All posts in “cryptocurrency”

A dark web marketplace went down, and oh boy did its customers freak out

Just your standard darknet keyboard.
Just your standard darknet keyboard.

Image: Peter Dazeley/Getty Images

What to do when your favorite source for illicit substances goes offline for less than 24 hours?

Well, if you’re a customer of the Dark Web marketplace AlphaBay who happens to have an untold amount of cryptocurrency tied up in the enterprise, the answer is clear: You start freaking the fuck out. 

Oh, and allege that the proprietors of the site have stolen all your Bitcoin for good measure. 

However, thankfully for those trying to buy everything from drugs to Australian Medicare cards, the situation may be a lot simpler than what first meets the eye. 

Dark Web marketplaces burst into the public consciousness following the 2013 FBI seizure of The Silk Road and the arrest of its founder, Ross Ulbricht. The online services, accessible via TOR, allow for the sale of typically illegal goods and services and rely on rating systems for potential buyers to evaluate sellers and their products. 

AlphaBay is one such marketplace, and until July 4 things seemed to be humming along as smoothly as things at an illegal international online drug bazaar can. Then the site went down, and customers started crying “exit scam.” 

The theory, as so much as there was one, was that the AlphaBay founders had absconded with any and all cryptocurrency tied up in the site — never to be seen again. 

What was especially galling to some was that, as speculation spiraled out of control, no one from the site jumped in to calm the worried masses down. 

Shiny, shiny coins.

Shiny, shiny coins.

Image: GEORGE FREY/GETTY IMAGES

“HEY MAN WHAT IS PISSING ME OFF IS WHY NOBODY FROM SUPPORT POST SOME  FUCKING UPDATE HERE TO CALM DOWN EVERYBODY ABOUT WHAT’S GOING ON MAN  ????,” wrote one Reddit user in a thread titled “WHY NOBODY FROM ALPHABAY STAFF POST SOME FUCKING UPDATE HERE ???.”

“Because they are sunning themselves with our fucking money,” read one typical response

Others took it further, noting that “If it’s an exit scam i’m gonna make a fundraising company to find and bomb them :).”

Various media outlets picked up on the story, further adding fuel to the certainly not-drug-induced-paranoia fire. Other Reddit users didn’t help, with one claiming to have “an internal source that has confirmed it’s an exit scam […].”

Reddit sleuths, which are known for getting things right, went down various rabbit holes of Bitcoin transactions suggesting they had proof that cryptocurrency was being moved from AlphaBay’s wallets in mass. All the while, the digital mob continued to grow. 

And, to be fair, the idea of an exit scam is not too farfetched. After all, it’s happened before. But when it comes to an AlphaBay exit scam, there’s just one problem: According to one Reddit poster who actually has confirmed involvement with the workings of AlphaBay, the site merely went down for some standard IT work. 

“Will be back online soon,” explained the user known as Big_Muscles. “Servers under update.”

So there you have it, denizens of the AlphaBay corner of the Dark Web. Your cryptocurrency, drugs, stolen IDs, and whatever else you’ve got going on are safe for now. That is, unless Big_Muscles is in on the scam too… but that’s a conspiracy theory which will just have to wait for another day (or another Reddit thread). 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f80316%2ff500b367 c74e 4fa7 97cd cde8f19f3003

Alleged hackers behind NotPetya cyberattack demand $260,000 bitcoin ransom

Image: CHRISTOPHER MINESES/MASHABLE

The ransom is on the move. 

The Bitcoin wallet controlled by the NotPetya attackers showed surprising signs of life over the Fourth of July holiday weekend, with approximately $10,000 in paid ransom disappearing from the account. Around the same time, a message purporting to be from the culprits behind the maybe-ransomware attack surfaced — demanding 100 bitcoin in exchange for a key they say can unlock encrypted files. 

At the time of writing, 100 bitcoin is worth approximately $260,000.

