Cryptocurrency investor robbed via his cellphone account sues AT&T for $224 million over loss

By: Kate Rooney

A U.S. investor filed a $224 million lawsuit against AT&T on Wednesday, accusing the telecommunications giant of negligence that allegedly caused the California resident to lose roughly $24 million in cryptocurrency.

In a 69-page complaint filed in U.S. District Court in Los Angeles, Michael Terpin claimed that because of “AT&T’s willing cooperation with the hacker, gross negligence, violation of its statutory duties, and failure to adhere to its commitments in its Privacy Policy,” he lost nearly $24 million worth of cryptocurrency.

Terpin, who was using AT&T as his service provider, said the digital tokens were stolen through a “digital identity theft” of his cellphone account. Terpin was the victim of two hacks within seven months.

After the first hack, Terpin alleged that an impostor was able to get his phone number from an “insider cooperating with the hacker” without an AT&T store employee requiring him to show valid identification or provide a required password. That phone number was later used to access Terpin’s cryptocurrency accounts, according to the complaint.

“What AT&T did was like a hotel giving a thief with a fake ID a room key and a key to the room safe to steal jewelry in the safe from the rightful owner,” the complaint alleged.

In an emailed statement, AT&T said “we dispute these allegations and look forward to presenting our case in court.”


The SIM Hijackers

By: Lorenzo Franceschi-Bicchierai

Meet the hackers who flip seized Instagram handles and cryptocurrency in a shady, buzzing underground market for stolen accounts and usernames. Their victims’ weakness? Phone numbers.

It seemed like any other warm September night in the suburbs of Salt Lake City. Rachel Ostlund had just put her kids to bed and was getting ready to go to sleep herself. She was texting with her sister when, unexpectedly, her cell phone lost service. The last message Rachel received was from T-Mobile, her carrier. The SIM card for her phone number, the message read, had been “updated.”

Rachel did what most people would have done in that situation: she turned the phone off and on again. It didn’t help.

She walked upstairs and told her husband Adam that her phone wasn’t working. Adam tried to call Rachel’s number using his cell phone. It rang, but the phone in Rachel’s hands didn’t light up. Nobody answered. Rachel, meanwhile, logged into her email and noticed someone was resetting the passwords on many of her accounts. An hour later, Adam got a call.

“Put Rachel on the phone,” demanded a voice on the other end of the line. “Right now.”

Adam said no, and asked what was going on.

“We’re fucking you, we’re raping you, and we’re in the process of destroying your life,” the caller said. “If you know what’s good for you, put your wife on the phone.”

Adam refused.

“We’re going to destroy your credit,” the person continued, naming some of Rachel and Adam’s relatives and their addresses, which the couple thinks the caller obtained from Rachel’s Amazon account. “What would happen if we hurt them? What would happen if we destroyed their credit and then we left them a message saying it was because of you?”

The couple didn’t know it yet, but they had just become the latest victims of hackers who hijack phone numbers in order to steal valuable Instagram usernames and sell them for Bitcoin. That late summer night in 2017, the Ostlunds were talking to a pair of these hackers who’d commandeered Rachel’s Instagram, which had the handle @Rainbow. They were now asking Rachel and Adam to give up her @Rainbow Twitter account.


Hackers have stolen more than $1 billion from cryptocurrency exchanges in 2018

By: Sam Jacobs

The popularity of cryptocurrency has also given rise to a proliferation in the number of crypto exchanges.

The website lists 205 crypto exchanges, with Japan-based Binance topping the rankings for 24-hour transaction volume.

Clearly, there’s an opportunity in the space to make a profit by clipping the ticket on crypto trades.

At the same time, more transaction providers in the nascent, largely unregulated market for cryptocurrencies means more targets for hackers. So far in 2018, the hackers have been busy.

A report in the Wall Street Journal shows more than $US800 million ($AU1.08 bn) worth of cryptocurrency has been stolen by hackers this year.

The figures are based on an investigation by Autonomous Research, an independent research provider for the finance industry.

The biggest hack this year took place on Coincheck, a Japanese-based exchange which had more than $US500 million worth of crypto stolen in late-January.

Last month, South Korean exchange Bithumb was targeted, as hackers made off with around $US30 million while the company suspended operations and moved its crypto holdings to cold storage.

While companies such as Binance, Coincheck and Bithumb are usually referred to as exchanges, their functions differ from traditional stock exchanges such as the ASX.

Earlier this year, the chair of the Australian Digital Commerce Association (ADCA), Loretta Joseph, told Business Insider that exchanges should be referred to as “digital marketplaces”, given that they aren’t regulated and merely provide a forum for buyers and sellers to exchange crypto independently.

Another way in which crypto exchange companies differ from stock exchanges is that they often provide a vehicle to store users’ cryptocurrency, which is also what makes them a target for hackers.

Going back to 2011, there’s been a total of 56 cyber attacks across currency exchanges and initial coin offerings.

Autonomous Research said there’s been seven crypto exchange hacks so far this year, four of them in Asia.


$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do

By: Kate Rooney

Roughly $1.1 billion worth of cryptocurrency was stolen in the first half of 2018, and unfortunately for owners, it’s pretty easy to do, according to cybersecurity company Carbon Black.

Criminals use what’s known as the dark web to facilitate large-scale cryptocurrency theft. There are now an estimated 12,000 marketplaces and 34,000 offerings related to cryptotheft for hackers to choose from, the company said in a study released Thursday.

“It’s surprising just how easy it is without any tech skill to commit cybercrimes like ransomware,” Carbon Black Security strategist Rick McElroy told CNBC. “It’s not always these large nefarious groups, it’s in anybody’s hands.”

The necessary malware, which McElroy said even occasionally comes with customer service, costs an average of $224 and can be priced as low as $1.04. That marketplace has emerged as a $6.7 million economy, according to the study.

The dark web is a part of the World Wide Web accessible only through special software. It lets users remain anonymous and largely untraceable.

“You just have to able to log in and be able to buy the thing — you can call customer support and they’ll give you tips,” McElroy said.

Thefts can come from organized cartels or crime groups extorting exchanges and companies. But it is often as simple as a highly trained but unemployed engineer looking to make extra cash.

“You have nations that are teaching coding, but there’s no jobs,” McElroy said. “It could just be two people in Romania needing to pay rent.”

As the price of bitcoin skyrocketed more than 1,300 percent last year, new buyers flooded the market. Unlike banks, cryptocurrency is typically not protected or insured by a third party, which first-time investors might not know.


Cryptocurrency Attacks Are Rising

By: Olga Kharif

One of the most-feared quirks of cryptocurrencies is becoming more of a headache.

 Over the past few weeks, rogue operators of some of the computer networks that perform the complex calculations that verify transactions for various coins are attacking their own networks again. This time it’s Bitcoin Gold, an offshoot of the most widely known form of digital money, with a $717 million market capitalization.

Such 51 percent attacks, in which so-called miners gain control of the majority of the network’s computing power to falsify transactions, are generating ill-gotten gains that risk collapsing the value of the coins. Under attack for more than a week, Bitcoin Gold is down about 25 percent since May 18.

 Similar attacks have targeted Verge, Monacoin and Electroneum, according to Autonomous Research LLC. To gain power over a coin with a market cap of $500 million, an attacker may need to spend as little as $778 an hour, according to Autonomous.

After all, many of these smaller coins — and there are now more than 1,600 of just the major ones — have ballooned in value, becoming valuable targets for criminals. Some bad actors also may want to torpedo one coin to boost the value of another, Spencer Bogart, partner at Blockchain Capital LLC, said in an email.

