Security News

The Twitter accounts of Microsoft co-founder Bill Gates, Tesla CEO Elon Musk, and other celebrities were briefly taken over on Wednesday, along with the accounts of various cryptocurrency businesses and affiliated executives, to promote a Bitcoin scam. Twitter also silenced verified blue-tick accounts temporarily to prevent more abuse while it got to the bottom of the kerfuffle.

Our experts have deconstructed a strain of malware called Glupteba that uses just about every cybercrime trick you've heard of, and probably several more besides. The most interesting feature that we learned about in the report is how Glupteba uses the Bitcoin blockchain as a communication channel for receiving updated configuration information.

For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn't quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. KrebsOnSecurity has learned that the phishing site Privnotes.com uses some kind of automated script that scours messages for bitcoin addresses, and replaces any bitcoin addresses found with its own bitcoin address.

Crypto scammers hijacked three YouTube channels to impersonate Elon Musk's SpaceX channel, offering bogus BTC giveaways that earned them nearly USD $150,000 over the course of two days. According to Bleeping Computer and the reports filed in the BitcoinAbuse database, the scammers took over legitimate YouTube accounts and changed the branding to look like that of Elon Musk's rocket company.

A Brit public sector-owned office supplies company shrugged off a ransomware demand for 102 Bitcoins after a staffer opened a phishing email. A local blogger, publishing the Vox Medway site, claimed the attack froze all CSG services at 01:30 UK time on 2 April.

A researcher has uncovered malicious packages in the RubyGems repository, one of which was downloaded more than 2,000 times. The research found over 400 suspect gems including "Atlas-client", which was downloaded 2,100 times by developers likely looking for the legitimate gem named atlas client.

A legitimate file may be called "Thisisafile.exe," while a malicious impersonator may call itself "This1safile.exe." Unobservant users could thus download the malicious file by mistake. If developers accidentally downloaded the rogue files instead of the legitimate gems they were looking for, the software packages they built using the libraries would automatically harbor the Bitcoin-stealer, endangering all users of that software.

Travelex has paid out $2.3 million in Bitcoin to hackers to regain access to its global network after a malware attack at the new year knocked the global currency exchange offline and crippled its business during the month of January. Travelex said in this case it was experts who advised the company pay those responsible for the New Year's Eve attack, which forced the company to shut down its online services and its mobile app.

On Monday, a video of former Microsoft CEO Bill Gates could be found playing on multiple YouTube channels that were broadcasting a well-known cryptocurrency Ponzi scam, ZDNet reported. In November 2019, cryptocoin news site Coin Rivet reported that scammers were hopping on YouTube live streams to bilk people by posing as the official foundations and development teams of popular cryptocurrencies.

According to cryptocurrency enthusiast and Director of Security at MyCrypto, Harry Denley, a wily scammer has been operating a network of fake bitcoin QR code generators to dupe people out of their bitcoins. Bitcoin uses addresses as conduits to send and receive bitcoin payments.