bitcoin


Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger. Each transaction, or block within it, is linked together in an indisputable manner using public/private key encryption and internal... [Read More]
by RSS Keith Rayle  |  Mar 17, 2017  |  Filed in: Industry Trends & News
Dot ransomware is a new Ransomware-as-a-service(RaaS) that is openly available in hacking forums. And following the current trend in malware services, it uses web portals hosted in the TOR network for anonymity. Commission-based Profit While lurking in hacking forums, we came across a post for this new ransomware service. RaaS services are now switching from a one-time fee or subscription payment model to a commission based strategy. One advantage of this scheme is that the up front price for the ransomware is free, and any profits realized... [Read More]
by RSS Rommel Joven  |  Mar 02, 2017  |  Filed in: Security Research
Although bitcoin miners have been used by cybercriminals before as a way to monetize their malicious activities, this recent sample (MD5: 522f8ba8b2dec299cc64c0ccf5a68000) caught our attention because it is unusually heavy, persistent, and obfuscated. Fortinet detects this threat as W32/Miner. (3)Threat DescriptionThis malicious bitcoin miner is, in fact, a container of multiple files. Since NSIS (Nullsoft Scriptable Install System) was used to create the malware sample, the files that it contains can be seen using a file archiver such as 7-Zip.... [Read More]
by RSS Lilia Elena Gonzalez Medina  |  Jun 14, 2016  |  Filed in: Security Research
Fortiguard’s behaviour-based system designed to identify new malware has detected a German targeted ransomware. We named it Herbst, a German word which in English means Autumn. Ransom NoteThe Herbst ransom note appears in German in a dedicated window from its own running process. It demands that a ransom be paid in bitcoin. We have also been able to determine the bitcoin address. Ransome note details are listed below:File encryption: AES 256 bitRansom Price: 0.1 Bitcoin or approximately USD $53.80 as of today.Bitcoin Address: 18uM9JA1dZgvsgAaeeW2XZK13dTbk1jzWqFigure... [Read More]
by RSS Rommel Abraham D Joven  |  Jun 03, 2016  |  Filed in: Security Research
Not long ago, ransomware was a problem for consumers. Early versions hit unsuspecting users as early as 2005 but, while alarming, weren’t especially difficult to defeat. Even 10 years ago, the enterprise was a very different place than it is today, with BYOD in its infancy and far greater separation between work and personal environments. Ransomware authors also had not really begun to leverage the social engineering tactics that made infection much more likely, even for relatively savvy users.   Fast-forward to 2015 and attackers... [Read More]
by RSS Chris Dawson  |  Oct 29, 2015  |  Filed in: Industry Trends & News
Fortinet recently encountered a new Ransomware-as-a-Service (RaaS) advertisement called “Encryptor RaaS”. The service is advertised on an onion-based domain via Tor2Web service and Fortinet detects the associated ransomware as W32/Cryptolocker.ABD9!tr.  Interestingly, the seller explicitly calls its website “Ransomware as a Service”, an AV industry language, where the advertised business model closely resembles the recently discovered “Tox” RaaS. The seller earns a 20% commission per infected user who... [Read More]
by RSS Roland Dela Paz  |  Jul 29, 2015  |  Filed in: Security Research
Andromeda is a botnet that has had a long history. The latest version is now 2.09, which most active bots would have already received. Recently, however, our FortiGuard Labs Threat Intelligence system was able to capture the activities of a previous variant of Andromeda that is apparently still alive. During our analysis, we found that it is a cracked version of an old variant, and the author used it for spreading a Bitcoin miner. Andromeda 2.06 The network traffic of most Andromeda variants are very similar - the sent data is Base64-encoded,... [Read More]
by RSS He Xu  |  Jan 07, 2015  |  Filed in: Security Research
[Read More]
by RSS Michael Perna  |  Aug 09, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Mar 22, 2014  |  Filed in: Industry Trends & News
We are in the age of information and for the past 25 years the internet has been an awesome force for good. It has created an incredible information economy across networks and won our trust as a viable platform for the exchange of just about anything. However, underneath it all, there is a terrible tempest brewing. In a time when any motivated person can raise a few hundred thousand dollars in crowdfunding, so too can any motivated person find a way to steal it. The hacking economy is booming and the barriers to entry are low. Prerequisite knowledge... [Read More]
by RSS Michael Perna  |  Mar 17, 2014  |  Filed in: Security 101