cryptocurrency – SSL and internet security news

Using Hacked LastPass Keys to Steal Cryptocurrency

September 18, 2023 infossl

cryptocurrency, operational security, Password Safe, passwords, Security technology, Uncategorized

Remember last November, when hackers broke into the network for LastPass—a password database—and stole password vaults with both encrypted and plaintext data for over 25 million users? Well, they’re now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet. That’s a really profitable hack. … Read More “Using Hacked LastPass Keys to Steal Cryptocurrency” »

Cryptocurrency Startup Loses Encryption Key for Electronic Wallet

September 6, 2023 infossl

cryptocurrency, encryption, keys, Security technology, Uncategorized

The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 million. It is now in bankruptcy. I can’t understand why anyone thinks these technologies are a good idea. Powered by WPeMatico

Cryptographic Flaw in Libbitcoin Explorer Cryptocurrency Wallet

August 10, 2023 infossl

cryptocurrency, keys, random numbers, Security technology, Uncategorized

Cryptographic flaws still matter. Here’s a flaw in the random-number generator used to create private keys. The seed has only 32 bits of entropy. Seems like this flaw is being exploited in the wild. Powered by WPeMatico

North Korea Hacking Cryptocurrency Sites with 3CX Exploit

April 4, 2023 infossl

cryptocurrency, cybersecurity, hacking, malware, North Korea, Security technology, supply chain, Uncategorized, vulnerabilities

News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they’re based in “western Asia.” … Read More “North Korea Hacking Cryptocurrency Sites with 3CX Exploit” »

Ransomware Payments Are Down

January 31, 2023 infossl

crime, cryptocurrency, cybercrime, extortion, ransomware, Security technology, Uncategorized

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that … Read More “Ransomware Payments Are Down” »

Decarbonizing Cryptocurrencies through Taxation

January 4, 2023 infossl

bitcoin, blockchain, courts, cryptocurrency, essays, laws, Security technology, Uncategorized

Maintaining bitcoin and other cryptocurrencies causes about 0.3 percent of global CO2 emissions. That may not sound like a lot, but it’s more than the emissions of Switzerland, Croatia, and Norway combined. As many cryptocurrencies crash and the FTX bankruptcy moves into the litigation stage, regulators are likely to scrutinize the cryptocurrency world more than … Read More “Decarbonizing Cryptocurrencies through Taxation” »

NSA Employee Charged with Espionage

October 4, 2022 infossl

cryptocurrency, cyberespionage, espionage, fbi, nsa, Security technology, Uncategorized, undercover

An ex-NSA employee has been charged with trying to sell classified data to the Russians (but instead actually talking to an undercover FBI agent). It’s a weird story, and the FBI affidavit raises more questions than it answers. The employee only worked for the NSA for three weeks—which is weird in itself. I can’t figure … Read More “NSA Employee Charged with Espionage” »

A Taxonomy of Access Control

August 12, 2022 infossl

cryptocurrency, cryptography, keys, Security technology, taxonomies, Uncategorized

My personal definition of a brilliant idea is one that is immediately obvious once it’s explained, but no one has thought of it before. I can’t believe that no one has described this taxonomy of access control before Ittay Eyal laid it out in this paper. The paper is about cryptocurrency wallet design, but the … Read More “A Taxonomy of Access Control” »

On the Dangers of Cryptocurrencies and the Uselessness of Blockchain

June 24, 2022 infossl

bitcoin, blockchain, cryptocurrency, essays, Security technology, Uncategorized

Earlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are an complete and total disaster, and urging them to regulate the space. Nothing in that letter is out of the ordinary, and is in line with what I wrote about blockchain in 2019. In response, Matthew Green has written—not … Read More “On the Dangers of Cryptocurrencies and the Uselessness of Blockchain” »

15.3 Million Request-Per-Second DDoS Attack

May 5, 2022 infossl

cryptocurrency, cyberattack, denial of service, Security technology, Uncategorized

Cloudflare is reporting a large DDoS attack against an unnamed company “operating a crypto launchpad.” While this isn’t the largest application-layer attack we’ve seen, it is the largest we’ve seen over HTTPS. HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted … Read More “15.3 Million Request-Per-Second DDoS Attack” »