Healthcare Prone to Attack, Still Unprepared

By: Kacy Zurkus

The one-year anniversary of WannaCry, the ransomware that disrupted businesses across the globe, is upon us. Since the ransomware attack that impacted an estimated 200,000 computers, new research suggests that organizations across the UK are still struggling to deal with ransomware, none more than those in the healthcare industry.

Over 400 IT decision makers at UK businesses partook in a recently released report from Webroot, which found that a large majority of the respondents (88%) feel better equipped to deal with a ransomware attack. Healthcare organizations are more prone to attacks than other industries, yet 98% of respondents in the healthcare sector said they are better equipped to deal with an attack now than they were one year ago.

That number could indicate a false sense of security, given that 45% of respondents had suffered a ransomware attack. Of those, nearly a quarter (23%) actually paying the ransom. More than half of the healthcare companies polled (52%) admitting to having suffered an attack.

“Organizations still aren’t investing the necessary time and resources in risk mitigation and recovery processes, leaving them with limited options in case of a successful attack. The healthcare industry in particular needs to be very aware of the fact that it is a high-profile target, with valuable data at stake, and take special care to ensure that defenses are in place,” said David Kennerley, director of threat research, Webroot.

In the healthcare sector, multiple attacks hit over one in four (26%) organizations. Of the 400 survey participants, 56% of respondents would consider paying the ransom. That number is smaller for organizations in the healthcare sector, with only 34% saying they would consider paying. Interestingly, only 5% of all those surveyed have stocked Bitcoin should they need to pay a ransom. However, 8% of organizations in the healthcare sector have acquired cryptocurrency.


Portuguese Parliament to Discuss Cryptocurrency Payment Regulations.

By: Francisco Memoria

Portugal’s parliament is set to discuss cryptocurrency payment regulations this week, with the goal of adopting a new legal framework for cryptocurrency payment services, while guaranteeing users’ safety using these services.

According to local news outlet Jornal de Negócios, applicable sanctions and the issuance of digital currencies – presumably initial coin offerings (ICOs) – will also be discussed. The government will reportedly discuss cryptocurrencies so new payment services can emerge in the market, while ensuring users can choose between safe, cost-effective options.

Per the Portuguese government, regulations will allow cryptocurrency-related services to expand within the country, which will benefit consumers by promoting competition, while ensuring safety and transparency in “the issuance of cryptocurrencies.”

The government argued (roughly translated):

“The regulation of certain aspects, not yet regulated, will allow for the expansion of new types of payment services, contributing to a legal framework to accommodate the innovation, to the benefit of consumers, and to even promote competition.”

The regulatory framework is set to apply “new rules to access payment accounts,” so as to prevent unjustified setbacks and ensure payments are safe. It’ll also introduce rules on managing operational risks, while offering service providers and ICO operators “complaint mechanisms.”

Per the somewhat vague information available, when it comes to dispute resolutions “payment service providers are obliged” to work with dispute resolution organizations over potential disputes. The government also plans on introducing “complaint mechanisms for payment service providers and for electronic money issuers, as well as for the respective supervisory authority. “.


The Three Layers Of Cryptocurrency Security

By: Ivan Novikov

The cryptocurrency marathon started in 2009 from the initial release of Bitcoin — the first decentralized cryptocurrency. By definition, a decentralized system operates with no servers and each participant is allowed execute transactions. In the case of the blockchain, each participant also has to perform some system tasks like storing transactional data. A group of participants can even run an alternative version of reality called a fork. This fork would work by the same rules as the original decentralized system but would have a different state.

This diagram illustrates the hierarchical nature of cryptocurrency security:

Wallarm Inc.

Hierarchical nature of cryptocurrency security.

The bottom line is, if there is an issue at the first layer in a coin protocol, you will be compromised, regardless of how secure are your second and third layers are.

Let’s look into each of the layers separately.

