Tag Archives: Bitcoin

What is blockchain?

Posted on December 2, 2016 | Leave a comment

blockchain

Blockchain is a term you see fairly much when browsing tech—and non-tech—sites these days. It is widely known as the technology that constitutes the infrastructure of Bitcoin (what’s bitcoin BTW?), a mysterious cryptocurrency created by a mysterious scientist in 2009. Some even confuse it as a synonym for bitcoin. But the reality is that blockchain is a disruptive technology that has the potential to transform a wide variety of business processes.

In this article, we will clarify what the blockchain is—and what it isn’t—what’s it’s relation to bitcoin, and what are its applications beyond the realm of cryptocurrencies.

What is blockchain anyway?

At its essence, the blockchain is a distributed ledger—or list—of all transactions across a peer-to-peer network. Put simply, you can think of blockchain as a data structure containing transactions that is shared and synced among nodes in a network (but in fact it gets much more complicated than that). Each node has a copy of the entire ledger and works with others to maintain its consistency.

Changes to the ledger are made through consensus among the participants. When someone wants to add a new record to the blockchain ledger, it has to be verified by the participants in the network, all of whom have a copy of the ledger. If a majority of the nodes agree that the transaction looks valid, it will be approved and will be inserted in a new “block” which will be appended to the ledger at all the locations where it is stored.

Along with the use of cryptography and digital signatures, this approach addresses the issue of security while obviating the need for a central authority.

Each new block can store one or more transactions and is tied to previous ones through digital signatures or hashes. Transactions are indefinitely stored and can’t be modified after they’ve been validated and committed to the ledger.

What makes blockchain unique?

Blockchain’s approach to dealing with transactions is a break from the usual centralized and broker-based model, in which a central server is responsible for processing and storing all transactions. And this is one of the key features that makes blockchain attractive. This creates fault tolerance, so there’s no single point of failure in the blockchain, while also providing security that is on par with what is being offered in the centralized paradigm.

This enables companies, entities and individuals to make and verify transactions instantaneously without relying on a central authority. This is especially useful in the finance industry where the transfer of money is usually tied to and controlled by clearing houses that maintain ledgers and take days to verify and execute a transaction, and collect considerable fees. The blockchain can verify and apply changes within milliseconds, and the costs are next to nothing. In the blockchain model, each bank in a network would have its own copy of the ledger and transactions would be verified and carried out through communications between banks, and within seconds. This will cut costs and increase efficiency.

Another unique feature of the blockchain is its immutability, i.e. it is nearly impossible to tamper with records previously stored in a blockchain. Each new block being tied to previous ones through cryptographic algorithms and calculations, which means slightest alteration in the blockchain will immediately disrupt and invalidate the entire chain. And with the ledger being replicated across many nodes, it becomes even harder to falsify transactions and the ledger’s history.

What are the applications of blockchain

Bitcoin was the first concrete application of blockchain. It was proposed in 2008 in a paper presented by a person—or a group of people, some say—called Satoshi Nakamato. Bitcoin uses blockchain to digitally send bitcoins—its namesake currency—between parties without the need for the interference of a third-party broker.

But bitcoin isn’t the only application of blockchain. The distributed ledger makes it easier to create cost-efficient business networks where virtually anything of value can be tracked and traded—without requiring a central point of control.

For instance, blockchain can be used to keep track of assets and goods as they move down the supply chain. Other industries such as stock exchange can make use of the blockchain mechanism to transfer ownership in a secure, peer-to-peer mechanism.

In the IoT industry, blockchain can help connect billions of devices in a secure way that won’t require centralized cloud servers. It can also be the backbone that will enable autonomous machines that will pay for buy and sell services from each other in the future.  (There has to be standards in place before they can be totally secured).

Other industries include retail, healthcare, gaming and many others.

Smart contracts will take the blockchain to the next level, enabling it to do more than just exchange information and get involved in more complex operations.

Different flavors of blockchain

Based on the specific needs of the application making use of blockchain, several of its characteristics might change. In fact, the different implementations of blockchain and different cryptocurrencies that are using it vary in different sectors.

Permission

Blockchains can be public or “permissionless,” such as the bitcoin blockchain, in which everyone can participate and add transactions. This is the model used by bitcoin. Other organizations are exploring the implementation of “permissioned” blockchains, in which the network is made up of known participants only. Security and authentication mechanisms vary in these different blockchains.

Anonymity

With ledgers being distributed among nodes, the level of anonymity is also a matter of importance. For instance, bitcoin does not require any personally identifiable information to send or receive payments on the blockchain. However, all transactions are recorded online for everyone to see, which lends a certain amount of transparency and makes total anonymity quite complicated. That’s why it’s known as pseudonymous.

Other implementations of blockchain, such as ZeroCoin, use other mechanisms (zero-knowledge proof) to enable verification without publishing transaction data.

Consensus

Consensus is the mechanism used by nodes in a blockchain to securely verify and validate transactions while maintaining the consistency and integrity of the ledger. The topic is a bit complicated, but the most prevalent form used is the “proof of work” consensus model used by bitcoin, in which nodes—called “miners”—spend computation cycles to run intensive hashing algorithms and prove the authenticity of the block they’re proposing to add. The PoW mechanism prevents DoS attacks and spam.

“Proof of stake” is another popular consensus model, in which nodes are required to prove ownership of certain amount of currency (their “stake”) to validate transactions.

This is just the beginning

Blockchain is a new way of communicating and transferring data. We still don’t know quite how it will evolve in the future, but what we do know is that it is bound to change quite a few things. A look at the figures presented in this Business Insider article proves why we can call it a disruptive technology.

I don’t know about you, but I’m excited about what blockchain surprises are waiting to be discovered down the horizon and will be exploring its uses more in the coming months.

 

Leave a comment

Posted in Big Data, Cyber Security, Security, Technology

Tagged , ,

Part 2: So how does Bitcoin work?

Posted on November 30, 2016 | Leave a comment

In traditional money systems, governments simply print more money when they need to.  But in bitcoin, money isn’t printed at all – it is discovered.  Computers around the world ‘mine’ for coins by competing with each other.

How does mining take place?

People are sending bitcoins to each other over the bitcoin network all the time, but unless someone keeps a record of all these transactions, no-one would be able to keep track of who had paid what. The bitcoin network deals with this by collecting all of the transactions made during a set period into a list, called a block. It’s the miners’ job to confirm those transactions, and write them into a general ledger.

Making a hash of it

This general ledger is a long list of blocks, known as the ‘blockchain’. It can be used to explore any transaction made between any bitcoin addresses, at any point on the network. Whenever a new block of transactions is created, it is added to the blockchain, creating an increasingly lengthy list of all the transactions that ever took place on the bitcoin network. A constantly updated copy of the block is given to everyone who participates, so that they know what is going on.

how-bitcoin-mining-works-300x185But a general ledger has to be trusted, and all of this is held digitally. How can we be sure that the blockchain stays intact, and is never tampered with? This is where the miners come in.

When a block of transactions is created, miners put it through a process. They take the information in the block, and apply a mathematical formula to it, turning it into something else. That something else is a far shorter, seemingly random sequence of letters and numbers known as a hash. This hash is stored along with the block, at the end of the blockchain at that point in time.

Hashes have some interesting properties. It’s easy to produce a hash from a collection of data like a bitcoin block, but it’s practically impossible to work out what the data was just by looking at the hash. And while it is very easy to produce a hash from a large amount of data, each hash is unique. If you change just one character in a bitcoin block, its hash will change completely.

Miners don’t just use the transactions in a block to generate a hash. Some other pieces of data are used too. One of these pieces of data is the hash of the last block stored in the blockchain.

Because each block’s hash is produced using the hash of the block before it, it becomes a digital version of a wax seal. It confirms that this block – and every block after it – is legitimate, because if you tampered with it, everyone would know.

If you tried to fake a transaction by changing a block that had already been stored in the blockchain, that block’s hash would change. If someone checked the block’s authenticity by running the hashing function on it, they’d find that the hash was different from the one already stored along with that block in the blockchain. The block would be instantly spotted as a fake.

Because each block’s hash is used to help produce the hash of the next block in the chain, tampering with a block would also make the subsequent block’s hash wrong too. That would continue all the way down the chain, throwing everything out of whack.

