Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Tech
    • Downloads
      • Malwarebytes
      • Exploits
      • Paper Downloads
    • Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Tech
    • Downloads
      • Malwarebytes
      • Exploits
      • Paper Downloads
    • Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Exploits

Researchers uncover cryptocurrency hack causing $83,000 in damages

Paul Anderson by Paul Anderson
August 12, 2014
in Exploits, Security
Reading Time: 2 mins read
0
Bitcoin theft
21
SHARES
347
VIEWS
Share on FacebookShare on Twitter

Security researchers have identified a weakness within cryptocurrencies and how they are are kept in mining pools, enabling funds to be stolen. Uncovered by the Dell SecureWorks Counter Threat Unit, the exploit has apparently already been utilized at least one time, with one attacker believed to have acquired roughly $83,000 while using the technique.

You might also like

US Government Targets North Korea-Linked Cyber Threat, Lazarus, and Seizes Crypto Service

Researchers Expose Gaza Charity Crypto Scam

Europol and Local Forces Disband Multi-Million Dollar Vishing Ring

The attack utilized phony “Border Gateway Protocol” (BGP) broadcasts, an outside routing protocol usually utilized to permit networks to discover one another. The Register reports the attackers spoofed the broadcast to be able to route communications to their servers, rather than the legitimate mining servers hosted by Amazon, Digital Ocean, OVH, and other hosting sites. Instead of the mining pool issuing payouts for work accomplished, the rerouted traffic allowed the attacker to alternatively obtain the rewards.  The team of experts discovered that another miner pool has lost nearly 8,000 Dogecoins (1Dogecoin = $1.53).

As many as 51 networks were affected by the exploit across 19 Internet providers, the research team cautioned.

The $83,000 attack had been a maintained campaign which survived between February and May of this year, and the researchers followed the broadcasts to an unnamed Canadian ISP’s router, the identity of the attacker continues to be undiscovered. Because of the nature of the attack, it is hypothesized it can easily be a rogue employee or an ex-employee of the ISP with an unchanged router password, or perhaps a malicious hacker.

BGP recommends to ISPs that they opt-in to the Resource Public Key Infrastructure, while pool servers can use the SSL protocol to avoid such redirection efforts.

Tags: BitcoinBorder Gateway ProtocolCryptocurrencyexploit
Paul Anderson

Paul Anderson

Editor and chief at ZeroSecurity. Expertise includes programming, malware analysis, and penetration testing. If you would like to write for ZeroSecurity, please click "Contact us" at the bottom of the page.

Recommended For You

Cyber threat Lazarus, active for a decade, stole $2B+ in digital assets. Sinbad.io crypto mixer aids laundering. Despite sanctions, Lazarus remains resilient, evolving tactics for complex attacks.

US Government Targets North Korea-Linked Cyber Threat, Lazarus, and Seizes Crypto Service

November 30, 2023
Researchers Expose Gaza Charity Crypto Scam

Researchers Expose Gaza Charity Crypto Scam

November 20, 2023

Europol and Local Forces Disband Multi-Million Dollar Vishing Ring

November 19, 2023

Chinese Scammers Cloning Websites for Massive Gambling Scam in Asia-Pacific Region

November 15, 2023

Critical Vulnerabilities in IoT Routers Threaten Industries, Warns Forescout Analysts

November 14, 2023

Cybersecurity Breach Paralyzes Key Australian Ports: National Response Initiated

November 12, 2023
Next Post
CVE-2014-0546 found to be utilized in small targeted attacks

CVE-2014-0546 found to be utilized in small targeted attacks

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

FBI dismantles IPStorm botnet, arrests Sergei Makinin, ending a 4-year cybercrime spree. A major win against global online threats.

FBI Shuts Down Notorious IPStorm Botnet, Arrests Mastermind Sergei Makinin after Four-Year Cybercrime Spree

November 21, 2023
Researchers Expose Gaza Charity Crypto Scam

Researchers Expose Gaza Charity Crypto Scam

November 20, 2023
Global success: Europol, Czech, and Ukrainian police unite to dismantle a multi-million dollar vishing ring targeting Czech bank customers. Ten arrests made in a joint effort against cybercrime.

Europol and Local Forces Disband Multi-Million Dollar Vishing Ring

November 19, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact us
  • Press
  • Writers
  • Privacy Policy

© 2023 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
    • Tools
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Contact Us
    • Press
  • Privacy Policy

© 2023 ZeroSecurity, All Rights Reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.