Share This

Showing posts with label : Bitcoin. Show all posts
Showing posts with label : Bitcoin. Show all posts

Sunday 22 May 2016

Hackers in your heads, Cybercriminals preying on gullible


Cyberscammers tapping into minds - Conmen get personal data from social media


<< You’ve been had: A user checking an SMS alert about an unauthorised credit card transaction.

PETALING JAYA: Cybercriminals are getting into your head.

Realising that victims are no longer falling for the ‘I’m a Prince who wants to deposit US$50mil (RM199mil) into your account’ e-mail, these syndicates have enlisted psychologists and behavioural experts to launch targetted attacks on companies, groups and individuals.

By going through their victims’ social media accounts, they learn more about their targets and are able to craft attractive e-mail, prompting them to respond.

Clicking on the link in the e-mail will download malware that encrypts your device. Computers, smartphones, smartwatches and any other network-connected device, can be locked by cybercriminals who will only release it for a fee, or “ransom”.

Such ransomware has reached our shores, with a total of 5,069 attacks in Malaysia last year, according to cybersecurity company Symantec Corporation.

“The new modus operandi uses social engineering, with the e-mail being crafted by Malaysians who know the local scenario and how to trigger emotional reactions,” Symantec (Asia Pacific and Japan) cyber security services senior director Peter Sparkes told Sunday Star.

For example, if they find out from Facebook that you went shopping, you could get an official-looking e-mail from a trusted source like a government body or postal department saying: ‘You’ve received a free gift from shopping at our KL outlet. Click this link to trace your parcel’.

“Or if they see you at a cycling event, the e-mail could say: ‘Thank you for participating. Click on the link for photos and videos of the ride’,” he said.

“To decrypt your device, they’ll ask for about US$200 (RM782) in virtual currency like Bitcoin, to bypass the banks,” Sparkes added.

Acknowledging this new threat, Malaysian Communications and Multimedia Commission (MCMC) strategic communication head Sheikh Raffie Abd Rahman urged the public to be more alert.

He said one of the most commonly used social engineering techniques was phishing attacks targetting online banking customers.

Such cases would be investigated by the police under the Computer Crimes Act 1997 or the Penal Code.

A total of 1,311 phishing websites have been blocked by the MCMC between last year and March 8.

This includes fake pages created to acquire personal information such as usernames, passwords, banking information and credit card details by masquerading as a trusted entity in an electronic communication.

CyberSecurity Malaysia (CSM) chief executive officer Dr Amirudin Abdul Wahab said the number of incidents reported to the CSM indicates the growing threat of ransomware here.

Revealing that local businesses are also targeted, he said the CSM will work together with international communities to share current information on ransomware threats and disseminate them to the public.

Malaysian Mental Health Association deputy president Datuk Dr Andrew Mohanraj said cybercriminals have become more sophisticated in their approach by enlisting psychologists.

“But whichever methods they use, there is an underlying modus operandi of appealing to human emotions of fear, greed, curiosity, loneliness, compassion or even spirituality,” he said.

By Christina Chin Yuen Meikeng The Star

Cybercriminals preying on gullible


Users beware! With cybercriminals leveling up, ransomware attacks are expected to spike here. Malaysians shouldn't let their guard down when it comes to personal information and should be on the lookout for online scams.


HE wasn’t the fastest, but Eugene (not his real name) feels like a champion after finishing his first marathon.

Posting a selfie he made public on his Facebook account, the 28-year-old later receives an e-mail congratulating him on the feat. “Click on this link to see more pictures and videos of the event,” says the e-mail, which appears to be sent from the organiser of the run.

Curious and hoping to see images of himself, Eugene clicks open the link on his laptop but instead, gets a message telling him his device is now locked. All his files have been encrypted and he can’t access them, including his work document to be submitted on Monday.

The only way he can retrieve them is to pay a hacker a ransom of US$300 (RM1,181) in Bitcoin currency. Such an incident, known as a ransomware attack, could very well happen to you if you are not careful.

To top it all off, these cases are expected to increase this year, with “very specific ransomware targeted very specifically at Malaysians” being detected, says Symantec (Asia Pacific and Japan) cyber security services senior director Peter Sparkes.

According to cybersecurity company Symantec Corporation, Malaysia ranks 47th globally, and 12th in the Asia Pacific and Japan region, in terms of ransomware attacks.

Last year, there were 5,069 ransomware attacks or 14 per day in Malaysia. But Sparkes foresees that these numbers will surge.