Competing for coins

So, that’s how miners ‘seal off’ a block. They all compete with each other to do this, using software written specifically to mine blocks. Every time someone successfully creates a hash, they get a reward of 25 bitcoins, the blockchain is updated, and everyone on the network hears about it. That’s the incentive to keep mining, and keep the transactions working.
butterfly-labs-bitforce-mini-rig-sc1-1024x8161-300x185
The problem is that it’s very easy to produce a hash from a collection of data. Computers are really good at this. The bitcoin network has to make it more difficult, otherwise everyone would be hashing hundreds of transaction blocks each second, and all of the bitcoins would be mined in minutes. The bitcoin protocol deliberately makes it more difficult, by introducing something called ‘proof of work’.

The bitcoin protocol won’t just accept any old hash. It demands that a block’s hash has to look a certain way; it must have a certain number of zeroes at the start. There’s no way of telling what a hash is going to look like before you produce it, and as soon as you include a new piece of data in the mix, the hash will be totally different.

Miners aren’t supposed to meddle with the transaction data in a block, but they must change the data they’re using to create a different hash. They do this using another, random piece of data called a ‘nonce’. This is used with the transaction data to create a hash. If the hash doesn’t fit the required format, the nonce is changed, and the whole thing is hashed again. It can take many attempts to find a nonce that works, and all the miners in the network are trying to do it at the same time. That’s how miners earn their bitcoins.

Hope this helps explain how Bitcoin Mining works.  Stayed tuned for tomorrow on “bitcoin transaction”.

Leave a comment

Posted in Big Data, Cyber Security, Security, Technology

Tagged ,

Could Criminals Make A Billion Dollars With Ransomware?

Posted on August 25, 2016 | Leave a comment

Cybercrime_UnicornCould Criminals Make A Billion Dollars With Ransomware?

Bitcoin has not only changed the economics of cybercrime by providing crooks with an encrypted, nearly anonymous payment system autonomous from any central bank. It’s also changed researchers’ ability to track how much money criminals are making.

“Bitcoin is based on Blockchain, and Blockchain is a public ledger of transactions. So all Bitcoin transactions are public,”  “Now, you don’t know who is who. But we can see money moving around, and we can see the amounts.”

Every victim of Ransomware — malware that encrypts files and demands a payment for their release — is given a unique wallet to transfer money into. Once paid, some ransomware gangs move the bitcoins to a central wallet.

“We’ve been monitoring some of those wallets,” Mikko says. “And we see Bitcoins worth millions and millions. We see a lot of money.”

Watching crooks rake in so much money, tax-free, got him thinking: “I began to wonder if there are in fact cybercrime unicorns.”

A cybercrime unicorn?
CyberCrimeUnicorn_Bitcoin

(View this as a PDF)

A tech unicorn is a privately held tech company valued at more than a billion dollars. Think Uber, AirBNB or Spotify — only without the investors, the overhead and oversight. (Though the scam is so profitable that some gangs actually have customer service operations that could rival a small startup.)

“Can we use this comparison model to cybercrime gangs?” Mikko asks. “We probably can’t.”

It’s simply too hard to cash out.

Investors in Uber have people literally begging to buy their stakes in the company. Ransomware gangs, however, have to continually imagine ways to turn their Bitcoin into currency.

“They buy prepaid cards and then they sell these cards on Ebay and Craigslist.” “A lot of those gangs also use online casinos to launder the money.”

But even that’s not so easy, even if the goal is to sit down at a online table and attempt to lose all your money to another member of your gang.

“If you lose large amounts of money you will get banned. So the gangs started using bots that played realistically and still lose – but not as obviously.”

Law enforcement is well aware of extremely alluring economics of this threat. In 2015, the FBI’s Internet Crime Complaint Center received “2,453 complaints identified as Ransomware with losses of over $1.6 million.”

In 2016, hardly has a month gone by without a high-profile case like Hollywood Presbyterian Medical Center paying 40 Bitcoin, about $17,000 USD at the time, to recover its files.  And these are just the cases we’re hearing about.

The scam is so effective that it seemed that the FBI was recommending that victims actually pay the ransom. But it turned out their answer was actually more nuanced.

“The official answer is the FBI does not advise on whether or not people should pay,” “But if victims haven’t taken precautions… then paying is the only remaining alternative to recover files.”

What sort of precautions? The answer is obvious.

“Backups. If you get hit you restore yesterday’s backup and carry on working. It could be more cumbersome if it’s not just one workstation, if your whole network gets hit. But of course you should always have good, up to date, offline backups. And ‘offline’ is the key!”

What’s also obvious is that too few people are prepared when Ransomware hits.

Barring any disruptions to the Bitcoin market, this threat will likely persist, with even more targeted efforts designed to elicit even greater sums.

If you end up in an unfortunate situation when your files are held hostage, remember that you’re dealing with someone who thinks of cybercrime as a business.

So you can always try to negotiate !!!  What else do you have to lose?

 

Leave a comment

Posted in Cyber Security, Data Breach, Hacking, Security

Tagged ,

Bitcoin Price Drops 20% After $72 Million in Bitcoin Stolen from Bitfinex Exchange

Posted on August 4, 2016 | Leave a comment

Bitcoin_Hack

Yet another blow to Bitcoin: One of the world’s most popular exchanges of the cryptocurrency has suffered a major hack, leading to a loss of around $72 Million worth of Bitcoins.

Hong Kong-based Bitcoin exchange ‘Bitfinex‘ has posted a note on their website announcing the shutdown of its operation after discovering a security breach that allowed an attacker to steal some user funds.

While the company did not mention a total amount lost in the breach, one of their employees — Bitfinex community director Zane Tackett — confirmed on Reddit that the total amount stolen was 119,756 bitcoins — worth up to $72 Million in cash.

The cause of the security breach and the hacker behind the incident is still unclear, but the attackers appear to have mysteriously bypassed Bitfinex’s mandated limits on withdrawals.

“The theft is being reported to — and we are co-operating with — law enforcement,” Bitfinex statement reads.
“We will look at various options to address customer losses later in the investigation” and “ask for the community’s patience as we unravel the causes and consequences of this breach.”

Bitcoin Price Drops 20% After the Hack

Bitfinex is the third-largest Bitcoin exchange in the world. After the news of the Bitfinex hack had broken on August 2, the price of Bitcoin dropped almost 20%, from $602.78 to $541 per Bitcoin, within the day after the announcement.

The sudden dropout could be the result of the latest hack that likely made Bitcoin investors sell off their Bitcoin holdings, leading to a rapid decrease in Bitcoin price.

Bitfinex’s security firm Bitgo — a Palo Alto-based Bitcoin security company that allows bitcoin exchanges to provide separate, multi-signature wallets for each user’s funds — tweeted earlier today, saying it has not found any “evidence of a breach on any BitGo servers” during its investigation.

Although it’s unclear whether Bitfinex can sustain a loss of that magnitude, the company will address any customer losses following the result of their ongoing investigation.

“As we account for individualized customer losses, we may need to settle open margin positions, associated financing, and/or collateral affected by the breach,” the company says. “Any settlements will be at the current market prices as of 18:00 UTC.”


Bluehost.com Web Hosting $3.95
 

The bottom line:

The best way to secure yourself is to go OFFLINE.

The safest place to store your Bitcoins or any other cryptocurrency is on your own (if possible, offline) wallet; instead on any website or cryptocurrency exchange.

 

Leave a comment

Posted in Cyber Security, Data Breach, Hacking, Security

Tagged ,

“Locky” ransomware: What you need to know

Posted on March 1, 2016 | 2 comments

Thanks to the Emerging Threats Team at SophosLabs for their behind-the-scenes work on this article.

locked-1200“Locky” feels like quite a cheery-sounding name.

But it’s also the nickname of a new strain of ransomware, so-called because it renames all your important files so that they have the extension .locky.

Of course, it doesn’t just rename your files, it scrambles them first, and – as you probably know about ransomware – only the crooks have the decryption key.

You can buy the decryption key from the crooks via the so-called dark web.

The prices we’ve seen vary from BTC 0.5 to BTC 1.00 (BTC is short for “bitcoin,” where one bitcoin is currently worth about $400/£280).

locky-ransom-1200

The most common way that Locky arrives is as follows:

  • You receive an email containing an attached document (Troj/DocDl-BCF).
  • The document looks like gobbledegook.
  • The document advises you to enable macros “if the data encoding is incorrect.”

locky-macros-640

  • If you enable macros, you don’t actually correct the text encoding (that’s a subterfuge); instead, you run code inside the document that saves a file to disk and runs it.
  • The saved file (Troj/Ransom-CGX) serves as a downloader, which fetches the final malware payload from the crooks.
  • The final payload could be anything, but in this case is usually the Locky Ransomware (Troj/Ransom-CGW).

Locky scrambles all files that match a long list of extensions, including videos, images, source code, and Office files.

Locky even scrambles wallet.dat, your Bitcoin wallet file, if you have one.

In other words, if you have more BTCs in your wallet than the cost of the ransom, and no backup, you are very likely to pay up. (And you’ll already know how to buy new bitcoins, and how to pay with them.)

Locky also removes any Volume Snapshot Service (VSS) files, also known as shadow copies, that you may have made.

Shadow copies are the Windows way of making live backup snapshots without having to stop working – you don’t need to logout or even close your applications first – so they are a quick and popular alternative to a proper backup procedure.

Once Locky is ready to hit you up for the ransom, it makes sure you see the following message by changing your desktop wallpaper:

locky-wallpaper-640

If you visit the dark web page given in the warning message, then you receive the instructions for payment that we showed above.

Unfortunately, so far as we can tell, there are no easy shortcuts to get your data back if you don’t have a recent backup.

Remember, also, that like most ransomware, Locky doesn’t just scramble your C: drive.

It scrambles any files in any directory on any mounted drive that it can access, including removable drives that are plugged in at the time, or network shares that are accessible, including servers and other people’s computers, whether they are running Windows, OS X or Linux.

If you are logged in as a domain administrator and you get hit by ransomware, you could do very widespread damage indeed.

Giving yourself up front all the login power you might ever need is very convenient, but please don’t do it.

Only login (or use Run As...) with admin powers when you really need them, and relinquish those powers as soon as you don’t.

WHAT TO DO?

  • Backup regularly and keep a recent backup copy off-site. There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.
  • Don’t enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn macros back on, so don’t do it!
  • Be cautious about unsolicited attachments. The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.
  • Don’t give yourself more login power than you need. Most importantly, don’t stay logged in as an administrator any longer than is strictly necessary, and avoid browsing, opening documents or other “regular work” activities while you have administrator rights.
  • Consider installing the Microsoft Office viewers. These viewer applications let you see what documents look like without opening them in Word or Excel itself. In particular, the viewer software doesn’t support macros at all, so you can’t enable macros by mistake!
  • Patch early, patch often. Malware that doesn’t come in via document macros often relies on security bugs in popular applications, including Office, your browser, Flash and more. The sooner you patch, the fewer open holes remain for the crooks to exploit.

2 Comments

Posted in Cyber Security, Data Breach, Encryption, Malware, Security, Technology

Tagged , , ,

Password cracking attacks on Bitcoin wallets net $103,000

Posted on February 16, 2016 | 1 comment

wallet-640x464
Hackers have siphoned about $103,000 out of Bitcoin accounts that were protected with an alternative security measure, according to research that tracked six years’ worth of transactions. Account-holders used easy-to-remember passwords to protect their accounts instead of the long cryptographic keys normally required.

The heists were carried out against almost 900 accounts where the owners used passwords to generate the private encryption keys required to withdraw funds. In many cases, the vulnerable accounts were drained within minutes or seconds of going live. The electronic wallets were popularly known as “brain wallets” because, the thinking went, Bitcoin funds were stored in users’ minds through memorization of a password rather than a 64-character private key that had to be written on paper or stored digitally. For years, brain wallets were promoted as a safer and more user-friendly way to secure Bitcoins and other digital currencies, although Gregory Maxwell, Gavin Andresen, and many other Bitcoin experts had long warned that they were a bad idea.

The security concerns were finally proven once and for all last August when Ryan Castellucci, a researcher with security firm White Ops, presented research at the Defcon hacker convention that showed how easy it was to attack brain wallets at scale. Brain wallets used no cryptographic salt and passed plaintext passwords through a single hash iteration (in this case, the SHA256 function), a shortcoming that made it possible for attackers to crack large numbers of brain wallet passwords at once. Worse, a form of the insecurely hashed passwords are stored in the Bitcoin blockchain, providing all the material needed to compromise the accounts.