“Send me 100 Bitcoins and you will get my private key to decrypt any harddisk (except boot disks),” read the message posted to Pastebin. “See the attached file signed with the key.”

As NotPetya, which first surfaced in Ukraine on June 27, has been shown to damage an infected computer’s master boot record, the person behind the message is only claiming to be able to decrypt specific files — not entire systems. Still, that ability could be a godsend for companies struggling to restore lost data, assuming the ransomer is telling the truth.

The new demand was posted on July 4, the same day ransom payments made in the hopes of obtaining decryption keys were moved from the Bitcoin address listed in the initial NotPetya attack to another wallet.

The message displayed by NotPetya.

The message displayed by NotPetya.

Image: SYMANTEC

No new Bitcoin address was listed for payments should anyone decide to actually fork over the 100 bitcoin. However, a link was provided to a chatroom for the purpose of getting in touch with the hackers and presumably arranging payment. 

Motherboard exchanged messages with someone claiming to be one of the hackers, who told the publication the key for sale would “decrypt all computers.”

So, should organizations desperate for their data pay up? It’s a tough question. Security researchers have more or less reached a consensus that the intention behind NotPetya was to damage cyber-infrastructure, not to make money. As such, the calculus for victims is different than it would be with a more traditional form of ransomware. 

Either way, this latest series of developments — the transfer of funds between Bitcoin wallets and the new demand — serves to further muddy the waters behind the NotPetya attack. It also makes one thing clear: The story of the latest ransomware scourge to sweep the globe is not over yet. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f80316%2ff500b367 c74e 4fa7 97cd cde8f19f3003

The company called Blockchain raises $40 million


Blockchain (the company) just raised a $40 million Series B funding round led by Lakestar. Blockchain has been working on the most popular bitcoin wallet in the world. You can open a wallet on the company’s website or through its mobile apps.

GV, Nokota Management, Digital Currency Group and existing investors Lightspeed Venture Partners, Mosaic Venture Partners, Prudence Holdings, Virgin and Sir Richard Branson also participated in today’s funding round.

This is quite a significant funding round for a cryptocurrency startup. Blockchain is surfing on the hype surrounding bitcoins, ethers, litecoins and initial coins offering. And I’m sure other cryptocurrency startups are currently raising more funding too.

Blockchain currently claims to manage more than 14 million wallets. When the startup announced its previous $30 million funding round, it was only managing 2.3 million bitcoin wallets at the time.

Many popular bitcoin services, such as Coinbase, manage your wallet for you and operate an exchange. It means that you can create an account and buy bitcoins on the same platform.

Blockchain has taken a different approach as the company can’t see your balance or your transactions. You can back up your wallet to Blockchain’s servers, but you keep the keys to your wallet.

The company has partnered with exchanges so that you can buy bitcoins on the platform directly. And of course, nobody is stopping you from buying bitcoins on your favorite exchange and then sending them to your Blockchain wallet address.

Blockchain also manages Blockchain.info, a popular bitcoin block explorer. The banner ads on this website are generating quite a bit of revenue as Blockchain.info has a big audience with around 100 million page views per month.

With today’s funding round, Blockchain plans to hire more people, localize the product and work on more digital currency products.

Featured Image: Jason Benjamin UNDER A Public Domain LICENSE

There’s now a crowdfunding campaign to buy stolen hacking tools

"Just a few clicks and it's all mine!"
“Just a few clicks and it’s all mine!”

Image: Getty Images/Cultura RF

It’s quite the dilemma: A nefarious group of hackers plans to sell a cache of stolen National Security Agency exploits, but you can’t quite come up with the cryptocurrency needed to buy it. 

What to do?

Well, if you’re two prominent security researchers, the answer is simple: crowdfund it. That’s right, there’s now a Patreon for buying stolen NSA hacking tools.

But it’s not what you might think. The researchers behind the Patreon campaign, Hacker Fantastic and x0rz, hope that by purchasing the data they will be able to analyze it and possibly prevent another attack like the WannaCry ransomware. 

