bitcoin


Blockchain is a shared and continuously reconciled database used to maintain a list of digital records, called blocks. It is quickly becoming an important tool not just for financial information, but also for managing and recording virtually all types of data, such as medical and other records, identity management, and transaction processing. Because a blockchain database is distributed and interconnected, it provides several essential services. The first is transparency. Because data is embedded within the network as a whole, it is by definition... [Read More]
by RSS Hemant Jain  |  Jun 20, 2017  |  Filed in: Industry Trends
The WannaCry malware was responsible for a massive infection beginning that affected organizations and systems around the world. FortiGuard Labs has been monitoring this malware carefully. We have provided an analysis of this attack, along with how to protect your organization here.  In this blog post I’ll briefly describe some of the distinct characteristics of each version of this malware, from beta to the latest 2.0 version, and share some interesting findings. Beta Version: We discovered this beta version around Feb 9th,... [Read More]
by RSS Kyle Yang  |  May 15, 2017  |  Filed in: Security Research
Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger. Each transaction, or block within it, is linked together in an indisputable manner using public/private key encryption and internal... [Read More]
by RSS Keith Rayle  |  Mar 17, 2017  |  Filed in: Industry Trends
Dot ransomware is a new Ransomware-as-a-service(RaaS) that is openly available in hacking forums. And following the current trend in malware services, it uses web portals hosted in the TOR network for anonymity. Commission-based Profit While lurking in hacking forums, we came across a post for this new ransomware service. RaaS services are now switching from a one-time fee or subscription payment model to a commission based strategy. One advantage of this scheme is that the up front price for the ransomware is free, and any profits realized... [Read More]
by RSS Rommel Joven  |  Mar 02, 2017  |  Filed in: Security Research
Although bitcoin miners have been used by cybercriminals before as a way to monetize their malicious activities, this recent sample (MD5: 522f8ba8b2dec299cc64c0ccf5a68000) caught our attention because it is unusually heavy, persistent, and obfuscated. Fortinet detects this threat as W32/Miner. (3)Threat DescriptionThis malicious bitcoin miner is, in fact, a container of multiple files. Since NSIS (Nullsoft Scriptable Install System) was used to create the malware sample, the files that it contains can be seen using a file archiver such as 7-Zip.... [Read More]
by RSS Lilia Elena Gonzalez Medina  |  Jun 14, 2016  |  Filed in: Security Research
Fortiguard’s behaviour-based system designed to identify new malware has detected a German targeted ransomware. We named it Herbst, a German word which in English means Autumn. Ransom NoteThe Herbst ransom note appears in German in a dedicated window from its own running process. It demands that a ransom be paid in bitcoin. We have also been able to determine the bitcoin address. Ransome note details are listed below:File encryption: AES 256 bitRansom Price: 0.1 Bitcoin or approximately USD $53.80 as of today.Bitcoin Address: 18uM9JA1dZgvsgAaeeW2XZK13dTbk1jzWqFigure... [Read More]
by RSS Rommel Abraham D Joven  |  Jun 03, 2016  |  Filed in: Security Research
Not long ago, ransomware was a problem for consumers. Early versions hit unsuspecting users as early as 2005 but, while alarming, weren’t especially difficult to defeat. Even 10 years ago, the enterprise was a very different place than it is today, with BYOD in its infancy and far greater separation between work and personal environments. Ransomware authors also had not really begun to leverage the social engineering tactics that made infection much more likely, even for relatively savvy users.   Fast-forward to 2015 and attackers... [Read More]
by RSS Chris Dawson  |  Oct 29, 2015  |  Filed in: Industry Trends
Fortinet recently encountered a new Ransomware-as-a-Service (RaaS) advertisement called “Encryptor RaaS”. The service is advertised on an onion-based domain via Tor2Web service and Fortinet detects the associated ransomware as W32/Cryptolocker.ABD9!tr.  Interestingly, the seller explicitly calls its website “Ransomware as a Service”, an AV industry language, where the advertised business model closely resembles the recently discovered “Tox” RaaS. The seller earns a 20% commission per infected user who... [Read More]
by RSS Roland Dela Paz  |  Jul 29, 2015  |  Filed in: Security Research
Andromeda is a botnet that has had a long history. The latest version is now 2.09, which most active bots would have already received. Recently, however, our FortiGuard Labs Threat Intelligence system was able to capture the activities of a previous variant of Andromeda that is apparently still alive. During our analysis, we found that it is a cracked version of an old variant, and the author used it for spreading a Bitcoin miner. Andromeda 2.06 The network traffic of most Andromeda variants are very similar - the sent data is Base64-encoded,... [Read More]
by RSS He Xu  |  Jan 07, 2015  |  Filed in: Security Research
[Read More]
by RSS Michael Perna  |  Aug 09, 2014  |  Filed in: Industry Trends