Bitcoin

South Korean Web Hosting Provider Pays $1 Million In Ransomware Demand (bleepingcomputer.com) 97

An anonymous reader writes: Nayana, a web hosting provider based in South Korea, announced it is in the process of paying a three-tier ransom demand of nearly $1 million worth of Bitcoin, following a ransomware infection that encrypted data on customer' servers. The ransomware infection appears has taken place on June 10, but Nayana admitted to the incident two days later, in a statement on its website.

Attackers asked for an initial ransom payment of 550 Bitcoin, which was worth nearly $1.62 million at the time of the request. After two days of negotiations, Nayana staff said they managed to reduce the ransom demand to 397.6 Bitcoin, or nearly $1 million. In a subsequent announcement, Nayana officials stated that they negotiated with the attackers to pay the ransom demand in three installments, due to the company's inability to produce such a large amount of cash in a short period of time.

On Saturday, June 17, the company said it already paid two of the three payment tranches. In subsequent announcements, Nayana updated clients on the server decryption process, saying the entire operation would take up to ten days due to the vast amount of encrypted data. The company said 153 Linux servers were affected, servers which stored the information of more than 3,400 customers.

Bitcoin

NYTimes: Move Over, Bitcoin. Ether Is the Digital Currency of the Moment. (nytimes.com) 117

An anonymous reader shares a report: The price of Bitcoin has hit record highs in recent months, more than doubling in price since the start of the year. Despite these gains, Bitcoin is on the verge of losing its position as the dominant virtual currency. The value of Ether, the digital money that lives on an upstart network known as Ethereum, has risen an eye-popping 4,500 percent since the beginning of the year (alternative source). With the recent price increases, the outstanding units of the Ether currency were worth around $34 billion as of Monday -- or 82 percent as much as all the Bitcoin in existence. At the beginning of the year, Ether was only about 5 percent as valuable as Bitcoin. The sudden rise of Ethereum highlights how volatile the bewildering world of virtual currency remains, where lines of computer code can be spun into billions of dollars in a matter of months. [...] The two-year old system has picked up backing from both tech geeks and big corporate names like JPMorgan Chase and Microsoft, which are excited about Ethereum's goal of providing not only a digital currency but also a new type of global computing network, which generally requires Ether to use. In a recent survey of 1,100 virtual currency users, 94 percent were positive about the state of Ethereum, while only 49 percent were positive about Bitcoin, the industry publication CoinDesk said this month.
Encryption

Microsoft, Accenture Team Up On Blockchain-based Digital ID Network (reuters.com) 53

Accenture and Microsoft are teaming up to build a digital ID network using blockchain technology, as part of a United Nations-supported project to provide legal identification to 1.1 billion people worldwide with no official documents. From a report: The companies unveiled a prototype of the network on Monday at the UN headquarters in New York during the second summit of ID2020, a public-private consortium promoting the UN 2030 Sustainable Development Goal of providing legal identity for everyone on the planet. The project aims to help individuals such as refugees prove who they are in order to gain access to basic services such as education and healthcare. Blockchain, first developed as a public ledger of all transactions in the digital currency bitcoin, is increasingly being used to securely track data in other fields.
The Almighty Buck

Is Coinbase Closing Accounts For Paying Ransoms With Bitcoins? (coindesk.com) 200

Even as some comparnies are stockpiling bitcoins so they can quickly pay ransom demands, security firms that try paying those ransoms may face losing their accounts on Coinbase. Slashdot reader Mosquito Bites quotes a report from CoinDesk: Less than a year ago, Vinny Troia, CEO and principal security consultant of Night Lion Security and a certified white hat hacker, was sent a compliance form by US bitcoin exchange Coinbase, where he had an account. Coinbase wanted to know how Troia was using bitcoin and his account. "I told them I run a security firm. I pay for ransoms and buy documents on the dark web when clients request it," Troia told CoinDesk. The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years. Many, like the well-publicized WannaCry attack, are asking for bitcoin.

And the documents? Troia said, "We do breach investigations a lot of times. If a fraudster is saying they're selling my client's stolen documents, the only way to make sure they have what they say they have is to buy those documents." According to Troia, Coinbase "did not like that at all." Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists. But, "I have my clients authorizing me to do this," he said. Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account... "My entire family is blocked from Coinbase," he said.

