DOCSLIB.ORG

Automated Malware Analysis Report for Gridcoin-4.0.4-Win64-Setup

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automated Malware Analysis Report for Gridcoin-4.0.4-Win64-Setup ID: 137413 Sample Name: gridcoin-4.0.4- win64-setup (1).exe Cookbook: default.jbs Time: 20:59:04 Date: 31/05/2019 Version: 26.0.0 Aquamarine Table of Contents Table of Contents 2 Analysis Report gridcoin-4.0.4-win64-setup (1).exe 4 Overview 4 General Information 4 Detection 4 Confidence 5 Classification 5 Analysis Advice 6 Mitre Att&ck Matrix 6 Signature Overview 7 AV Detection: 7 Cryptography: 7 Spreading: 7 Networking: 7 Key, Mouse, Clipboard, Microphone and Screen Capturing: 8 E-Banking Fraud: 8 System Summary: 8 Data Obfuscation: 8 Persistence and Installation Behavior: 8 Boot Survival: 8 Hooking and other Techniques for Hiding and Protection: 9 Malware Analysis System Evasion: 9 Anti Debugging: 9 HIPS / PFW / Operating System Protection Evasion: 9 Language, Device and Operating System Detection: 9 Behavior Graph 9 Simulations 10 Behavior and APIs 10 Antivirus and Machine Learning Detection 10 Initial Sample 10 Dropped Files 10 Unpacked PE Files 11 Domains 11 URLs 11 Yara Overview 11 Initial Sample 11 PCAP (Network Traffic) 11 Dropped Files 11 Memory Dumps 11 Unpacked PEs 11 Joe Sandbox View / Context 11 IPs 11 Domains 12 ASN 12 JA3 Fingerprints 13 Dropped Files 13 Screenshots 13 Thumbnails 13 Startup 14 Created / dropped Files 14 Domains and IPs 33 Contacted Domains 33 Contacted URLs 33 URLs from Memory and Binaries 33 Contacted IPs 38 Public 38 Static File Info 38 General 38 File Icon 39 Copyright Joe Security LLC 2019 Page 2 of 109 Static PE Info 39 General 39 Entrypoint Preview 39 Data Directories 40 Sections 40 Resources 42 Imports 42 Version Infos 42 Possible Origin 42 Static AutoIT Info 43 General 43 Network Behavior 43 Network Port Distribution 43 TCP Packets 43 UDP Packets 45 DNS Queries 45 DNS Answers 46 HTTP Request Dependency Graph 46 HTTP Packets 46 Code Manipulations 47 Statistics 47 Behavior 47 System Behavior 47 Analysis Process: gridcoin-4.0.4-win64-setup (1).exe PID: 2292 Parent PID: 3592 47 General 47 File Activities 47 File Created 48 File Deleted 52 File Written 52 File Read 84 Registry Activities 84 Key Created 84 Key Value Created 85 Key Value Modified 85 Analysis Process: gridcoinresearch.exe PID: 944 Parent PID: 2292 85 General 85 File Activities 86 File Created 86 File Deleted 87 File Moved 87 File Written 87 File Read 108 Registry Activities 108 Key Created 108 Disassembly 109 Code Analysis 109 Copyright Joe Security LLC 2019 Page 3 of 109 Analysis Report gridcoin-4.0.4-win64-setup (1).exe Overview General Information Joe Sandbox Version: 26.0.0 Aquamarine Analysis ID: 137413 Start date: 31.05.2019 Start time: 20:59:04 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 10m 28s Hypervisor based Inspection enabled: false Report type: light Sample file name: gridcoin-4.0.4-win64-setup (1).exe Cookbook file name: default.jbs Analysis system description: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113 Number of analysed new started processes analysed: 13 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies: HCA enabled EGA enabled HDC enabled AMSI enabled Analysis stop reason: Timeout Detection: SUS Classification: sus28.troj.winEXE@3/69@13/7 EGA Information: Successful, ratio: 100% HDC Information: Successful, ratio: 39.1% (good quality ratio 24.6%) Quality average: 41.4% Quality standard deviation: 41% HCA Information: Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0 Cookbook Comments: Adjust boot time Enable AMSI Found application associated with file extension: .exe Warnings: Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, sc.exe, dllhost.exe, WMIADAP.exe, conhost.exe, CompatTelRunner.exe TCP Packets have been reduced to 100 Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtDeviceIoControlFile calls found. Report size getting too big, too many NtEnumerateKey calls found. Report size getting too big, too many NtOpenKey calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryValueKey calls found. Report size getting too big, too many NtSetInformationFile calls found. Detection