It all comes back to the Shadow Brokers, the group that dumped a host of exploits in April after ostensibly trying to sell them first. Its members made news again in May when they announced that they not only have more code, but that they intend to launch a subscription service to dole it out.

“TheShadowBrokers is launching new monthly subscription model,” they explained. “Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month.”

It’s a threat that should not be taken lightly. Just a single NSA exploit — EternalBlue — was crucial to the global spread of WannaCry. Imagine a new WannaCry-like worm every time the Shadow Brokers released additional exploits. It would be more than a digital nightmare — people could die

WannaCry is no joke.

WannaCry is no joke.

Image: B. TONGO/EPA/REX/SHUTTERSTOCK

That doesn’t need to happen, however. Hacker Fantastic and x0rz argue that early access to the exploits could provide security researchers time to develop and share fixes for vulnerable code. That’s where the Patreon campaign comes in. 

The Shadow Brokers requested payment in the cryptocurrency Zcash, and the two researchers think paying up is actually the smart move. Why? Because one way or another, those exploits are likely to get out. 

“I think they will eventually dump it to cause mayhem,” confirmed x0rz via Twitter direct message. “So far [the Shadow Brokers] didn’t say they are willing to dump them for free (but we can guess they will).”

X0rz, who declined to provide a real name, went on to note that gaining access “even 48hours before [the dump] can be good for the community” so that “vendors and [Free and open-source software] developers can catch up and fix the vulns.”

This approach is not without its critics. To be sure, giving 100 ZEC (approximately $23,344 at the time of this writing) to unknown criminal elements is not exactly without risk. The Shadow Brokers could use it to fund malicious actions, or at the very least just keep the money and not deliver. 

Hacker Fantastic and x0rz think it’s worth the risk, however. 

Those interested in helping the campaign reach its goal can donate any amount of money, but those who kick $1,300 or more will get direct access to the Shadow Brokers’ exploits as soon as they are released to paying members. 

To prevent some random criminal from using this crowdfunding campaign to gain nation-state level toolkits for his or herself, Hacker Fantastic and x0rz are limiting code sharing to “whitehat ethical hackers” who can prove who they are. So that’s good. 

Meanwhile, the clock is ticking. As the Shadow Brokers’ sale ends June 30, the two researchers have only a month to scrape together the money. Should they fall short, any funds they did collect will be donated. 

But if they succeed? Well, then we all may just have a fighting chance against the next WannaCry. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f80178%2f03c26aa7 8a69 4552 b095 864acdbca801

Messaging platform Kik is launching its own digital currency

Image: ng yi shu/mashable 

Kik is venturing into new territory.

The messaging service announced on Thursday that it was launching its own digital currency, called “Kin” that can be used to buy services on its platform. 

Users will be able to use Kin to buy games, live video streams and other digital products.

Kin will be created on the Ethereum blockchain — a rival to Bitcoin — and is expected to make its debut some time this year.

“Kik will be the largest install base of cryptocurrency users in the world,” said Kik’s CEO Ted Livingston, according to a Bloomberg report.

“Kin, on day one will be the most-used cryptocurrency in the world.”

He added that the rise of growing digital services meant that only a handful of companies were “poised to exercise absolute authority over the digital services everyone uses,” saying that Kin would serve as a foundation for a decentralised ecosystem of digital services.

Kik has some 300 million registered users and 15 million monthly users. Facebook, in comparison, has close to 2 billion monthly users.

But Livingston sounds pretty sure of Kin’s success.

“We will create an economy where millions and millions of mainstream consumers are earning in a cryptocurrency for the first time ever,’’ he said.

“They’re going to want to spend in that same cryptocurrency as well.’’

Https%3a%2f%2fvdist.aws.mashable.com%2fjw%2f2017%2f5%2f6fa2c497 de25 6d1d%2fthumb%2f00001