Exploit This

Security News, Exploits, and Vulnerabilities.

Satoshi Bomb

Let us discuss what defines the profitability of bitcoin mining, what principles for mining speed adaptation were initially embedded into it, and why these principles can lead to the failure of the cryptocurrency in the long run.

Zcash, or the return of malicious miners

On 28 October, the cryptocurrency world saw the emergence of a new player, the Zcash (ZEC) cryptocurrency. Its developers have described it rather figuratively: “If Bitcoin is like HTTP for money, Zcash is HTTPS.” They continue by noting that “unlike Bitcoin, Zcash transactions can be shielded to hide the sender, the recipient and value of all transactions.”

Kaspersky Security Bulletin 2016. Story of the year

Between January and September 2016 ransomware attacks on business increased three-fold –to the equivalent of an attack every 40 seconds. With the ransomware-as-a-service economy booming, and the launch of the NoMoreRansom project , Kaspersky Lab has named ransomware its key topic for 2016.

IoT Devices as Proxies for Cybercrime

Multiple stories published here over the past few weeks have examined the disruptive power of hacked “Internet of Things” (IoT) devices such as routers, IP cameras and digital video recorders. This post looks at how crooks are using hacked IoT devices as proxies to hide their true location online as they engage in a variety of other types of cybercriminal activity — from frequenting underground forums to credit card and tax refund fraud.

TeamXRat: Brazilian cybercrime meets ransomware

We discovered a new variant of a Brazilian-made ransomware, that is being used to infect local companies and hospitals, directly affecting innocent people, encrypting their files and asking to pay the ransom.

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years

vDOS — a so-called “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets.

The vDOS database, obtained by KrebsOnSecurity.com at the end of July 2016, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

The vDOS database, obtained by KrebsOnSecurity.com, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

The vDOS database, obtained by KrebsOnSecurity.com, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

Password Thieves Target E-Giftcard Firm Gyft

Digital gift card retailer Gyft has forced a password reset for some of its users. The move comes in response to the theft of usernames and passwords from a subset of Gyft customers.

Extortionists Target Ashley Madison Users

People who cheat on their partners are always open to extortion by the parties involved. But when the personal details of millions of cheaters get posted online for anyone to download — as is the case with the recent hack of infidelity hookup site AshleyMadison.com — random blackmailers are bound to pounce on the opportunity.

PayIvy Sells Your Online Accounts Via PayPal

Normally, if one wishes to buy stolen account credentials for paid online services like Netflix, Hulu, XBox Live or Spotify, the buyer needs to visit a cybercrime forum or drop into a dark Web marketplace that only accepts Bitcoin as payment. Increasingly, however, these accounts are showing up for sale at Payivy[dot]com, an open Web marketplace that happily accepts PayPal in exchange for a variety of stolen accounts.

Blockchain Technology Abuse: Time to Think About Fixes

Kaspersky Lab and INTERPOL presented research on how blockchain-based cryptocurrencies could be abused through the pollution of public decentralized databases with arbitrary data.

%d bloggers like this: