Weekly News 38 / 2018 : A Major Security Flaw in Bitcoin Fixed


This is the third week with cryptomarkets being in a roller coaster. Millions are shed from the market cap and then new millions enter. Many experts have been speculating that this waving motion can’t go on like this, with some major shift coming in the future. Of course – as the last weeks have clearly demonstrated – it is not so easy to predict the future, especially in field evolving as quickly as cryptocurrencies.

This week we are going to talk about security. For several reasons questions of security have been on Bitcoin community’s mind: a large bug was discovered (and repaired) from the Bitcoin system and a large exchange was hit by an attack. This week the news have also revealed that NSA’s Eternal Blue might have been the reason for many of misfortunes for cryptocurrency users during the past year.

We are also reporting on an interesting even with a rogue botnet that seems to be helping cryptocurrency users. No one knows for sure why or what it is, but at least for the time being it seems to have been created in good will.

Interesting things are going on, even when the markets are unpredictable and on strange rails!

One of the good things with Bitcoin being a form of “codable money” is that when events backfire, Bitcoin can learn and become better.

A Major Bug Was Found and Repaired From Bitcoin Core

A large bug was found from Bitcoin’s reference software, Bitcoin Core, which could have given malicious entities the ability to take out nodes from the network or even render parts of the network non-functional. A fix for the bug was released on Tuesday with no known instances of the bug being exploited.

The bug would have given powerful miners the ability to attack the network, but by doing so they would have needed to sacrifice their block reward, which would be about 75 000 dollars. Thus even if someone would have wanted to exploit the bug, it would have been extremely cost-ineffective for them to do so.

Even if the bug would have been exploited, it wouldn’t have caused harm to most Bitcoin users. But for those testing out adaptations for the so-called Lightning Network the bug could have been problematic.

Users who are running regular Bitcoin wallets don’t have to do anything special to protect themselves from the exploit. Most wallets have already updated themselves. Those who use Bitcoin Core to run a full node should update their software.

The bug was found and dealt with quickly, which demonstrates the ability of Bitcoin code to constantly evolve for the better.

Japanese Bitcoin Exchange Hit By Hackers

Another major hack has happened in Japan, with a local cryptocurrency exchange Zaif losing about 60 million dollars worth of cryptocurrency, including 5 966 bitcoins. The exchange noticed unusual behaviour for the first time in early Thursday, after which the exchange suspended money transfers.

According to further investigation on the hack it was revealed that the hackers had got their hands to exchange’s hot wallets – cryptocurrency wallets connected to the Internet – and then moved roughly 60 million in MonaCoin, bitcoin and bitcoin cash. At the time of writing the exact number of stolen cryptocurrencies is still unknown.

The case has been filed for the authorities pending further criminal investigation.

This is the second major hack in Japan this year. Early in January another Japanese exchange was hit, with the hackers being able to steal more than 0,5 billion dollars in cryptocurrencies.

This hack demonstrates the need for secure methods of keeping cryptocurrencies safe, especially for exchanges and brokers. Coinmotion stores its funds in so-called “cold wallets”, which means cryptocurrency wallets that are not connected to Internet. Using cold wallets minimizes the risk of losing money for hackers and other cybercriminals.

Because cryptocurrencies increase in price and popularity, they become more interesting targets for hackers as well.

NSA Vulnerability As the Reason for Surge of Cryptohacks

A group investigating Internet security threats, Cyber Threat Alliance, has released a new paper which states that illicit cryptocurrency mining has surged 459% in 2018 when compared to the last year. According to the report 85% of illicit mining has targeted Monero, with Bitcoin making up about 8% and all the other cryptocurrencies combined accounting for about 7%.

According to the report the surge of these attacks can be tied to the leak of Eternal Blue. Eternal Blue was NSA’s backdoor exploit found from old Microsoft software, which NSA could have used for its intelligence gathering operations. The exploit was leaked to the Internet by a hacker group Shadow Brokers, who sold it to other hackers.

Most of illicit crypto-operations are made up of so-called “cryptojacking” attempts. Cryptojacking is an attack where hacker infects a target computer or lures users to an infected site, which then uses the target computer to mine cryptocurrencies for the hacker. Most of the users won’t even notice these attacks, except perhaps as a slight slowing down of the computer. Nonetheless they can cause additional strain for the computer and even cause it to break down.

Though cryptojacking and illegal mining are becoming more common, users can protect them from most of these attacks by simply keeping their operation system, browser and antivirus software up to date. Usage of a plugin that can eliminate advertisements, such as uBlock Origin, is also encouraged.

Intentional backdoors created by NSA and other such institutions have the way of being discovered by hackers and the used against the general population.

Brazilians Banks to Be Investigated for Alleged Monopoly

CADE, the Brazilian antitrust watchdog, has opened an investigation into several of the country’s biggest banks for allegedly using monopolistic practices to hinder the competition. According to the investigation the banks have allegedly used their superior position on markets to try to drive cryptocurrency trade from competition.

The Brazilian Association for Cryptocurrency and Blockchain (ABCB) filed a request for the investigation after several banks had closed down accounts of companies involved in trading of bitcoin. The banks defended themselves saying that the accounts were closed because of the requirements of law.

If the investigation proves illegit monopolistic practices, the banks could be fined and forced to offer their services for cryptocurrency businesses regardless whether cryptocurrency causes competition for the traditional finance or not.

Brazil is not the only country in the World where bitcoin and cryptocurrency firms face troubles with banks. For an example one of the biggest Nordic financial institutions, Nordea, has banned its employees from using and buying bitcoin or other cryptocurrencies.

Monopolies are often seen as hindering a fair and honest competition, and thus they are disallowed in laws of many liberal economies.

European Crime is Turning Away From Bitcoin to Other Cryptos

Europol has published a new study titled Internet Organized Threat Assessment 2018, which discusses several cases of modern forms of cybercrime from viruses that hijack their users computers and demand ransoms to drug smuggling rings operating in the dark web. The study also touches up how Bitcoin is related to cybercrime.

According to the report Bitcoin is still used in online crime, such as illegal gambling and hacking, but criminals are increasingly looking up to other cryptocurrencies, such as more privacy-centric Zcash and Monero. Because Bitcoin is the dominant force in cryptocurrency, it will still probably take some time for criminals to adopt to more anonymous cryptocurrencies.

The report revealed that though terrorism plays a major role in governments’ and officials’ ideas on how to legislate and supervise Bitcoin and cryptocurrencies, in real life terrorists rarely use Bitcoin. The report also states that despite the potential of cryptocurrencies, most criminals still prefer to use traditional services.

“None of the attacks carried out on European soil appear to have been funded via cryptocurrencies. The use of cryptocurrencies by terrorist groups has only involved low-level transactions – their main funding still stems from conventional banking and money remittance services,” the report read.

Though terrorism is often cited as a reason for increased crypto-supervision, no evidence of terrorist acts involved in Bitcoin was found out by Europol.

Prasos to collaborate with iSignthis Ltd

Prasos Ltd announces collaboration with Australian Securities and Frankfurt Stock Exchange cross listed iSignthis Ltd. It is one of the leading payment and identity technology companies globally and the partnership improves Coinmotion’s readiness in meeting all the current and upcoming anti-money laundering (AML) and know your customer (KYC) requirements.

iSignthis® Paydentity™ is utilised by Coinmotion for the digital identity verification of customers in order to rapidly onboarding customers from anywhere in the world while meeting upcoming compliance requirements. Together with the integration of iSXPay®, it allows Coinmotion to accept, monitor and process payments from card schemes such as Visa and Mastercard, and a variety of alternative payment methods for the complete onboarding experience.

New card payment methods enable easy and instant payments on Coinmotion.

A Vigilante Botnet Targets Malicious Botnets

As the cybercrime towards cryptocurrency-users is escalating, a new, interesting development has taken place. A security research firm Netlab has released a report which describes a new botnet it has found. Named “Fbot”, the botnet is based on a cryptocurrency mining software ADBminer. Unlike most botnets used by hackers, this botnet seems to be different, in that its purpose seems to be benign.

According to the report the botnet infects other computers, but not to hijack them, but to remove another botnet, called com.ufo.miner. Com.ufo.miner is malign botnet, which hijacks user’s computing power to mine cryptocurrencies for hackers.

After the botnet has wiped com.ufo.miner from computers it has infected, it doesn’t seem to leave any traces of it behind; no additional malware, backdoors or anything. Fbot seems to be designed solely for the destruction of com.ufo.miner.

Of course the researches remind that cases like this shouldn’t be taken for granted. One of the reasons could be to eliminate competition for some upcoming hostile botnet. On the other hand the so-called “white hat hacker” culture is known for conducting vigilante activity for the sole purpose of b bettering the Internet.

Is it a menace? Or an unknown hero? The World waits silently for the creators of Fbot to reveal their intents.

To find out tune in next week at the same Bit-time, at the same Bit-channel!

Share on

Notify of
Inline Feedbacks
View all comments
18/10/2018 15:08

Very interesting content. Thank you.

18/10/2018 15:08

Thanks for your useful post. it is great.

Share on