Day: August 26, 2017

Chinese government could use the new regulations being developed against illegal financing to investigate initial coin offerings (ICO) in the digital currency market.

Multiple companies in Ukraine are preparing for yet another major ransomware outbreak. Earlier this year, the WannaCry and NotPetya outbreaks caused a lot of damage. Both malware types were successfully distributed in the form of a popular accounting software update file, which had the ransomware payload attached to it. Authorities are on high alert now that another accounting software maker has been compromised.

Another Cyberattack may be Brewing in Ukraine

It is still a mystery as to why criminals continue to compromise Ukrainian accounting software makers. Multiple companies have server vulnerabilities which should have been fixed months if not years ago. However, they cannot be the only accounting software companies in the world whose update servers are not secure. Then again, the earlier WannaCry and NotPetya ransomware outbreaks occurred through a similar incident, which goes to show that this method of attack can be quite successful.

Both of these malware outbreaks were facilitated by the M. E. DOC update servers. Unknown assailants successfully exploited vulnerabilities affecting these servers to push a malicious software update to all users of this tool. It turns out things snowballed from there on out, eventually leading to the global malware crisis all of us have witnessed in recent times. If such an incident were to occur again, there would be a legitimate reason for concern.

It appears such an incident may have already taken place. One of the main competitors of M.E.Doc has been compromised, according to reports. Crystal Finance Millennium servers have been used to distribute malware on a very large scale, which is quite worrisome in its own regard. Criminals used the company’s web services to store malware, rather than hack their official update servers. It is believed this breach took place on August 18, although it is possible the hack occurred on a later date.

It appears the criminals also sent out phishing emails to various targets as a way to effectively distribute the malware in question. In these emails was a ZIP file which contained an executable javascript file. Once opened, that script would download the malware from Crystal Finance Millennium’s web server. It is quite an interesting way to get the malware to as many users as possible, but it also goes to show that criminals have many different ways of infecting targets as they see fit. The malware remained “hidden” on the web server for quite some time until it was eventually discovered.

Preliminary research indicates that the malware in question is the Purge ransomware, which is based on the Globe malware. Belonging to one of the top 10 ransomware families of 2017 so far, this threat should not be ignored. It also appears this malware is distributed through another server, which has nothing to do with the compromise of the Ukrainian firm. That particular instance also involves distributing the Zbot banking Trojan.

Luckily, it does not appear that there is a major ransomware outbreak in Ukraine as we speak. That situation may change in the near future, though. It is certainly possible this is only a test to see how successful this venture can become. Criminals have some love for Ukrainian companies, especially those that focus on accounting software. Rest assured that this will not be the last we hear of Ukrainian firms getting hacked to distribute malware in one way or another.

In an effort to streamline their banking services and push Papua New Guinea (PNG) forward as an emerging marketplace, the country’s central bank has outlined a plan for a Blockchain integration.

As Bitcoin price rises, Satoshi wannabes exploit cryptos’ growing popularity.

The Ethereum core dev team has issued updates on the Metropolis hard fork including updates to Ice Age. The block time increase will be rolled out in increments.

Last week the Russian bitcoin exchange, BTC-e, told the public about the trading platform’s plan to repay customers. Now the exchange is back and says there will be a full update come August 30 and the organization will follow with daily announcements. Further, BTC-e answered multiple questions from customers who want access to their funds.

Also Read: BTC-e Operator Indicted and Connected With Missing Mt Gox Funds

Releasing 55% of Funds & Pressure from the U.S.

Earlier this summer news.Bitcoin.com reported on the cryptocurrency exchange BTC-e being taken down by U.S. law enforcement for connections to bitcoin laundering and illegal money transmissions. Following the FBI arresting alleged employees and seizing funds, the exchange announced on August 3 it had control over its servers and “some of its bitcoin purses.” The trading platform has released a few messages through Twitter and the forum Bitcointalk.org over the course of the past two weeks.

In those messages the exchange spoke of rebranding, working with other partners, and utilizing a unique in-house token to pay customers back similarly to how Bitfinex handled their hack. Now the exchange says come August 30th the organization will update customers every day.

“To date, there is a process of transferring digital resources to an investment company,” explains BTC-e’s latest announcement. “The company is preparing the resource for our launch. As it was announced earlier, at startup users will be able to withdraw 55% of the funds.”

We want to notify all users that there is a political background in closing our service and pressure from the U.S.

