WHY DO WE NEED CRYPTO-DEFENDER? @StrikeForceTec
Post# of 82672
(Total Views: 552)
Posted On: 07/10/2018 7:42:39 PM
WHY DO WE NEED CRYPTO-DEFENDER?
@StrikeForceTech: New Rakhni variant could infect systems with either a ransomware or a miner https://t.co/10PsZeDmkKm.twitter.com/StrikeForceTech
Cryptojacking Displaces Ransomware as Top Malware Threat
Security researchers at Kaspersky Labs have discovered a new strain of the Rakhni malware that could infect systems with either a ransomware or a cryptocurrency miner.
Experts from Kaspersky Labs have discovered a new strain of the Rakhni ransomware family that could infect systems with either a ransomware or a cryptocurrency miner depending upon their configurations.
“Way back in 2013 our malware analysts spotted the first malicious samples related to the Trojan-Ransom.Win32.Rakhni family.” reads the analysis published by Kaspersky.
“Now the criminals have decided to add a new feature to their creation – a mining capability. In this articlewe describe a downloader that decides how to infect the victim: with a cryptoror with a miner.”
The Rakhni malware is being spread via spear-phishing messages that have weaponized MS word file in the attachment.
Once the victims opened the document, it will prompt them to save the document and enable editing. The document contains a PDF icon that if clicked will launch a malicious executable and immediately displays a fake error message box upon execution.
The message informs the victim that it is impossible to open the PDF file because a system file is missing.
In the background, the Rakhni malware makes anti-VM and anti-sandbox checks to determine if it is possible to infect the system. If the malware determines that it is possible to infect the system, it performs more checks to decide if deliver a ransomware or cryptocurrency miner.
“The decision to download the cryptoror the miner depends on the presence of the folder %AppData%\Bitcoin. If the folder exists, the downloader decides to download the cryptor.” continues the analysis.
“If the folder doesn’t exist and the machine has more than two logical processors, the miner will be downloaded. If there’s no folder and just one logical processor, the downloader jumps to its worm component, which is described below in the corresponding part of the article.”
If the target system has a ‘Bitcoin’ folder in the AppData section, the malware first terminates all processes that match a predefined list of popular applications, then encrypts files with the RSA-1024 encryption algorithm and then displays a ransom note via a text file.
Before encrypting files with the RSA-1024 encryption algorithm, the malware terminates all processes that match a predefined list of popular applications and then displays a ransom note via a text file.
If the ‘Bitcoin’ folder doesn’t exist and the machine has more than two logical processors the malware drops the MinerGate utility to mine Monero (XMR), Monero Original (XMO) and Dashcoin (DSH) cryptocurrencies in the background.
This variant of the Rakhni malware installs a root certificate that’s stored in its resources and every executable it downloads is signed with this certificate. We have found fake certificates that claim to have been issued by Microsoft Corporation and Adobe Systems Incorporated.
Experts also noticed that the malware uses the CertMgr.exe utility to install fake root certificates that claim to have been issued by Microsoft Corporation and Adobe Systems Incorporated in an attempt to disguise the miner as a trusted process.
If the infected system doesn’t have a ‘Bitcoin’ folder and has only a single logical processor, the malware activates the worm component that allows the malicious code to spread among all the computers in the local network using shared resources.
“As one of its lastactions the downloader tries to copy itself to all the computers in the local network. To do so, it calls the system command ‘net view /all’ which will return all the shares and then the Trojan creates the list.log file containing the names of computers with shared resources” the researchers report.
“For each computer listed in the file the Trojan checks if the folder Users is shared and, if so, the malware copies itself to the folder \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup of each accessible user,”
The experts also noticed that the malware implements spyware capabilities.
Most of the infections are in Russia (95.5%), other systems infected with the malware are in Kazakhstan (1.36%), Ukraine (0.57%), Germany (0.49%), and India (0.41%) as well.
Further details including the IoCs are reported in the analysis published by Kaspersky.
