Bitcoin remote control
Publish: 2021-05-13 19:35:38
1. Li, a Hefei native, spent 140000 yuan on 124 bitcoins in October this year. Afterwards, Li joined some chat groups of bitcoin players to pay close attention to the bitcoin market. On October 22, a person named Michael in the group took the initiative to chat with Li and asked him if he was mining“ I won't, and I won't get any money. " Mr. Li replied. Michael repeatedly urged Li to have a try and sent him a "mining tool", claiming that he could use the tool to dig more bitcoin. In the subsequent chat, Michael constantly reminds Li to put bitcoin in his wallet, saying that the trading website is not safe“ From time to time, there are news that trading websites are closing down and running away. What he said is quite reasonable, so I believe him. " Li told Anhui Business Daily
100 bitcoins disappeared
Li received and installed mining tools. On the evening of October 26, he was inced by Michael to put 100 bitcoins in his wallet. However, when the bitcoin in the E-wallet just reached 100, it suddenly disappeared. Li suddenly panic God, and then contact Michael, the convenience of invisible disappeared
Li told reporters that at present, a bitcoin costs about 5000 or 6000 yuan, and 100 bitcoins are worth 500000 or 600000 yuan. Afterwards, Li reported the case to the police. However, to Li's disappointment, because bitcoin is a virtual currency, there is no relevant domestic law to regulate and protect its transactions. The police did not file a case“ Now, this man named Michael is still active on the Internet. He's just taking advantage of the law. " Li told Anhui Business Daily
there is a Trojan horse in "mining tools"
How could Li's bitcoin disappear? 360 security engineer contacted him and tested Michael's "mining tool", and found that this tool is a very popular "bitcoin robber" Trojan horse this year. According to the analysis of 360 security center, most of the "bitcoin thieves" Trojans are disguised as mining tools, simplified wallets and other compressed files. Once a player is recruited, the Trojan will automatically search for bitcoin wallets and steal them through e-mail, hacker remote control and other means.
100 bitcoins disappeared
Li received and installed mining tools. On the evening of October 26, he was inced by Michael to put 100 bitcoins in his wallet. However, when the bitcoin in the E-wallet just reached 100, it suddenly disappeared. Li suddenly panic God, and then contact Michael, the convenience of invisible disappeared
Li told reporters that at present, a bitcoin costs about 5000 or 6000 yuan, and 100 bitcoins are worth 500000 or 600000 yuan. Afterwards, Li reported the case to the police. However, to Li's disappointment, because bitcoin is a virtual currency, there is no relevant domestic law to regulate and protect its transactions. The police did not file a case“ Now, this man named Michael is still active on the Internet. He's just taking advantage of the law. " Li told Anhui Business Daily
there is a Trojan horse in "mining tools"
How could Li's bitcoin disappear? 360 security engineer contacted him and tested Michael's "mining tool", and found that this tool is a very popular "bitcoin robber" Trojan horse this year. According to the analysis of 360 security center, most of the "bitcoin thieves" Trojans are disguised as mining tools, simplified wallets and other compressed files. Once a player is recruited, the Trojan will automatically search for bitcoin wallets and steal them through e-mail, hacker remote control and other means.