Copyright Joe Security LLC 2019 Page 4 of 109 Strategy Score Range Reporting Whitelisted Detection Threshold 28 0 - 100 false Confidence Strategy Score Range Further Analysis Required? Confidence Threshold 2 0 - 5 true Classification Copyright Joe Security LLC 2019 Page 5 of 109 Ransomware Miner Spreading mmaallliiiccciiioouusss malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious cccllleeaann clean Exploiter Banker Spyware Trojan / Bot Adware Analysis Advice Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox Sample searches for specific file, try point organization specific fake files to the analysis machine Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior Mitre Att&ck Matrix Privilege Credential Lateral Command Initial Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Valid Accounts Execution Startup Startup Deobfuscate/Decode Input System Time Remote File Input Data Uncommonly through API 1 Items 1 Items 1 Files or Capture 1 Discovery 1 Copy 1 Capture 1 Encrypted 1 1 Used Port 1 Information 1 Replication Service Registry Run Process Obfuscated Files or Network Security Remote Clipboard Exfiltration Over Commonly Through Execution Keys / Startup Injection 1 Information 2 Sniffing Software Services Data 1 Other Network Used Port 1 Removable Folder 1 Discovery 1 1 Medium Media Copyright Joe Security LLC 2019 Page 6 of 109 Privilege Credential Lateral Command Initial Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Drive-by Windows Modify Existing New Service 1 Masquerading 1 Input Capture File and Windows Data from Automated Remote File Compromise Management Service 1 Directory Remote Network Exfiltration Copy 1 Instrumentation Discovery 1 2 Management Shared Drive Exploit Public- Scheduled Task New Service 1 DLL Search Process Injection 1 Credentials in System Logon Scripts Input Capture Data Encrypted Standard Facing Order Hijacking Files Information Cryptographic Application Discovery 2 3 Protocol 1 Spearphishing Command-Line Shortcut File System DLL Side- Account Query Shared Data Staged Scheduled Standard Link Interface Modification Permissions Loading 1 Manipulation Registry 1 Webroot Transfer Non- Weakness Application Layer Protocol 2 Spearphishing Graphical User Modify Existing New Service DLL Search Order Brute Force Process Third-party Screen Data Transfer Standard Attachment Interface Service Hijacking Discovery 2 Software Capture Size Limits Application Layer Protocol 2 Spearphishing Scripting Path Scheduled Task Software Packing Two-Factor Remote System Pass the Hash Email Exfiltration Over Uncommonly via Service Interception Authentication Discovery 1 Collection Command and Used Port Interception Control Channel Signature Overview • AV Detection • Cryptography • Spreading • Networking • Key, Mouse, Clipboard, Microphone and Screen Capturing • E-Banking Fraud • System Summary • Data Obfuscation • Persistence and Installation Behavior • Boot Survival • Hooking and other Techniques for Hiding and Protection • Malware Analysis System Evasion • Anti Debugging • HIPS / PFW / Operating System Protection Evasion • Language, Device and Operating System Detection Click to jump to signature section AV Detection: Multi AV Scanner detection for submitted file Cryptography: Public key (encryption) found Spreading: Enumerates the file system Contains functionality to enumerate / list files inside a directory Networking: Connects to many ports of the same IP (likely port scanning) Detected TCP or UDP traffic on non-standard ports Connects to IPs without corresponding DNS lookups IP address seen in connection with other malware Internet Provider seen in connection with other malware Downloads files from webservers via HTTP Found strings which match to known social media urls Copyright Joe Security LLC 2019 Page 7 of 109 Performs DNS lookups Urls found in memory or binary data Key, Mouse, Clipboard, Microphone and Screen Capturing: Contains functionality for read data from the clipboard Creates a DirectInput object (often for capturing keystrokes) E-Banking Fraud: Found strings which match to known bank urls System Summary: Contains functionality to shutdown / reboot the system Creates mutexes Detected potential crypto function Enables security privileges Found potential string decryption / allocating functions Reads the hosts file Sample file is different than original file name gathered from version info Sample reads its own file content Tries to load missing DLLs Binary contains paths to development resources Classification label Contains functionality to check free disk space Contains functionality to instantiate COM classes Creates files inside the program directory Creates files inside the user directory Creates temporary files PE file has an executable .text section and no
