Evrial, malware that steals Bitcoins using the clipboard... and the scammed scammers

Monday, February 26, 2018

Evrial is the latest cryptocoin malware stealer, and uses the power to control the clipboard as its strongest bet to get "easy money". Elevenpaths has took a deep technical dive into the malware itself, to show how it technically works, with a quite self-explanatory video. Aside, we have followed the steps of its Russian creator and found that whoever he is… scammed the scammers themselves.

Qutra, the creator, selling its malware

#CyberSecurityPulse: Dude, Where Are My Bitcoins?

Monday, February 19, 2018

Numerous types of attacks are affecting cryptocurrency users: families of malware that steal wallets, phishing attacks that try to forge platforms where users manage their bitcoins, applications that use the CPU of users to mine... And, in addition, those that prefer to manage their own money without delegating responsibility to a third party they will also have to deal with the problem of losing private keys or not remembering the password with which we protected the wallet.

If it has happened to you and you have protected your wallet with a password, maybe you do not have everything lost. John the Ripper, a password cracking software tool, contains plugins that crack differents wallets: bitcoin2john, blockchain2john, electrum2john, ethereum2john and multibit2john. In the first place, we will have to select the type of plugin that we are going to use depending on the type of wallet that you are using. Then, you pass that content to a text file, launch John The Ripper ./john with the file name and, finally, cross the fingers!

SandaS GRC, the best way to perform the GSMA IoT Security Assessment

Wednesday, February 14, 2018

SandaS GRC
ElevenPaths SandaS GRC allows organizations to support their business strategy, improve operational performance, mitigate operational risks and ensure regulatory compliance. Is the perfect complement with which you can create a governance program, risk management and effective compliance of the security of your organization’s information.

With the aim of extending this control to the IoT deployments, SandaS GRC has incorporated a set of controls to secure IoT deployments. These controls are those collected in the GSMA IoT Security Guidelines through the GSMA IoT Security Assessment, where Telefónica has actively contributed.

#CyberSecurityPulse: Oops, I Went Running and I Published Information From Secret Locations

Monday, February 5, 2018

The popular fitness tracking app Strava proudly published a 2017 heat map showing activities from its users around the world, but unfortunately, the map revealed locations of the United States military bases worldwide. Strava which markets itself as a "social-networking app for athletes" publicly made available the global heat map, showing the location of all the rides, runs, swims, and downhills taken by its users, as collected by their smartphones and wearable devices like Fitbit. Since Strava has been designed to track users’ routes and locations, IUCA analyst Nathan Ruser revealed that the app might have unintentionally mapped out the location of some of the military forces around the world, especially some secret ones from the United States.

However, information from cartographic systems on facilities of interest to the defense, such as military bases, has always been available. Subject to errors or inaccuracies, but always available given the inability of governments to limit their dissemination. In this sense, this type of information has been used to perpetrate attacks, to the point that India raised in 2009 the closure of Google Earth as a measure to avoid attacks like those in Bombay.