The Almighty Buck

Venezuelans Flock To Cryptocoins Amid Spiralling Inflation (bloomberg.com) 126

An anonymous reader quotes Bloomberg: Demand for digital coins is soaring in Venezuela amid an escalating political crisis that has protesters demanding that President Nicolas Maduro step down. Inflation has spiraled to the triple digits, debasing the bolivar and depleting savings, while citizens struggle to find everything from food to medicine on store shelves. "If you're going to be in something volatile, you might as well be in something that's volatile and rising than volatile and falling," says Ryan Taylor, chief executive officer of crypto currency Dash Core, the third-largest digital coin by number of transactions... Bitcoin trading volume in Venezuela jumped to $1.3 million this week, about double the amount that changed hands two months ago, according to LocalBitcoins.com...

Venezuela's currency has become nearly worthless in the black market, where it takes more than 6,000 bolivars to buy $1, while bitcoin surged 53 percent in the past month alone. But it's not just about shielding against the falling bolivar, as some Venezuelans are using crypto currencies to buy and sell everyday goods and services, according to Jorge Farias, the CEO of Cryptobuyer.

Bitcoin

Why Ethereum Is Outpacing Bitcoin (venturebeat.com) 150

Even as Bitcoin hits its all-time high, people's interest in other cryptocurrencies hasn't waned, especially Ethereum. But what makes Ethereum popular among some? From an article on VentureBeat: Despite its recent appreciation in value, as a technology, Bitcoin has stagnated over the last three years. Two rival factions have emerged with violently opposing views on what should be done to allow the Bitcoin network to handle more transactions than it can right now. While Bitcoin has been paralysed by indecision, Ethereum has raced ahead with technology that not only does everything Bitcoin can do faster, in higher volume, and at lower cost -- it does a lot more besides. [...] Bitcoin is really only useful as a store of value. Even then, its usefulness for actually transacting value is limited. In a world where people are used to online payments being confirmed instantly, Bitcoin transactions can take anywhere from tens of minutes to several hours, depending on how busy the network is. It's also expensive -- especially if you're only sending small amounts. The average transaction currently costs about $1.50. Ethereum, on the other hand, was never intended as a Bitcoin competitor. Ethereum is actually a platform for new kinds of decentralized (often financial) applications (dApps) that run on a peer-to-peer network of computers. These dApps are designed to disintermediate the kinds of relationships and transactions for which we have traditionally required things like banks, public registries, and the legal system. For technologists, this is exciting stuff, and a vibrant community of software developers has enthusiastically embraced it. Hundreds of projects, startups, and companies at every scale -- including the likes of Intel, Microsoft, and Samsung -- are building software using Ethereum.
Bitcoin

Opioid Dealers Embrace the Dark Web To Send Deadly Drugs by Mail (nytimes.com) 175

Anonymous online sales are surging, and people are dying. Despite dozens of arrests, new merchants -- many based in Asia -- quickly pop up. From a report on the New York Times: In a growing number of arrests and overdoses, law enforcement officials say, the drugs are being bought online. Internet sales have allowed powerful synthetic opioids such as fentanyl -- the fastest-growing cause of overdoses nationwide -- to reach living rooms in nearly every region of the country, as they arrive in small packages in the mail (syndicated source). The authorities have been frustrated in their efforts to crack down on the trade because these sites generally exist on the so-called dark web, where buyers can visit anonymously using special browsers and make purchases with virtual currencies like Bitcoin. The problem of dark web sales appeared to have been stamped out in 2013, when the authorities took down the most famous online marketplace for drugs, known as Silk Road. But since then, countless successors have popped up, making the drugs readily available to tens of thousands of customers who would not otherwise have had access to them. Among the dead are two 13-year-olds, Grant Seaver and Ryan Ainsworth, who died last fall in the wealthy resort town of Park City, Utah, after taking a synthetic opioid known as U-47700 or Pinky. The boys had received the powder from another local teenager, who bought the drugs on the dark web using Bitcoin, according to the Park City police chief.
Bitcoin

