Newly-Discovered Botnet Fights Mining Malware

fbot - the friendly botnetMeet Fbot, the friendly botnet. Not only is Fbot not malicious, but it seems that its purpose is the discovery and removal of the crypto-mining malware of a particular type.

Normally, a collection of devices connected over the Internet, each of them running one or several bots of its own, aka botnet, acts as an aggressive predator in the virtual jungle. It performs DDoS attacks, sends spam, and steals data. Botnets are a relatively new threat: the first one that we know of was officially brought to light in 2001 by a U.S. company EarthLink in the course of a lawsuit filed against Khan C. Smith. Since 2000, Smith used ErthLink’s network for sending junk emails and had managed to send about 1.25 billion of these. The lawsuit resulted in one of the largest spam judgments in history: the company won $24.8 million. At that time, Smith’s botnet was held accountable for approximately 25% of all junk mail.

malware aimed at crypto miningThe amount of malware aimed at crypto mining has grown dramatically. Systems of every scale and size have been affected, from small individual ones to those belonging to governments. In August 2018, it was reported that the attacks have spiked by more than 950% compared to the previous year. According to Skybox Security, mining malware has now replaced ransomware as the biggest cyber threat: “Cryptocurrency miners may be the new kid on the block, but they’re taking over.”

On September 13th, 360Netlab’s team discovered an interesting botnet the sole purpose of which, according to a blog post by Hui Wang, appears to be “just going after and removing another botnet com.ufo.miner.”

Newly-Discovered Botnet Fights Mining MalwareFbot has an interesting lineage: it appears to be a variation of a Satori botnet. Satori is based on a program used for performing DDoS attacks. However, Fbot’s DDoS module was deactivated. Its new role is to search for a specific malware, a version of ADB.Miner, responsible for crypto-jacking. Once the prey has been detected in a system, Fbot installs itself over it on the infected device and then self-destructs. The vigilante botnet uses EmerDNS, a decentralized domain name system, instead of the traditional DNS, which makes tracking the addresses more difficult. As the 360Netllab blog explains: “it raised the bar for security researchers to find and track the botnet (Security systems will fail if they only look for traditional DNS names).”

There is still no information on whether this interesting new botnet was intended for good or if it is simply a means to eliminate competition and clear the way for another attacker.

The Cost of Testing Ethereum’s Casper

ethereum casper-hybridEthereums’s Hybrid Casper FFG (Friendly Finality Gadget), the new consensus protocol, has received special attention at the Toronto Ethereum conference. According to Vitalik Butering, the creator of Ethereum, testing the protocol will require the submission of 1,500 Ether, minimum.

Friendly, but Costly
Casper FFG is, essentially, a hybrid POW / POS consensus protocol. The idea is to have the blocks mined via POW (Proof of Work), with every fiftieth block being a POS (Proof of Stake) checkpoint, at which a network of validators would assess the finality.

In the recent months, the community has seen a considerable progress in the development of Casper. In April 2018, the code for the protocol was announced to be ready for review. During the Toronto conference which took place at the beginning of May this year, Vitalik Buterin initiated the discussion of the new protocol. He would not announce any particular dates but said that his expectation was for the development to go quicker from now on.

During his talk, Butering described the Casper algorithm and outlined the way it would change the current state of things.

Proof of Stake is seen by many as a much more just way of ensuring the global synchronization. With POS, the users lock up a number of coins as stake. According to Buterin, an initial submission of 1,500 Ether (approximately $1 million) into the smart contract is going to be required to participate in Casper. That is, obviously, a lot of money, and Buterin accentuated that the nodes that do not have the necessary sum can pool their resources or work in a group and then share the profit.

Buterin seems to be very optimistic about Casper’s future. He said that it “will hopefully be one of the more joyous experiences in Ethereum in a fairly short time.”

It is the scaling challenges currently faced by Ethereum that are to be blamed for such a large sum of money required. The new consensus protocol can only support a particular number of nodes. On the bright side, Buterin expects the number to go down to about 32 Ether (around $25) after the implementation of the sharding solution that divides the blockchain into smaller bits.

Also, even those who do not have the sufficient crypto funds will have a chance to stake on the testnet that at the moment runs only a small number of nodes.

