A Bitcoin Mining Pool Faces $3 Million Theft in a Cyberattack
Despite a recent surge in crypto-related activity, mining pools are still at risk for cyberattacks. As a result, many have been putting together plans to guard their wallets against such occurrences. A Bitcoin mining pool in particular has been a victim of a recent attack, which took the sum of three million dollars. It was reported that a hacker posed as a member of the pool. In an attempt to steal the funds, the hackers allegedly used a crypto-based wallet, which was hosted by GateHub.
Selfish mining has high chances of success
If you are a fan of cryptocurrency, you may have heard of selfish mining. A selfish miner is a miner who hides or forks out a block in order to increase his or her rewards. Basically, he or she is taking the standard Bitcoin protocol and turning it on its head.
Although this type of mining does not occur in the real world, there are measures you can take to protect your coins. These include randomly assigning miners to pools and selecting blocks with a more recent timestamp.
For example, you should make sure that the block you are generating is the correct size and has a good timestamp. This will help you keep track of what you have produced and prevent you from making the same mistake twice.
While you are at it, try to find the one that has the best possible chance of being validated by the network. That way, you can glean the benefits of a network that is based on consensus.
GateHub attack on XRP wallets
One of the world’s largest digital wallet services, GateHub, recently experienced a cyberattack on its XRP wallets. This theft prompted a major data breach that cost the company nearly $10 million in lost XRP.
According to GateHub, the cyberattack involved unauthorized access to native XRP wallets. In total, hackers stole XRP tokens from 80-90 victims.
After a lengthy investigation, the security team at GateHub confirmed that there was indeed a cyberattack. They have now uncovered and identified the accounts targeted in the attack.
During the investigation, GateHub discovered that there were a series of suspicious API calls from a small number of IP addresses. Although the number was relatively low, the company suspected that this was the source of the hack. However, the team did not reveal the details of the investigation.
The company has also acknowledged that there was a cyberattack on a gaming app called EpicBot. Several accounts on EpicBot were also compromised.
Alibaba Cloud was the target of a cryptojacking attack in November 2021
Alibaba Cloud is a popular cloud computing platform. It has a powerful monitoring agent that keeps an eye on its instances and detects malicious activity. In November 2021, it was targeted by a cryptojacking attack.
The malware is designed to work in the background and use the victim’s machine for crypto mining. It also has rich DDoS functionality.
Cryptojacking is a form of cyber criminal activity that targets cloud service providers. Criminals leverage the servers’ resources to mine Monero or Ethereum cryptocurrency. Typically, these attacks target the Elastic Compute Service (ECS) instance. They exploit vulnerabilities or misconfiguration in order to install the malware.
The attackers are able to launch the attack by deploying kernel modules or other persistence tools. Once they get access to the target instance, they can easily deploy the malware.
Moreover, the malicious containers can mine Monero or Ethereum. This could cause supplementary costs for the instance’s owner.
Proof-of-Stake mining could curb cryptojacking
Cryptojacking is a form of cyberattack that steals computing resources from victims. Unlike other types of attacks, this kind is not offered as a service, so a hacker must use a combination of malicious software and social engineering to infect a device.
There are two main forms of cryptojacking. The first involves installing software on a victim’s device. This software works in the background and redirects the processing power to an illicit cryptocurrency mining operation.
Another type of cryptojacking takes place through a website. Using JavaScript, the attacker embeds crypto mining software in the site. Only when the victim visits the infected site does the malware run.
Some websites disclose that visitors’ devices are running cryptomining software. However, the software can also be hidden in a downloaded app.
Several major technology companies have reportedly noticed a rise in cryptojacking threats. For example, Microsoft said that cryptojacking was becoming more popular than ransomware.