We’re working to bring you an all new BlockExplorer.com. Can we ask for your help? Please take a few moments to answer the below questions. We’ll compile the answers and share with you, our readers, in the coming weeks. From all of us at Block Explorer, a sincere thank you!
Use our news to inform cryptocurrency trading decisions, stay up-to-date on happenings in the industry, and more!
Gemini To Become First BitLicensed Exchange To Offer Trading in Zcash
The New York State Department of Financial Services has authorized Gemini Trust Company to offer trading of Zcash, Litecoin and Bitcoin Cash. Tyler Winklevoss, Chief Executive Officer of Gemini Trust Company, LCC said, “We are proud be the first licensed exchange in the world to offer Zcash trading and custody services and look forward to providing customers with a safe, secure, and regulated place to buy, sell, and store Zcash, an incredible new form of digital cash.”
Crypto Mining Company Coinmint Moving To Revamp 1,300 Acre Alcoa Plot
Once used for aluminum smelting, an Alcoa plant in Upstate New York is going to be converted into one of the world’s largest bitcoin mining centers. CNBC reports Coinmint said Tuesday it “would invest up to $700 million in the upstate New York location, which it expects to be the biggest bitcoin mining center in the world. The project will create an estimated 150 jobs over the next 18 months.”
Cryptocurrency Theft Malware Now An Economy Worth Millions
According to a new research report titled “Cryptocurrency Gold Rush on the Dark Web” by Carbon Black, the market for malware and tools designed for the theft of cryptocurrency is growing swiftly. ZDNet states, “The researchers estimate that over the past six months alone, a total of $1.1 billion has been stolen in cryptocurrency-related thefts, and approximately 12,000 marketplaces in the underbelly of the Internet are fueling this trend.”
Image courtesy of Carty Sewill, http://cartyisme.com/.
Cold storage through a hardware wallet such as the Ledger Nano S is among the safest, most secure, and widely recommended way to store crypto assets. However, using a hardware wallet isn’t always straightforward: not all coins are supported, user interfaces are clunky, and users are often required to use multiple apps to interact with different blockchains.
Ledger, the company behind the best-selling Ledger Nano S hardware wallet, seeks to rectify those user experience issues with new desktop and mobile applications that unify all supported cryptocurrency tokens under one central app and dashboard. Ledger first announced the new applications, which will take the place of the existing Google Chrome apps provided by Ledger, back in February of this year.
In a Twitter post, Ledger has revealed that the “initial version” of the Ledger Wallet desktop native application will be available starting on July 9th. Ledger says that even though there is an added wait to their original launch estimate, the wait will be “worth it.” The firm says regular periodic updates will follow after launch – the first of which should be adding ERC20 support.
The mobile version of the Ledger Wallet application is still on track for an “end of Q4 2018” release.
The new Ledger Wallet app is a web-based solution (the current Ledger Manager app is Google Chrome browser-based) that will support 28 different cryptocurrency tokens, multiple ledger devices, and come with a central dashboard to manage all aspects of a user’s digital currency portfolio, including sending and receiving crypto tokens, as well as viewing account balances and transaction histories.
In future updates, Ledger expects to eventually support over 100+ cryptocurrencies, enable integration of third-party apps, and more.
Ledger is a Paris, France-based company founded in 2014 with the goal of “securing the new disruptive class of crypto assets.”
GuardiCore, a cloud-based security provider, has uncovered a large-scale attack on vulnerable servers. Codenamed Operation Prowli, the attack leverages various exploits to redirect web traffic, and to install cryptocurrency mining software on its targets.
Operation Prowli attacks targets with various exploits tailored to specific vulnerabilities. From SSH brute forcing to Mirai-like attacks on consumer modems. Post-infection actions taken include installing cryptocurrency miners and redirecting web traffic. Both post-infection actions performed by Operation Prowli are intended to provide a revenue stream back to those running the attack. At the time of writing, it was reported that over 40,000 computers have fallen victim.
A more in-depth look at the methodology and attacks used by Operation Prowli can be seen in GaurdiCore’s release.
Cryptojacking, or stealing computing power from others, allows those behind Operation Prowli to leverage many compromised computers to mine cryptocurrency. As in the last few reports on cryptojacking, the currency of choice for the attackers is Monero, undoubtedly chosen for its commitment to being minable on consumer CPUs and untraceable nature.
Once Operation Prowli has managed to gain access to a server, it will attempt to redirect web traffic towards malicious sites. An example used in GaurdiCore’s release is tech support scams.
Prevention and staying secure
For consumers, the best way to stay secure is to verify that the site you have visited is the one you intended. And otherwise to only follow links you trust.
Providers that are not already infected, ensuring your servers are secure can be done in various ways. With the simplest being to use strong passwords, and to only expose to the internet what you absolutely have to. For this reason, firewalls to close ports that do not need to be accessed externally are a must. Otherwise, ensuring that the software you use is up to date, and does not have any longstanding security issues will go a long way.
Otherwise, for providers that are already infected, changing all passwords and doing a security audit is a good first step. After which, stop all currently running malicious processes and remove their binaries (hashes provided below). Or in the case of the traffic redirection attack, check all relevant files for malicious lines.
|Filename||Hash (sourced from GaurdiCore’s release)|
Reddit user /u/Aiwa4 has created a tool named Investor Data, which follows Reddit comments looking for specific keywords referencing cryptocurrencies. This data is used to track the popularity of various cryptocurrencies. The tool is available to anyone on the internet and is funded by donations.
Currently, Investor Data tracks 27 cryptocurrencies over 3 subreddits. Namely /r/CryptoCurrency, /r/CryptoMarkets, and /r/BitcoinMarkets are used as the data source. Aside from Bitcoin and its forks, due to an issue separating similar names, ‘most’ top 20 cryptocurrencies make up the list of 27. The data is placed on a table, with a percentage and time used to indicate popularity. The table is updated every 5 minutes and requires a reload to update locally.
Further planned features for Investor Data include interactive graphs and a JSON based API. Also mentioned is a plan to implement a similar tool for Google Trends and Twitter, and the possibility of putting all the data together for a more complete look at the cryptocurrency community.
Most popular currency on Reddit
The spread of data over time provides a nice look into whether or not a given amount of activity is new. Short-term increases, for example, would indicate hype around a cryptocurrency, while long-term increases without similar short-term numbers could indicate sustained interest.
Currently, the site does not have a valid SSL certificate, meaning that malicious parties may be able to fake the site for their own benefit. Otherwise, as stated above, the tool currently does not differentiate between forks that have similar names, for example, Bitcoin and Bitcoin Cash. Therefore, any statistics referencing these coins will be for every fork. Investor Data’s FAQ does state that differentiating forks with similar names is being worked on. There is not a timeline available for when this will be fixed.
Update: /u/Aiwa4 has stated in a comment to BlockExplorer that they plan to procure an SSL certificate to remedy the above mentioned issues with SSL.