A Simple Process

Apart from startling the public with numbers, Buterin explained what steps need to be taken to set up the validator or the node that would take part in the Casper POS protocol.

According to Buterin, Casper FFG is highly customizable and allows a lot of freedom for the developers. For example, the nodes may introduce such features as extra security and multiple keys during the initial stage of the set-up process.

Of course, for those who are somewhat less familiar with software development, the process of setting up Casper may seem a difficult task, but, as Buterin said, it is, in fact, very simple: “The good news is … that in practice, you personally as a user probably don’t need to worry about which validation code you’re using. You as a user basically just click a button that says deposit.”

Once Casper has been set up, the user would need to select the wallet for the returns, but, again, Buterin promised that the client “will do all this magic” for the users. After that, the user needs to submit a deposit of at least 1,500 Ether and run the software. The size of the rewards is going to be proportional to the sum at stake. Voting on the potential blocks will occur automatically, so that the users don’t need to completely understand the intricate mechanics of the process – all they need to do is make sure the node stays online and watch the incoming returns. Buterin assured the audience that “as a regular user you just need to keep your node online, keep your node running, and your node will just do all this voting automatically.”

How Much does Casper Return?

There is still no final information on what returns are to be expected by the nodes. However, Buterin was able to give some approximate numbers. If the validators constantly stay online, a 10 million Ether deposit would, presumably, earn a regular return of around 0-5% annually. As Buterin optimistically stated, “Probably closer to five than to zero.”

The exact sum of the returns depends on the user’s activity in the system. Casper’s slasher concept goes beyond simply rewarding the users for good performance: it also punishes those who misbehave by curbing such actions as double-voting or forming large staking pools. The users caught in the act could lose 1-100% of the deposit, depending on the scale of the mischief.

The Friendly protocol is also going to penalize the users for inactivity, so that a node that mostly stays offline will eventually begin losing some of the deposit. Yet, staying online for a period between 2/3 and 1/2 of the time will still result in returns. Even if a user only has a laptop, it is fairly safe to become a validator, provided there is a guaranteed Internet connection.

 

Crypto Scams on Twitter: Hold on to Your Bitcoin!

traffic sign - SCAM!The most widely advertised feature of the decentralized cryptocurrency is the symbiosis of trust and unbiassed verification within the blockchain technology.

However, as the recent crypto scams that have been pulled off on Twitter show, trust needs to be applied with great caution.

A Chain of Scandals

Bitcoin wars on Twitter have been going on for some time now. The factions supporting various types of crypto have been engaged in a full-scale flame war, bombarding each other with angry messages and accusations. As if that wasn’t enough, Twitter was all but buried under a landslide of fake verified accounts and a swelled number of copycat accounts.

Once the breaches in the defenses were found, more and more scammers started using the photo ID to trick Twitter into giving their accounts the “verified” badge and go on impersonating real, unsuspecting people and entities. The end goal is, of course, to swindle the users out of as much money as possible before anyone suspects fraud.

The notorious account “Protafield” (verified, of course) pretended to be a crypto exchange and staged the non-existent Ether giveaways.

Another verified profile, “seifsbei”, managed to impersonate six different accounts, such as Bitfinex, a crypto exchange, and even went as far as impersonating Vitalik Buterin, the creator of Ethereum.

These incidents make it more than obvious that Twitter’s verification process falls short of protecting its users and sifting the honest ones from the wrongdoers. Simply put, the “verified” badge no longer guarantees anything. As the founder of 2way.io start-up Tim Pastoor stated, “People at home see this as a stamp that Twitter sees this as a good account, which can be very subjective”. He also said that scams are made even more dangerous because it is not the intent that is vetted, but merely the identity that is behind the account.

looks like someone is about to steal my bitcoin?A representative of Bitfinex, one of the larges Bitcoin trading platforms, says that fighting the influx of fake accounts takes a considerable amount of time and effort: “We dedicate a lot of resources towards combating illegitimate Twitter accounts and educating our users on how to spot them. However, our impact on certain sites is limited”.

Lethal Patterns

The situation with the restless crypto segment of Twitter is anything but simple.

The false information that the fake account holders present to the users is camouflaged by impeccable terminology. The well-applied technical language does not only make the information look trustworthy, but also makes the standard scam detection processes that Twitter uses, such as language analysis, insufficient.

