Babylon's Bankers

CRYPTO-CURRENCIES HACK CHANGES WALLET ADDRESSES

Earlier this week I blogged about some of the dangers that I believe to reside in the new crypto-currency fad. To recapitulate, in my opinion those dangers are twofold, as they relate to (1) the closed nature of the system itself which is a deep sort of philosophical issue that I have addressed in various books and interviews about the relationship of one's "physics" to one's "financial views", and (2) to the inherent vulnerability of all cyber-systems to hacking, external manipulations and so on. It is the latter possibility with which I have been concerned of late, for when these crypto-currencies first emerged, my first thought was that they were - because of cyber-vulnerability - almost a perfect way to augment and enhance a hidden system of finance. Even if that high octane speculative possibility was wide of the mark or "off the end of the twig," they were a romper-room of possibilities for fraud.

Sure enough, we've seen stories emerging of neo-Fascist groups using them to finance their "projects", and it wouldn't surprise me the least to discover that some of these groups widely in the news lately will eventually be discovered to have financed their activities in part through playing the crypto-currency market.

To the growing list of possibilities for fraud and "diversion" you can now add this one, shared by Mr. T.M.:

New botnet infects cryptocurrency mining computers, replaces wallet address Attacker has generated about $2,000 in digital coin so far in a scam that remains active.

Consider the implications of these four paragraphs:

Satori—the malware family that wrangles routers, security cameras, and other Internet-connected devices into potent botnets—is crashing the cryptocurrency party with a new variant that surreptitiously infects computers dedicated to the mining of digital coins.

A version of Satori that appeared on January 8 exploits one or more weaknesses in the Claymore Miner, researchers from China-based Netlab 360 said in a report published Wednesday. After gaining control of the coin-mining software, the malware replaces the wallet address the computer owner uses to collect newly minted currency with an address controlled by the attacker. From then on, the attacker receives all coins generated, and owners are none the wiser unless they take time to manually inspect their software configuration.

Records show that the attacker-controlled wallet has already cashed out slightly more than 1 Etherium coin. The coin was valued at as much as $1,300 when the transaction was made. At the time this post was being prepared, the records also showed that the attacker had a current balance of slightly more than 1 Etherium coin and was actively mining more, with a calculation power of about 2,100 million hashes per second. That's roughly equivalent to the output of 85 computers each running a Radeon Rx 480 graphics card or 1,135 computers running a GeForce GTX 560M, based on figures provided here.

Assuming the wallet address continues to generate coins at the same rate, the proceeds after a few months could be well worth the effort, assuming the massive cryptocoin sell-off—which has caused Etherium's value to drop by 42 percent in the past four days—doesn't continue. (Emphasis added)

It's that third paragraph, and the emphasized portion that grabbed my eye, for in my admittedly non-tech-savvy mind, it opened up two possibilities of high octane speculation, each of which - if true - is very disturbing. I say "if true" here because I am not only not tech-savvy, but I'm also standing on the very end of the twig, but I share these thoughts because I rather suspect that there are those out there who have been watching the crypto-currency story with the same mixture of speculation and cynicism as I.

To put my "high octane speculations" into context, let's recall that when crypto-currencies first became an internet "meme," some of the "accompanying memes" were their security, and more importantly, their alleged freedom from tampering by "the big players," namely the central banks. Then there were stories of how the Bank of England was thinking about crypto-currencies, and that meme, for a moment, was forgotten, until everyone forgot about the Bank of England story, moved on, and the meme of "free from tampering by big players" remerged into the narrative.

Now, in that context, consider those sentences from the third paragraph once again:

At the time this post was being prepared, the records also showed that the attacker had a current balance of slightly more than 1 Etherium coin and was actively mining more, with a calculation power of about 2,100 million hashes per second. That's roughly equivalent to the output of 85 computers each running a Radeon Rx 480 graphics card or 1,135 computers running a GeForce GTX 560M, based on figures provided here.

Reading that, two possibilities struck me: the hacker or hackers have more than ordinary computing power at their disposal, and this may mean either (1) that they have created a virtual network by "taking over" other computers for the purpose of mining as the article suggests, or (2) they have such computing power already available themselves. If the latter, then it implies a network, an individual or people with enough money to purchase that kind of computing power either through leasing or outright hardware purchase. If so, then one is looking at a major actor in a certain sense, either a group like "Anonymous" or some other type of extra-territorial entity like a corporation, or perhaps even a "state actor." If any of these possibilities are the case, then effectively someone is mining Etherium for money. But consider the "payoff:": a mere $1300 for all that computing power? So I have to wonder, what's the electric bill for all those "85 computers"? It would hardly seem to be profitable unless one were able to do this on a much grander scale, and the article hints that this may be going on in the statement "the records also showed that the attacker had a current balance of slightly more than 1 Etherium coin and was actively mining more." Of course, if one is "taking over" other computers and using them for this purpose, one won't have to worry very much about the electric bill. Indeed, the article itself points this out:

The message is demonstrably untrue, since malware that uses other people's computers and electricity to mine cryptocurrency is by definition malicious.

Any way one slices this, this is a serious problem to consider. And while considering it, note that the article also hints that considerations like these might be responsible at least in part for the recent dramatic sell-offs:

Assuming the wallet address continues to generate coins at the same rate, the proceeds after a few months could be well worth the effort, assuming the massive cryptocoin sell-off—which has caused Etherium's value to drop by 42 percent in the past four days—doesn't continue.

So with apologies for all those crypto-currency advocates out there, stories like this make me very uneasy, and very glad I didn't jump on the bandwagon.

See you on the flip side...

 

16 thoughts on “CRYPTO-CURRENCIES HACK CHANGES WALLET ADDRESSES”

  1. which reminds me:
    doc and dan, can we rethink getting a po box in south dakota (and perhaps a bank account with state owned bank of north dakota) that donors and members can mail valuable items – not cryptocurrency – to? please?

  2. I want to thank JS for posting this information, and let him know that not all OS are affected by this issue. I have over 20 years of experience on OpenVMS systems and have a good understanding of how the OS is designed, even though I’m not a dev. VMS was created with security backed in right from the 1.0 release (we’re now at 8.4-2). It’s twice had a bounty on it at Black Hat for anyone able to break into it, and nobody has ever collected. Both HPE and VMS Systems Inc (a group of original developers who have the rights to modernize the code) have come out to certify the hardware and software.

    https://vmssoftware.com/pdfs/news/Customer_Letter_2018_Meltdown_Spectre.pdf

    The reason this is of interest is to the group is that a lot of nuclear labs, plants, DoD Hospitals, and a lot of banking systems still run on this platform (Fukushima was on WXP). And more importantly, I understand that Amazon’s book distribution system runs on it as well, so JPF’s books will continue to be sold without interruption. 🙂

    I did a quick check about whether AES-256, which is considered to be Suite B by the NSA for encryption of SCI information (as of 2005), has had any known instances of compromise and didn’t see anything. While I’m not an expert in Bitcoin, and correct me if I’m wrong, but the blockchain is AES-256 encrypted. It seems that the weakness is not on the transaction, but at the mining platforms and user endpoint where the value can be stolen. Anyone who is going to get into the cryptos game will need to up their security game (and paranoia level). There will be plenty of opportunists that want to do evil if they can get away with it. That is something that I hope the community can find a way to fix.

  3. That’s the rub in crypto currencies: theft.
    The more they’re worth
    the more incentive to take it from them
    by hook or crook.
    That’s the gist of an RT interview w/ several guests on the subject. When someone solves that manifest problem; they’re fortune is assured.

  4. I smell a psyop to force everyone to purchase new computers with repaired chip sets to buy into the new cryptocurrency idea. What a boon for the digital computing industry!

  5. I think by now it’s become apparent that beyond their built-in hacking/surveillance features (it’s a feature, not a bug!), cryptos are a kind of pump and dump scheme and a way to divert tons of loose QE “investment” fiat that would otherwise gravitate to gold.

    So ultimately their purpose is fourfold:

    *Acclimate society to a cashless future, the banksters’ nirvana
    *backdoor surveillance / control of financial transactions and currency flows
    *massive profits for Wall Street hustlers manipulating prices along the way
    *yet another means to suppress the price of gold and other PMs, thus keeping the fiat Ponzi viable

    What’s not to love about bitcoin?

  6. To answer one of JPF’s question regarding energy consumption, Motherboard reported back in in Nov 2017:

    “One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week”

    https://motherboard.vice.com/en_us/article/ywbbpm/bitcoin-mining-electricity-consumption-ethereum-energy-climate-change

    “Alex de Vries, aka Digiconomist, estimates that with prices the way they are now, it would be profitable for Bitcoin miners to burn through over 24 terawatt-hours of electricity annually as they compete to solve increasingly difficult cryptographic puzzles to “mine” more Bitcoins. That’s about as much as Nigeria, a country of 186 million people, uses in a year.

