Cyber Security News (29th January 2018)

  1. Someone Stole Almost Half a BILLION Dollars from Japanese Cryptocurrency Exchange

Cryptocurrency exchanges are websites where you can buy, sell or exchange cryptocurrencies for another digital currency or fiat money. According to the latest report, Coincheck, a Tokyo-based cryptocurrency exchange, has suffered what appears to be the biggest hack in the history of cryptocurrencies, losing $532 million in digital assets (nearly $420 million in NEM tokens and $112 in Ripples). The Tokyo-based cryptocurrency exchange confirmed the cyber heist without explaining how the tokens were stolen, and abruptly froze most of its services, including deposits, withdrawals, and trade of almost all cryptocurrencies, except Bitcoin. It is not cleared yet how the hacker got access to the cryptocurrency.

Cyber Security Tips:  Users are strongly recommended that reset their account password with a strong one and keep monitoring their account.

  1. CrossRAT keylogging malware targets Linux, macOS & Windows PCs

New day, another malware, this time, it is CrossRAT malware targeting Linux, macOS and Windows devices without being detected by anti-virus software. The researchers found the presence of another dangerous malware called CrossRAT written in Java programming language which they believe was developed by Dark Caracal to target OSX, Linux, and Windows-based devices. The malware is capable of evading anti-virus software and manipulate the file system of a targeted device, take screenshots, run arbitrary DLLs for secondary infection on Windows, and gain persistence on the infected system. CrossRAT is a cross-platform remote access Trojan that can target all four popular desktop operating systems, Windows, Solaris, Linux, and macOS, enabling remote attackers to manipulate the file system, take screenshots, run arbitrary executables, and gain persistence on the infected systems.

Cyber Security Tips:  Users are advised to install behaviour-based threat detection software. Mac users can use BlockBlock, a simple utility developed by Patrick that alerts users whenever anything is persistently installed. You can check the presence of malware by the following method;

For Windows: Check the ‘HKCU\Software\Microsoft\Windows\CurrentVersion\Run\’ registry key. If infected it will contain a command that includes, java, -jar and mediamgrs.jar.

For macOS: Check for jar file, mediamgrs.jar, in ~/Library.

Also look for launch agent in /Library/LaunchAgents or ~/Library/LaunchAgents    named mediamgrs.plist.

For Linux: Check for jar file, mediamgrs.jar, in /usr/var.

Also look for an ‘autostart’ file in the ~/.config/autostart likely named mediamgrs.desktop.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: