Connect with us

Press Releases

McAfee Labs Sees Cryptocurrency Mining Surge Continue in Second Quarter

Published

on

McAfee

London, United Kingdom, September 25, 2018 – McAfee, the device-to-cloud cybersecurity company, today released its McAfee Labs Threats Report: September 2018, examining the growth and trends of new cyber threats in Q2 2018. In the second quarter, McAfee Labs saw the surge in cryptomining malware growth that began in Q4 2017 continue through the first half of 2018. McAfee also saw the continued adaptation of the type of malware vulnerability exploits used in the WannaCry and NotPetya outbreaks of 2017.

Although less common than ransomware, cryptomining malware has quickly emerged as a factor on the threat landscape. After growing around 400,000 in the fourth quarter of 2017, new cryptomining malware samples grew a stunning 629% to more than 2.9 million samples in Q1 2018. This trend continued in Q2 as total samples grew by 86% with more than 2.5 million new samples. McAfee Labs has even identified what appear to be older malware such as ransomware newly retooled with mining capabilities.

McAfee

Cybercrime is a business, and market forces, such as the rise in cryptocurrency values, will continue to shape where adversaries focus their efforts,” said Raj Samani, McAfee Fellow, Chief Scientist at McAfee.Exploiting cryptomining malware is simpler, more straightforward, and less risky than traditional cybercrime activities – causing these schemes to skyrocket in popularity over the last few months. In fact, cryptomining malware has quickly emerged as a major player on the threat landscape.

Organisations need to remain vigilant to these threats, particularly in today’s cloud-first landscape when many companies are seeing a rapid increase in cloud applications and environments to secure. To keep crypto-criminals at bay, businesses must find the right combination of people, process and technology to effectively protect their assets, detect cryptomining threats and, when targeted, rapidly correct systems – across both cloud and on-premises. Removing siloed security teams and making sure that tools and systems can work together is the first step to gaining the upper hand.”

In some cases, cryptomining targets specific groups rather than a broad field of potential victims. One cryptomining malware strain has targeted gamers on a Russian forum by posing as a “mod” claiming to enhance popular games. Gamers were tricked into downloading the malicious software, which proceeded to use their computer resources for profit.

While cryptomining malware primarily targets PCs, other devices have become victims. For instance, Android phones in China and Korea have been exploited by the ADB.Miner malware into producing Monero cryptocurrency for its perpetrators.

“A few years ago, we wouldn’t think of internet routers, video-recording devices, and other Internet of Things devices as platforms for cryptomining because their CPU speeds were too insufficient to support such productivity,” said Christiaan Beek, Lead Scientist and Senior Principal Engineer with McAfee Advanced Threat Research. “Today, the tremendous volume of such devices online and their propensity for weak passwords present a very attractive platform for this activity. If I were a cybercriminal who owns a botnet of 100,000 such IoT devices, it would cost me next to nothing financially to produce enough cryptocurrency to create a new, profitable revenue stream.”

Vulnerability Exploit Malware

A year after the outbreaks of the WannaCry and NotPetya attacks, new malware samples specifically designed to exploit software vulnerabilities increased by 151% in Q2. McAfee saw the exploits from these two high-profile threats repurposed within new malware strains, and newly discovered vulnerability exploits similarly adapted to produce entirely new threats.

“WannaCry and NotPetya provided cybercriminals compelling examples of how malware could use vulnerability exploits to gain a foothold on systems and then quickly propagate across networks,” Beek continued. “It’s still surprising to see numerous vulnerabilities from as far back as 2014 used successfully to spearhead attacks, even when there have been patches available for months and years to deflect exploits. This is a discouraging testament to the fact that users and organisations still must do a better job of patching vulnerabilities when fixes become available.”

Windows 10 Cortana Vulnerabilities

McAfee Labs and the Advanced Threat Research team discovered a vulnerability in the Cortana voice assistant in Microsoft Windows 10. The flaw, for which Microsoft released a patch in June, could have allowed attackers to execute code from the locked screen of a fully patched Windows 10 machine (RS3 and RS4 before the June patch). McAfee addressed three vectors of research that have been combined by Microsoft and together represent CVE-2018-8140. McAfee submitted the vulnerability to Microsoft in April as part of McAfee’s responsible disclosure policy. (more)

Billing-Fraud Apps on Google Play

The McAfee Mobile Research team found a new billing-fraud campaign of at least 15 apps on Google Play. The new campaign demonstrates that cybercriminals keep finding new ways to steal money from victims using apps on official stores such as Google Play. The actors behind this campaign, the AsiaHitGroup Gang, has been active since at least late 2016 with the distribution of the fake-installer applications Sonvpay.A, which attempted to charge at least 20,000 victims from primarily Thailand and Malaysia for the download of copies of popular applications. One year later, in November 2017, the Sonypay.B campaign was discovered on Google Play. Sonvpay.B used IP address geolocation to confirm the country of the victim and added Russian victims to the billing fraud to increase its potential to steal money from unsuspecting users. (more)

Blockchain Security Threats

McAfee Advanced Threat Research identified top security threats to users and implementers of blockchain technologies. The researchers’ analysis found that phishing, malware, and implementation vulnerabilities are the primary attack vectors. (more)

Other Q2 2018 Threat Activity

In Q2 2018, McAfee Labs detected five new threats a second, including new threats showing notable technical developments that improve upon the latest successful technologies and tactics to outmanoeuvre their targets’ defences.

