Crypto && Coffee 000
- 4 minsWelcome to a weekly blog series giving a rundown of all things cryptocurrency and security! Every week I will supply brief recaps of research, vulnerabilities, and all things crypto to accompany your caffeine craving minds. Feel free to share or leave a comment. Grab a cup o’ joe in hand and recap this past week.
Security
TCP Implementations vulnerable to DoS
On August 6th, KB Cert described how Linux Kernel versions 4.9+ and supported versions of FreeBSD are vulnerable to DoS when hit with specifically modified packets. For every incoming packet, it would be forced to make expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue(). The TCP data structure in supported versions of FreeBSD apparently also uses an inefficient algorithm to reassemble the data. Both of these vulnerabilities are explained in detail in CVE-2018-5390 and CVE-2018-6922.
Abuse of Legit Tools Now the Means of Attacks
Spear-Phishing attacks are on the rise, utilizing released tools to aid in attack vectors/windows. A new threat actor by the name, DarkHydrus, who was observed by Palo Alto Networks is using open-source tools to spear phish government and educational systems in the Middle East to steal credentials. The phishing hack would send users an email with a MS Word document. Once the document was clicked to open, a Windows prompt would appear asking for the user’s login credentials - once added, the credentials would be sent back to the attacker. With the use of open source tools in major hacks in the past year the trend is only getting larger.
North Korea Malicious Cyber Activity
The US-CERT published a release identifying a Trojan malware variant, referred to as KEYMARBLE which has been used by the North Korean government. All malicious cyber activity by the North Korean government is identified as HIDDEN COBRA.
Disclosed Compromise of Homebrew Released
In a Medium post released this week, Eric Holmes discussed how he used an open API token to gain access to Homebrew’s GitHub repo with commit access to /brew, /homebrew-core, and /formulae.brew.sh. The most frequent package installed via Homebrew is openssl, which in theory could have been compromised due to this leak in securing API token/AUTH creds. Homebrew publicly disclosed the issue and worked with GitHub to audit and ensure that the tokens were not abused.
Mining Software - Honeyminer Usage Rises
Honeyminer is a crypto mining app that lets users earn BTC with normal computers. The user base has increased to 50K proving that the mining software can work on various computers with different types of GPUs. Honeyminer converts easy-to-mine GPU cryptos (ETH, ZEC, etc.) into BTC which is then deposited into the user’s wallet.
CoinHive Has Never Left
Remember back in September of 2017, when I first wrote a post regarding Coin-Hive JavaScript miner?? Well now it has been released that an attack on MicroTik routers resulted in Coinhive infection of >17K devices. There has been a major rise in illicit crypto mining operations to take over insecure servers and browsers. Stay vigilant my friends.
Tech and Ecosystem
Binance Demos the Binance DEX
Binance, one of the largest cryptocurrency exchanges, are working on their decentralized exchange which was demo’d by their CEO - CZ. The demo is pretty fluid, and definitely will have other exchanges on their toes. These next couple months up until the end of the year will be interesting to see the push for Decentralized Exchanges. Other exchanges have been discussing development on DEX as well.
The Hell is this 0x Protocol Everyone is Talking About?
The 0x protocol is a new open source technology that facilitates P2P exchanges of digital assets on the Ethereum blockchain. It is the predominant choice when looking to build Decentralized Exchanges. 0x is more of a “make it easy” to build DEX where developers don’t need to worry about as much upfront. 0x prioritizes security, smart contracts, network liquidity, and support for ERC20 and ERC721 tokens. I will touch on all this 0x in a future post.
Shapeshift is Growing
Shapeshift recently acquired Bitfract, which allows one to exchange BTC to other digital assets in a single transaction. The tool works by letting investors choose a percentage of their holding to particular assets and the destination wallet addresses. It will be interesting to see how Shapeshift integrates this into their current product/API to allow even more seamless swaps of digital assets.
Lightning Network Passes 3K Nodes
The capacity of LN has expanded roughly 85% in July alone brining Lightning’s total fund accommodation to almost 100 BTC. These next months and year will be prominent in the development of 2nd layer protocols on Bitcoin and other blockchains. LN and Raiden are the prominent developments, but I can only imagine what we will be talking about in 6months.
Related Posts