By contrast, Google, Facebook, and virtually all other security-conscious services protect passwords by storing them in cryptographic form that’s been passed through a hash function, typically tens of thousands of times or more, a process known as key stretching that greatly increases the time and resources required by crackers. The services also use cryptographic salt, a measure that requires each hash to be processed separately to prevent the kind of mass cracking Castellucci did. Security-conscious services also go to great lengths to keep password hashes confidential, a secrecy that’s not possible with Bitcoin because of the transparency provided by the blockchain.

Brain drain

According to a recently published research paper, the brain wallet vulnerability was known widely enough to have been regularly exploited by real attackers going after real accounts. Over a six-year span that ended last August, attackers used the cracking technique to drain 884 brain wallet accounts of 1,806 bitcoins. Based on the value of each coin at the time the theft took place, the value of the purloined coins was $103,000.

“Our results reveal the existence of an active attacker community that rapidly steals funds from vulnerable brain wallets in nearly all cases we identify,” the paper authors wrote. “In total, approximately $100K worth of bitcoin has been loaded into brain wallets, with the ten most valuable wallets accounting for over three-quarters of the total value. Many brain wallets are drained within minutes, and while those storing larger values are emptied faster, nearly all wallets are drained within 24 hours.”

The paper, titled “The Bitcoin Brain Drain: A Short Paper on the Use and Abuse of Bitcoin Brain Wallets,” is scheduled to be presented later this month at the Financial Cryptography and Data Security 2016 conference. Its publication comes about six months after Brainwallet.org, the most widely used Bitcoin-based brain wallet service, permanently ceased operations. The service voluntarily shut down following the Defcon presentation by Castellucci, who is one of the authors of the most recent paper.Crackers tap new sources to uncover “givemelibertyorgivemedeath” and other phrases.

To identify brain wallets and then crack them, the research team compiled 300 billion password candidates taken from more than 20 lists, including the Urban Dictionary, the English language Wikipedia, the seminal plaintext password leak from the RockYou gaming website, and other large online compromises. By collecting words and entire phrases from a wide body of sources, the researchers employed a technique Ars covered in 2013 that allowed them to crack words and phrases many people would have considered to be strong passwords. Cracked passphrases included “say hello to my little friend,” “yohohoandabottleofrum,” and “dudewheresmycar.”

The researchers ran each password candidate through the SHA256 function to derive a list of potential private keys for Bitcoin addresses used by brain wallets. They then used a cryptographic operation based on elliptic curves to find the public key corresponding to each potential private key. Since the Bitcoin blockchain contains the public key of every account wallet, it was easy to know when a password guess was used by a real Bitcoin user.

The paper reported that vulnerable accounts were often drained within minutes of going live, and in an interview, Castellucci said that some accounts were liquidated in seconds. Castellucci said he suspects the speed was the result of attackers who used large precomputed tables containing millions or billions of potential passwords. While many of the attackers who drained vulnerable accounts earned paltry sums for their work, the top four drainers netted about a total of $35,000 among them. Meanwhile, the drainer who emptied the most brain wallets—about 100 in all—made $3,219.

The thefts were often chronicled in online forums, where participants would report that their Bitcoin wallets had mysteriously been emptied. For a while, people assuming the role of a digital Robin Hood claimed to crack vulnerable wallets, drain them of their contents, and then wait for the victim to publicly complain of the theft on Reddit or various bitcoin forums. The Robin Hood and Little John hackers would then claim to return the funds once the victim proved control of the compromised private key.

While plenty of people publicly warned of risks of brain wallets over the years, the vulnerability was often dismissed as theoretical by some. Brain wallets are now generally shunned by Bitcoin users, but Castellucci warned that an alternative crypto currency known as Ethereum can use a brain wallet scheme that’s every bit as weak as the Bitcoin one was. He is withholding details for now in the hopes that Ethereum brain wallets will soon be abandoned.

1 Comment

Posted in Encryption, Hacking, Hacks, Security, Technology

Tagged , , , , ,