Load more

Recommended publications
  • User Manual Ledger Nano S
    User Manual Ledger Nano S Version control 4 Check if device is genuine 6 Buy from an official Ledger reseller 6 Check the box contents 6 Check the Recovery sheet came blank 7 Check the device is not preconfigured 8 Check authenticity with Ledger applications 9 Summary 9 Learn more 9 Initialize your device 10 Before you start 10 Start initialization 10 Choose a PIN code 10 Save your recovery phrase 11 Next steps 11 Update the Ledger Nano S firmware 12 Before you start 12 Step by step instructions 12 Restore a configuration 18 Before you start 19 Start restoration 19 Choose a PIN code 19 Enter recovery phrase 20 If your recovery phrase is not valid 20 Next steps 21 Optimize your account security 21 Secure your PIN code 21 Secure your 24-word recovery phrase 21 Learn more 22 Discover our security layers 22 Send and receive crypto assets 24 List of supported applications 26 Applications on your Nano S 26 Ledger Applications on your computer 27 Third-Party applications on your computer 27 If a transaction has two outputs 29 Receive mining proceeds 29 Receiving a large amount of small transactions is troublesome 29 In case you received a large amount of small payments 30 Prevent problems by batching small transactions 30 Set up and use Electrum 30 Set up your device with EtherDelta 34 Connect with Radar Relay 36 Check the firmware version 37 A new Ledger Nano S 37 A Ledger Nano S in use 38 Update the firmware 38 Change the PIN code 39 Hide accounts with a passphrase 40 Advanced Passphrase options 42 How to best use the passphrase feature 43
    [Show full text]
  • Performance-Based Analysis of Blockchain Scalability Metric
    ISSN 1846-6168 (Print), ISSN 1848-5588 (Online) Subject review https://doi.org/10.31803/tg-20210205103310 Performance-Based Analysis of Blockchain Scalability Metric Jyoti Yadav*, Ranjana Shevkar Abstract: Cryptocurrencies like Bitcoin and Ethereum, are widely known applications of blockchain technology, have drawn much attention and are largely recognized in recent years. Initially Bitcoin and Ethereum processed 7 and 15 Transactions Per Second (TPS) respectively, whereas VISA and Paypal process 1700 and 193 TPS respectively. The biggest challenge to blockchain adoption is scalability, defined as the capacity to change the block size to handle the growing amount of load. This paper attempts to present the existing scalability solutions which are broadly classified into three layers: Layer 0 solutions focus on optimization of propagation protocol for transactions and blocks, Layer 1 solutions are based on the consensus algorithms and data structure, and Layer 2 solutions aims to decrease the load of the primary chain by implementing solutions outside the chain. We present a classification and comparison of existing blockchain scalability solutions based on performance along with their pros and cons. Keywords: consensus; decentralization; latency; scalability; security; throughput 1 INTRODUCTION sectors such as health care, media, logistics, supply chain management, power and utilities, Government, property, E- Blockchain is a decentralized, distributed, immutable voting etc. Apart from attractive features and interesting ledger with a sequence of blocks interlinked and secured applications, the most challenging task of blockchain is its using cryptography. Block is a basic unit of blockchain that scalability. bundles a set of transactions initiated by participating nodes This paper attempts to classify and compare existing in the blockchain network.