CRYPTO-DEFENDER PROTECTS AGAINST:
Desktop capabilities
Keystroke Protection
Anti-Screenscraping
Anti-Clickjacking
Clipboard Security
Webcam Security*
Cryptographic Integrity Monitoring*
Trusted Platform Integration*
Ransomware Security*
Self-Healing Capabilities*
* = future release
Coming soon for Mobile Devices:
Mobile capabilities
Encrypted Keyboard
Secure Password Vault
Encrypted Data Vault
Random Password Generator
Two Factor Authenticator
Secure Browser
Anti-Screencapture*
* = future release
BlockSafe Technologies, First to Market with Cybersecurity Solution for Crypto Wallets At: https://cyberidguard.com/
CryptoDefender™ Guards Wallets from Crypto Theft Attacks
July 10, 2018 08:00 AM Eastern Daylight Time
EDISON, N.J.--(BUSINESS WIRE)--BlockSafe Technologies, Inc., (BlockSafe) the company that secures the blockchain ecosystem, today announced the availability of CryptoDefender™ for desktop computers, dedicated to protecting crypto wallets from cyber-attacks. It is first in a suite of products that will ensure the integrity of crypto wallets, exchanges and private blockchains. BlockSafe is launching this product now as the universe of crypto users, which is 24 million strong and growing to 200 million by 2024. Over $1.1 billion has been stolen in the first six months of 2018. Market watchers expect this figure to continue to grow dramatically into the foreseeable future.
“We’re excited to be early adopters of what we strongly believe will be a core technology allowing blockchains, exchanges and crypto wallets to thrive”
Tweet this
“Private Blockchains, exchanges and crypto wallets are not as secure as one might think,” explained George Waller, CEO of BlockSafe. “Every time you log onto your wallet, you’re opening a window to a cyber-attack. If your coins are stolen in most cases there is absolutely no recourse, no insurance, no recovery and very little that law enforcement can do. The value is gone. It is a security gap that we are closing with the industry’s most comprehensive solution that can put a halt on ongoing breaches to crypto wallets, crypto-exchanges and private blockchains.”
In a recent report on Blockchain Governance, Bloor Research’s David Norfolk says, “One of the chief issues around a secure technology (such as Blockchain is capable of being) is that it becomes trusted – and if someone puts corrupt garbage into it, the garbage that comes out is probably trusted too." Highlighting BlockSafe's efforts to bring trust to the blockchain ecosystem, he adds, “I think that some such governance technology is badly needed, and sooner rather than later.”
CryptoDefender™ protects against cyber threats to crypto wallets by proactively preventing malware from harming computers. This solution is unique in that it assumes that malware already exists on the device and encrypts everything typed onto keyboards. CryptoDefender™ for mobile devices will soon be available for iOS and Android platforms.
CryptoDefender™ has several critical features that work together: keystroke encryption prevents spying and clipboard while copy protection prevents malware from monitoring the clipboard and copying the contents. The anti-screen capture feature prevents screen-scraping malware from surreptitiously taking screenshots of information, and anti-clickjacking displays hidden frames or frames originating from a potentially malicious domain.
BlockSafe is licensing patented security solutions for CryptoDefender™ from StrikeForce Technologies, Inc (OTC: SFOR), a leading provider of cyber security solutions for consumers, corporations, and government agencies. Licensing this technology brings to bear millions of dollars in R&D and 17 years of advanced and tested cyber technology from StrikeForce, for which BlockSafe pays StrikeForce a monthly fee.
Cyber ID Guard, LLC (Cyber ID Guard) will be selling CryptoDefender™ through multiple online channels. “We’re excited to be early adopters of what we strongly believe will be a core technology allowing blockchains, exchanges and crypto wallets to thrive,” said Chuck Crabb, CEO of Cyber ID Guard. (GET IT NOW: https://cyberidguard.com/ )
Securitized Token Offering
BlockSafe Technologies is planning a Securitized Token Offering (STO, formerly known as an ICO), to raise approximately $35M over the coming months. BlockSafe’s “BSAFE™” security token will be a revenue participation token, paying a passive income to all token holders.
The funds will be used to commercialize and market our blockchain eco-system security solutions, including CryptoDefender™ for desktop and mobile. The others include:
ExchangeDefender™ comprises two products to protect the internal systems of crypto exchanges. The solution marries CryptoDefender’s™ keystroke encryption technology along with ProtectID’s Multi-Factor Out-of-Band authentication, offering exchanges two of the most powerful anti-breach solutions.
BlockchainDefender™, which caters to enterprises and industry consortia, bringing access control, policy enforcement & transaction verification to ensure security for private blockchains.
About BlockSafe Technologies, Inc.
BlockSafe is the company that secures the blockchain ecosystem with a suite of solutions that protect against an array of cyber vulnerabilities. The company is headquartered in Edison, New Jersey. For more information, visit www.blocksafetech.com.
Safe Harbor Statement:
Matters discussed in this press release contain forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. When used in this press release, the words “anticipate,” “believe,” “estimate,” “may,” “intend,” "expect" and similar expressions identify such forward-looking statements. Actual results, performance or achievements could differ materially from those contemplated, expressed or implied by the forward-looking statements contained herein. These forward-looking statements are based largely on the expectations of the Company and are subject to a number of risks and uncertainties. These include, but are not limited to, risks and uncertainties associated with: the sales of the company's identity protection software products into various channels and market sectors, the issuance of the company's pending patent application, and the impact of economic, competitive and other factors affecting the Company and its operations, markets, product, and distributor performance, the impact on the national and local economies resulting from terrorist actions, and U.S. actions subsequently; and other factors detailed in reports filed by the company.
Contacts
Fusion Public Relations, on behalf of BlockSafe Technologies:
Olga Shmuklyer, 917-715-0329
olga@fusionpr.com
or
BlockSafe:
George Waller, 732-661-9641
CEO
gwaller@blocksafetech.com
@StrikeForceTech: New Rakhni variant could infect systems with either a ransomware or a miner https://t.co/10PsZeDmkKm.twitter.com/StrikeForceTech
Cryptojacking Displaces Ransomware as Top Malware Threat
Security researchers at Kaspersky Labs have discovered a new strain of the Rakhni malware that could infect systems with either a ransomware or a cryptocurrency miner.
Experts from Kaspersky Labs have discovered a new strain of the Rakhni ransomware family that could infect systems with either a ransomware or a cryptocurrency miner depending upon their configurations.
“Way back in 2013 our malware analysts spotted the first malicious samples related to the Trojan-Ransom.Win32.Rakhni family.” reads the analysis published by Kaspersky.
“Now the criminals have decided to add a new feature to their creation – a mining capability. In this articlewe describe a downloader that decides how to infect the victim: with a cryptoror with a miner.”
The Rakhni malware is being spread via spear-phishing messages that have weaponized MS word file in the attachment.
Once the victims opened the document, it will prompt them to save the document and enable editing. The document contains a PDF icon that if clicked will launch a malicious executable and immediately displays a fake error message box upon execution.
The message informs the victim that it is impossible to open the PDF file because a system file is missing.
In the background, the Rakhni malware makes anti-VM and anti-sandbox checks to determine if it is possible to infect the system. If the malware determines that it is possible to infect the system, it performs more checks to decide if deliver a ransomware or cryptocurrency miner.
“The decision to download the cryptoror the miner depends on the presence of the folder %AppData%\Bitcoin. If the folder exists, the downloader decides to download the cryptor.” continues the analysis.
“If the folder doesn’t exist and the machine has more than two logical processors, the miner will be downloaded. If there’s no folder and just one logical processor, the downloader jumps to its worm component, which is described below in the corresponding part of the article.”
If the target system has a ‘Bitcoin’ folder in the AppData section, the malware first terminates all processes that match a predefined list of popular applications, then encrypts files with the RSA-1024 encryption algorithm and then displays a ransom note via a text file.
Before encrypting files with the RSA-1024 encryption algorithm, the malware terminates all processes that match a predefined list of popular applications and then displays a ransom note via a text file.