What the Hell Is Happening To Cryptocurrency Valuations? (techcrunch.com) 258

The investment category of cryptocurrencies hit a new milestone this week, one that would have been unfathomable just a couple of years ago: $100 billion in combined market capitalization. The break above the 12-digit threshold is largely attributable to bitcoin, which is by far the largest digital currency in the still-nascent category, and which has been on a tear lately. From a TechCrunch article: There is one rational explanation that, if true, would totally justify this rapid increase in price across some of the major cryptocurrencies. And that is, maybe these currencies are actually worth these high prices, and maybe even worth many times more than that at which they are currently trading. But the problem is we have no way to figure out their value. Cryptocurrencies aren't public companies with earnings and expenses and EPS. For example, we can look at Apple's financials and determine its book value -- what the company's assets would be worth if hypothetically liquidated today. Of course, stocks trade at a premium to this, because people are enthusiastic that Apple will continue to perform well and this book value will continue to rise. But we can't do this with cryptocurrencies. We could guess -- and compare it to things like the total money or gold supply in the U.S. For example, if you're someone who thinks of cryptocurrencies as a store of value, the total estimated value of all gold in the world is more than $8 trillion dollars... meaning if bitcoin would ever replace or supplant gold, its current value is pennies on the dollar.
AMD

GPU and Motherboard OEMs Readying Components Optimized For Cryptocurrency Mining (hothardware.com) 77

MojoKid writes: With the popularity of upstart cryptocurrencies like Ethereum on the rise and the value of well-established currencies like Bitcoin steadily increasing, there is new-found interest in cryptocurrency mining. As such, there is another run on AMD and NVIDIA GPUs, which is driving up prices. In an effort to prevent the same kind of GPU shortages that happened in the past, reports have surfaced claiming that AMD and NVIDIA are both readying stripped-down graphics cards, specifically targeting cryptocurrency miners. At Computex, ASRock also announced a new motherboard targeted at cryptocurrency miners, the ASRock H110 Pro BTC+. The ASRock H110 Pro BTC+ is packing 13 PCI Express slots -- twelve x1 slots and one x16 slot -- to accommodate as many graphics cards. ASRock didn't specify pricing or when the H110 Pro BTC+ will be available, however. And the reports that AMD and NVIDIA graphics card for mining will be made available sometime at the end of the June are as yet unconfirmed.
The Almighty Buck

Bitcoin Exchange Coinbase Reportedly Valued At $1 Billion (reuters.com) 72

An anonymous reader quotes Reuters: Bitcoin exchange Coinbase Inc. is in talks with potential investors on a new round of funding at a valuation of more than $1 billion, the Wall Street Journal reported on Friday. It is not clear which investors are committing to the round, which was described as targeting around $100 million or more, the Journal reported, citing people familiar with the matter... Demand for crypto-assets has soared with the creation of new tokens to raise funding for start-ups using blockchain technology. Coinbase said in January it raised $75 million from several major financial institutions including the New York Stock Exchange, USAA Bank and Spanish banking group BBVA.
Though Bitcoins were selling for $892 in January, they've nearly tripled in value over the last five months. Despite the fact that Coinbase "suffered outages" last week, the price of Bitcoin still rose 13.6% over the next nine days to $2561.
The Almighty Buck

Messenger App Kik Debuts Its Own Digital Currency (bloomberg.com) 51

The messaging app Kik Interactive has decided to create its own digital currency. Kik's plans are for an "initial coin offering," a process by which it sells tokens that can be used to buy services on its platform. "The idea is that as more and more people use Kik, the value of those tokens, called 'Kin,' will rise in value," reports TechCrunch. From the report: Kik, which has raised about $120 million (in real money) from investors including Tencent Holdings Ltd., could serve to add a new layer of legitimacy to the process. "Kik will be the largest install base of cryptocurrency users in the world," Chief Executive Officer Ted Livingston said. "Kin, on day one will be the most-used cryptocurrency in the world." The move comes as Kik finally reveals how many people actually use its app regularly each month: 15 million. That's a far-cry from the 300 million total registered users number it was sharing around this time last year. Kik plans to gift a certain amount of Kin to each user. They'll be able use the new currency to buy games, live video streams and other digital products. The company's goal is to attract new merchants to sell on the platform, creating a snowball effect where Kin becomes more valuable and more sellers pile onto Kik, increasing its popularity.
Bitcoin

Bitcoin Surges 10% To All-Time High Above $2,700, Has Now Doubled in May (cnbc.com) 139

An anonymous reader writes: In another intraday jump of more than $200, bitcoin surged to a record Thursday on strong Asian demand overnight. Bitcoin jumped more than 10 percent to an all-time high of $2,752.07, more than twice its April 30 price of $1,347.96 according to CoinDesk. The digital currency last traded near $2,726. At Thursday's record, Bitcoin has now gained more than 45 percent since last Thursday and more than 180 percent for the year so far. "There is no question that we are in the middle of a price frenzy," said Brian Kelly of BKCM, in a note to clients Thursday. "There will be a correction and it could be severe, but it's unclear if that correction will start from current prices of $2700 or from some place much higher."
Bitcoin

Ethereum Could Be Worth More Than Bitcoin Very Soon (inc.com) 84

Ethereum is an open software platform based on blockchain technology that enables developers to build and deploy decentralized applications, according to Blockgeeks. It is currently the second most valuable cryptocurrency on the planet, but it could overthrow Bitcoin and become the most valuable cryptocurrency in the near future. Inc.com reports: If you aren't familiar, what Bitcoin does for payments, Ethereum does for anything involving programming and computing. While it utilizes its own version of a blockchain, it is functionally different from Bitcoin. For example, on the Ethereum platform you could host a crowdfunding campaign or any type of "smart contract." Ethereum's goal is to make a decentralized internet. And it has a very good shot at becoming "the new internet," literally. It could one day replace a lot of technology and ways that we host and execute code online. As of the time of writing, Ethereum has a market cap of over $17 billion. Bitcoin's market cap is $34 billion. This makes Ether (the name of Ethereum's token) the second most valuable cryptocurrency in the world. And that number jumped up over $3 billion just yesterday. It's making a major climb and has no end in sight, according to many. The Enterprise Ethereum Alliance is what initially spiked major interest (and shot up the price). Just the other day, 86 new companies joined the alliance.
The Almighty Buck

Bitcoin Price Hits Fresh Record High Above $2,200 (cnbc.com) 172

An anonymous reader writes: Monday marks the seven-year anniversary of Bitcoin Pizza Day -- the moment a programmer named Laszlo Hanyecz spent 10,000 bitcoin on two Papa John's pizzas. More important than the episode being widely recognized as the first transaction using the cryptocurrency is what it tells us about the bitcoin rally that saw it break through the $2,100 mark on Monday. Bitcoin was trading as high as $2,185.89 in the early hours of Monday morning, hitting a fresh record high, after first powering through the $2,000 barrier over the weekend, according to CoinDesk data. Throughout the weekend, the value of cryptocurrency was looming around $2,000.
Botnet

Attackers DDoS WannaCry Kill Switch (venturebeat.com) 73

An anonymous reader quotes VentureBeat: As of late Friday, after many of the deadlines threatening data deletion had passed, few victims had paid ransoms. According to Elliptic Enterprises, only about $94,000 worth of ransoms had been paid via Bitcoin, which works out to less than one in a thousand of the 300,000 victims who were reportedly affected by WannaCry... While not as bad as feared, ransomware (not to mention cybersecurity threats in general) isn't going away. Wired reported that the domain registered by Hutchins has been under intense denial-of-service attacks delivered by an army of IoT devices marshalled, zombie-like, by Mirai.
Movies

Disney Chief Bob Iger Says Hackers Claim To Have Stolen Upcoming Movie (hollywoodreporter.com) 121

An anonymous reader quotes a report from Hollywood Reporter: Walt Disney CEO Bob Iger revealed Monday that hackers claiming to have access to a Disney movie threatened to release it unless the studio paid a ransom. Iger didn't disclose the name of the film, but said Disney is refusing to pay. The studio is working with federal investigators. Iger's comments came during a town hall meeting with ABC employees in New York City, according to multiple sources. The Disney chief said the hackers demanded that a huge sum be paid in Bitcoin. They said they would release five minutes of the film at first, and then in 20-minute chunks until their financial demands are met. While movie piracy has long been a scourge, ransoms appear to be a new twist. UPDATE: According to Deadline, the movie in question appears to be the upcoming film Pirates of the Caribbean: Dead Men Tell No Tales. Disney appears to be working with the FBI and will not pay the ransom.
Security

PCs Connected To the Internet Will Get Infected With WanaDecrypt0r In Minutes (bleepingcomputer.com) 82