    [Show full text]
  • Impossibility of Full Decentralization in Permissionless Blockchains
    Impossibility of Full Decentralization in Permissionless Blockchains Yujin Kwon*, Jian Liuy, Minjeong Kim*, Dawn Songy, Yongdae Kim* *KAIST {dbwls8724,mjkim9394,yongdaek}@kaist.ac.kr yUC Berkeley [email protected],[email protected] ABSTRACT between achieving good decentralization in the consensus protocol Bitcoin uses the proof-of-work (PoW) mechanism where nodes earn and not relying on a TTP exists. rewards in return for the use of their computing resources. Although this incentive system has attracted many participants, power has, CCS CONCEPTS at the same time, been significantly biased towards a few nodes, • Security and privacy → Economics of security and privacy; called mining pools. In addition, poor decentralization appears not Distributed systems security; only in PoW-based coins but also in coins that adopt proof-of-stake (PoS) and delegated proof-of-stake (DPoS) mechanisms. KEYWORDS In this paper, we address the issue of centralization in the consen- Blockchain; Consensus Protocol; Decentralization sus protocol. To this end, we first define ¹m; ε; δº-decentralization as a state satisfying that 1) there are at least m participants running 1 INTRODUCTION a node, and 2) the ratio between the total resource power of nodes Traditional currencies have a centralized structure, and thus there run by the richest and the δ-th percentile participants is less than exist several problems such as a single point of failure and corrup- or equal to 1 + ε. Therefore, when m is sufficiently large, and ε and tion. For example, the global financial crisis in 2008 was aggravated δ are 0, ¹m; ε; δº-decentralization represents full decentralization, by the flawed policies of banks that eventually led to many bank which is an ideal state.
    [Show full text]
  • Blockchain Security
    CO 445H BLOCKCHAIN SECURITY Dr. Benjamin Livshits Apps Stealing Your Data 2 What are they doing with this data? We don’t know what is happening with this data once it is collected. It’s conceivable that this information could be analysed alongside other collections of data to provide insights into a person’s identity, online activity, or even political beliefs. Cambridge Analytica and other dodgy behavioural modification companies taught us this. The fact is we don’t know what is happening to the data that is being exfiltrated in this way. And in most cases we are not even aware this is taking place. The only reason we know about this collection of data-stealing apps is because security researcher, Patrick Wardle told us. Sudo Security Group’s GuardianApp claims another set of dodgy privacy eroding iOS apps, while Malwarebytes has yet another list of bad actors. http://www.applemust.com/how-to-stop-mac-and-ios-apps-stealing-your-data/ From Malwarebytes 3 https://objective-see.com/blog/blog_0x37.html Did You Just Steal My Browser History!? 4 Adware Doctor Stealing Browsing History 5 https://vimeo.com/288626963 Blockchain without the Hype 6 Distributed ledgers and blockchain specifically are about establishing distributed trust How can a community of individuals agree on the state of the world – or just the state of a database – without the risk of outside control or censorship Doing this with open-source code and cryptography turns out to be a difficult problem Distributed Trust 7 A blockchain is a decentralized, distributed and public
    [Show full text]
  • How to Sell Ethereum Classic on Robinhood
    1 How to Sell Ethereum Classic on Robinhood Update [06-07-2021] This widget shows the number of times this symbol reached a new low price for specific periods, from the past 5-Days to the past 20-Years. Included are the Open, High, Low, Last,Change, Change and Volume figures. When looking at the Periods in the Price Performance table, the 5-Day through 2-Year periods are based on daily data, the 3-Year and 5-Year periods are based on weekly data, and the 10-Year and 20-Year periods are based on monthly data. I need to give payment ETH address to my customers for deposit ETH their accounts. You can t export the xpub directly from a ledger nano s with the default bitcoin or ethereum apps. I want to use a HD ETH wallet for this and I am using Ledger Nano S now. If Ledger support HD, How can I export XPub. But you can construct an xpub using the data you can extract from the ledger. Positively Correlated Currencies. 50-day, 100-day and 200-day moving averages are among the most commonly used indicators to identify important resistance and support levels. Some charts will use hollow and filled candlestick bodies instead of colors to represent the same thing. The Maker Protocol MakerDAO s Multi-Collateral Dai MCD System. At a technical level, smart contracts manage each type of vote. Additionally, because exchanges and blockchain projects can integrate the DSR into their own platforms, it presents new opportunities for cryptocurrency traders, entrepreneurs, and established businesses to increase their Dai savings and Dai operating capital.
