Decentralized Autonomous Organization (DAO) allocates its Ether funds. An anonymous Slashdot reader writes, "Coincidentally or not, they released their work with one day before funding for the DAO closed, and not surprisingly, Ether's price went down, devaluing the DAO from $150 million to $132 million."

From Softpedia: DAO is a crowdfunded project that works on the Ethereum network, a new crypto-currency network that deals with crypto-currency named Ether, which many experts say is better than Bitcoin's blockchain... Investors can submit funding proposals, on which the DAO users vote by submitting some of their tokens and a YES/NO vote. In the end, based on the tokens and YES/NO votes, the DAO's computer program decides on the outcome.
Softpedia reports that the paper released Friday also suggests a series of mitigations to a design they say will "incentivize investors to behave strategically; that is, at odds with truthful voting on their preferences."

Slashdot Top Deals