“Ransomware is very attractive because it makes lots of money. It’ll be big here in the coming months, probably averaging 20 attacks per day.

“We’ve seen a lot of smartphone attacks recently. They love WhatsApp because the best way to get someone to click on a link is if it comes from someone you know,” he says.

Sparkes describes such crypto ransomware as the latest, and most dangerous malware threat because it’s near impossible to get rid of.

He adds that the experience is very emotional because many people do not back up their data.

“For individuals, losing personal data like photos and videos is traumatic so most victims will pay. Some will even tell you how to infect your friends to decrease your ransom,” he reveals.

Ransomware hackers are also using help from psychologists and behavioural experts to study their victims on social media before sending them personalised messages to trigger a response.

But it is not just ransomware that needs to be taken seriously as Malaysians need to be vigilant over social media scams, with these two being named as key trends in the country now by Symantec Malaysia systems engineering director David Rajoo.

He says cybercrime is extremely widespread with one in three Malaysians surveyed having experienced it in the past year and 83% know of someone else who was a victim.

“Consumers here lost an average of 27 hours and about RM8.9bil over the past year, dealing with the fallout of online crime.

“The amount of personal data stored online continues to grow, and while this free flow of data creates immense opportunities, it also opens the doors to new risks,” he warns.

Cybercriminals preying on personal data are also a cause for concern here and globally.

Sparkes points out that personal assistants and those in human resources are popular targets because that’s how cybercriminals gain access into an organisation’s database.

“Take a hotel for example. I’d target the CEO’s personal assistant. All I need is 200,000 of their best guests. If I sold the details at US$50 (RM197), it’s pretty good money for a day’s work. HR staff’s another good one because they look at CVs,” he says.

Last year, 500 million personal information was breached globally. That, he says, is a conservative estimate.

Someone checks out your Facebook activities, creates a personalised e-mail to get you to click on a link, and that’s it.

Everytime you download an app on social media, you could be giving access to your life, he cautions.

Of 10.8 million apps analysed in 2015, three million were collecting way more information than necessary, Sparkes says.

“Cyber scammers are also making you call them to hand over your cash,” he adds.

They send fake warning messages to devices like smartphones, driving users to attacker-run call centers to dupe them into buying useless services.

The services industry is the most vulnerable sector in the country, attracting 72.4% of spear phishing attacks.

There was also a significant spam increase with Malaysia jumping up the global ranking from 44 in 2014 to 23 last year, he adds, lamenting how many still don’t realise that cybercrime is an industry.

Cybercriminals are professionals using very sophisticated tools and techniques.

“They work like any other legit organisation – it’s a 9am to 5pm job with weekends off, holidays and proper offices. A lot of users still think it’s 18-year-olds in the garage fooling around. Nothing could be further from truth. The guys sell info to the underground economy,” Sparkes says.

Syndicates only need three things – cheap broadband, a cyber-savvy workforce they can hire, and countries where cyber laws are weak. Asia Pacific and Japan has invested significantly to give their population access to the Internet, he adds, explaining the shocking rise of cybercrime.

“I’m particularly concerned about the senior citizens as many are just discovering the Internet. They’re very trusting and will download without questioning. People stress on being streetsmart, but it’s just as crucial to be cybersmart,” he feels.

By Christina Chin Yuen Meikeng The Star

Related story:

M’sians still giving away sensitive info

Wednesday 4 May 2016

Who created Bitcoin? How? Why? The long search may not be over


SAN FRANCISCO  — Who is Satoshi Nakamoto? For many in the tech world, the identity of bitcoin's elusive creator has been a long-running parlor game. And the speculation might not be over.

Australian entrepreneur Craig Steven Wright, who announced Monday that he founded the digital currency , convinced at least one longtime bitcoin contributor that he's the real deal. He managed that feat via a technical demonstration involving Nakamoto's secret bitcoin keys. But Wright's public documentation, which he posted online Monday , underwhelmed others and left the question of Nakamoto's true identity far from settled.

"There's no way you can conclusively prove that you are the creator of bitcoin," said Jerry Brito, executive director of Coin Center, a Washington, D.C.-based crypto-currency think tank, who is skeptical of Wright's claims.

Tracking a pseudonymous cryptographic genius would be challenging under the best circumstances. And here we're talking someone who invented a way for people to send money around the world anonymously, without banks or national currencies. Someone who apparently disappeared five years ago for unknown reasons.

None of that has stopped people from trying. Journalists, researchers and amateur detectives have scoured Nakamoto's emails and online posts, plus the original bitcoin code, for unusual phrases, cultural references and other potential clues to their author.

