Vulnerabilities / Threats
2/18/2014
11:35 AM
Connect Directly
RSS
E-Mail

Bye, Bitcoin: Criminals Seek Other Crypto Currency

Law enforcement crackdowns, hack attacks, and market volatility drive Russian fraudsters to mint their own virtual currency systems.

Photo credit: zcopley.
Photo credit: zcopley.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
s404n1tn0cc
100%
0%
s404n1tn0cc,
User Rank: Apprentice
2/20/2014 | 9:14:34 AM
So much for Law proofing.
      Seems sence the US invented the Ethernet it owns it and all Backdoors. Obviously they some how where able to get subpoenas. And direct access to the accounts. but when they did that the 34000000 dollars is now worth only 8500000. A tremendous shock to the system. 
asksqn
0%
100%
asksqn,
User Rank: Apprentice
2/19/2014 | 9:04:08 PM
Bitcoin, We Hardly Knew Ye
Notwithstanding the negative nellie approach to cryptocurrencies, Bitcoin will always be remembered for causing the widespread soiling of jockey shorts worn by members of the Federal Reserve, Greenspan, Bernanke and other keepers of the fiat money cartel.
Thomas Claburn
0%
100%
Thomas Claburn,
User Rank: Moderator
2/18/2014 | 6:49:07 PM
Re: Why tie to physical location?
It would be fitting if cybercriminals took to using actual cans of Hormel Spam as currency.
Brian.Dean
0%
100%
Brian.Dean,
User Rank: Apprentice
2/18/2014 | 4:06:59 PM
Re: Why tie to physical location?
This is one area where technology is not being used for the good of society. The easiest way to limit illegal activities is by limiting/restricting free movement of finance. However, it is not all negative as technology that enables agencies to detect narcotics using sensors etc restores some of the balance.

I feel since Bitcoin is not doing too good even for legal activities, I wonder whether another crypto currency will every gain the kind the hype and value that Bitcoin gained during the month of November last year.  
Mathew
50%
50%
Mathew,
User Rank: Apprentice
2/18/2014 | 12:30:52 PM
Re: Why tie to physical location?
Good question. These are add-ons to Russian-language cybercrime forums. It doesn't mean that the admins or users reside in Russia. But if they do, they might want a way to cash out large amounts of money in rubles, for local spending.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Ninja
2/18/2014 | 12:00:58 PM
Why tie to physical location?
Mat, why would a group looking to launch a cyber-currency tie itself to a specific country, especially Russia? The U.S., EU and China also seem like bad bets. It's CYBER after all, so why not be completely separate from any physical location?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0485
Published: 2014-09-02
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5136
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.