Russians and Koreans are the biggest payers to the global ransomware hackers

Russians and Koreans are the biggest payers to the global ransomware hackers

  

                                     There for the taking, but who's watching?
Users with infected computers in Russia and South Korea are so far the two biggest ransom payers to the hackers who mounted a global ransomware attack, called “Wannacry,” yesterday, according to new data from Chainalysis, a provider of software that works with banks, law enforcement agencies, and bitcoin companies to analyze the blockchain for financial crimes.

All bitcoin transactions are permanently recorded on the blockchain, and anyone can view them. Chainalysis crunches these transactions and assigns them to clusters of “entities,” which could be bitcoin exchanges, wallet providers, or bitcoin miners. The firm found that the hackers, who ask for ransom to be sent to three bitcoin addresses, had received a total of nearly $23,000 so far in dollar terms, converted at the point the transaction was made. The two entities that sent the most money to the hackers were bitcoin exchanges serving the Russian and Korean markets. “If you look at the infection rates, a lot of it is in Russia, so [the data] is complementing that,” says Jonathan Levin, a Chainalysis co-founder. “Given that we know the infections are also in Russia, I would say, it’s Russian users.”

Analysis by information security firm Kaspersky Lab showed Russia had the most infections, although South Korea doesn’t appear among the top countries. Here’s the list of where ransoms originated from via Chainalysis:

Counterparty name Counterparty category US dollar value of bitcoins sent
BTC-e.com exchange $4,270.66
Bithumb.com exchange $2,163.48
Bitstamp.net exchange $2,012.15
Kraken.com exchange $1,917.03
Poloniex.com exchange $1,627.24
Unknown uncategorized $1,526.32
Coinbase.com exchange $1,043.04
CoinPayments.net merchant services $849.30
Unknown uncategorized $774.25
CoinOne.co.kr exchange $684.05
LocalBitcoins.com exchange $670.84
Gemini.com exchange $627.97
MaiCoin.com exchange $627.79
Unknown uncategorized $576.62
CoinJar.com exchange $550.05
BitPanda.com exchange $375.71
Bitfinex.com exchange $313.63
Korbit.co.kr exchange $312.10
Bittrex.com exchange $295.78
Unknown uncategorized $294.16
Unknown uncategorized $253.50
Unknown uncategorized $205.33
BitoEX.com exchange $168.11
Xapo.com hosted wallet $165.39
Circle.com exchange $101.01
Bter.com exchange $91.42
Yunbi.com exchange $60.14
Unknown uncategorized $45.28
Paxful.com exchange $44.24
Huobi.com exchange $43.28
Hashnest.com mining pool $20.88
OKCoin.com exchange $15.07
Unknown uncategorized $14.56
Unknown uncategorized $9.60
HaoBTC.com mining pool $7.21
Unknown uncategorized $5.82
AlphaBay Market Tor market $5.41
Unknown uncategorized $2.80
ANXPro (Payout wallet) uncategorized $2.07
Silk Road Marketplace Tor market $1.85
  Total $22,775.16
Source: Chainalysis

There are a few caveats to the data. Levin points out that the payments attributed to “Tor markets,” the term Chainalysis uses to describe darknet markets, are probably “noise” generated by his analysis, and should be ignored. The low payment amount also suggests that it’s unconnected to the ransomware. Each entity could be using thousands of addresses, and it’s Chainalysis’ job to group them accurately. For instance, Levin says that one exchange, Poloniex, uses 376,000 bitcoin addresses, all of which have been clustered by Chainalysis, allowing correct attribution.

Additionally, just because a payment is from an exchange that serves Korean or Russian customers doesn’t necessarily mean the infected users are indeed in Korea or Russia—although it’s a reasonable inference. Lastly, little is known about BTC-E, the exchange at the top of the list, except that its operators are anonymous, it’s one of the longest running exchanges in bitcoin, and it notoriously doesn’t perform the identity checks that regulated exchanges must comply with, and it deals in the ruble-bitcoin market.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Top Safe Bitcoin Wallets

Top Safe Bitcoin Wallets

The only way to properly store your bitcoin wealth is by using a safe wallet solution.