One of the most celebrated candidates — to his own dismay — was an unassuming Japanese-American engineer who found himself in the cross-hairs of Newsweek magazine in 2014.


A Newsweek cover story fingered Dorian Satoshi Nakamoto, a retired resident of suburban Los Angeles County, after citing circumstantial clues and a vague comment that Nakamoto made when confronted briefly on his front doorstep. The article sparked a media frenzy and a car chase with reporters that ended at the Los Angeles offices of The Associated Press — where Dorian Nakamoto emphatically denied any involvement with bitcoin.

An earlier contender named in a 2011 New Yorker magazine piece was Michael Clear, then a graduate student in cryptography at Trinity College in Dublin. The New Yorker cited some of Nakamoto's writings, which used British slang such as "maths" for mathematics and "flat" for an apartment. It also noted that Clear had worked on currency-trading software for an Irish bank and co-authored a paper on "peer-to-peer" technology similar to that used in bitcoin.

At first, according to the New Yorker, Clear was evasive when asked at a cryptography conference if he had created bitcoin. But he later denied it repeatedly. He also suggested another candidate to the New Yorker reporter, naming Finnish researcher Vili Lehdonvirta, who studied virtual currencies and created video games.

"I would love to say that I'm Satoshi, because bitcoin is very clever," Lehdonvirta told the New Yorker, after laughing for several seconds. "But it's not me."

Speculation has also focused on a Hungarian-American computer scientist named Nick Szabo, who was called a likely candidate by linguistic experts who conducted their own "reverse textual analysis" — essentially, looking for distinctive phrases or word patterns — on an early white paper by the bitcoin creator.

The only problem? Szabo, who has worked on other digital currencies, has repeatedly denied creating bitcoin.

Other scientists' names have surfaced over the years; some theories pose the notion of two or three working together. But denials have usually followed each new mention.

At one point, two Israeli mathematicians floated, and later retracted, the notion that bitcoin was created by the founder of Silk Road, an online bazaar known for trade in various illicit goods.

Conspiracy theorists have even speculated it could have been the work of some shadowy government agency — no one's saying which government — to undermine established currencies or somehow monitor online transactions. (That theory depends on the unproved notion that the creator retained the ability to decode bitcoin's encryption.)

Vice magazine once suggested Nakamoto might be Gavin Andresen, an American software expert and early bitcoin enthusiast who has helped push bitcoin forward in Nakamoto's absence. Andresen has denied it — and on Monday declared that he believes Wright is Nakamoto.

But other cryptocurrency enthusiasts aren't convinced it's Wright. The truth, they say, is still out there. - AP



Image for the news result
AP EXPLAINS: What Is Bitcoin? A Look at the Digital Currency How it work, security, vulnerability and why? 

Comments:

Indeed, the way Wright has stage-managed the latest revelations about himself seem inconsistent with what we know about Nakamoto. Wright chose to give his scoop to the BBC, the Economist, and GQ. These are all excellent publications, but none of them are known for their in-depth coverage of computer security. The real Satoshi Nakamoto should have anticipated that no one would give much weight to a GQ scoop about his identity.

Bitcoin was Nakamoto's attempt to create a financial system that didn't require trusting the fallible human beings that run the banking system. Yet when Wright decided to reveal his identity as Nakamoto, he chose to do it via face-to-face meetings with a handful of journalists and Bitcoin insiders instead of providing mathematically rigorous proof that anyone could verify. It's hard to believe that's what Nakamoto would have done.


http://www.vox.com/cards/bitcoin

Related posts:


Aug 25, 2015 ... Tokyo (AFP) - The arrest of MtGox boss Mark Karpeles has begun to shed light on the defunct Bitcoin exchange after hundreds of millions of ...

Mar 30, 2014 ... Over the last month, two major Bitcoin exchanges in Japan and Canada have gone offline, filed for bankruptcy or closed down after claiming ...

 
  Bitcoin creator mystery, who is the Face Behind the ...
Mar 30, 2014 ... This story has been appended to include a statement from Dorian Nakamoto received on March 19th when Newsweek was first contacted...


Apr 14, 2014 ... In fact, the actual creator of Bitcoin itself has been shrouded in mystery — although credited to Satoshi Nakamoto, the name is believed to be a ...
 
Jan 12, 2014 ... Singapore's central bank is stepping up its anti-money laundering ... MAS made it a crime last July for clients to use financial institutions to evade tax. ... it was scrutinising trade in virtual currencies such as Bitcoin as well as ...

Rightways