2. Mt. GOx, the operator of the world's largest bitcoin exchange, announced on February 28 that 850000 bitcoins on its trading platform had been stolen. This news is undoubtedly a big bomb for many investors. At a news conference yesterday, Mt. GOx executives acknowledged the shocking fact and revealed some details<
stolen
mark kalpler, chief executive of mt.gox, bowed his apology at a news conference held in Tokyo yesterday, saying that "the loss of bitcoin is e to a loophole in the company's system"
a lawyer for Mt. GOx said that almost all the bitcoins traded on the platform were stolen, including about 750000 bitcoins in the user's trading account and about 100000 bitcoins in Mt. GOx's own account. According to the trading on February 28, the loss is estimated to be about $467 million
according to media reports, mt.gox trading platform had more than 1 million accounts at its peak, mainly from customers outside Japan, including many users trading more than US $10000. Some bitcoin investors have rushed to Tokyo from overseas in an attempt to recover trading funds from Mt. GOx
on February 7, e to hacker attacks, mt.gox temporarily stopped the bitcoin extraction business, causing transaction confusion and user dissatisfaction. From the noon of February 25, users cannot log in to mt.gox trading platform. The home page of the website then pasted a "notice to customers" to suspend all transactions
Li, a native of Hefei, spent 140000 yuan to buy 124 bitcoins in October this year. Afterwards, Li joined some chat groups of bitcoin players to pay close attention to the bitcoin market. On October 22, a person named Michael in the group took the initiative to chat with Li and asked him if he was mining“ I won't, and I won't get any money. " Mr. Li replied. Michael repeatedly urged Li to have a try and sent him a "mining tool", claiming that he could use the tool to dig more bitcoin. In the subsequent chat, Michael constantly reminds Li to put bitcoin in his wallet, saying that the trading website is not safe“ From time to time, there are news that trading websites are closing down and running away. What he said is quite reasonable, so I believe him. " Li told Anhui Business Daily
100 bitcoins disappeared
Li received and installed mining tools. On the evening of October 26, he was inced by Michael to put 100 bitcoins in his wallet. However, when the bitcoin in the E-wallet just reached 100, it suddenly disappeared. Li suddenly panic God, and then contact Michael, the convenience of invisible disappeared
Li told reporters that at present, a bitcoin costs about 5000 or 6000 yuan, and 100 bitcoins are worth 500000 or 600000 yuan. Afterwards, Li reported the case to the police. However, to Li's disappointment, because bitcoin is a virtual currency, there is no relevant domestic law to regulate and protect its transactions. The police did not file a case“ Now, this man named Michael is still active on the Internet. He's just taking advantage of the law. " Li told Anhui Business Daily
there is a Trojan horse in "mining tools"
How could Li's bitcoin disappear? 360 security engineer contacted him and tested Michael's "mining tool", and found that this tool is a very popular "bitcoin robber" Trojan horse this year. According to the analysis of 360 security center, most of the "bitcoin thieves" Trojans are disguised as mining tools, simplified wallets and other compressed files. Once a player is recruited, the Trojan will automatically search for bitcoin wallets and steal them through e-mail, hacker remote control and other means.
stolen
mark kalpler, chief executive of mt.gox, bowed his apology at a news conference held in Tokyo yesterday, saying that "the loss of bitcoin is e to a loophole in the company's system"
a lawyer for Mt. GOx said that almost all the bitcoins traded on the platform were stolen, including about 750000 bitcoins in the user's trading account and about 100000 bitcoins in Mt. GOx's own account. According to the trading on February 28, the loss is estimated to be about $467 million
according to media reports, mt.gox trading platform had more than 1 million accounts at its peak, mainly from customers outside Japan, including many users trading more than US $10000. Some bitcoin investors have rushed to Tokyo from overseas in an attempt to recover trading funds from Mt. GOx
on February 7, e to hacker attacks, mt.gox temporarily stopped the bitcoin extraction business, causing transaction confusion and user dissatisfaction. From the noon of February 25, users cannot log in to mt.gox trading platform. The home page of the website then pasted a "notice to customers" to suspend all transactions
Li, a native of Hefei, spent 140000 yuan to buy 124 bitcoins in October this year. Afterwards, Li joined some chat groups of bitcoin players to pay close attention to the bitcoin market. On October 22, a person named Michael in the group took the initiative to chat with Li and asked him if he was mining“ I won't, and I won't get any money. " Mr. Li replied. Michael repeatedly urged Li to have a try and sent him a "mining tool", claiming that he could use the tool to dig more bitcoin. In the subsequent chat, Michael constantly reminds Li to put bitcoin in his wallet, saying that the trading website is not safe“ From time to time, there are news that trading websites are closing down and running away. What he said is quite reasonable, so I believe him. " Li told Anhui Business Daily
100 bitcoins disappeared
Li received and installed mining tools. On the evening of October 26, he was inced by Michael to put 100 bitcoins in his wallet. However, when the bitcoin in the E-wallet just reached 100, it suddenly disappeared. Li suddenly panic God, and then contact Michael, the convenience of invisible disappeared
Li told reporters that at present, a bitcoin costs about 5000 or 6000 yuan, and 100 bitcoins are worth 500000 or 600000 yuan. Afterwards, Li reported the case to the police. However, to Li's disappointment, because bitcoin is a virtual currency, there is no relevant domestic law to regulate and protect its transactions. The police did not file a case“ Now, this man named Michael is still active on the Internet. He's just taking advantage of the law. " Li told Anhui Business Daily
there is a Trojan horse in "mining tools"
How could Li's bitcoin disappear? 360 security engineer contacted him and tested Michael's "mining tool", and found that this tool is a very popular "bitcoin robber" Trojan horse this year. According to the analysis of 360 security center, most of the "bitcoin thieves" Trojans are disguised as mining tools, simplified wallets and other compressed files. Once a player is recruited, the Trojan will automatically search for bitcoin wallets and steal them through e-mail, hacker remote control and other means.
