Ethereum Classic cryptocurrency suspended after attackers steal nearly $1.1M

Coinbase de-listed Ethereum Classic (ETC) cryptocurrency after double spends of nearly $1.1 million were detected.

01 underattack

Coinbase delisted Ethereum Classic (ETC) after detecting “a deep chain reorganization of Ethereum Classic blockchain.” Put another way, nearly $500,000 was spent twice. As pointed out by ZDNet, Bitfly confirmed there had been a successful 51 percent attack on ETC. Coinbase later updated the post, saying, “The total value of the double spends that we have observed thus far is 219,500 ETC (~$1.1M).”

Other cybersecurity news

Even bigger bounty payouts for zero-days that will be used by LEA

Zerodium upped its game when it comes to bounties for zero-day exploits. For example, you could become a millionaire by finding a remote code execution hole in WhatsApp, iMessage, or SMS/MMS. The payout for a remote iOS jailbreak that takes zero clicks also doubled, meaning you could make a $2 million.

All the bounty payouts jumped considerably, so happy big payday if your thing is discovering zero-days that will ultimately be used by law enforcement or three-letter agencies.

What you can’t write about WikiLeaks or Assange

On Sunday, WikiLeaks announced 140 “false and defamatory” things that journalists are not supposed to say about Julian Assange or WikiLeaks. WikiLeaks also tweeted a link to a version of those no-nos, but journalist Emma Best claimed it was not the same version that was sent to journalists.

Security tidbits and oddities

Watch out for a new phone-based phishing scam that spoofs Apple Inc, warned Krebs on Security. Brian Krebs said it “is likely to fool quite a few people.”

From the snicker-worthy department, the Chicago Police bragged about using “cutting edge technology to fight crime” to which Microsoft Program Manager Ned Pyle replied:

• Never disregard good OPSEC:

After Brave Software tweeted a few achievements for the privacy-based browser – such as bypassing the 5.5 million monthly active user milestone – Andreas Gal, a former CTO at Mozilla, tweeted:

Security researcher x0rz suggested that the NSA’s cybersecurity mission has a new logo as seen on its GitHub page.

Yesterday, the National Counterintelligence and Security Center (NCSC) began sharing material that is supposed “to help U.S. industry guard against growing counterintelligence and security threats.”

It may be Patch Tuesday, but please don’t fall too far behind when it comes to patching. US-CERT recently warned about critical vulnerabilities in Windows and Window Server, flaws that Microsoft patched in December. The advisory states, “A remote attacker could exploit these vulnerabilities to take control of an affected system.”  

The BBC reported that for the first time, Amazon is now the world’s most valuable listed company – stealing the numero uno position from Microsoft.

The EFF said, “You should have the right to sue companies that violate your privacy.” A big AMEN to that.

EPIC, the Electronic Privacy Information Center, pointed out that thousands of emails on surveillance programs were released by the National Archives.

GitHub announced GitHub Free, which includes unlimited private repositories, and GitHub Enterprise, which “is the new unified product for Enterprise Cloud (formerly GitHub Business Cloud) and Enterprise Server (formerly GitHub Enterprise).”

Netflix got in a little dig during the Golden Globes, tweeting:

But one of those commercials showed a Game of Thrones spoiler. Netflix, by the way, scored so well at the Golden Globes that shares in the streaming company jumped 5.6 percent.

When it comes to ads, instead of commercials, Apple reportedly has a massive ad banner near the CES convention center. It reads, “What happens on your iPhone, stays on your iPhone.”

Copyright © 2019 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)