Hackers unleash 2.5M new crypto-jacking scripts in just 3 months

Security experts have detected 2.5 million new instances of crypto-jacking malware in the second quarter of 2018, according to a report from McAfee Labs.

For the record, this marks a staggering 86-percent growth in cryptocurrency-mining malware over the past three months.

Most of the new malware originates from older crypto-jacking scripts, according to a new report from McAfee Labs.

“Cybercriminals continue to follow the money. Although this statement is familiar, our latest Threats Report clearly shows the migration from certain older attacks to new threat vectors as they become more profitable,” the analysis reads. “Just as in Q1, we see the popularity of cryptocurrency mining continue to rise.”

It’s clear that the threat of crypto-jackers is ever-present and accelerating. Despite this, the threat to the cryptocurrency sector still ranks pretty low when put in context.

In fact, it doesn’t even make the top 10 targeted sectors over the past two years.

Despite this, one shouldn’t remain complacent.

Hard Fork has been keeping tabs on a current crypto-jacking campaign being waged across the internet. Hackers have infected over 280,000 routers with a modified version of CoinHive that secretly mines cryptocurrency in the background of every website visited, with no signs of slowing down.

Crypto-jackers are also sneaking malware into indie games distributed through popular gaming platform Steam – so it’s best to remain vigilant.

For what it’s worth – other researchers have confirmed this trend. Recently, the Cyber Threat Alliance published data that showed that the rate of crypto-jacking rose an alarming 459 percent since 2017.

TRON is giving DLT devs an 85% discount on Hard Fork Decentralized tickets

We’ve come a long way from Satoshi’s white paper in 2008. Every day we’re pushing the limits of what’s possible on the blockchain, and we have developers to thank for it.

That’s why we’d like to offer DLT devs an 85-percent discount on their ticket to Hard Fork Decentralized , our first blockchain and cryptocurrency event. We’re partnering with TRON Foundation , one of the largest blockchain-based operating systems in the world, to make this discount possible.

Our event aims to catalyze in-depth discussions on the industry’s future, and we can’t do that without your expert opinions as a developer. Blockchain is only as strong as its code, after all.

Our three-day event will feature expert keynotes, roundtable discussions, and networking sessions hosted by leading companies in London. As a blockchain developer, it’s a great opportunity to make lasting connections and get your opinions out there.

We’ll also be hosting our own event called The Exchange. The Exchange is the hub where deals get done. In this exclusive space, decision makers come together to build new relationships, conduct private meetings, join discussions, and interact with leadership teams from blockchain and cryptocurrency companies.

We’re also thrilled to announce that TRON Foundation will be hosting their own event at Hard Fork Decentralized – keep an eye out for more info on this soon.

You can get your discounted ticket for DLT developers right here . We’re looking forward to seeing you at Hard Fork Decentralized on December 12-14!

Why Proof-of-work isn’t suitable for small cryptocurrencies

It seems that proof-of-work (PoW), the consensus protocol behind Bitcoin , isn’t ideal for smaller cryptocurrencies, because they’re far more vulnerable to what are called 51 percent attacks. At least five PoW digital currencies have been affected by such attacks in the last two months.

Verge Currency (XVG) and Electroneum (ETN) both suffered 51 percent attacks last month causing a theft of more than a million dollars.

On Tuesday, Verge suffered another attack of the same kind — resulting in a theft of more than 35 million XVGs worth over $1.7 million at the time.

Monacoin reportedly continues to suffer from a 51 percent attack as well, and has already resulted in a theft of over $100,000 so far.

51 percent attacks occur when one entity gains control over 51 percent of the network hash-rate. This entity can now both prevent valid transactions from occurring as well as reverse already occurred transactions on the blockchain. A single coin can even be spent twice from the same origin with this sort of control, in what’s called a double-spend.

Bitcoin Gold (BTG), a hard fork of Bitcoin, also suffered a double-spend attack last week. Their control over the blockchain allowed them to make off with more than $35 million worth of BTG.

The fact that all of these cryptocurrencies utilize the PoW consensus protocol of Bitcoin raises some doubt over the suitability of the protocol, especially for smaller cryptocurrencies.

It’s virtually impossible for Bitcoin’s blockchain to be compromised by a 51 percent attack because it will require a lot of hashing power to gain more than 50 percent control over it — although Ghash.io, a Bitcoin mining pool, has come close; not once, but twice .

But, is carrying out a 51 percent attack on smaller cryptocurrencies easier? We asked Bitcoin developer Peter Todd:

Todd notes that in cases such as Verge, it is the technical glitches with their blockchains that allow these cryptocurrencies to be compromised so easily. But even if these flaws are fixed, it won’t exactly solve the problem of 51 percent attacks on their blockchains — for PoW to work in the way it is intended, you still need to be able to outspend your attacker.

Todd explains that, all of these cryptocurrencies that suffered the attack have chosen the naivest possible technical architecture : to have an entirely separate PoW chain for each of their currency.

“The important thing to note with all those currencies is they’re just copy-cat clones of existing stuff, created in pump and dump schemes,” Todd notes of the attacks. “I suspect the coins that have been attacked recently use that technology simply because it’s easier to copy and paste existing code rather than do the real work of technology development – they’re pump and dump schemes after all.”

There are rising concerns over the number of cryptocurrencies that are simply cloning existing blockchains. As we reported earlier , Bitcoin alone has seen more than 44 hard forks since August last year, and most of them don’t bring anything new to the table.

Despite being riddled with technical flaws, many of these currencies are popular with traders. All four cryptocurrencies that have suffered 51 percent attacks in the last two months, are among the top 100 most traded cryptocurrencies in the world at the moment. Surely the digital currency community can do better.