This Week in Tech 643: Ambien Tech

Cyber Monday was Amazon’s biggest day ever, but Jeff Bezos still lost his $100 Billion dollar crown. Apple fixes an ugly macOS security flaw, but then immediately breaks the fix. Google finally figures out how to make hamburgers and beer. Uber is still incredibly crooked. Bitcoin clears $10,000. Elon Musk is sending a Roadster to Mars and discovering a sunken city in Chicago. The US Supreme Court will decide if the Fourth Amendment applies to your phone.

Advertisements

Silk Road Reloaded forgoes Tor for lesser-known I2P network

The original Silk Road, multiple successors and several other copycat online drug markets have all been taken offline in recent years. The one thing they’ve all had in common – aside from selling illegal goods and services – is that they’ve all lived on the Tor network.

Operators of the latest iteration of Silk Road, aptly known as Silk Road Reloaded, are taking a different approach as it uses a little-known alternative called I2P.

Another key difference between the original Silk Road and this newcomer is the fact that the new site accepts more than just Bitcoins as a form of payment. Silk Road Reloaded deals in eight different cryptocurrencies including Litecoin, Darkcoin, Anoncoin and meme-inspired Dogecoin.

Transactions processed in currencies not named Bitcoin will be converted to Bitcoin at checkout through the site’s built-in wallet.

It’s a significant change both for the site’s customers as well as its administrators. Shoppers can enjoy the added convenience of not having to convert their altcoins before purchase. The site, meanwhile, takes a small one percent service charge in addition to a slice of the profits from sellers, resulting in yet another income stream.

While Tor and I2P are both anonymizing proxy networks, there are some differences between the two. As the creators of I2P explain, Tor takes a directory-based approach that provides a centralized point to manage the overall “view” of the network as opposed to I2P’s distributed network database and peer selection. Using this approach, essentially all peers participate in routing for others.

Being less-known is likely also an advantage, especially considering that some believe the Tor network has already been compromised. After seeing so many marketplaces go down over the past few years, that’s an entirely plausible conclusion.

via Silk Road Reloaded forgoes Tor for lesser-known I2P network – TechSpot.

Facebook helped shut down ‘Lecpetex’ botnet responsible for turning PCs into Litecoin miners

Law enforcement officials in Greece recently arrested two people last week that they believe were responsible for operating a botnet called Lecpetex. The hackers reportedly infiltrated up to 50,000 Facebook accounts and some 250,000 computer which were used to mine Litecoins, a popular alternative virtual currency similar to Bitcoins.

As outlined in a blog post, Facebook’s Treat Infrastructure team has been working with several industry partners over the last seven months to eradicate the botnet. It took that long to bring down Lecpetex primarily because it featured multiple technical features that made it more resilient to analysis and disruption efforts.

For example, its authors made continuous changes to the malware to avoid detection by anti-virus software.

The method of infection wasn’t all that clever, however. They simply sent spam messages to thousands (maybe millions) of users and those who didn’t know any better opened the attachments, ultimately infecting their computer.

Those behind Lecpetex eventually caught on to Facebook’s efforts to shut it down, even leaving notes on command-and-control servers proclaiming their innocence. On April 30, the social network reached out to Greek police who quickly launched an investigation. By July 3, two suspects had been taken into custody.

Facebook’s post goes into a lot more detail than we have time to cover here. If you’re interested in the finer details of the botnet, feel free to pop over and check out the full post.

via Facebook helped shut down ‘Lecpetex’ botnet responsible for turning PCs into Litecoin miners – TechSpot.

Bitcoin-stealing malware hidden in Mt. Gox data dump, researcher says

An archive containing transaction records from Mt. Gox that was released on the Internet last week by the hackers who compromised the blog of Mt. Gox CEO Mark Karpeles also contains bitcoin-stealing malware for Windows and Mac.

Security researchers from antivirus firm Kaspersky Lab analyzed the 620MB file called MtGox2014Leak.zip and concluded that in addition to various Mt. Gox-related documents and data, it contains malicious binary files.

The files masquerade as Windows and Mac versions of a custom, back-office application for accessing the transaction database of Mt. Gox, a large bitcoin exchange that filed for bankruptcy in Japan in late February after claiming it had lost about 850,000 bitcoins to cyber thieves.

However, they are actually malware programs designed to search and steal Bitcoin wallet files from computers, Kaspersky security researcher Sergey Lozhkin said Friday in a blog post.

Protesters outside Mt. Gox’s Japanese HQ before the company declared bankruptcy.

Both the Windows and Mac binaries are written in LiveCode, a programming language for developing cross-platform applications.

When executed, they display a graphical interface for what appears to be a Mt. Gox database access tool. However, in the background they launch a process—TibanneSocket.exe on Windows—that searches for bitcoin.conf and wallet.dat files on the user’s computer, according to Lozhkin. “The latter is a critical data file for a Bitcoin crypto-currency user: if it is kept unencrypted and is stolen, cybercriminals will gain access to all bitcoins the user has in his possession for that specific account.”

The malware, which Kaspersky has named Trojan.Win32.CoinStealer.i (the Windows version) and Trojan.OSX.Coinstealer.a (the Mac version), uploads the stolen Bitcoin wallet files to a remote server that used to be located in Bulgaria, but is now offline.

“It seems that the whole leak was invented to infect computers with Bitcoin-stealer malware that takes advantage of people’s keen interest in the Mt. Gox topic,” Lozhkin said.

“Malware creators often using social engineering tricks and hot discussion topics to spread malware, and this is great example of an attack on a focused target audience,” he said.

Users who downloaded the archive and executed any of the binary files inside should probably scan their computers with an anti-malware program and should take immediate steps to secure their bitcoins. According to a scan report Monday on the VirusTotal service, 27 of 47 anti-virus engine detect the Windows binary file as malicious or suspicious.

via Bitcoin-stealing malware hidden in Mt. Gox data dump, researcher says | PCWorld.

Hackers break into Mt. Gox’s servers, claim the company still has customers’ bitcoins

While the Bitcoin community is impatiently waiting for Mt. Gox to provide details on the massive hacker attack that stole 6 percent of all the Bitcoin in the world, a group of hackers, who claim to have broken into the bankrupted Bitcoin exchange’s servers, said that the company still has at least some of customers’ Bitcoins.

According to a Forbes report, the hacker group on Sunday took over the personal blog and Reddit account of Mt. Gox’s CEO Mark Karpeles to announce that the exchange has access to a portion of the Bitcoins that the company had said were stolen from customers.

To support the claim, the group uploaded a series of files including an Excel spreadsheet of over a million trades, a screenshot purportedly confirming the hackers’ access to the data, a list of Mark Karpeles’ home addresses, his personal CV, and more.

Hackers also point to a balance file, which reportedly shows a balance of 951,116 Bitcoins, to prove that Mt. Gox’s claim to have lost customers’ Bitcoins to hackers is nothing but a lie. “That fat fuck has been lying!!”, a note in the file from the hackers reportedly reads.

While the legitimacy of the database dump is yet to be verified, it could also be an accounting mismatch with the company’s actual store of Bitcoins, report says. The stolen money hasn’t yet appeared on the log of Bitcoin blockchain, the public ledger of transactions that prevents fraud and forgery in the Bitcoin economy, suggesting that whoever has it isn’t spending it at the moment.

In another, possibly related event, a user on the BitcoinTalk forum posted a message offering a 20 GB stolen database from Mt. Gox for 100 Bitcoins. According to the user, the database contains Mt. Gox users’ personal details and passport scans.

via Hackers break into Mt. Gox’s servers, claim the company still has customers’ bitcoins – TechSpot.