3. Unknown_Error
4. According to the analysis of 360 security center, the campus network blackmail virus was spread by the "eternal blue" hacker weapon leaked by NSA“ "Eternal blue" can remotely attack the 445 port (file sharing) of windows. If the system does not install the Microsoft patch in March this year, it does not need any user operation. As long as it turns on the Internet, "eternal blue" can execute any code in the computer and implant malicious programs such as blackmail virus.
5. According to the analysis of 360 security center, the ecation network blackmail virus was spread by the "eternal blue" hacker weapon leaked by NSA“ "Eternal blue" can remotely attack the 445 port (file sharing) of windows. If the system does not install the Microsoft patch in March this year, it does not need any user operation. As long as it turns on the Internet, "eternal blue" can execute any code in the computer and implant malicious programs such as blackmail virus< Br > e to the worm virus spread through port 445 many times in China, some operators blocked port 445 for indivial users. However, the ecation network has no such restriction, and there are a large number of machines with 445 ports exposed, so it has become a disaster area for criminals to use NSA hacker weapons to attack. It's the graation season of colleges and universities, and the blackmail virus has caused some fresh graates' theses to be encrypted and tampered, which has a direct impact on graation defense < br > at present, the blackmail virus spread by "eternal blue" mainly consists of onion and wncry families, and the disk files of the victim machine will be tampered with as the corresponding suffixes, and all kinds of information such as pictures, documents, videos, compressed packages and so on can't be opened normally, Only payment of ransom can be recovered. These two kinds of extortion virus, the amount of extortion is 5 bitcoin and 300 US dollars, equivalent to RMB 50000 and 2000 yuan respectively< According to the monitoring data of ecation network blackmail virus incident, onion virus appeared first in China, with an average of 200 attacks per hour and more than 1000 attacks per hour at night peak; The wncry blackmail virus was a new global attack on the afternoon of May 12, and spread rapidly in China's campus network, with about 4000 attacks per hour at night peak< Br > security experts have found that onion blackmail virus can also spread in groups with mining machines (virtual currency generated by operation) and remote-control Trojans, forming a Trojan virus "big gift package" with a variety of malicious behaviors such as mining, remote-control and blackmail. It specially selects high-performance servers to mine for profit, and encrypts files to extort money from ordinary computers, Maximize the economic value of the victim machine< According to the windows system vulnerability exploited by NSA hacker weapon, Microsoft released a patch in March this year. Previously, 360 security center has also launched "NSA weapon library immunity tool", which can detect and repair the vulnerability of NSA hacker weapon attack with one click; For XP, 2003 and other systems that have stopped updating, immune tools can close the ports of vulnerability exploitation, and prevent computers from being implanted with blackmail virus and other malicious programs by NSA hacker weapons.