On the other hand, systematic fraud can be spotted due to the scammers’ tendency to promote the tokens in packs, boosting each other’s reputation and visibility.

Another factor to consider is, well, human. It is commonly known that people rather trust acquaintances more that strangers, and acquaintances less than close friends. Thus, to filter the information, Twitter could allow users to have more control over their feed, the way that Facebook does it. Tim Pastoor believes there are going to be iterations: “I would probably recommend starting with allowing people to filter based on people that they already trust, and to maybe make more use of your second or third-degree networks”.

The mess gets even worse because the accounts can pass to other owners, and not necessarily through hacks, and the new owners’ motives can be very different.

An example of such stray account is the suspended @bitcoin. It started with tweeting the information supporting bitcoin, changed hands many times over the years, and ended up tweeting controversial and misleading information. Finally, it caused so much disapproval, that Twitter had it suspended, and then divested of the verification mark.

The Power of a Tweet

Despite the apparently unreliable verification process, it is a fact that Twitter has a great influence on the crypto markets. Regular users can have as much impact on the price swings of a particular crypto enterprise as the scammers.

The founder of CoinTrend, Nick Lucas, says that there is “basically a lot of influence on Twitter when John McAfee or someone mentions a specific coin.” For example, the price of the Safe Exchange Coins spiked within 24 hours after McAfee tweeted about it.

Naturally, the tweets can just as well have a negative effect. As Lucas puts it, “If everyone is talking negatively about something that is getting pushed into a core repo coin, that can also have an impact. If someone with a big following tweets something, it can cause a scare”.

Behold the Golem: New Ethereum App Released

Golem, and ambitious new project released on the 10th of April, 2018, allows the users to rent the CPU power that they are not using for creating digital imagery. Essentially, it’s a platform that lets others make use of the compute’s excess power.

A Market for Swapping Power
It took three years and fourteen implementations for the Golem project to go live. In 2016, the project rose 280 000 ETH (approximately, $340 million), and its GNT token was sold out in 20 minutes. There was a significant amount of interest on behalf of the investors since this ethereum app project was among the earliest generations of its kind.

The long delay in delivering the app, however, received some inevitable criticism. Golem’s founder, Julian Zawistowski, says it’s typical for the development of software, and, in particular, for blockchain, to underestimate the complexity of what needs to be done. Zawistowski says, “You always underestimate how difficult it is, and this was obviously the case with us.”

Golem has still not reached its final shape. However, the mainnet launch demonstrates that the app is, finally, very much alive. Currently, the CGI is created with the open-source software Blender that allows creating visual effects, animated films, interactive applications as well as video games. Golem exchanges the computational power for GNT via an interface that is directly connected to Blender.

The current release was named Golem Brass Beta. It aims at trying out the technology in the conditions of a real market, using the real money. As Zawistowski put it, “We have to see how it behaves in the wild,”

Piotr “Viggith” Janiuk, Golem’s co-founder and the CTO of the company, says “The release is there to prove to us and everyone that we can actually deliver something that can run on mainnet and that’s really usable. And, well, it is.”

From Brass to Machine Learning
Golem Brass Beta functions through a software client, connecting the “providers” (the ones that are selling the CPU power) and “requestors” (the ones who want to rent it) in the network.

Golem“Providers” receive small subtasks, which make a complete computational picture when put together. These subtasks are sent via the peer-to-peer network. After the users have computed their subtasks, they return the results which are molded together. The “Requestors” then pay for using other’s power. All of these interactions occur on the network between the nodes.

Golem is not actually built on the blockchain, but it uses Ethereum for GNT (its token), and for agreeing on the token transactions.

The app’s creators hope to see it develop “to a point where we have the Golem which is perfect and self-contained and modular”, so that the computations would be done “in a matter of seconds”.

In future, the company plans to build a dedicated Blender plugin to eliminate an extra step. An even bigger ambition is to let the network provide the resources for machine learning. AS Jainuk stated, “We definitely need to move in the direction of machine learning. This is something that is suited to Golem pretty well,”

Long Road to Perfection
The long time it took to release the Golem is explained y the difficulties in production that could not be entirely anticipated when the project was first conceived. The development team had to venture into the yet uncharted territories, and, of course, extra attention needed to be paid to security. As Jainuk put it, “There can be no holes because you’re risking someone else’s money.”

project golem, an ethereum appDividing the computational tasks into subtasks and reconnecting them later presented some of the greatest difficulties. Also, verifying the correctness of computation was particularly tricky to develop for certain kinds of computations, while with some cryptocurrencies it went easily.

