Hackers have managed to install code on the sites that uses visitors’ computers to “mine” the cyber-currencies.

One scan of the most popular websites found hundreds harbouring the malicious mining code.

By getting lots of computers to join the networks, attackers can quickly generate cash.

“This is absolutely a numbers game,” said Rik Ferguson, vice-president of security research at Trend Micro.

Malicious use

Mr Ferguson said crypto-currencies operated by getting lots of computers to work together to solve the tricky mathematical problems that establish who spent what. This establishes a digital ledger, or blockchain, of spending activity with a particular coin.

The number crunching is called mining and new crypto-coins are handed out to miners who are the first to solve the complex sums.

The more computer power that someone can amass, said Mr Ferguson, the more coins they can generate.

“There’s a huge attraction of being able to use other people’s devices in a massively distributed fashion because you then effectively take advantage of a huge amount of computing resources,” he said.

“Crypto-coin mining malware is nothing new,” said Mr Ferguson, adding that the growing value of established cyber-currencies and the emergence of potentially valuable new ones was driving malicious use of the scripts.

A security researcher has scanned the code behind the million most popular websites to see which ones are running the widely used Coin Hive mining script.

Many sites use this and others, such as JSE Coin, legitimately to generate some money from their steady stream of visitors. Metrics published on the Coin Hive site suggest that a site that gets one million visitors a month would make about $116 (£88) in the Monero crypto-currency by mining.

On many sites found in the scan, the way the script was concealed suggested it had been uploaded surreptitiously.

The BBC contacted several of the sites in the UK running the Coin Hive script and those that responded said they did not know who added it to their site. Some have now deleted the mining code, updated their security policies and are investigating how the code was implanted.

Coin Hive’s developers said it had also taken action against malicious use.

“We had a few early users that implemented the script on sites they previously hacked, without the site owner’s knowledge,” they said in a message to the BBC. “We have banned several of these accounts and will continue to do so when we learn about such cases.”

It encouraged people to report malicious use of Coin Hive and said any site using it should inform users that their computer could be enrolled in a mining scheme. Some security programs and ad-blocking software now warn users when they encounter miners.

Security service Cloudflare has also suspended the accounts of some customers after they started using mining scripts. It explained its action by saying that it considered the code to be malware if visitors were not told about it.

Cloud cracking

Surreptitious coin mining is not just a problem for websites that have been hit by hackers. Many others across the tech world are moving to tackle the problem.

Last week, two senior officials in the Crimean government were reportedly firedbecause they had started using a lot of official machines to mine bitcoin. The creators of the FiveM add-on or “mod” for video game GTA V released an update which stopped people adding miners to their code.

High-profile websites including the Pirate Bay, Showtime and TuneProtect have all been found to be harbouring the script.

Prof Matthew Caesar, a computer scientist at the University of Illinois, said mining was also starting to cause problems for companies that offered cloud-based computing services.

Prof Caesar said he and student Rashid Tahir started investigating the problem after conversations with several cloud firms revealed that all of them had experienced trouble with coin-mining.

“If someone can hack into a cloud account they have access to a huge amount of computer power,” he said. “They can get huge value from those accounts because there’s not much limit on the number of machines they can use.

“Often,” he said, “the billing systems the cloud services run do not reveal what’s going on. Someone can get in and cause a lot of damage before they are shut down.”

Victims can be left with huge bills for servers that attackers rented to do their coin-mining, he said.

The Illinois researchers are developing a monitoring system that can spot when the mining software was being used, he said.

The ways that modern processors handle the complicated maths demanded by crypto-currencies are relatively easy to spot if someone goes looking for them, said Prof Caesar.

“We’re in the process of working with one cloud computing company to deploy the monitor in their network,” he said.

“We’re also looking at how we can do this on personal computers as well,” he added.

–

Source: BBC

The post Websites hacked to mint crypto-cash appeared first on Citi 97.3 FM - Relevant Radio. Always.

