coin renders

Use our news to inform cryptocurrency trading decisions, stay up-to-date on happenings in the industry, and more!

Critical Vulnerability Applicable to Miners of Bitcoin Cash

Bitcoin ABC said in a security advisory that a critical vulnerability has been found in Bitcoin ABC version 0.17.0. In an incident report issued by the company on Monday they noted “If exploited the flaw would have caused an unintended split in the Bitcoin Cash network.” Updating to Bitcoin ABC 0.17.1 fixes this problem.

Bill Gates Wants to Short Bitcoin, Tyler Winklevoss Calls His Bluff

Bill Gates made news yesterday when he declared he would short bitcoin if he could. Gemini co-founder, Winklevoss challenged Gates. “Dear @BillGates there is an easy way to short bitcoin,” he wrote on Twitter. “You can short #XBT, the @CBOE Bitcoin (USD) Futures contract, and put your money where your mouth is!”.

Owner of New York Stock Exchange Said to Be Developing a Bitcoin Exchange

Intercontinental Exchange, owner of the New York Stock Exchange (NYSE), has been developing an online platform to buy cryptocurrency, reports The New York Times.

People Who All of a Sudden Think Bitcoin is Cool

And now for a bit of fun… 99Bitcoins is compiling a list of Fiat Defectors, prominent people who previously shed a negative light on Bitcoin but are now singing its praises. Billionaires George Soros and Mark Cuban make the list. You can submit nominees of your own.

Image courtesy of Carty Sewill, http://cartyisme.com/

British Blockchain Association

A large number of websites, including sites hosted by the United States and United Kingdom governments, have been compromised. The compromised web pages were made to serve cryptocurrency mining scripts. Which use the resources of the visitor’s computer to mine cryptocurrency. In this case maliciously and without consent from the computer’s owners.

Use of accessibility tool BrowseAloud in attack

The pages were compromised due to the use of an accessibility tool known as BrowseAloud. Which augments webpages with extra javascript to allow visually impaired users to browse the page using audio cues. The websites were all compromised due to loading scripts from BrowseAloud’s servers in order to provide text to speech. The attackers needed only to break into BrowseAloud’s servers to compromise all of its customers. The cryptocurrency miner used was the now infamous CoinHive Monero (XMR) web miner. CoinHive is designed to allow content producers a way to be paid for the content they provide. CoinHive has since been used in a large number of website compromises, due to its ease of use and its use of the privacy-focused cryptocurrency Monero. Monero allows attackers to remain extremely anonymous, to the point that others can only guess at the profits gained.

Mitigation of the compromise

This attack can be mitigated rather easily for both content providers and content consumers. Content providers need only verify the hash of the script they are serving. As a modified script will have a differing hash to the expected script. Content consumers can make use either of NoScript plugins in their browsers to block all javascript on web pages, or make use of other plugins such as Ublock Origin. Which if configured correctly will block all requests going to CoinHive’s servers.