Tokyo-based cryptocurrency exchange Coincheck just made history, and not in a good way. It has lost around $534 million worth of NEM tokens, one of the lesser-known cryptocurrencies, after its network was hacked on January 25th, 12:57pm EST. The attackers remained undetected for eight hours, giving them enough time to steal 523 million tokens kept in a “hot wallet, ” a type of storage that’s connected to the internet for easy spending. While the exact value of the stolen coins are unclear due to the ever-changing nature of cryptocurrency — it’s $400 million at the very least — Coincheck might have already lost more than what Mt. Gox did a few years ago. Mt. Gox, which was also based in Shibuya like Coincheck, was the victim of another massive cryptocurrency theft back in 2014. It lost between $400 and $480 million from the heist, prompting Japan’s legislators to pass a law to regulate bitcoin exchanges. Despite the comparable figures, Coincheck’s hack didn’t quite affect the market the way Mt. Gox did. Mt. Gox, after all, handled around 80 percent of Bitcoins back in the day when there weren’t a lot of exchanges yet. Also, affected Mt. Gox users didn’t get their money back. Coincheck suspended its trading and withdrawal for all cryptocurrencies other than Bitcoin, but the company promised not to run from its customers. It said it will use its own money to reimburse all 260, 000 affected users, though it didn’t specify when it will start disbursing funds. Source: CoinDesk , BBC , Bloomberg
View the original here:
Coincheck loses $400 million in massive cryptocurrency heist
A Canadian university transferred more than $11 million CAD (around $9 million USD) to a scammer that university staff believed to be a vendor in a phishing attack, a university statement published on Thursday states. From a report: Staff at MacEwan University in Edmonton, Alberta became aware of the fraud on Wednesday, August 23, the statement says. According to the university, the attacker sent a series of emails that convinced staff to change payment details for a vendor, and that these changes resulted in the transfer of $11.8 million CAD into bank accounts that the school has traced to Canada and Hong Kong. The school is working with authorities in Edmonton, Montreal, London, and Hong Kong, the statement reads. According to the university, its IT systems were not compromised and no personal or financial information was stolen. A phishing scam is not technically a “hack, ” it should be noted, and only requires the attacker to convince the victim to send money. The school’s preliminary investigation found that “controls around the process of changing vendor banking information were inadequate, and that a number of opportunities to identify the fraud were missed.” Read more of this story at Slashdot. 
The cost of imprisoning each of California’s 130, 000 inmates is expected to reach a record $75, 560 in the next year, the AP reported. From the article: That’s enough to cover the annual cost of attending Harvard University and still have plenty left over for pizza and beer Gov. Jerry Brown’s spending plan for the fiscal year that starts July 1 includes a record $11.4 billion for the corrections department while also predicting that there will be 11, 500 fewer inmates in four years (alternative source) because voters in November approved earlier releases for many inmates. The price for each inmate has doubled since 2005, even as court orders related to overcrowding have reduced the population by about one-quarter. Salaries and benefits for prison guards and medical providers drove much of the increase. The result is a per-inmate cost that is the nation’s highest — and $2, 000 above tuition, fees, room and board, and other expenses to attend Harvard. Since 2015, California’s per-inmate costs have surged nearly $10, 000, or about 13%. New York is a distant second in overall costs at about $69, 000. Read more of this story at Slashdot. 
An anonymous reader quotes Hot Hardware: Stu Gale, who just so happens to be a computer security expert, had the misfortune of having his laptop stolen from his car overnight. However, Gale did have remote software installed on the device which allowed him to track whenever it came online. So, he was quite delighted to see that a notification popped up on one of his other machines alerting him that his stolen laptop was active. Gale took the opportunity to remote into the laptop, only to find that the not-too-bright thief was using his laptop to login to her Facebook account. The thief eventually left her Facebook account open and left the room, after which Gale had the opportunity to snoop through her profile and obtain all of her private information. “I went through and got her phone numbers, friends list and pictures…” Given that Gale was able to see her phone numbers listed on Facebook, he sent text messages to all of those numbers saying that he was going to report her to the police. He also posted her info to a number of Facebook groups, which spooked the thief enough to not only delete her Facebook account, but also her listed phone numbers. In 2008 Slashdot ran a similar story, where it took several weeks of remote monitoring before a laptop thief revealed his identity. (The victim complained that “It was kind of frustrating because he was mostly using it to watch porn.”) But in this case, Gale just remotely left a note on the laptop — and called one of the thief’s friends — and eventually turned over all the information to the police, who believe an arrest will follow. Gale seems less confident, and tells one Calgary newspaper “I’m realistic. I’m not going to see that computer again. But at least I got some comic relief.” Read more of this story at Slashdot. 
New submitter Kinwolf writes: Security researchers have identified a new family of Linux rootkits that, despite running from user mode, can be hard to detect and remove. Called Umbreon, after a Pokemon character that hides in the darkness, the rootkit has been in development since early 2015 and is now being sold on the underground markets. [It targets Linux-based systems on the x86, x86-64 and ARM architectures, including many embedded devices such as routers.] According to malware researchers from antivirus firm Trend Micro, Umbreon is a so-called ring 3 rootkit, meaning that it runs from user mode and doesn’t need kernel privileges. Despite this apparent limitation, it is quite capable of hiding itself and persisting on the system. The reports adds: “The rootkit uses a trick to hijack the standard C library (libc) functions without actually installing any kernel objects. Umbreon hijacks these functions and forces other Linux executables to use its own libc-like library. This puts the rootkit in a man-in-the-middle position, capable of modifying system calls made by other programs and altering their output. The rootkit also creates a hidden Linux account that can be accessed via any authentication method supported by Linux, including SSH (Secure Shell). This account does not appear in files like /etc/passwd because the rootkit can modify the output of such files when read, the Trend Micro researchers said in a blog post. Umbreon also has a backdoor component called Espereon, named after another Pokemon character, that can establish a reverse shell to an attacker’s machine when a TCP packet with special field values are received on the monitored Ethernet interface of an affected device.” Read more of this story at Slashdot.