    [Show full text]
  • Uncontrolled Randomness in Blockchains: Covert Bulletin Board for Illicit Activity
    Uncontrolled Randomness in Blockchains: Covert Bulletin Board for Illicit Activity Nasser Alsalami Bingsheng Zhang* Lancaster University, UK Zhejiang University, China [email protected] [email protected] Abstract—Public blockchains can be abused to covertly store platforms that use randomized cryptographic primitives, such and disseminate potentially harmful digital content which poses as digital signatures and non-interactive zero-knowledge a serious regulatory issue. In this work, we show the severity of proofs. The main observation is that all randomized algo- the problem by demonstrating that blockchains can be exploited to surreptitiously distribute arbitrary content. More specifically, rithms need to consume random coins somewhere along all major blockchain systems use randomized cryptographic the execution, and these random coins are not audited or primitives, such as digital signatures and non-interactive zero- certified publicly. By intentionally manipulating the random knowledge proofs; we illustrate how the uncontrolled random- coin supplied to a randomized algorithm, an attacker is ness in such primitives can be maliciously manipulated to enable able to embed arbitrary information into the output of the covert communication and hidden persistent storage. To clarify the potential risk, we design, implement and evaluate our algorithm, where the output that contains steganographic data technique against the widely-used ECDSA signature scheme, is computationally indistinguishable from normal output. the CryptoNote’s ring signature scheme, and Monero’s ring Our attack can be used for covert channels, persistent stor- confidential transactions. Importantly, the significance of the demonstrated attacks stems from their undetectability, their age, and many other scenarios. For instance, the attacker(s) adverse effect on the future of decentralized blockchains, may try to subvert, or mis-implement cryptocurrency wallets and their serious repercussions on users’ privacy and crypto and re-distribute them to unsuspecting users.
    [Show full text]
  • A Survey of Distributed Consensus Protocols for Blockchain Networks
    1 A Survey of Distributed Consensus Protocols for Blockchain Networks Yang Xiao∗, Ning Zhang†, Wenjing Lou∗, Y. Thomas Hou∗ ∗Virginia Polytechnic Institute and State University, VA, USA †Washington University in St. Louis, MO, USA Abstract—Since the inception of Bitcoin, cryptocurrencies participants. On the other hand, blockchain is also known for and the underlying blockchain technology have attracted an providing trustworthy immutable record keeping service. The increasing interest from both academia and industry. Among block data structure adopted in a blockchain embeds the hash various core components, consensus protocol is the defining technology behind the security and performance of blockchain. of the previous block in the next block generated. The use of From incremental modifications of Nakamoto consensus protocol hash chain ensures that data written on the blockchain can not to innovative alternative consensus mechanisms, many consensus be modified. In addition, a public blockchain system supports protocols have been proposed to improve the performance of third-party auditing and some blockchain systems support a the blockchain network itself or to accommodate other specific high level of anonymity, that is, a user can transact online application needs. In this survey, we present a comprehensive review and anal- using a pseudonym without revealing his/her true identity. ysis on the state-of-the-art blockchain consensus protocols. To The security properties promised by blockchain is unprece- facilitate the discussion of our analysis, we first introduce the dented and truly inspiring. Pioneering blockchain systems such key definitions and relevant results in the classic theory of fault as Bitcoin have greatly impacted the digital payment world.