An anonymous reader writes: "The Wana Decrypt0r ransomware -- also known as WCry, WannaCry, WannaCrypt, and WanaCrypt0r -- infected a honeypot server made to look like a vulnerable Windows computer six times in the span of 90 minutes, according to an experiment carried out by a French security researcher that goes online by the name of Benkow," reports BleepingComputer. "During one of those infections, Wana Decrypt0r infected the honeypot in a mere three minutes after it was reset, showing the aggressive nature of the ransomware's scanning module, which helps it spread to new victims... Three minutes is about the same amount of time IoT malware will infect a vulnerable home router left connected to the Internet without patches."

The article also highlights the fact that the group behind this threat is possibly made of inexperienced coders, who just stumbled upon a way to weaponize an NSA exploit. Their three previous WanaDecrypt0r campaigns were mundane, and one researcher called their code "utter [expletive]." This is because WanaDecrypt0r is actually made of two main modules, the ransomware itself, and the SMB worm (based on the NSA exploit). While the SMB worm is top-shelf code, the ransomware itself is quite unsophisticated, making a lot of operational errors, including using only 3 Bitcoin wallets to handle payments, instead of one per infected user, as most top-shelf ransomware does. This makes it difficult to tell which victims paid and who didn't, as anyone could claim "x" transaction is theirs, even if they didn't pay.

The Almighty Buck

WanaDecrypt0r Ransomware Earns Just $26,000 In Ransom Payments (krebsonsecurity.com) 222

An anonymous reader quotes Krebs On Security: As thousands of organizations work to contain and clean up the mess from this week's devastating Wana ransomware attack, the fraudsters responsible for releasing the digital contagion are no doubt counting their earnings and congratulating themselves on a job well done. But according to a review of the Bitcoin addresses hard-coded into Wana, it appears the perpetrators of what's being called the worst ransomware outbreak ever have made little more than USD $26,000 so far from the scam...

It's worth noting that the ransom note Wana popped up on victim screens (see screenshot above) included a "Contact Us" feature that may have been used by some victims to communicate directly with the fraudsters... I find it depressing to think of the massive financial damage likely wrought by this ransom campaign in exchange for such a comparatively small reward.

Security

New Ransomware 'Jaff' Spotted; Malware Groups Pushing 5M Emails Per Hour To Circulate It (theregister.co.uk) 58

An anonymous reader writes: The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed "Jaff". Jaff spreads in a similar way to the infamous file-encrypting malware Locky and even uses the same payment site template, but is nonetheless a different monster. Attached to dangerous emails is an infectious PDF containing an embedded DOCM file with a malicious macro script. This script will then download and execute the Jaff ransomware. Locky -- like Jaff -- also used the Necurs botnet and a booby-trapped PDF, security firm Malwarebytes notes. "This is where the comparison ends, since the code base is different as well as the ransom itself," said Jerome Segura, a security researcher at Malwarebytes. "Jaff asks for an astounding 2 BTC, which is about $3,700 at the time of writing." Proofpoint reckons Jaff may be the work of the same cybercriminals behind Locky, Dridex and Bart (other nasty malware) but this remains unconfirmed. And Forcepoint Security Labs reports that malicious emails carrying Jaff are being cranked out at a rate of 5 million an hour on Thursday, or 13 million in total at the time it wrote up a blog post about the new threat.
Communications

Cyberattack Hits England's National Health Service With Ransom Demands (theguardian.com) 202

Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients. The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS Digital said it was aware of the problem and would release more details soon. Details of patient records and appointment schedules, as well as internal phone lines and emails, have all been rendered inaccessible. From a report: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this. NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations. "This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. "Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available." NPR adds: The problem erupted around 12:30 p.m. local time, the IT worker says, with a number of email servers crashing. Other services soon went down -- and then, the unidentified NHS worker says, "A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen." The attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors, it appears. The report adds: Images that were posted online of the NHS pop-up look nearly identical to pop-up ransomware windows that hit Spain's Telefonica, a powerful attack that forced the large telecom to order employees to disconnect their computers from its network -- resorting to an intercom system to relay messages. Telefonica, Spain's largest ISP, has told its employees to shut down their computers.

Update
: BBC is reporting that similar attacks are being reported in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan today.

Slashdot Top Deals