It is hard to quantify what makes one wallet safer than the next, as users have their individual preferences and needs in this regard. However, there are some wallet solutions out there that take keeping funds safe to a whole new level. Keep in mind these wallets are listed in random order.

Electrum

On the software side of things, there are quite a few different bitcoin wallets to choose from. However, one of the primary wallets people use in this regard is Electrum, as it is a lightweight wallet that offers plenty of functionality. Thanks to proprietary – yet decentralized and redundant – servers, synchronizing with the bitcoin blockchain takes mere minutes. Moreover, the wallet offers a cold storage solution, as well as multisig wallet support. 

Trezor

Bitcoin users all over the world are familiar with the Trezor brand, as it is one of the most secure hardware wallets available today. Trezor is the original hardware wallet for bitcoin users and comes at affordable prices. It is also compatible with all major operating systems. Various bitcoin businesses implemented Trezor support, including Bitstamp, Bitwala, and BitPay. It also supports two-factor authentication for additional security.  

 Mycelium

On the mobile front, there is a lot of competition for the crown of being the most secure wallet solutions available today. Mycelium has gotten a lot of support in this regard, as they are considered to be a must-have secure bitcoin storage application. Their HD wallet support, as well as an option to delete the private key from the device and integrate “watch only” accounts make Mycelium one of the top secure mobile bitcoin wallets.

KeepKey

Hardware bitcoin wallets have become quite popular over the past few years. That is only normal, as storing bitcoin in a secure manner becomes more important than ever. Hardware wallets are designed to facilitate secure funds storage, with quite a few companies launching their products in recent years. KeepKey is one of the top solutions in this regard, as the device requires users to manually approve every transaction. Moreover, the device has PIN protection, adding an extra layer of security.

Ledger Nano (S)

The Ledger line of hardware bitcoin wallets can not be ignored. The company prides itself on making affordable yet secure bitcoin wallet solutions. There is no reason to pay hundreds of dollars for a device when the same goal can be achieved with a device costing a fraction of the price. Don’t let the cheap price fool you, though, as every one of Ledger’s devices is more than capable of keeping your wealth safe. All of Ledger’s wallets come in the form of a USB-size, although there are minor differences between each type. The Ledger Nano S is by far the most popular hardware wallet, as it is capable of storing both Bitcoin and Ethereum. Moreover, users can complete wallet actions through the display on the device or by using the browser plugins. An affordable, robust, and secure line of products, that much is certain.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Jaff Ransomware Demands a Two Bitcoin Payment to Decrypt Files

Jaff Ransomware Demands a Two Bitcoin Payment to Decrypt Files

Ransomware comes in many different shapes and sizes.

Some malware strains are rather easy to remove free of charge, whereas others can be a real pain in the rear. Jaff, a new type of ransomware, is perhaps one of the most expensive types of malware we have seen in quite some time. It demands a ransom of $3,700 to be paid in Bitcoin, which is a rather steep amount.

Jaff Ransomware Swings For The Fences

It is evident criminals who rely on ransomware distribution are looking to make a lot of money in quick succession. That is much easier said than done, though, as security researchers often come up with free decryption tools to nullify these threats.  However, in the case of Jaff,  there is no free decryption option whatsoever right now. Similarly to virtually any other type of ransomware, the Jaff malware encrypts files and gives them a custom file extension. It appears the files are encrypted using AES, which has become the norm over the past few months. It also appears Jaff shares a lot of similarities with Locky, at least here the payment page is concerned. That is rather interesting, although Jaff demands a much higher amount compared to Locky.