    [Show full text]
  • Research and Applied Perspective to Blockchain Technology: a Comprehensive Survey
    applied sciences Review Research and Applied Perspective to Blockchain Technology: A Comprehensive Survey Sumaira Johar 1,* , Naveed Ahmad 1, Warda Asher 1, Haitham Cruickshank 2 and Amad Durrani 1 1 Department of Computer Science, University of Peshawar, Peshawar 25000, Pakistan; [email protected] (N.A.); [email protected] (W.A.); [email protected] (A.D.) 2 Institute of Communication Systems, University of Surrey, Guildford GU2 7JP, UK; [email protected] * Correspondence: [email protected] Abstract: Blockchain being a leading technology in the 21st century is revolutionizing each sector of life. Services are being provided and upgraded using its salient features and fruitful characteristics. Businesses are being enhanced by using this technology. Countries are shifting towards digital cur- rencies i.e., an initial application of blockchain application. It omits the need of central authority by its distributed ledger functionality. This distributed ledger is achieved by using a consensus mechanism in blockchain. A consensus algorithm plays a core role in the implementation of blockchain. Any application implementing blockchain uses consensus algorithms to achieve its desired task. In this paper, we focus on provisioning of a comparative analysis of blockchain’s consensus algorithms with respect to the type of application. Furthermore, we discuss the development platforms as well as technologies of blockchain. The aim of the paper is to provide knowledge from basic to extensive from blockchain architecture to consensus methods, from applications to development platform, from challenges and issues to blockchain research gaps in various areas. Citation: Johar, S.; Ahmad, N.; Keywords: blockchain; applications; consensus mechanisms Asher, W.; Cruickshank, H.; Durrani, A.
    [Show full text]
  • The Ultimate Guide to Gpu/Crypto Mining Contents
    THE ULTIMATE GUIDE TO GPU/CRYPTO MINING CONTENTS Introduction Page 1 Mining pools - solo mining vs Page 13 pool mining Buy your own rig or rent it out? Page 2 How to mine Bitcoin Page 15 How to build a rig Page 4 How to mine ETH Page 16 GPU – which one is best for Page 7 what How to mine Monero Page 17 ASIC vs GUI vs Cloud vs CLI Page 9 Top tips for miners Page 19 Mining difficulty and hashrates Page 11 Cudo Miner Page 20 Mine Better, Mine Stronger, Mine Faster! INTRO The chances are, you’ve not got here by accident. You have an interest in one of a) cryptocurrency, b) mining it, c) making money and – quite likely – d) all of the above. At its most basic, cryptocurrency mining is the harnessing of computer processing way, to verify and add entries to the blockchain that underpins a currency. Naturally enough, the computations involved are long, complex and require a huge amount of power to crack an individual block. There are lots of miners all trying to crack the same computations, but the one who does it is rewarded by mining a new coin. It’s very hit and miss, and thus the more power at your fingertips, the better your odds. The rewards are increasingly worth it, too, and that’s why more and more people are either investing in crypto-mining hardware, leasing the power of others, or using their spare processing power to mine currency. This guide, then, is aimed at those looking to do just that.
