Cybercriminals target booming cryptocurrencies: report

UNTV News   •   February 2, 2018   •   3769

A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

NEW YORK (Reuters) – Bitcoin’s popularity and the emergence of about 1,500 other digital coins or tokens have drawn more hackers into the red-hot cryptocurrency space, expanding opportunities for crime and fraud, cybersecurity firm Digital Shadows warned in a report on Thursday.

“Cybercriminals follow the money and right now they see in the unregulated and largely unsecure world of digital currencies a huge opportunity to target people, businesses and exchanges and make money quickly and easily,” said Rick Holland, vice president of strategy at Digital Shadows.

Digital currencies have quickly grown into a more mainstream asset class over the last two years as corporations and financial institutions have expanded use of the underlying blockchain technology.

With weekly launches of new alternative coins, or “altcoins,” cybercriminals have developed several schemes to defraud cryptocurrency holders. “Crypto jacking”, account takeovers, mining fraud, and scams against initial coin offerings (ICOs) have all grown more common, the report said.

In crypto jacking, cybercriminals secretly take over another computer user’s browser and use it to fraudulently mine or create cryptocurrencies, according to Digital Shadows’ report. Miners use special software to solve math problems and are issued a certain number of bitcoins or cryptocurrenices in exchange.

Crypto Jacker software allows users to clone popular websites and initiate spam campaigns.

The cybersecurity company said criminals also perpetrate mining fraud using botnets, collections of internet-connected devices, which may include PCs, servers, and mobile devices that are infected and controlled by a common type of malware. Users are often unaware a botnet has infected their system.

Botnets were first used to mine bitcoin in 2014. The process was too complex to be financially viable, but botnets have made a comeback because newer cryptocurrencies like Monero are easier to “mine”, Digital Shadows said.

The company said botnets could be rented for $40. It said one such offering had “flown off the shelves” with almost 2,000 rentals so far.

Cybercriminals have also been drawn to the surging initial coin offering market, the report said. ICOs have raised roughly $5 billion for various startups and projects in 2017, according to data from Crunchbase. That is up exponentially from just $100 million in 2016.

Rather than selling scam tokens, criminals target legitimate currencies, either by stealing funds from ICOs or by manipulating prices through the type of “pump and dump” schemes often used with penny stocks and other less-liquid assets, the report said.

Reporting by Gertrude Chavez-Dreyfuss; Editing by David Gregorio

DOF warns public vs bogus cryptocurrency platform

Robie de Guzman   •   May 20, 2020

MANILA, Philippines – The Department of Finance (DOF) has warned the public against an article alleging that the Philippines is creating a platform for its citizens to invest in cryptocurrency.

In a statement, the DOF said the article claiming that the government has created a platform called “Bitcoin Lifestyle” is fake news.

“There is no such effort by the government,” Finance assistant secretary Antonio Joselito Lambino II said.

“We categorically deny that there is such a move, and warn the public against potentially harmful financial transactions with those behind the article,” he added.

The DOF said the fake news article also stated that President Duterte is “urging all citizens of the Philippines to learn about the platform to get involved.

The article also claimed that the “tax revenues will be huge and will benefit all citizens” and “will go to the financing of Philippines’ retirement and to counteract the crisis of learning support services.”

“This is false. We urge the public to exercise caution in their investments, and to keep their expectations of returns realistic,” Lambino said.

The Finance official also urged the public to report similarly suspicious investment schemes to the Enforcement and Investor Protection Department of the Securities and Exchange Commission (SEC), with telephone number 8818-5704.

“We warn unscrupulous individuals and groups attempting to lure the public into unauthorized and deceptive investment schemes that the government is monitoring the public space for such schemes, and will take appropriate legal and regulatory action,” he added.

DICT warns public vs social engineering attacks

Aileen Cerrudo   •   April 27, 2020

The Department of Information, Communications and Technology (DICT) has warned the public against social engineering attacks.

In a post, the DICT defined social engineering as “psychologically manipulating people to give their confidential information.” The department reminds the public not to easily trust websites and other messages online.

