Hacker Hijacks ISP Networks to steal $83,000 from Bitcoin Mining pools

Till now, he have heard about “Bitcoin digital wallet hacked” or “Bitcoin website hacked”, but now a hacker has stolen cryptocurrency from mining pools and generated $83,000 in digital cash in more than four months by gaining access to a Canadian Internet provider. Bitcoin is a virtual currency...

Georgia Tech Releases BlackForest Threat Intelligence Tool

Enterprises longing for an automated system that sends up a smoke signal that attackers may be planning a move against a particular organization or are promoting a new tool that targets companies in a specific industry may have had their wish come true. Georgia Tech Research Institute has release...

Stack overflow

Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the 1 extractsockaddr or 2 parsereconnect functions in util.c...

CVE-2014-4503

The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...

CVE-2014-4501

Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the 1 extractsockaddr or 2 parsereconnect functions in util.c...

CVE-2014-4503

The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...

CVE-2014-4502

Multiple heap-based buffer overflows in the parsenotify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a 1 large or 2 negative value in the Extranonc2size parameter in a mining.subscribe response and a...

CVE-2014-4502

Removed by vendor...

CVE-2014-4501

Removed by vendor...

Facebook Carries Out Lecpetex Botnet Takedown

Facebook has moved slowly and deliberately into the realm of botnet takedowns by disrupting a relatively small operation in Greece that was using the social platform to spread spam and malware. Two arrests were made in connection with the Lecpetex botnet in Greece on July 3. The alleged botmaster...

Hacker Exploits NAS Vulns to Mine $620K in Dogecoin

A hacker, well-versed in malware and exploit development, took advantage of vulnerabilities in Synology network attached storage boxes popular with home users to mine more than $600,000 worth of the digital currency Dogecoin. Researchers Pat Litke and David Shear of Dell SecureWorks’ Counter Thre...

Microsoft Identifies New Malware Dropping Sefnit Botnet

Plenty has been written about the Sefnit malware family and its favor with using Tor to mask communication, as well as the money it’s made for criminals via click-fraud schemes. Sefnit, however, has had a pair of accomplices that until recently were regarded as harmless programs by most security...

Click-Fraud Sefnit Variant Shuns Tor for SSH

Sefnit was the first malware family to shed light on the problem of botnets and other malicious code using the Tor anonymity network as a communication protocol. While others before and since have done the same, Sefnit made the biggest splash at the end of last summer when the botnet caused a 600...

Google Removes Bitcoin Mining Android Malware from Play

Google recently removed five bogus wallpaper apps from its Play marketplace after they were deemed malicious and found sneakily mining Bitcoins. The malware, dubbed BadLepricon, was spotted funneling Bitcoin into wallets and allowed the attacker to change mining pools easily to maximize the minin...

Android Bitcoin-Mining Malware found on Google Play Store

Google always bound to face trouble over the wide and open nature of its app checking policies on Google Play Store, and despite so many security measures, the search engine giant mostly fails to recognize the Android malware that are lurking around its Google Play store in vast numbers. Recently...

Iowa State Hacked--To Mine Bitcoins

It’s an odd week these days when there isn’t a data breach at some university or college. These institutions are prime targets for attackers for several reasons, not the least of which are their open network environments and databases bulging with personal information. But now attackers are looki...

Exploit for Out-of-bounds Read in Openssl

OpenSSL Heartbleed CVE-2014-0160 vulnerability scanner, dat...

DVR Infected with Bitcoin Mining Malware

Johannes Ullrich of the SANS Institute claims to have found malware infecting digital video recorders DVR predominately used to record footage captured by surveillance camera systems. Oddly enough, Ullrich claims that one of the two binaries of malware implicated in this attack scheme appears to ...

Android Malware found on Google Play Store mines Cryptocurrencies

Cyber criminals are more business-minded than you might expect. As the business has moved to greater use of mobile and non-Windows computers, so cyber criminals have adapted techniques monetize their efforts. Security researchers at Lookout Mobile Security discovered that various apps uploaded to...

Android Malware Mines Digital Cryptocurrency

On its surface, the idea of turning a smartphone into a cryptocurrency mining machine sounds novel. But practical and profitable? Not so much. That hasn’t stopped thieves from corrupting a number of popular Android applications for just that purpose, including two on the Google Play store called...