Bgp hijacking bitcoin charts
Short-lived network changes used to make miners connect to rogue pool. New bitcoins are constantly being created through a process called 'mining': To make the payout from mining activity less of a lottery, miners usually cooperate in ' mining pools ' to share both processing power and rewards. In a mining pool, clients connect to the pool to receive instructions and share results.
Crucially, in this protocol the mining pool does not authenticate to the clients. In the incident discovered by the Dell researchers, a rough entity working for a Canadian ISP, or having access to its networks, was able to abuse BGP to announce malicious routes, thus hijacking traffic destined for hosting companies such as AmazonDigital Ocean and OVH.
None of these attacks lasted very long, but they were enough for the attackers to pretend to be the mining pool and tell the mining client to connect to a second server under their control. Lack of authentication in the Stratum protocol meant this happened seamlessly, and some miners didn't discover anything was amiss until weeks later. Although the attacks stopped once the upstream provider of the Canadian ISP was notified, it is unclear whether the attack was performed by a rogue ex- employee or by an entity having obtained access to the ISP's network.
BGP hijacking isn't new, and in the recent past has, for instance, led to the routing of US Internet traffic through Belarus and Iceland. Cybercriminals' interest in bitcoins isn't new either. In another VB paper, " Well, that escalated quickly. From penny-stealing malware to multi-million-dollar heists, a quick overview of the bitcoin bonanza in the digital era ", Kaspersky 's Santiago Pontiroli will take a look at malicious activity aroud bitcoins and other cryptocurrencies.
Or, if you have some interesting last-minute research to contribute, why not submit an abstract for one of the seven remaining slots.
Tags bgp bitcoin network stratum. Registration for VB now open! Registration for VB, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.
He shares his views on the expo and the industry. There are a number of security solutions on the market that are designed to increase the default protection provided by Office One such product is the newly launched Kaspersky Security for Microsoft Office Virus Bulletin was commissioned to…. The GravityRAT malware, discovered by Cisco Talos researchers, gives some interesting insight into modern malware development.