The First Layer: Coins And Tokens

Your security in the world of cryptocurrencies is, first and foremost, based the security of the protocol. When you are choosing a cryptocurrency you are taking on all the risks related to the protocol. If somebody can identify and exploit protocol flaws, they will compromise the entire network, including you, and it will not matter which exchange or wallet you are using.

At this layer there are two different types of currencies:

 The coins themselves (Bitcoin, Bitcoin Cash/Gold, Ethereum, NEO, etc.)


Bitcoin in Brief Wednesday: Hacker Gets Trolled, Vertcoin Gets Hacked

By: Avi Mizrahi

With all the talk about buying lambos, and some people making serious money, it’s no surprise that the cryptocurrency world attracts hackers looking for rich targets. Today’s edition of Bitcoin in Brief showcases two typical cases and one atypical response.

Ransomware Hacker Trolled

Aaron Lammer, a cryptocurrency podcaster, got his website hijacked by a hacker demanding ransom. But instead of paying the requested 0.025 bitcoin or calling the police, he decided to have some fun with the criminal.

The hacker left a ‘contact us’ option, which is not as unusual as it might sound because often such schemers need to help victims with the process. The link directed Lammer to the facebook profile of one Barberousse Mohammed, and so he began trolling him. After Mohammed refused to accept a million pre-sale ICO tokens instead of bitcoin, Lammer tried to lure his hacker into the whole BTC vs. BCH debate by appearing to educate him about the advantages of bitcoin cash. See the entire amusing chat transcript here.

And don’t worry, eventually the website was restored by the hosting service. They said the hacker used a WordPress exploit on a different domain housed under the same user to gain control.

Vertcoin Twitter Hacked

Fake cryptocurrency giveaway scams continue to plague Twitter, with the latest example coming from Vertcoin. Usually the scammers create a new account that looks as close as possible to the real one and reply to all tweets with promises to send back large amounts to anyone that sends them ether. This time they actually took over the official Vertcoin account to promote the scam. Luckily, it appears that only three people actually fell for it and sent BTC to the address before the tweet was taken down.


Isolated, Air-Gapped Cypto-Wallets Hacked

By: Kacy Zurkus

He who holds the private keys owns all of the bitcoins. For those who manage their cryptocurrency in offline, or “cold,” wallets under the premise that they cannot be compromised, recent news from researcher Dr. Mordechai Guri from Ben-Gurion University of the Negev, Israel, raises some alarms. Guri demonstrated that cold wallets can be infected with malicious code, allowing an attacker to access the wallet’s private keys.

Because cold wallets are presumably safer than storing their keys in “hot,” or online, wallets, many cryptocurreny owners keep their bitcoin wallets isolated in air-gapped PCs so that they are away from the internet and not connected to any network, Wi-Fi or Bluetooth.

In addition to publishing a white paper, Guri also demonstrated the attack method’s effectiveness using malware called bridgeware, which successfully leaks the bitcoin private key over air gap via ultrasonic signals in only 3 seconds.

The discovery isn’t new, nor is it the first time a hacking technique was used to compromise an isolated machine. Rather, Guri’s experiment showed that private cryptocurrency keys can be stolen using out-of-band communication methods.

Malware can be preinstalled, delivered during the initial installation of the wallet, or pushed through a removable media. Once the malware is installed, there are a variety of exfiltration methods an attacker can use, and Guri evaluated several, including physical, electromagnetic, electric, magnetic, acoustic, optical and thermal.

“This research shows that although cold wallets provide a high degree of isolation, it’s not beyond the capability of motivated attackers to compromise such wallets and steal private keys from them. We demonstrate how a 256-bit private key (e.g., bitcoin’s private keys) can be exfiltrated from an offline, air-gapped wallet … within a matter of seconds,” Guri noted.

The PC and keyboard are removed in the second video to demonstrate an additional exfiltration method – a technique known as a RadIoT attack. In about 15 seconds, Guri successfully transmits private keys from a Raspberry Pi to a nearby smartphone over air gap by way of electromagnetic signals.