    This averages out to a shocking 215 kilowatt-hours (KWh) of juice used by miners for each Bitcoin transaction (there are currently about 300,000 transactions per day). Since the average American household consumes 901 KWh per month, each Bitcoin transfer represents enough energy to run a comfortable house, and everything in it, for nearly a week. On a larger scale, De Vries’ index shows that bitcoin miners worldwide could be using enough electricity to at any given time to power about 2.26 million American homes. ”
    “It’s impossible to know exactly how much electricity the Bitcoin network uses. But we can run a quick calculation of the minimum energy Bitcoin could be using, assuming that all miners are running the most efficient hardware with no efficiency losses due to waste heat. To do this, we’ll use a simple methodology laid out in previous coverage on Motherboard. This would give us a constant total mining draw of just over one gigawatt.

    That means that, at a minimum, worldwide Bitcoin mining could power the daily needs of 821,940 average American homes. “

    1. One-third serious reply: (half-grin)

      If you were a member of a Reptilian race (liking heat) and saw the Vostok Ice Core results, you would wet your scales. An oncoming real Ice Age, likely 100,000 years long. Starting now. So, what to do? Encourage energy output! Head the Ice Age off at the pass!

      BitCoin appears. It is pushed by every means possible. And so:
      “That means that, at a minimum, worldwide Bitcoin mining could power the daily needs of 821,940 average American homes.”

      Reptilians sit back, knowing that their warm future is being assured by greedy naked apes…

  7. When clandestine alphabet mushrooms make press releases about Bitcoin, one must suspiciously wonder, what the double-faced fungi leave out of the equation. Gatekeeper fear mongering, by crisis actors in damage control, is a usual straight face lie.

    I am a double-dealer myself, and my endgame is to bankrupt Rottenchild economically and spiritually. Where I to be offered cool cash by the mushrooms, to write a book about the Rune system, I would take the money, write the book, and then seed it on the Internet.

    I would not want my genius and brilliant Rune code to become a mushroom in dark places. I only light candles for the world to see. (It suits my vanity.)

  8. JPF: “Of course, if one is ‘taking over’ other computers and using them for this purpose…”

    JS at 82.221.129.208 :
    “I am going to quickly go over the real reason Intel is having problems (again), for those who do not know.

    I have mentioned how Intel intentionally put back doors into all their processors for the NSA numerous times over the last seven years. Problem: Someone inside the NSA did a job 500X worse than Snowden, and released all the hackware that exploits these back doors to the general public eight months ago. I did a short report on it and left it at that. The media stayed predominantly silent, because it was not any sort of Snowden game; it was real damage. All the world’s hackers have these tools now, and the ‘wrong people’ are now getting hacked.

    So, a huge stupid reason that blamed all processors for the ‘problem’ was made up, and a dream story about some idiot reading ‘thousands of pages of Intel processor manuals’ and finding the bug was made up. But, I knew that was a lie (intrinsically simply knew) because I knew about the prior enormous breach at the NSA and know how much American intelligence lies and back stabs. They’ll drag AMD and ARM into this, just to cover up a pet project they had going with Intel. I was waiting for this to happen, because it had to.

    Lo and behold, through a screwed up press release, they admitted that the problem was not how the processors write to memory, when they stated the fix made changes to the BIOS that was now causing enormous problems with Intel processors that receive the patch. If it was a memory caching issue, that would be handled by a patch to Operating Systems (as the original lie stated), NOT THE BIOS (which the ‘fix’ actually ended up being for.) By modifying the BIOS, they can instruct parts of the computer to not work, (thereby ‘fixing’ the problem), but the holes in the system are so huge that the processors can’t properly cope with closing them.

    As it is beginning to turn out, the problem is not fixable – and any server, desktop, or laptop anywhere can be raped on a whim. It will never be possible for me to secure the message window, Ebay can’t secure their stuff, NOTHING can be secured – and the world is now at the mercy of not only the intelligence agencies, but now also random hackers.”

    Also:
    “Linus Torvalds says Intel’s Spectre Fix is ‘Complete and Utter Garbage’ ”
    extremetech dot com/computing/262647-linus-torvalds-says-intels-spectre-fix-complete-utter-garbage
    -and-
    “Nvidia Calls for Limits as Crypto Hysteria Pushes GPU Prices Sky High”
    extremetech dot com/computing/262577-nvidia-calls-limits-crypto-hysteria-pushes-gpu-prices-sky-high
    “GPU Prices Skyrocket, Breaking the Entire DIY PC Market”
    extremetech dot com/gaming/262493-gpu-prices-skyrocket-breaking-entire-diy-pc-market

    1. And here is the connecting-link with the JS ‘observations’ on Intel hardware back-doors, from the JPF-referenced article:
      “When Satori appeared in December, the underlying code was significantly overhauled. Instead of infecting devices that were secured with easily guessable default passwords, it exploited programming vulnerabilities in the device firmware.”

Comments are closed.