  • Ransomware. The total number of ransomware samples continues to grow, increasing 57% over the past four quarters. Although the appearance of new ransomware families has slowed overall in recent quarters, McAfee also saw established ransomware families spawn new variants. For instance, McAfee saw a dozen new variants of the Scarab ransomware family appear in the Q2 alone. These newcomers account for more than 50% of the total number of known Scarab variants identified since the family’s appearance in mid-2017.
  • Mobile malware. New mobile malware samples increased 27% in Q2; this is the second successive quarter of growth. McAfee customers in South America reported the highest rate of infection, at 14%. Total mobile malware grew 42% in the past four quarters.
  • JavaScript malware. A 204% increase in new samples suggests that hackers appear to have shifted to a new generation of JavaScript malware. After decreasing significantly over the last three quarters, JavaScript malware accounted for more than 7 million new samples, a record high, and up from around 2 million in Q1.
  • LNK malware. While PowerShell has been active among fileless malware developers in recent previous quarters, new samples slowed to 15% growth. But new LNK malware continues to grow, as cybercriminals are increasingly using .lnk shortcuts to surreptitiously deliver malicious PowerShell scripts and other malware. Total samples in the category have increased 489% over the past four quarters.
  • Spam botnets. The Gamut spam botnet outpaced all others in Q2. Most notably, it pushed high volumes of “Canada Revenue Agency” phishing scams. Notable recent campaigns were related to bogus employment offers that are commonly used as a “money mule” recruitment tactic.

For more information on these threat trends and statistics, please visit: McAfee Labs Threats Report: September 2018 (Infographic)

Terra Credit

Press Releases

30% Club – A Trading Club for Nigerian Millennials

Published

on

30% Club

30% Club – a crypto trading club created for millennials – has launched its platform after six months in stealth mode. The investment club aims to be the go-to for educational and advisory resources for digital assets. By breaking the barrier to crypto investing we serve as a bridge for Nigerians looking to profit from crypto. 

The club is non-custodial which means members handle & manage their capital personally. 30%Club does not invest nor trade on behalf of the public. We simply provide educational and advisory services to our members. Users who sign-up have access to a dashboard with educational resources, market insights, instructional videos & trade signals. 

30% ClubCrypto is a next-generation asset class, the club helps you navigate profitably in this wild, volatile but lucrative market. We simplify crypto trading, breaking down the skill barriers while bridging the knowledge gap. The club provides a seamless educational experience & on-boarding into crypto trading. Our trade signals target 30% accumulated returns within 6-12 months.

Davidson Atere-Roberts, founder of the club, adds we are extremely bullish about the long term prospects of Bitcoin as an asset class. As the digital asset industry matures there are still regulatory & adoption challenges also quite a lot of scams tbh. The problem the club is trying to solve is clear, Crypto is complex so most folks who want to dabble are confused and scared not forgetting the trauma from the last crypto bubble burst. Our value proposition is precise: simplifying crypto investing while employing disciplined trading strategies.

Join us at the trading club that helps African millennials profit from crypto! 

You can access the 30%Club on www.30percent.club and interact on Twitter @30clubng.

Disclaimer: This is a paid press release. Readers should do their own due diligence before taking any actions related to the company, product or service. BitcoinAfrica.io is not responsible, directly or indirectly, for any loss or damage caused by or in connection with the use of or reliance on any content, product or service mentioned in this press release.

Terra Credit
Continue Reading

Press Releases

Blockchain Africa Conference 2020 Announces Investec as Premier Sponsor

Published

on

Blockchain Africa Conference 2020

Bitcoin Events is elated to announce that Investec Private Banking is the Premier Sponsor to the Blockchain Africa Conference 2020!

Investec provides specialist banking, wealth and investment, and asset management services. It started as a small finance company in South Africa in 1974, and today it is an international organisation trusted to manage clients’ assets worth more than £150 billion.