This brings us to what puts Jaff on the radar of security researchers right now. The malware demands victims to pay $3,700 worth of Bitcoin to have the files restored. It is rated unusual for ransomware types to charge such a steep amount, considering most consumers won’t spend that amount of money on recovering their files. Then again, people who are genuinely worried about losing sensitive files may be tricked into paying the ransom in the end. Regarding the distribution of Jaff ransomware, it appears the malware is actively distributed through MALSPAM traffic originating from the Necurs botnet. People who have been following our ransomware coverage may recall the Necurs name, as it is a popular botnet to distribute malware on a rather large scale. Spam email campaigns have been a very popular tool among cybercriminals over the past few years, and it looks like things will not change anytime soon.

To be more specific, the Jaff ransomware is hidden in a malware-laden email attachment that requires users to enable macros in Microsoft Word. Once the user does so, they will download multiple malicious files on their machine, including the Jaff payload itself.  As soon as the download is finished, the files on the computer will be encrypted. Breaking this encryption is impossible right now unless the money is paid. A demand of a $3,700 payment in Bitcoin is rather unusual, to say the least. This aggressive method by the criminals will make their ransomware a type priority for security researchers to decrypt with a free tool, though. It is doubtful anyone would pay 2 Bitcoin to restore file access. It is unclear if files can be restored from a previous backup, though, as most ransomware types often delete shadow volume copies as well.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Why Bitcoin’s Price Has Been Surging and Where It Could Go From Here

Why Bitcoin’s Price Has Been Surging and Where It Could Go From Here

  

Bitcoin has shown amazing, and fairly steady, growth over the last year.

A single bitcoin was worth just $455 in May 2016. And even after retrenching slightly from a record Thursday high of over $1,800 per token, it has shown a stunning 286% annual return, based on prices from CoinMarketCap. As with most assets, explaining bitcoin’s bull stampede is more art than science. Bitcoin's price is fundamentally linked to how many people use the system to send money. But it's currently mostly driven by speculators, who trade on their belief that it will become more popular in the future. Positive news on that front has been plentiful in the last three months in particular.

Globally, Bitcoin is being treated with a great deal more respect by regulators. Positive comments about blockchain by Minneapolis Federal Reserve President Neel Kashkari coincided with the latest Bitcoin price surge. Japan approved Bitcoin as a legal method of payment in early April, and Chinese regulators have made progress in squaring Bitcoin usage with that country’s tight capital controls. There have been positive internal indicators, as well. Bitcoin’s major headwind is an ongoing debate over scaling up the system to handle more transactions. While that effort is still basically stalled by bitter infighting, some have seen a positive development in the successful deployment of a solution known as Segregated Witness on the LiteCoin system, which is largely a Bitcoin clone.

When considering further upside on Bitcoin and other cryptocurrencies, one factor looms above all: cryptocurrency is still essentially off-limits for institutional investors. While venture capitalists have poured more than $1.5 billion into blockchain startups, the tokens themselves don’t meet regulatory standards for more traditional funds. Once something like the Winklevoss twins’ proposed Bitcoin ETF is approved, the pool of potential Bitcoin investors will explode overnight. There are also two very important points of caution. First, Bitcoin is still a risky asset in the short term. Boosters were just as excited when it peaked at over $1,100 in late 2013—and the price then spent years gradually slumping, reaching a low of $200 in mid-2015.

There’s also a serious long-term downside risk to Bitcoin. While the potential of Bitcoin’s underlying blockchain technology is widely acknowledged, Bitcoin itself is now only one of dozens of implementations of the idea. Bitcoin has a big first-mover advantage, but innovators with names like Ripple and Dash have already significantly expanded on its features. Foremost among those innovative competitors is Ethereum, the second-largest cryptocurrency, whose price has also spiked over the last month. Many entrepreneurs building blockchain applications are using Ethereum, so it’s likely to share in—and maybe even cannibalize—Bitcoin’s long-term growth.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Cryptocurrency Bubble?

Cryptocurrency bubble ?

Cryptocurrency Bubble ?
 

Some credible sources are citing a possible "cryptocurrency bubble", as the prices of coins and tokens rocket and the fever for initial coin offerings (ICOs) continues unabated. All this stuff involves the technology known as blockchain, so it's all broadly related, but there are also certain distinct phenomena to consider.