The fact that platform apps cause Thereum transaction backlogs and the growth of the fees was not helping either. Vitalik Buterin, Ethereum’s creator, commented on the issue when speaking to an audience in South Korea, that the scaling challenges “screwed” the makers of the applications.

Jainuk also acknowledged the problem, saying that the decentralized solutions are still some steps away from even beginning to resemble the production-grade solutions. Zawinowski, in turn, compared the situation which we have regarding infrastructure and web development today is to what it was like in the nineties, noting that now there is a huge number of tools that the developers can choose from, while some decades ago people had no choice but to start from scratch.

However, sometimes starting from the very beginning is exactly what needs to be done. According to Zawinowski, often it is necessary to actually invent the wheel to solve the problems at hand.

Banks Banned from Trading Crypto and ICO in Pakistan

Pakistan Bitcoin Crypto ICOState Bank of Pakistan (SBP) has officially banned the country’s financial firms from cooperating with cryptocurrency companies. SBP has thus become the latest organization of its class to ban the crypto-related activities.

On the 6th of April, 2018, SBP issued the following statement: “All Banks/ DFIs/ Microfinance Banks and Payment System Operators (PSOs)/Payment Service Providers (PSPs) are advised to refrain from processing, using, trading, holding, transferring value, promoting and investing in Virtual Currencies/Tokens. Further, banks/DFIs/Microfinance Banks and PSOs/PSPs will not facilitate their customers/account holders to transact in VCs/ICO Tokens. Any transaction in this regard shall immediately be reported to Financial Monitoring Unit (FMU) as a suspicious transaction.”

The bank also announced the news on its Twitter.

So far, SBP has not issued any comments on this statement, while the announcement of the news has already set the wheels of change in motion and has had an immediate effect on Pakistan’s cryptocurrency market.

Pakistan’s first cryptocurrency exchange, Urdubit, said, after the SBP statement was issued, that it is going to shut down. The exchange was launched in 2014 and was meant to lay foundations to the wider adoption of cryptocurrency in the country. Urdubit’s goal was also to raise the people’s awareness and understanding of cryptocurrency and enable them to use bitcoin in their everyday lives. Zain Tariq, one of the exchange’s founding partners, said: “You have to realize that even wealthy Pakistani people fear what they don’t understand, and English being second language – it creates a small understanding barrier.”

However, after SBP has announced its decision, Urdubit published an announcement via Facebook, urging the users to withdraw their funds as soon as possible, because it will be closing soon, “due to the current stance on Virtual Currencies by SBP”. The exchange also attached a link to a notification from SBP stating that “SBP has not authorized or licensed any individual or entity for the issuance, sale, purchase, exchange or investment in any such Virtual Currencies/Coins/Tokens in Pakistan.” The notification also contains a warning that “Any transaction in this regard shall immediately be reported to Financial Monitoring Unit (FMU) as a suspicious transaction”.

Rodrigo Souza, co-founder of BlinkTrade, the provider of open-source software used by the Urdubit exchange, stated that SBP’s objective is to undermine the investment in cryptocurrency in Pakistan. According to Souza, the banks and the governments will inevitably fight Bitcoin because Bitcoin investment causes large number of people to remove their funds from the bank. Regarding the future plans, Souza added: “We are working hard to return all PKR to all our customers before our bank shutdown our accounts.”

Interestingly, Bank of Pakistan’s ban was announced the very next day after the Reserve Bank of India (RBI), the country’s main banking institution, announced its decision to stop working with the crypto exchanges and other services related to cryptocurrency. India’s cryptocurrency exchanges, however, have decided to challenge RBI’s edict. Ajeet Khurana, the chief executive of Zebpay, India’s leading cryptocurrency exchange, posted on his Twitter: “No way I am stopping. We will continue to do what is best for our customers, and what is best for our country. Am studying the present situation and will react shortly. And we will emerge stronger.”