BTC-e Claims Fully Functional Exchange is Coming and Bitcoin Cash Refunds

The exchange also fielded questions from forum visitors who said they lost a lot of money due to the trading platform “going under.” Many of the traders were not happy with waiting and called BTC-e’s situation a “circus.” “There was a problem, and we will try to solve it in the shortest possible time,” the exchange says to upset clients. Another person stated that he needed his money now and called the exchange “evil.” BTC-e responds by saying that if it were possible funds would have been given out earlier and the real ‘evil’ resided with a “flag with a bunch of stars.”

The organization says they are hoping to open this September and will publish a “FAQ” in the near future. The FAQ was delayed due to an agreement with lawyers, BTC-e explains, and they can’t release it until the investigation completes. The exchange also answers a trader who asks if the exchange will have only “minimal functionality” and the company seems to think trading will be fully operational. Moreover, the exchange also detailed when they disperse customer holdings next month, Bitcoin Cash (BCH) will also be given to customers at a 1:1 rate.

What do you think about BTC-e’s recent announcement? Let us know in the comments below.

Images via Shutterstock, BTC-e, and Pixabay.

Bitcoin.com’s own store features a wide range of interesting Bitcoin-related products. Looking for a hardware wallet? We got ‘em. Want a good-looking t-shirt? It’s there. Want to gift a nice Bitcoin tea cup? Go shopping.

The post U.S. Pressures BTC-e Exchange as They Plan to Distribute Funds Next Month appeared first on Bitcoin News.

It appears there is another potentially malicious Ethereum wallet service which users need to be wary of right now. Storage-Eth’s website is not to be trusted, according to a report we received and our analysis. Some individuals have used this online wallet to store their Ethereum funds. However, accessing and withdrawing funds has proven to be quite difficult if not impossible.

What is the Deal With Storage-ETH?

Any online wallet service is always subject to a lot of scrutiny by users and third parties. In most cases, these wallets are perfectly legitimate and even let users export their private keys. In some cases, however, they are nefarious websites that can prove to be quite problematic for cryptocurrency users. Right now, Storage-ETH may be a website to avoid for the time being, as we received a complaint about a user being unable to access or withdraw their funds. While this seems damning, it is possible the service is currently experiencing some minor issues.

The Storage-ETH website itself looks rather professional, although it has certainly borrowed some aspects of the main Ethereum website. This may have been done on purpose or just be a random coincidence. Most malicious websites often try to mimic the real thing as closely as possible, and borrowing a website layout would certainly do the trick. Cryptocurrency users should never judge a book by its cover, as the saying goes, especially when a website claims to safeguard one’s funds for the foreseeable future.

The website itself states that most of users’ assets are stored in cold storage, which is a good thing. After all, cold storage means the funds should be safe from hacks and theft altogether. It is also possible to freeze one’s account and regain control over the funds through accessing it on another Android or iOS device. This does not necessarily mean the user can export their private key, which is rather worrisome.  Trusting online wallets is always a big risk, as one is never fully in control of one’s money.

The website displays a testimonial by Emily Wilson, who allegedly works for the “New Your Times”. This does not lend any credibility to this platform, as it shows the team is more than willing to use fake recommendations to promote their product. There is also a mention of how the company has won 17 awards and serves over 13.5 million satisfied customers. Both numbers should be ignored at all cost.

According to the complaint we received, the platform displays random wallet addresses for registered customers without providing a way for them to access their previous wallets. It is not uncommon for companies to use different wallet addresses altogether, although this should never prevent others from successfully accessing their previously generated addresses. When we tested it out for ourselves, we had access to the same wallet address at every moment.  When we did attempt to log in after logging out directly, we received a 404 Not Found error on the platform. That is never a good sign as it potentially indicates the entire website is badly coded. This is not a platform anyone would or should trust with their money.

All things considered, there are no clear signs Storage-ETH is a scam. That being said, the website has some glaring coding errors which make it difficult for people to actually trust the company with their money. The contact information is pretty spotty as well, as the site lists a UK phone number for a company allegedly registered in Finland. There are quite a few oddities with this platform and we advise users to exercise extreme caution before sending any Ether. There is a real chance this platform will run off with your money in due time.

BitPay, the automated payment processing system for Bitcoin which enables online merchants to accept bitcoins, has just announced its support for SegWit2x via the company blog.

Chinese electrical appliances manufacturer, the Midea Group, has filed a patent in China for a technique to mine Bitcoin using household products.

Former New York State Legislature staffer Patrick Nelson is accepting donations in Bitcoin for his candidacy as congressman for New York’s 21st Congressional District.