6. At about 20 pm on May 12, a large-scale blackmail software infection broke out around the world. Users can be attacked as long as they turn on the Internet. Within five hours, a number of University intranet, large enterprise intranet and government agency Intranet in Britain, Russia, the whole Europe and China were recruited, and they were blackmailed to pay high ransom (some need bitcoin) to decrypt the recovery files. This attack even caused the paralysis of the teaching system, including the campus card system
what is the eternal blue virus
it is understood that this incident is a network attack event initiated by lawless elements through the modification of the "eternal blue" attack program in the NSA hacker Arsenal leaked before
this "eternal blue" blackmail worm is the world's first example of NSA's network arms being used for civilian purposes. A month ago, the fourth batch of NSA related network attack tools and documents were published by shadow brokers, including remote command execution tools involving multiple windows system services (SMB, RDP, IIS), including the "eternal blue" attack program
malicious code will scan windows machines with open 445 file sharing port, without any user operation. As long as the computer is turned on and connected to the Internet, criminals can plant malicious programs such as blackmail software, remote control Trojan horse, virtual currency mining machine, etc. in computers and servers
at present, the blackmail virus spread by "eternal blue" is dominated by onion and wncry families. The disk files of the victim machine will be tampered with with the corresponding suffixes, and all kinds of information such as pictures, documents, videos and compressed packages cannot be opened normally. Only by paying ransom can they be decrypted and recovered. These two kinds of extortion virus, the amount of extortion is 5 bitcoin and 300 US dollars, equivalent to RMB 50000 and 2000 yuan respectively
security experts also found that onion blackmail virus can also spread in groups with mining machines (operations generate virtual currency) and remote-control Trojans, forming a "big gift package" of Trojan virus that integrates mining, remote-control and blackmail malicious behaviors. It specially selects high-performance servers to mine for profit, and encrypts files to extort money from ordinary computers, Maximize the economic value of the victim machine< According to an announcement provided by 360 enterprise security on the morning of May 13, e to the previous outbreak of worms using port 445 in China, some operators have banned port 445 on the backbone network, but the ecation network and a large number of enterprise intranet have no such restrictions and have not installed patches in time, There are still a large number of computers with 445 ports exposed and loopholes, leading to the current flooding of worms
therefore, the security incident was rated as "critical" by several security agencies.
what is the eternal blue virus
it is understood that this incident is a network attack event initiated by lawless elements through the modification of the "eternal blue" attack program in the NSA hacker Arsenal leaked before
this "eternal blue" blackmail worm is the world's first example of NSA's network arms being used for civilian purposes. A month ago, the fourth batch of NSA related network attack tools and documents were published by shadow brokers, including remote command execution tools involving multiple windows system services (SMB, RDP, IIS), including the "eternal blue" attack program
malicious code will scan windows machines with open 445 file sharing port, without any user operation. As long as the computer is turned on and connected to the Internet, criminals can plant malicious programs such as blackmail software, remote control Trojan horse, virtual currency mining machine, etc. in computers and servers
at present, the blackmail virus spread by "eternal blue" is dominated by onion and wncry families. The disk files of the victim machine will be tampered with with the corresponding suffixes, and all kinds of information such as pictures, documents, videos and compressed packages cannot be opened normally. Only by paying ransom can they be decrypted and recovered. These two kinds of extortion virus, the amount of extortion is 5 bitcoin and 300 US dollars, equivalent to RMB 50000 and 2000 yuan respectively
security experts also found that onion blackmail virus can also spread in groups with mining machines (operations generate virtual currency) and remote-control Trojans, forming a "big gift package" of Trojan virus that integrates mining, remote-control and blackmail malicious behaviors. It specially selects high-performance servers to mine for profit, and encrypts files to extort money from ordinary computers, Maximize the economic value of the victim machine< According to an announcement provided by 360 enterprise security on the morning of May 13, e to the previous outbreak of worms using port 445 in China, some operators have banned port 445 on the backbone network, but the ecation network and a large number of enterprise intranet have no such restrictions and have not installed patches in time, There are still a large number of computers with 445 ports exposed and loopholes, leading to the current flooding of worms
therefore, the security incident was rated as "critical" by several security agencies.
