Among all the scams and thievery in the bitcoin economy, one recent hack sets a new bar for brazenness: Stealing an entire chunk of raw internet traffic from more than a dozen internet service providers, then shaking it down for as many bitcoins as possible.
Researchers at Dell’s SecureWorks security division say they’ve uncovered a series of incidents in which a bitcoin thief redirected a portion of online traffic from no less than 19 Internet service providers, including data from the networks of Amazon and other hosting services like DigitalOcean and OVH, with the goal of stealing cryptocurrency from a group of bitcoin users. Though each redirection lasted just 30 second or so, the thief was able to perform the attack 22 times, each time hijacking and gaining control of the processing power of a group of bitcoin miners, the users who expend processing power to add new coins to the currency’s network.
The attacker specifically targeted a collection of bitcoin mining “pools”–bitcoin-producing cooperatives in which users contribute their computers’ processing power and are rewarded with a cut of the resulting cryptocurrency the pool produces. The redirection technique tricked the pools’ participants into continuing to devote their processors to bitcoin mining while allowing the hacker to keep the proceeds. At its peak, according to the researchers’ measurements, the hacker’s scam was pocketing a flow of bitcoins and other digital currencies including dogecoin and worldcoin worth close to $9,000 a day. “With this kind of hijacking, you can quite easily grab a large collection of clients,” says Pat Litke, one of the Dell researchers. “It takes less than a minute, and you end up with a lot of mining traffic under your control.”
The Dell researchers believe the bitcoin thief used a technique called BGP hijacking, which exploits the so-called border gateway protocol, the routing instructions that direct traffic at the connection points between the Internet’s largest networks. The hacker took advantage of a staff user account at a Canadian internet service provider to periodically broadcast a spoofed command that redirected traffic from other ISPs, starting in February and continuing through May of of this year. The Dell researchers won’t name that ISP, and they’re not sure how the hacker gained access to the account or whether he or she might have in fact been a rogue staffer.
That BGP hijack allowed the hacker to redirect the miners’ computers to a malicious server controlled by the hijacker. From that server, the hacker sent the mining machines a “reconnect” command that changed the mining computers’ configuration to contribute their processing power to a pool that stockpiled the bitcoins they produced rather paying them out to the mining pool’s participants. “Some people are more attentive to their mining rigs than others,” says Joe Stewart, a Dell researcher whose own computers were caught up in one victimized mining pool. “Many users didn’t check their setups for weeks, and they were doing all this work on behalf of the hijacker.”
In total, Stewart and Litke were able to measure $83,000 worth of cryptocurrency stolen in the BGP attack. But the total haul could be larger; The researchers stopped collecting data for several weeks of the attack because Stewart broke his ankle in the midst of the study.
Compared to those large-scale digital hijackings, the latest bitcoin heist was a much smaller and targeted traffic-stealing operation. And given that it required inside access to an ISP, Dell’s researchers don’t expect Bitcoin thieves to repeat the attack any time soon.
In fact, the BGP bitcoin-stealing exploits represent less of a new vulnerability in bitcoin than the persistent fragility of the internet itself, Dell’s researchers say. If one Canadian ISP can be used to redirect large flows of the Internet to steal a pile of cryptocurrency, other attackers could just as easily steal massive drifts of Internet data for espionage or pure disruption. The Dell researchers suggest that companies set up monitoring through a service like BGPmon, which can detect BGP hijacking attacks. But they shouldn’t expect to be able to actually prevent those attacks any time soon.
“We’re going to see other events like this,” says Dell’s Stewart. “It’s ripe for exploitation.”
(INTERNATIONAL) — In what may be the biggest security breach ever a Russian gang of computer hackers has obtained a huge cache of some 1.2 billion stolen user names and passwords, according to computer security experts.
That in turn exposes vulnerabilities in some 400,000 websites.
The report on Tuesday in the New York Times says the breach was discovered by Hold Security, a Milwaukee-based company.
The data beach is reported to include confidential material gathered from 420,000 websites, including household names, and small Internet sites.
Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems, said the report which noted that the company would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable.
The New York Times had a security expert not affiliated with Hold Security analyze the database of stolen credentials and that expert confirmed it was authentic.
"Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information," said the Times report here .
Some items from the story:
~ The breach also includes 542 million email addresses “culled by the crew of twentysomethings based in a small south central Russian city.”
~ Hackers didn’t just target U.S. companies, they targeted any website they could get and that ranged from Fortune 500 companies to very small websites and most of those websites most of those sites are still vulnerable.
~ The gang does not appear to be working for the Russian government and as far as is known the gang has not sold the information. Instead, the gang has been paid by third-party groups to use their cache of online information to send spam on social media.
~ The Russian government rarely pursues hackers, meaning the gang can likely continue operating unimpeded, according to The Times.
Chemical giants Dow and Syngenta have asked the Environmental Protection Agency to authorize the expanded use of two highly toxic pesticides that could have deadly consequences for bees. Tell the EPA to reject the companies’ reckless proposal and protect bees from the devastating impacts of these two dangerous chemicals.
According to statistics recently released by the government in Denver, the amount of robberies and violent crimes significantly decreased since marijuana legalization went into effect. It is important to mention that this strong correlation is not definitive proof that legalization is the cause of this drop in crime, but it does strongly suggest that this is the case.
These statistics are especially convincing considering the short amount of time that this drastic reduction in crime has taken place. In just one short year the number of homicides dropped by 52.9%. Sexual assaults were reduced by 13.6%. Robberies were down by 4.8% and assaults were down by 3.7%.
The statistics measured the first few months of the year for both 2013 and 2014, and then compared those numbers with one another to determine whether they were higher or lower after legalization went into effect.
There are many different factors contributing to this drop in crime, and it is likely that marijuana legalization is a very big piece of the puzzle. Legalization has had a profound impact on local economies, and has created a large boom in new residents who have moved to the area to flee persecution. This increase in prosperity surely has some effect on the amount of robberies and burglaries that have taken place.
Additionally, marijuana is traditionally known to mellow people out and calm them down, making them far less likely to act out in anger or plan a murder.
One final possibility that comes to mind is the fact that possibly, police resources are being diverted towards serious crimes instead of nonviolent offenses. Unfortunately, they are still writing plenty of fines and locking up plenty of people for nonviolent offenses, but marijuana smokers and traders have been one of the largest group of persecuted nonviolent offenders for a very long time.
FCC Chairman Tom Wheeler is about to get an earful on net neutrality. He’s testifying at a hearing in front of the House Subcommittee on Communications and Technology tomorrow, and Congress members from both sides of the aisle are asking for constituents to contribute questions at the hearing as well using the hashtag #AskWheeler.
This is an important moment because the FCC is supposed to get its marching orders from Congress. As we all learned in middle school, Congress passes laws (in this case, about television, telephones, radio, wire, satellite or cable services) and the FCC (as part of the executive branch) is tasked to figure out how to translate those law into practical policies and regulations
Thus, Congress has an important role to play in the struggle for a neutral Internet. We know that members of the subcommittee are planning to re-write of the Communications Act, and we know that letters from Congress members aren’t taken lightly by the FCC in the rulemaking process. That means it’s time to let our elected officials and the FCC know that we will fight to protect the future of our open Internet.
Here are three ways to join the debate and have your voice heard:
Today, tweet your questions for FCC Chairman Wheeler during the Communications and Technology Subcommittee hearing using the hashtag #AskWheeler.
Call your representative. Let’s be clear: any rules that allow Internet providers to discriminate against how we access websites would be a disaster for the open Internet.
Submit comments in the FCC official rulemaking process. We’ve made it easy with our DearFCC.org public comment tool. It’s time to fill the FCC’s Open Internet docket with our voices and our stories. After all, it’s our Internet.
There are no easy solutions. But the FCC and Congress both want and need to hear from us. So let’s give them what they ask for. Let’s defend our Internet.