New Cryptojacking Threat Crashes PC’s When Removed

Cryptojacking Virus

Cryptojacking has become such a ubiquitous event that it’s become a normal annoyance at this point. Usually, malware like this are easily stopped by just closing your browser.

However, a new and very aggressive form of the malware has been discovered. One that will try to crash your computer once it detects efforts to remove it.

Security researchers at 360 Total Security have reported that the malware, dubbed ‘WinstarNssmMiner,’ has attempted to infect about 500,000 PCs in just three days through email and compromised websites.

Once on the PC, the malware launches a script labeled “svchost.exe”, that is used to manage basic functions in a PC’s operating system. The malware then injects malicious code in the script, allowing other applications in the background to run normally to avoid detection.

Once this is done, WinstarNssmMiner then alters a PC’s “Critical Process” function so that the malware can crash the system if it wants to. Before it installs, the malware checks around if the PC has any antivirus software installed. According to ZDNet, if it detects software from Avast, Kaspersky or other reputable antivirus software, WinstarNssmMiner won’t even bother installing itself in the first place.

Now if the PC doesn’t have antivirus software or has second-rate software, the malware will take advantage of every CPU that it can. This is where the crashing capabilities become critical: some computer savvy users can identify, and terminate the CPU consuming applications. WinstarNssmMiner puts the kibosh on that by configuring its mining processes’ attribute to CriticalProcess so infected computers crash when users terminate it.

As of Thursday, May 17th, ZDNet reported that WinstarNssmMiner had already mined 133 Monero tokens, the equivalent of about $26,500. Four mining pools have reportedly been linked to the malware, although details are still unclear.

AI is the Way for Chinese ASIC Maker in Case of Government Regulation

Bitcoin Miners

Due to the Chinese government’s recent hard-line stance against crypto, ASIC manufacturer Bitmain announced that they would turn to AI development as an alternate revenue source, Bloomberg reports May 17th.

Chinese regulations have included bans on ICOs, a blanket ban on “exchange-like services” and another ban on foreign crypto exchanges.

Bitmain is known for manufacturing the processing chips and miners used to mine for a wide variety of cryptocurrencies, which include Bitcoin, Ethereum, and Monero. The release of Antminer last March led Monero to upgrade so as to preserve their ASIC-resistant nature.

Jihan Wu, Bitmain co-chief exec, told Bloomberg in an interview that because “artificial intelligence requires lots of computations,” it would be a good fit for the company.

“As a China company, we have to be prepared.”

The executive continues.

Bitmain’s recently launched BM1680 chip, released October of last year, is a more cost-efficient alternative to those made by NVidia and Advanced Micro Devices, albeit less powerful.

Wu – predicting that AI chips would in the future account for 40 percent of the company’s revenue – told Bloomberg that Bitmain is “just trying to do something that they cannot take care of well enough.”

Reports show that four-year-old Bitmain made somewhere between #3 and $4 million last year in operating profits, compared to 27-year-old rival, which made around $3 billion last year.

Tea-Based Crypto Project Busted by Chinese Police

cop caught criminal vector

A cryptocurrency project has been scuttled by Chinese law enforcement for allegedly soliciting investments with fraudulent claims.

In a report from the Guandong Daily, a provincial media outlet, Shenzhen police arrested six individuals last Monday. They were accused of defrauding 3,000 Chinese investors out of $47 million by selling a cryptocurrency they claimed was backed by a commodity.

The suspects allegedly set up a firm based in Shenzhen called PEB, which beginning in January 2017 issued a blockchain-powered token dubbed Pu’er Coin, according to reports.

The project’s website says holders of the token were entitled to hold a contract which represented ownership of an amount of Pu’er Tibetan tea the firm supposedly had in stock, which the firm claimed to be worth billions of dollars.

While the token could be exchanged in a secondary market called Jubi.com, another website later claimed the contract could bring in a 12 percent annual return if investors choose to lock their funds for 12 months.

Police reports say that, though the firm had only a “very limited amount of the tea in stock,” it also promised high short-term returns to investors in social media promotions and roadshows at high-end hotels.

The police also said the project succeeded in attracting investors via manipulation of the secondary market, using it’s own funds to drive up the token price during the course of 2017.

The arrests mark another notable crackdown on alleged cryptocurrency fraud in China as law enforcement in the country have taken a hardline stance against illegal fundraising.

Previously, Xi’An Police have arrested the founders of an alleged nationwide crypto pyramid scheme that is said to have collected $13 million from over 13,000 people.

New Consensus Protocols Revealed by Cornell Professor

cryptographic protocol

A team of developers known under the pseudonym “Team Rocket” have created a family of new consensus protocols for blockchains.

Cornell University professor and blockchain researcher Emin Gun Sirer unveiled the new protocols Thursday at Token Summit III in New York. He xplained that the new protocols combine what he termed as the “classical consensus” and “Nakamoto consensus” models in blockchain network decision-making.

The professor said of the new protocols:

“The way this protocol works is incredibly simple yet incredibly powerful.”

Sirer and his research team had been working on the white paper for this protocol family for months, he said, but it was actually developed by a pseudonymous team called “Team Rocket” after the Pokemon characters.

Called Snowflake, Snowball and Avalanche, the protocols work by randomly sampling network participants, and ultimately select a single result. Sirer said that “They rely on randomness and they rely on random interactions and yet they ensure after the interactions everyone has decided the same thing.”

The white paper goes further:

“Inspired by gossip algorithms, this new family gains its safety through a deliberately metastable mechanism. Specifically, the system operates by repeatedly sampling the network at random, and steering the correct nodes towards the same outcome.”

However, not all agree that this is a novel breakthrough.

Ethereum developer Vlad Zamfir tweeted that due to the nature of the protocols, they fail to combine “the best of Nakamoto consensus with the best of classical consensus” as Sirer had asserted.

Zamfir, the lead researcher behind the CASPER CBC noted that the new protocols combine “the worst of both worlds,” due to aspects of the code that could lead to weakened security.

Zamfir further objected to the new protocol, saying “It’s not asynchronously safe and it’s probabilistic,” Adding that “We don’t get to take a probabilistic model of the network for granted [in my opinion].”