  • Delete any request for personal information or passwords
  • Reject requests/offers for help if you have not requested one from the sender
  • Use spam filters
  • Secure devices
  • Always be mindful of risks

Meanwhile, the DICT previously reported the prevalence of cybercrimes since the implementation of the enhanced community quarantine (ECQ). DICT Asec. Emmanuel Rey Caintic said the department has ordered all management information system (MIS) server operators to utilize the updated version of cryptographic protocols for all government websites.

“During this ECQ, cybercrimes are prevalent and, to contribute to the administration’s efforts of keeping the people safe from the coronavirus, we should likewise keep them safe from threats against their data privacy and cybersecurity,” he said. AAC

Artificial intelligence posing new challenges for cybersecurity in 2020

UNTV News   •   January 16, 2020

By Marc Arcas

Photo showing a hacker writing computer code on his laptop. EFE-EPA/Oskar Burgos/File

San Francisco – The ability of artificial intelligence to absorb and process enormous quantities of data has a dark side when used by cyber-pirates to create new “malware,” a trend that is already evident and which will only increase this year.

In the same way that artificial intelligence has huge creative potential to give machines a way to emulate human learning, this very fact also confers upon AI great destructive capacity and the ability to do harm, for example in the preparation and dissemination of viruses, Trojan Horses and other malign software.

“Cyber-pirates will use artificial intelligence more and more to create malware that will be more destructive,” the social director of Microsoft’s Software Engineering division, Glaucia Faria Young, told EFE in an interview.

“This is something that has already started happening and it breaks through the security models we’ve traditionally used. They are more complex attacks and more broadly distributed. And, it’s easier for them to remain undetected,” she said.

AI systems are able to increase the speed and precision of cyberattacks and, at the same time, fool conventional anti-virus defenses, since the latter are programmed to look for specific code elements that are not necessarily obvious in AI programs.

One example of this is the ability for automatic learning to spread a virus widely without causing any damage and without raising anyone’s suspicions, but it suddenly activates itself when it infects the desired equipment, such as the computers of a specific firm, individual or public institution.

In contrast to traditional malware, which harms all devices through which is passes and, thus, is easier to detect and halt, an AI system remains “dormant” until it reaches its objective, recognizes it (via facial or acoustic recognition, for instance) and activates itself.

“The way we can counterattack is to also use AI to detect attacks,” said Young, who emphasized the potential of this technology to identify patterns and anomalies quickly and thoroughly among enormous quantities of data.

The team that Young heads, for example, uses its own system of automatic learning that, instead of pursuing earlier interactions of malign code, as was normally the case, operates using risk factors in analyzing about eight billion signals it receives each day.

Along with AI, the people at Microsoft responsible for cybersecurity forecast that cybercriminals will use four other types of cyberattacks in 2020 focusing on attacks on value chains if they are not coordinated, public “Clouds,” the growing fragility of passwords and the appearance of state-run operations.

Regarding value chains, analysts emphasize the importance of companies, customers and providers acting in a coordinated manner to prevent attacks, given that if just one of these actors protects itself, info-pirates can still harm them by attacking other elements in the chain.

In terms of the Cloud, this is basically a question of volume: with more companies and individuals moving toward such services, the public Cloud has become a target that looks more and more tempting for hackers.

On passwords, the debate has been ongoing for some time, although it has intensified in recent years. Despite their widespread use, they are rather inefficient and vulnerable security systems and experts recommend gradually moving to authentication models using two or more steps, including – for instance – biometric recognition.

Finally, the cybercrime activities organized by governments and state entities around the world are one of the biggest challenges facing cybersecurity authorities, since this implies a significant change in the “shape” of the enemy: It’s not about four hackers in a basement somewhere acting on their own behalf anymore but rather big state-supported and -financed cyberattack operations. EFE

REACH US

The Philippine Broadcast Hub

UNTV, 915 Barangay Philam,

EDSA, Quezon City M.M. 1104

(+632) 8396-8688 (Tel)

info@untv-newsandrescue.com (General inquiries)

ABOUT UNTV

UNTV is a major TV broadcast network with 24-hour programming. An Ultra High Frequency station with strong brand content that appeal to everyone, UNTV is one of the most trusted and successful Philippine networks that guarantees wholesome and quality viewing experience.