The thieves hijacked the website of finance security start-up Enigma and posted messages saying it was about to launch its own currency.

Many people keen to cash in transferred ethereum to the thieves’ account.

In response, Enigma shut down its website and adopted stronger security policies to keep hackers out.

In a statement posted to its Twitter account, Enigma said the thieves had carried out the scam after taking over the company’s web domain, mailing lists and Slack messaging service account.

By posting a message on the Enigma website and sending notices out via Slack and email, the malicious hackers convinced many people the security company was seeking early investors.

The attackers played on the fact that early next month Enigma plans to run a crypto-cash-based fundraising exercise to bankroll its expansion.

The criminal hackers asked for investments to be paid in ethereum and are believed to have amassed about $500,000 worth before the scam was spotted and shut down.

Enigma said none of its infrastructure had been used for the scam and none of its funds had been stolen by the attackers.

It said it had now regained control of its compromised accounts.

It has also adopted stronger security measures internally to prevent hijacks.

Enigma has also stopped using Slack and moved to the secure messaging program Telegram.

“We’ve moved up a number of critical security steps and taken additional measures to protect the community going forward,” Tor Bair, a spokesman for Enigma, told Wired.

“We’re now very well aware of the potential threats and are taking no chances.”

Enigma added it was helping to investigate the scam and who was behind it with the help of other crypto-cash and security companies.

–

Source: BBC

The post Crypto-cash investors duped in funding scam appeared first on Citi 97.3 FM - Relevant Radio. Always.

Some 492 of the survived deliveries died under age one,  while the first quarter of 2014 had already recorded 21,637 deliveries, with 67 of them dying under age one, and 322  stillbirths.

Deputy Northern Regional Director of Public Health,  Dr Jacob Wundable Mahama who disclosed this to the media in Tamale on Tuesday,  explained that many of the stillbirths could have been avoided if pregnant women stopped taking concoctions to aid delivery.

He said malnutrition, anaemia, the failure of some pregnant women to attend antenatal clinic  contribute to the number of stillbirths in the region, and urged pregnant women to take precaution and avoid practices that would endanger their lives and their pregnancies.

He said the problem of stillbirths in the region had reduced, as compared to the previous years, and advised pregnant women to lead lifestyles that would not affect their pregnancies to result in stillbirths.

Dr Mahama who was speaking to the media as part of activities to mark this year’s Child Health Promotion week, expressed worry that many of the deliveries in the region were conducted by some traditional birth attendants due to the shortage of midwives.

He lamented that even though the midwives were few, 50 percent of them would be retiring from active service in four years’ time, and that the situation could worsen the problem of maternal health.

He noted that some health training institutions in the region had started training more midwives to fill in the vacuum, and expressed the hope that the situation would improve if more midwives were trained.

Dr Mahama said GHS had re-engaged the services of some  midwives who had gone on retirement, but there was still pressure on the health facilities, and advised retired midwives who had the means to establish maternity homes to augment the situation.

A tour to Diare, a community in the Savelugu/Nanton Municipality, to observe the Child Health Promotion Week, showed remarkable ante-natal and post natal attendance, an indication of many mothers wanting to access quality health care.

A Physician Assistant at the Diarre Health Centre, Mr. Moses Akunyam health facilities in that area receive an average of 500 children weekly, and that the child health promotion week was targeting 1,700 children to be immunized

He said the children would be vaccinated against various diseases, and supplied with vitamin A supplement, dewormers, and given insecticide mosquito nets to prevent them from contracting malaria.

Mr Akunyam said the facilities in the area had not recorded any infant mortality for the past five years, and urged mothers o continue to attend ante-natal and post natal services.

The Regional Health Promotion Officer, Mr. Joel Abekuliya said the health directorate was bedevilled with logistical and financial constraints, which affect its ability to go to remote and hard-to-reach communities, to sensitize and provide quality health care.

Source: GNA

The post Northern Region records 1,278 stillbirths in 2013 appeared first on Citi 97.3 FM - Relevant Radio. Always.