Interpol Cyber Research Identifies Malware Threat to Currencies

Uploaded on 2015-04-16 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

Virtual%20currency%20concept.jpg

Interpol cyber threat researchers have identified a threat to the blockchain in virtual transactions, which could result in their being embedded with malware or other illegal data, including child abuse images.

Depending on the cryptocurrency and its protocols, there is a fixed open space on the blockchain – the public ‘ledger’ of transactions – where data can be stored, referenced or hosted within encrypted transactions and their records. It is this open space, which was identified as the potential target for malware by experts, an Interpol; officer and a seconded specialist from Kaspersky Lab, in the Research and Innovation unit at Interpol’s Global Complex for Innovation (IGCI).

The design of the blockchain means there is the possibility of malware being injected and permanently hosted with no methods currently available to wipe this data. This could affect ‘cyber hygiene’ as well as the sharing of child sexual abuse images where the blockchain could become a safe haven for hosting such data.

It could also enable crime scenarios in the future such as the deployment of modular malware, a reshaping of the distribution of zero-day attacks, as well as the creation of illegal underground marketplaces dealing in private keys which would allow access to this data.

“To conduct this type of research and identify new cyberthreats were among the key aims behind the creation of the Interpol Global Complex for Innovation,” said IGCI Executive Director Noboru Nakatani.
“Having identified this threat, it is now important for Interpol to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions for the potential blockchain ‘abuse’.

The research was unveiled at the Black Hat Asia 2015 event in Singapore, just weeks before the official inauguration of the IGCI. Interpol’s state-of-the-art complex will provide its 190 member countries with a cutting-edge research and development facility for the identification of crimes and criminals, innovative training, operational support and partnerships.
SC Magazine:  http://ow.ly/LnPk

« Report Claims Huawei Don’t Pose a Risk to UK Security
Is ‘Off The Grid’ A Thing Of The Past? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Pluralsight

Pluralsight

Pluralsight helps enterprises build technology skills at scale with expert-authored courses on today’s most important technologies including information and cyber security.

National Cyber Security Centre Finland (NCSC-FI)

National Cyber Security Centre Finland (NCSC-FI)

The NCSC-FI develops and monitors the operational reliability and security of communications networks and services in Finland.

Cyber 360

Cyber 360

Cyber 360 is a Cybersecurity contract and fulltime placement firm dedicated to identifying and hiring Cybersecurity professionals.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

FinCom.co

FinCom.co

FinCom.Co is the world’s first automatic AML/ KYC screening system, for comprehensive compliance.

Approach

Approach

Approach is a leading provider of cyber security consulting and secure application development services in Belgium.

SyncDog

SyncDog

SyncDog is a leader in enterprise security and the preeminent vendor for containerized mobile application security across cloud & on-premise computing environments.

Control System Cyber Security Association International (CS2AI)

Control System Cyber Security Association International (CS2AI)

CS2AI is the premier global not for profit workforce development organization supporting professionals of all levels charged with securing control systems.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Xmirror Security

Xmirror Security

Xmirror Security focuses on integrated detection and defense of the continuous threat to the DevSecops software supply-chain with artificial intelligence technology as the core.

Timus Networks

Timus Networks

Timus Networks enables today's work from anywhere organizations to secure their networks very easily and cost effectively.

Raito

Raito

Raito's unique solution integrates with the data development process and lets data teams monitor, manage, and automate data security across the data stack.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.

Xantaro

Xantaro

Xantaro specializes in technologies, software and services for Carriers, ISPs, Hosting and Cloud Providers as well as for Operators of Data Centres and Campus Networks.