In a neat arrangement, the largest cryptocurrency exchange in the world by trading volume is launching a public, decentralized ledger in a bid to circumvent future phishing and hacking attempts. Posting on its website, said that it would roll out the public blockchain to provide traders with a decentralized exchange running on autopilot, eliminating the tempting, centralized prize of a ‘honeypot’ of funds.
A Chain for Chain Enthusiasts
Binance in its management of a recent well-orchestrated phishing attack on its users. System protocols shut down servers after auto-flagging irregular movement, and while a very few users succumbed to the attack, it was foiled entirely by Binance’s in-house security measures.
The pending network, known as , will accommodate cryptocurrency traders on a decentralized exchange that will enable transactions via an automated process, thus removing the need for any third party to hold or trade funds.
With the memory of not yet faded following a recent mass-liquidation of bitcoin funds, exchange security has attained pole position on industry players’ and regulators’ agendas.
The rewards of a successful heist are typically huge, and although stolen coins can usually be down after a heist, it is proving difficult if not impossible to retrieve them, much less bring thieves to book.
Binance’s solution looks to disperse the centralized exchange funds that constitute such temptation among users’ wallets on a decentralized platform.
Since the start of 2018, Italy and Japan have been in the news as targets for cybercrime, with hackers making off with around $700 million so far.
Already dancing a merry jig in anticipation of what regulators might do to cryptocurrencies in 2018, industry players are now at pains to demonstrate heightened security and visibly improved fiduciary responsibility towards users’ assets.
With self-regulatory bodies emerging in s across the globe, current discourse points to both the industry and the lawmakers welcoming this as a first step towards greater legitimacy for digital exchanges and the coins themselves.
After what the company described as a “large-scale phishing and stealing attempt,” Binance has offered around in digital currency to anyone providing information that brings the attackers to justice.
For now, the new Binance Chain platform is still under development, and the company has yet to pinpoint a release date for the new offer.
Binance Setting a Precedent for Exchange Security
Binance was launched mid-July 2017 and grew meteorically in the first few months, with an organic growth that mirrored bitcoin in no small degree. The company is officially a Hong Kong resident, although its servers are located in Korea.
Binance had to eliminate Chinese users after the PBOC governor came down hard on bitcoin and cryptocurrencies in general, but it continues to accumulate users and grow from month to month.
If Binance’s model solves the problem of criminals successfully targeting exchanges, it could well be adopted as an industry norm.
Binance Coin (), the company’s cryptocurrency, is to be based on Binance’s blockchain. The coin leaped up 23 percent after the Binance Chain announcement.
The post appeared first on .
A new report suggests that antivirus successfully thwarted a major dofoil attack that occurred on March 6, 2018.
Global Crypto Mining Attack
The Seattle-based software firm in a blog post that the attack targeted over 800,000 computers primarily across mainland Russia. Within twenty-four hours of the initial outbreak, instances of this new trojan were also reported in Turkey and Ukraine.
The smoke loader attack, also known as a ‘dofoil attack,’ carried a payload that was supposed to run in the background and utilize the processing resources of the host computer to mine .
It is reported that the malware was programmed to remain in a dormant state for some time before executing. Once activated, however, it would indefinitely mine digital coins without the knowledge of the user. belongs to the family of trojans that connect to a remotely located server to download and execute files.
Security experts at Microsoft have said that “Behavior-based signals coupled with cloud-powered machine learning models uncovered this new wave of infection attempts.”
As soon as the attack was first spotted, Windows Defender blocked the threats within milliseconds using its cloud-based machine learning models.
Moments later, it was confirmed that similar attacks had been reported across many networks worldwide. The alert level was raised to severe and cybersecurity experts then classified it as a proper malware attack.
Experts have added that all computers running Windows Defender antivirus are safe from this attack, which means that the average modern Windows machine is entirely immune.
New Attack Vector: Phishing and Mining
In recent times, hacker groups have begun modifying malware to mine cryptocurrencies instead of simply wreaking havoc. There have also been cases of where a compromised website forces its visitors to mine cryptocurrencies.
The drawing of excessive processor cycles by a webpage makes the user’s computer unusable but allows the perpetrators to benefit immensely.
Digital tokens seem like a more viable reward for hackers as they can exploit the fundamental characteristics of some currencies like Monero, which obfuscates the identity of the transacting parties.
Hackers target a broad audience by sending an infected file or a link to a corrupted file that is located on some remote server. When a user downloads the file onto his computer, the malware infects the system and performs its duties.
The dofoil attack was using ‘process hollowing.’ is the replacing of legitimate parts of the code with those of malware.
In this instance, the attack was programmed to perform process hollowing on the explorer.exe file. The attack replaced the original files at C:\Windows\syswow64\explorer.exe with its version of it.
The malware reportedly connected to a remote server and downloaded ‘‘ and ‘‘ files and saved them to a location on the host computer, where it was kept it hidden to run in the background.
This is not the first instance of cyber hackers targeting computers to mine cryptocurrencies. Furthermore, on two separate occasions, discovered and prevented cyber attacks targeting cryptocurrency users and financial institutions.
On February 12, 2018, McAfee that the had attempted to spread malware on computers and devices worldwide.
The post appeared first on .