    [Show full text]
  • Blockchain Development Trends 2021 >Blockchain Development Trends 2021
    >Blockchain Development Trends 2021_ >Blockchain Development Trends 2021_ This report analyzes key development trends in core blockchain, DeFi and NFT projects over the course of the past 12 months The full methodology, data sources and code used for the analysis are open source and available on the Outlier Ventures GitHub repository. The codebase is managed by Mudit Marda, and the report is compiled by him with tremendous support of Aron van Ammers. 2 >The last 12 months Executive summary_ * Ethereum is still the most actively developed Blockchain protocol, followed by Cardano and Bitcoin. * Multi-chain protocols like Polkadot, Cosmos and Avalanche are seeing a consistent rise in core development and developer contribution. * In the year of its public launch, decentralized file storage projectFilecoin jumped straight into the top 5 of most actively developed projects. * Ethereum killers Tron, EOS, Komodo, and Qtum are seeing a decrease in core de- velopment metrics. * DeFi protocols took the space by storm with Ethereum being the choice of the underlying blockchain and smart contracts platform. They saw an increase in core development and developer contribution activity over the year which was all open sourced. The most active projects are Maker, Gnosis and Synthetix, with Aave and Bancor showing the most growth. SushiSwap and Yearn Finance, both launched in 2020, quickly grew toward and beyond the development activity and size of most other DeFi protocols. * NFT and Metaverse projects like collectibles, gaming, crypto art and virtual worlds saw a market-wide increase in interest, but mostly follow a closed source devel- opment approach. A notable exception is Decentraland, which has development activity on the levels of some major blockchain technologies like Stellar and Al- gorand, and ahead of some of the most popular DeFi protocols like Uniswap and Compound.
    [Show full text]
  • Download Whitepaper
    WHITEPAPER WWW.IAGON.COM v4.5 1 TABLE OF CONTENTS OVERVIEW .............................................................................................................................3 INTRODUCTION .....................................................................................................................5 MARKET OUTLOOK OF CLOUD STORAGE SERVICES .............................................................6 MARKET OUTLOOK OF CLOUD COMPUTING SERVICES ..........................................................7 IAGON’S AI-BASED COMPUTATIONAL PROCESSES ...............................................................8 IAGON’S MULTIPLE BLOCKCHAIN SUPPORT .........................................................................9 IAGON’S SECURE LAKE TECHNOLOGY ..................................................................................9 IAGON’S SMART COMPUTING GRID PLATFORM AND AI-TRACKER TECHNOLOGY .................11 CASE STUDY ........................................................................................................................12 REGULATIONS .....................................................................................................................13 REINFORCEMENT LEARNING ...............................................................................................13 DATA MINING ........................................................................................................................14 BLOCKCHAIN .......................................................................................................................15
    [Show full text]
  • Major Cryptocurrency Provider Compromised in a Supply Chain Attack
    Memo 26/11/2019 - TLP:WHITE Major cryptocurrency provider compromised in a supply chain attack Reference: Memo [191126-1] – Version: 1.0 Keywords: cryptocurrency, finance, Monero, supply chain attack Sources: Publicly available information Key Points The official command line interface Monero wallet was compromised and used in a supply chain attack. At least one person has reported financial loss due to the compromise. Cryptocurrency platforms and software are a high-value target for cyber-thieves. Summary On November 19, the Monero cryptocurrency team announced1 that for 35 minutes, the wallet tools available from the official download site getmonero[.]org, had been compromised and harboured additional code that was designed to steal cryptocurrency. According to reports, at least one user lost about $7000 from their cryptocurrency wallet as a result of using the modified binary. As of writing, it is not clear how the compromise was achieved. The breach came to light when some users noticed that the command-line Monero cryptocurrency wallet components downloaded from the official site had hashes that differed from the officially published checksums. This indicates that either the files have been modified or an incorrect hash value has been published. Monero team confirmed the breach and recommends that everyone who downloaded the tool recently should replace it with a known good one. Also, Monero recommends that if a cryptocurrency wallet was accessed with the compromised tool, all funds should be transferred to a different wallet immediately to avoid theft of virtual money. Comments Cryptocurrency management platforms and software are a preferred target for cyber criminals, simply “because that’s where the money is.” The Monero platform compromise is an ideal supply chain attack.
    [Show full text]