Daily Archives: January 31, 2018

Japanese cryptocurrency exchange loses more than $500 million to hackers

Posted on by

Coincheck said that around 523 million of the exchange’s NEM coins were sent to another account around 3 a.m. local time (1 p.m. ET Thursday), according to a Google translation of a Japanese transcript of the Friday press conference from Logmi. The exchange has about 6 percent of yen-bitcoin trading, ranking fourth by market share on CryptoCompare.

The stolen NEM coins were worth about 58 billion yen at the time of detection, or roughly $534.8 million, according to the exchange. Coincheck subsequently restricted withdrawals of all currencies, including yen, and trading of cryptocurrencies other than bitcoin.

Bloomberg first reported the hack. A CNBC email sent to Coincheck’s listed address bounced back.

Cryptocurrency NEM, which intends to help businesses handle data digitally, briefly fell more than 20 percent Friday before recovering to trade about 10 percent lower near 85 cents, according to CoinMarketCap. Most other major digital currencies, including bitcoin, traded little changed on the day.

Source: Japanese cryptocurrency exchange loses more than $500 million to hackers

Lenovo Fingerprint Manager Pro for Windows has a hardcoded password

Posted on by

A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows logon credentials, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in.

Source: Lenovo Fingerprint Manager Pro for Windows 7, 8, and 8.1 only (not 10) Insecure Credential Storage

Heat Map Released by Fitness Tracker Reveals Location of Secret Military Bases

Posted on by

Strava which markets itself as a “social-networking app for athletes” publicly made available the global heat map, showing the location of all the rides, runs, swims, and downhills taken by its users, as collected by their smartphones and wearable devices like Fitbit.

Since Strava has been designed to track users’ routes and locations, IUCA analyst Nathan Ruser revealed that the app might have unintentionally mapped out the location of some of the military forces around the world, especially some secret ones from the United States.

With a total of one billion activities logged on the Strava’s activity map, it is a whole lot of useful data from all over the world.

Although Strava’s publicly available activity map was live as of November 2017, Ruser recently noticed that the map includes the fitness routes of army soldiers and agents in secret base locations, including U.S. military bases in Afghanistan and Syria, a suspected CIA base in Somalia and even Area 51.

Source: Heat Map Released by Fitness Tracker Reveals Location of Secret Military Bases

NASA’s Long Dead (since 2007) ‘IMAGE’ Satellite is Alive! – how satellite hunters go to work.

Posted on by

Over the past week the station has been dedicated to an S-band scan looking for new targets and refreshing the frequency list, triggered by the recent launch of the mysterious ZUMA mission. This tends to be a semi-annual activity as it can eat up a lot of observing resources even with much of the data gathering automated the data reviewing is tedious.

Upon reviewing the data from January 20, 2018, I noticed a curve consistent with an satellite in High Earth Orbit (HEO) on 2275.905MHz, darn not ZUMA… This is not uncommon during these searches. So I set to work to identify the source.

A quick identity scan using ‘strf’ (sat tools rf) revealed the signal to come from 2000-017A, 26113, called IMAGE.
[…]
So what was IMAGE? I did a little Googling and discovered that it had been ‘Lost in Space’ since December 18, 2005 after just dropping off the grid suddenly. The mission was designed to image the magnetosphere, more details about that can be found in the press kit.

NASA considered the spacecraft a total loss due to a design flaw that manifested while the spacecraft was in its extended mission. The NASA failure review did however conclude that it was possible for the spacecraft to be revived by permitting a ‘Transponder SSPC reset’ after it passed through eclipse in 2007. One must assume that didn’t occur in 2007 and they gave up.
[…]
Periodically the spacecraft will enter an eclipse and NASA surmised that this may trigger it to restart and apply power back to the communications system. That appears to have happened! As you will note from the plots below the Sun angles are presently good for IMAGE and it may just stay operational for some time to come.

Source: NASA’s Long Dead ‘IMAGE’ Satellite is Alive! – Riddles in the Sky

Dutch agencies provide crucial intel about Russia’s interference in US-elections, US burns the Dutch source

Posted on by

The Cozy Bear hackers are in a space in a university building near the Red Square. The group’s composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera. Not only can the intelligence service now see what the Russians are doing, they can also see who’s doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies.

The Dutch access to the Russian hackers’ network soon pays off. In November, the Russians prepare for an attack on one of their prime targets: the American State Department. By now, they’ve obtained e-mail addresses and the login credentials of several civil servants. They manage to enter the non-classified part of the computer network.

The AIVD and her military counterpart MIVD inform the NSA-liaison at the American embassy in The Hague. He immediately alerts the different American intelligence services.

What follows is a rare battle between the attackers, who are attempting to further infiltrate the State Department, and its defenders, FBI and NSA teams – with clues and intelligence provided by the Dutch. This battle lasts 24 hours, according to American media.

The Russians are extremely aggressive but do not know they’re being spied on. Thanks to the Dutch spies, the NSA and FBI are able to counter the enemy with enormous speed. The Dutch intel is so crucial that the NSA opens a direct line with Zoetermeer, to get the information to the United States as soon as possible.
[…]
President elect Donald Trump categorically refuses to explicitly acknowledge the Russian interference. It would tarnish the gleam of his electoral victory. He has also frequently praised Russia, and president Putin in particular. This is one of the reasons the American intelligence services eagerly leak information: to prove that the Russians did in fact interfere with the elections. And that is why intelligence services have told American media about the amazing access of a ‘western ally’.

This has led to anger in Zoetermeer and The Hague. Some Dutchmen even feel betrayed. It’s absolutely not done to reveal the methods of a friendly intelligence service, especially if you’re benefiting from their intelligence. But no matter how vehemently the heads of the AIVD and MIVD express their displeasure, they don’t feel understood by the Americans. It’s made the AIVD and MIVD a lot more cautious when it comes to sharing intelligence. They’ve become increasingly suspicious since Trump was elected president.

The AIVD hackers are no longer in Cozy Bear’s computer network. The Dutch espionage lasted between 1 and 2,5 years. Hacker groups frequently change their methods and even a different firewall can cut off access.

Source: Dutch agencies provide crucial intel about Russia’s interference in US-elections – Tech – Voor nieuws, achtergronden en columns