7. Tencent security Royal see Threat Intelligence Center news, since the exposure of WinRAR vulnerability, many malicious programs began to use winrar vulnerability to spread. Recently, Tencent security Royal Threat Intelligence Center has monitored that attackers are using this vulnerability to maliciously spread the lime rat remote control Trojan horse. The remote control Trojan horse is very powerful. It can remotely control the poisoned computer by modifying the configuration information or receiving remote instructions
If a vulnerable compression / decompression software (such as WinRAR lower version) is used to open the compressed file deliberately constructed by the attacker, a boot entry will be added to the system. When the computer restarts next time, the lime rat remote control Trojan will run. The Trojan horse accepts C2 server (abbreviation of C & C, remote command and control server) instructions, can realize file encryption blackmail, mining and download malicious components, and may also rob the victim when he carries out digital currency transactions, which is a great threat to the miners and those who participate in digital currency transactions< br />
If a vulnerable compression / decompression software (such as WinRAR lower version) is used to open the compressed file deliberately constructed by the attacker, a boot entry will be added to the system. When the computer restarts next time, the lime rat remote control Trojan will run. The Trojan horse accepts C2 server (abbreviation of C & C, remote command and control server) instructions, can realize file encryption blackmail, mining and download malicious components, and may also rob the victim when he carries out digital currency transactions, which is a great threat to the miners and those who participate in digital currency transactions< br />
8. What is the eternal blue virus
it is understood that this incident is a network attack event initiated by lawless elements through the modification of the "eternal blue" attack program in NSA hacker's arsenal leaked before
this "eternal blue" blackmail worm is the world's first example of NSA's network arms being used for civilian purposes. A month ago, the fourth batch of NSA related network attack tools and documents were published by shadow brokers, including remote command execution tools involving multiple windows system services (SMB, RDP, IIS), including the "eternal blue" attack program
malicious code will scan windows machines with open 445 file sharing port, without any user operation. As long as the computer is turned on and connected to the Internet, criminals can plant malicious programs such as blackmail software, remote control Trojan horse, virtual currency mining machine, etc. in computers and servers
at present, the blackmail virus spread by "eternal blue" is dominated by onion and wncry families. The disk files of the victim machine will be tampered with with the corresponding suffixes, and all kinds of information such as pictures, documents, videos and compressed packages cannot be opened normally. Only by paying ransom can they be decrypted and recovered. These two kinds of extortion virus, the amount of extortion is 5 bitcoin and 300 US dollars, equivalent to RMB 50000 and 2000 yuan respectively
security experts also found that onion blackmail virus can also spread in groups with mining machines (operations generate virtual currency) and remote-control Trojans, forming a Trojan virus package with a variety of malicious behaviors such as mining, remote-control and blackmail. "It specially selects high-performance servers to mine for profit, and encrypts files to extort money from ordinary computers, Maximize the economic value of the victim machine< According to an announcement provided by 360 enterprise security on the morning of May 13, e to the previous outbreak of worms using port 445 in China, some operators have banned port 445 on the backbone network, but the ecation network and a large number of enterprise intranet have no such restrictions, and the patches have not been installed in time, There are still a large number of computers with 445 ports exposed and loopholes, leading to the current flooding of worms
therefore, the security incident was rated as "critical" by several security agencies.
it is understood that this incident is a network attack event initiated by lawless elements through the modification of the "eternal blue" attack program in NSA hacker's arsenal leaked before
this "eternal blue" blackmail worm is the world's first example of NSA's network arms being used for civilian purposes. A month ago, the fourth batch of NSA related network attack tools and documents were published by shadow brokers, including remote command execution tools involving multiple windows system services (SMB, RDP, IIS), including the "eternal blue" attack program
malicious code will scan windows machines with open 445 file sharing port, without any user operation. As long as the computer is turned on and connected to the Internet, criminals can plant malicious programs such as blackmail software, remote control Trojan horse, virtual currency mining machine, etc. in computers and servers
at present, the blackmail virus spread by "eternal blue" is dominated by onion and wncry families. The disk files of the victim machine will be tampered with with the corresponding suffixes, and all kinds of information such as pictures, documents, videos and compressed packages cannot be opened normally. Only by paying ransom can they be decrypted and recovered. These two kinds of extortion virus, the amount of extortion is 5 bitcoin and 300 US dollars, equivalent to RMB 50000 and 2000 yuan respectively
security experts also found that onion blackmail virus can also spread in groups with mining machines (operations generate virtual currency) and remote-control Trojans, forming a Trojan virus package with a variety of malicious behaviors such as mining, remote-control and blackmail. "It specially selects high-performance servers to mine for profit, and encrypts files to extort money from ordinary computers, Maximize the economic value of the victim machine< According to an announcement provided by 360 enterprise security on the morning of May 13, e to the previous outbreak of worms using port 445 in China, some operators have banned port 445 on the backbone network, but the ecation network and a large number of enterprise intranet have no such restrictions, and the patches have not been installed in time, There are still a large number of computers with 445 ports exposed and loopholes, leading to the current flooding of worms
therefore, the security incident was rated as "critical" by several security agencies.
9. Upstairs said too primary school students, write Trojans, remote control, WPE hijacking, blackmail bitcoin, intrusion, penetration, cracking, network protocol and so on, too much
Hot content