On the one hand, we are seeing a massive increase in the price of Bitcoin, ether, Dash, Z-Cash, Monero, what have you.

Also surging is the ICO trend, which involves many new startups issuing and selling their own tokens (often oversubscribed with speculative buyers) as a way to crowdfund the building of yet another use-case focused blockchain system.

One theory behind the dramatic increase in the value of existing "altcoins", as in alternatives to Bitcoin, such as Dash or Litecoin, is that Bitcoin is approaching its limit and as a result users are now forced to pay increasingly high fees to use the Bitcoin network. Indeed, users are paying transaction processors additional Bitcoins to prioritise their transactions among the many thousands that are queued in a backlog, termed the 'mempool'.

Preston Byrne, COO of Monax and a fellow of the Adam Smith Institute, recently wrote about this: "The cryptocurrency market as a whole is interesting from an economic perspective in that it provides a perfectly transparent sandbox to see what happens when perfectly substitutable goods (Bitcoin clones) that accomplish the exact same thing (unregulated value transfer) in a fully automatic way (distributed state machines which require no human oversight) are placed in a position to compete.

"As far as an end-user of cryptocurrency software is concerned, whether a c-currency is $3000 in Dogecoin or $3000 in Bitcoin is immaterial; the shop round the corner prices its goods in USD/GBP/EUR, so as long as one coin or the other has sufficient liquidity to cash out, this means competition can occur on the basis of speed and transaction fees."

According to trading experts, the crypto ecosystem has been fleshed out lately with more cross pairs and on-ramps from the fiat world. There is a roll in roll out trade from Bitcoin to crypto and back as the markets inflate on both sides of the trade.

Charles Hayter, CEO, CryptoCompare, said: "Last year it was fairly easy to predict buying of Bitcoin through fiat and then into crypto. The cross pairs and markets have matured to offer direct Ethereum and Litecoin buying in a number of fiat pairs and this is increasing the options for traders to enter and exit positions. That said, Bitcoin is still the direct port in a storm for the entire industry.

"You are also seeing the arrival of new nations to the crypto sphere with their own bespoke approach to local regulatory issues et al – South Korea is a perfect case in point as they have taken the number three spot in terms on direct fiat to Ethereum trading.

Hayter said another interesting trend has been the dislocation of markets premia / discounts across pairs have widened. "This has been exacerbated by the Chinese regulatory issues as well as Wells Fargos hiatus on international transfers connected to Bitfinex and USDT. New markets tend to sit at premiums, as direct fiat flow spikes prices with exit routes from dead pools of money trading at a premium for exiting the exchange," he said, adding, "bubble – to an extent."

However, as far as ICOs are concerned, many prominent people in the industry believe this is fast becoming pure bubble territory and will end in tears (and probably some actions by the SEC). Someone who would go the record about token sales is angel investor and author William Mougayar, who is organising the Token Summit in New York on May 25.

He said: "In the history of technological cycles, if you follow economist Carlota Perez's thinking, nothing great happens without overshooting during the installation phase of a given technology, before moving into the adoption phase.

"We are clearly in the installation phase of cryptotech, and there is nothing we can do to prevent this overshooting from happening. It's just human nature at play.

"Of course there are ideas, protocols, start-ups and applications currently being launched that will not make it long term, but out of all this activity, some great ones will emerge."

Byrne of Monax has been as staunch a critic of ICOs as anyone ("the equivalent of selling people rows in a database"). But he concluded by saying that, amid all the froth, the way blockchains perform is truly impressive.

"Even relatively obscure systems with a fairly low level of developer input, such as Dogecoin, continue to survive and thrive under the circumstances. This is a ringing endorsement of blockchain technology as a very capable way of automating financial process flows with maximal security and minimal supervision.

"In the enterprise blockchain space we benefit directly from observing the failings and successes of public blockchain systems, which allows us to deliver more value to our clients in the permissioned/regulated applications they ask us to build. All in all, it's great," he said.

 

David Ogden
Entrepreneur

 


 

By Ian Allison

 

Alan Zibluk Markethive Founding Member