If the ‘Bitcoin’ folder doesn’t exist and the machine has more than two logical processors the malware drops the MinerGate utility to mine Monero (XMR), Monero Original (XMO) and Dashcoin (DSH) cryptocurrencies in the background.
This variant of the Rakhni malware installs a root certificate that’s stored in its resources and every executable it downloads is signed with this certificate. We have found fake certificates that claim to have been issued by Microsoft Corporation and Adobe Systems Incorporated.
Experts also noticed that the malware uses the CertMgr.exe utility to install fake root certificates that claim to have been issued by Microsoft Corporation and Adobe Systems Incorporated in an attempt to disguise the miner as a trusted process.
If the infected system doesn’t have a ‘Bitcoin’ folder and has only a single logical processor, the malware activates the worm component that allows the malicious code to spread among all the computers in the local network using shared resources.
“As one of its lastactions the downloader tries to copy itself to all the computers in the local network. To do so, it calls the system command ‘net view /all’ which will return all the shares and then the Trojan creates the list.log file containing the names of computers with shared resources” the researchers report.
“For each computer listed in the file the Trojan checks if the folder Users is shared and, if so, the malware copies itself to the folder \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup of each accessible user,”
The experts also noticed that the malware implements spyware capabilities.
Most of the infections are in Russia (95.5%), other systems infected with the malware are in Kazakhstan (1.36%), Ukraine (0.57%), Germany (0.49%), and India (0.41%) as well.
Further details including the IoCs are reported in the analysis published by Kaspersky.
CRYPTO-DEFENDER PROTECTS AGAINST:
Desktop capabilities
Keystroke Protection
Anti-Screenscraping
Anti-Clickjacking
Clipboard Security
Webcam Security*
Cryptographic Integrity Monitoring*
Trusted Platform Integration*
Ransomware Security*
Self-Healing Capabilities*
* = future release
Coming soon for Mobile Devices:
Mobile capabilities
Encrypted Keyboard
Secure Password Vault
Encrypted Data Vault
Random Password Generator
Two Factor Authenticator
Secure Browser
Anti-Screencapture*
* = future release
BlockSafe Technologies, First to Market with Cybersecurity Solution for Crypto Wallets At: https://cyberidguard.com/
CryptoDefender™ Guards Wallets from Crypto Theft Attacks
July 10, 2018 08:00 AM Eastern Daylight Time
EDISON, N.J.--(BUSINESS WIRE)--BlockSafe Technologies, Inc., (BlockSafe) the company that secures the blockchain ecosystem, today announced the availability of CryptoDefender™ for desktop computers, dedicated to protecting crypto wallets from cyber-attacks. It is first in a suite of products that will ensure the integrity of crypto wallets, exchanges and private blockchains. BlockSafe is launching this product now as the universe of crypto users, which is 24 million strong and growing to 200 million by 2024. Over $1.1 billion has been stolen in the first six months of 2018. Market watchers expect this figure to continue to grow dramatically into the foreseeable future.
“We’re excited to be early adopters of what we strongly believe will be a core technology allowing blockchains, exchanges and crypto wallets to thrive”
Tweet this
“Private Blockchains, exchanges and crypto wallets are not as secure as one might think,” explained George Waller, CEO of BlockSafe. “Every time you log onto your wallet, you’re opening a window to a cyber-attack. If your coins are stolen in most cases there is absolutely no recourse, no insurance, no recovery and very little that law enforcement can do. The value is gone. It is a security gap that we are closing with the industry’s most comprehensive solution that can put a halt on ongoing breaches to crypto wallets, crypto-exchanges and private blockchains.”
In a recent report on Blockchain Governance, Bloor Research’s David Norfolk says, “One of the chief issues around a secure technology (such as Blockchain is capable of being) is that it becomes trusted – and if someone puts corrupt garbage into it, the garbage that comes out is probably trusted too." Highlighting BlockSafe's efforts to bring trust to the blockchain ecosystem, he adds, “I think that some such governance technology is badly needed, and sooner rather than later.”
CryptoDefender™ protects against cyber threats to crypto wallets by proactively preventing malware from harming computers. This solution is unique in that it assumes that malware already exists on the device and encrypts everything typed onto keyboards. CryptoDefender™ for mobile devices will soon be available for iOS and Android platforms.
CryptoDefender™ has several critical features that work together: keystroke encryption prevents spying and clipboard while copy protection prevents malware from monitoring the clipboard and copying the contents. The anti-screen capture feature prevents screen-scraping malware from surreptitiously taking screenshots of information, and anti-clickjacking displays hidden frames or frames originating from a potentially malicious domain.
BlockSafe is licensing patented security solutions for CryptoDefender™ from StrikeForce Technologies, Inc (OTC: SFOR), a leading provider of cyber security solutions for consumers, corporations, and government agencies. Licensing this technology brings to bear millions of dollars in R&D and 17 years of advanced and tested cyber technology from StrikeForce, for which BlockSafe pays StrikeForce a monthly fee.
Cyber ID Guard, LLC (Cyber ID Guard) will be selling CryptoDefender™ through multiple online channels. “We’re excited to be early adopters of what we strongly believe will be a core technology allowing blockchains, exchanges and crypto wallets to thrive,” said Chuck Crabb, CEO of Cyber ID Guard. (GET IT NOW: https://cyberidguard.com/ )
Securitized Token Offering
BlockSafe Technologies is planning a Securitized Token Offering (STO, formerly known as an ICO), to raise approximately $35M over the coming months. BlockSafe’s “BSAFE™” security token will be a revenue participation token, paying a passive income to all token holders.
The funds will be used to commercialize and market our blockchain eco-system security solutions, including CryptoDefender™ for desktop and mobile. The others include:
ExchangeDefender™ comprises two products to protect the internal systems of crypto exchanges. The solution marries CryptoDefender’s™ keystroke encryption technology along with ProtectID’s Multi-Factor Out-of-Band authentication, offering exchanges two of the most powerful anti-breach solutions.
BlockchainDefender™, which caters to enterprises and industry consortia, bringing access control, policy enforcement & transaction verification to ensure security for private blockchains.
About BlockSafe Technologies, Inc.
BlockSafe is the company that secures the blockchain ecosystem with a suite of solutions that protect against an array of cyber vulnerabilities. The company is headquartered in Edison, New Jersey. For more information, visit www.blocksafetech.com.
Safe Harbor Statement:
Matters discussed in this press release contain forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. When used in this press release, the words “anticipate,” “believe,” “estimate,” “may,” “intend,” "expect" and similar expressions identify such forward-looking statements. Actual results, performance or achievements could differ materially from those contemplated, expressed or implied by the forward-looking statements contained herein. These forward-looking statements are based largely on the expectations of the Company and are subject to a number of risks and uncertainties. These include, but are not limited to, risks and uncertainties associated with: the sales of the company's identity protection software products into various channels and market sectors, the issuance of the company's pending patent application, and the impact of economic, competitive and other factors affecting the Company and its operations, markets, product, and distributor performance, the impact on the national and local economies resulting from terrorist actions, and U.S. actions subsequently; and other factors detailed in reports filed by the company.
Contacts
Fusion Public Relations, on behalf of BlockSafe Technologies:
Olga Shmuklyer, 917-715-0329
olga@fusionpr.com
or
BlockSafe:
George Waller, 732-661-9641
CEO
gwaller@blocksafetech.com
(3)
(0)Zerify Inc (ZRFY) Stock Research Links
WORDS TO LIVE BY:
Never argue with stupid people, they will drag you down to their level and then beat you with experience.
Get .... PrivacyLok https://cyberidguard.com/
Try SafeVchat: https://cyberidguard.com/
My comments are only my opinion and are not to be used for investment advice.
Please conduct your own due diligence before choosing to buy or sell any stock.
Never argue with stupid people, they will drag you down to their level and then beat you with experience.
Get .... PrivacyLok https://cyberidguard.com/
Try SafeVchat: https://cyberidguard.com/
My comments are only my opinion and are not to be used for investment advice.
Please conduct your own due diligence before choosing to buy or sell any stock.
Scroll down for more posts ▼