As sponsors of Blockchain Africa Conference 2020, we believe in the potential of cryptocurrencies and blockchain technology and how it will possibly shape currency, banking, and investments in the future. As such, we support innovation and forward-thinking in this space. We’re excited that Blockchain Africa will be a platform for networking opportunities, global thinking, and thought leaders. We are also proud that Investec will host the event and that our own thought leaders will be part of the forum and will hopefully lend a unique perspective to the event,” said the Investec Private Banking representative.

We all understand that technology brings change. But how we experience, interpret and respond to that change is as important as the change itself. We need to understand where we are headed and why, and the impact of progressive technology on individuals, institutions, and society. 

Here is a company which stands head and shoulders above its peers, not merely because of its phenomenal growth or its sound management of assets, but because it is a trendsetter,” said Nelson Mandela at the opening of the Investec building in Johannesburg on 21 October 1998.

We look forward to partnering with Investec in this year’s Blockchain Africa Conference and hearing the Private Bank’s unique perspectives on blockchain technologies.

Introducing Keynote Speaker Chris Becker

xxChris Becker is Investec’s blockchain technologies specialist and focuses on product development and strategy for the private bank. Before moving into this role, his career spanned more than a decade as macro-economic strategist to institutional asset managers, hedge funds and commercial bank FICC desks. Chris co-founded Mises Institute South Africa in 2011 and holds an undergraduate degree in Politics, Philosophy and Economics from Stellenbosch University. 

Chris will be addressing the conference delegates on ‘Banking on Blockchain’.

 

Cut through the hype and join us for great networking opportunities and thought-provoking discussions.

Secure your seat at the Blockchain Africa Conference 2020.<< REGISTER NOW BUTTON here. >>

New Featured Speakers and Conference Programme is Now LIVE

Derivatives trader Tone Vays is also a keynote speaker and will be joined by other exciting speakers such as Simon Dingle, Carmelle Cadet, Akhona Damane, Prof. Sope Williams-Elegbe, Bronwyn Williams, Jonathan Galea, Obi Ejimofo, Michael Glaros, Jean-Paul Fabri, Michelle Chivunga Nsanzumuco, Clark Thompson, Dr. Nthuthuku Bhengu and more who you can view here.

The event includes an exciting and thought-provoking programme, ranging from talks on Self-Sovereign Identity (SSI), the role of blockchain and AI in a country’s digital transformation, blockchain-based food tracking systems, how blockchain is disrupting traditional business processes in supply chains and trade finance, central bank-backed digital currencies for regional payment systems, South Africa’s plan for dealing with blockchain technology and more.

Don’t miss out on Africa’s leading blockchain conference taking place on 11-12 March 2020 in Johannesburg, South Africa!

About Bitcoin Events

Since inception, Bitcoin Events have cut through the hype and challenged the critics to educate, upskill and drive long-term thinking on the strategic benefits of cryptocurrencies and blockchain technology for businesses, governments, citizens, and society. View photos and videos of the past conferences.

For more information on the Blockchain Africa Conference 2020 visit our website www.blockchainafrica.co or email us at info@blockchainafrica.co

See You at the Blockchain Africa Conference 2020 in Johannesburg!

<< REGISTER NOW for the Blockchain Africa Conference 2020 >>

Terra Credit
Continue Reading

Press Releases

Announcing the Whive Protocol Launch Happening on February 2, 2020

Published

on

Whive Protocol

NAIROBI, JAN 02 2020/BITHUB AFRICA/ — BitHub Africa, the leading Pan-African blockchain Accelerator, is announcing a launch for the Whive blockchain protocol happening on February 2, 2020.

Whive IO is a peer-to-peer blockchain protocol that is incentivizing the building of sustainable energy solutions through Trustless Rewards.

WhiveThe protocol achieves this through a hybrid Proof-of-Work (POW) and Proof-Of-Stake (POS) consensus algorithm that favors devices with CPU(small) processors and are located in regions with a higher Solar capture reliability index. The protocol enables the adoption of solar energy use especially in under-served regions of the world like Africa.

BitHub Africa has previously open-sourced its curriculum for blockchain engineering which is based on classes curated from the two-year experience of researching and developing the protocol.

This engineering course will ensure our community of African developers, entrepreneurs, and key institutions will be able to understand and adopt blockchain technology sustainably.

There shall be no Initial Coin Offering (ICO) or Pre-mine for the Whive protocol, which is now available on public test-net. If you would like to contribute to the adoption of blockchain technology across Africa, download the latest software release by following the links below:

Whive Protocol Website: https://whive.io and Telegram Chat: https://www.t.me/whiveio

Disclaimer: This is a press release. Readers should do their own due diligence before taking any actions related to the company, product or service. BitcoinAfrica.io is not responsible, directly or indirectly, for any loss or damage caused by or in connection with the use of or reliance on any content, product or service mentioned in this press release.

Terra Credit
Continue Reading

Popular Posts