Cloud Hosting

Join the most important conversation in crypto and web3! Secure your seat today

Bitcoin (BTC) remained firmly within the range it has held for much of the past two weeks, trading as low as about $27,200 and as high as $28,400 Monday.

The largest cryptocurrency by market capitalization was recently trading at $27,500, down over 2% from 24 hours ago. BTC is up nearly 70% for the year after a buoyant first quarter in which investors grew more optimistic about inflation and other macroeconomic issues.

Yet, BTCs price has been unable to ride above $29,000 for more than a few fleeting minutes in recent weeks as investors mull banking failures and fresh economic indicators that have been inconclusive.

Bitcoin needs a bullish catalyst to break above the $30,000 level, but until some significant use case argument is made prices could consolidate around the mid-$20,000s, Edward Moya, senior market analyst at foreign exchange market maker Oanda, wrote in an email.

Ether (ETH), the second-largest cryptocurrency, also slid 0.2% Monday to hover around $1,787. ETHs price jumped 48% in the first quarter. Among other altcoins, the meme-based dogecoin (DOGE) long supported by Twitter CEO Elon Musk surged 16.5% after the social media platform changed its logo to the dogecoin symbol from the usual blue bird. Payments provider Alchemy Pay's native ACH token rose 7% after a Monday report that the company has received $10 million in investment from market maker DWF Labs at a $400 million valuation.

The CoinDesk Market Index, which measures overall crypto market performance, was up 0.1% for the day.

Meanwhile, market liquidity has continued to worsen. Crypto data firm Kaikos Monday report noted that both BTC and ETHs 2% market depth, a metric for assessing liquidity conditions, has dropped by 50% and 41%, respectively, since the collapse of Alameda Research, the trading arm of crypto exchange FTX in November a so-called Alameda gap. The ongoing decline has followed exchange Binances announcement that it was curbing its zero-fee trading program, Kaiko said.

Story continues

(Kaiko)

Both assets (bitcoin and ether) have suffered in the aftermath of the FTX collapse and banking crisis, with fewer market makers supplying liquidity to order books, the report said.

Equity markets were mixed Monday. The S&P 500 closed up 0.3%, while the Dow Jones Industrial Average (DJIA) rose by 0.9%. However, the tech-heavy Nasdaq was down 0.2%.

Traditional market movements came after OPEC+ unexpectedly announced an oil production cut of over one million barrels a day, sending oil prices higher. Meanwhile, the manufacturing purchasing managers' index (PMI) on Monday showed that U.S. manufacturing activity in March dropped to its lowest level in nearly three years.

The rest is here:
Bitcoin Drops to $27.5K While Dogecoin Spikes After Twitter Logo Change - Yahoo Finance

Some of the victims affected by the 3CX supply chain attack have also had their systems backdoored with Gopuram malware, with the threat actors specifically targeting cryptocurrency companies with this additional malicious payload.

VoIP communications company 3CX was compromised by North Korean threat actors tracked as Lazarus Group to infect the company's customers with trojanized versions of its Windows and macOS desktop apps in a large-scale supply chain attack.

In this attack, the attackers replaced two DLLs used by the Windows desktop app with malicious versions that would download additional malware to computers, like an information-stealing trojan.

Since then, Kaspersky has discovered that the Gopuram backdoor previously used by the Lazarus hacking group against cryptocurrency companies since at least 2020, was also deployed as a second-stage payload in the same incident into the systems of a limited number of affected 3CX customers.

Gopuram is a modular backdoor that can be used by its operators to manipulate the Windows registry and services, perform file timestomping to evade detection, inject payloads into already running processes, load unsigned Windows drivers using the open-source Kernel Driver Utility, as well as partial user management via the net command on infected devices.

"The discovery of the new Gopuram infections allowed us to attribute the 3CX campaign to the Lazarus threat actor with medium to high confidence. We believe that Gopuram is the main implant and the final payload in the attack chain," Kaspersky researchers said.

The number of Gopuram infections worldwide increased in March 2023, with the attackers dropping a malicious library (wlbsctrl.dll) and an encrypted shellcode payload (.TxR.0.regtrans-ms) on the systems of cryptocurrency companies impacted by the 3CX supply chain attack.

Kaspersky researchers found that the attackers used Gopuram with precision, deploying it only on less than ten infected machines, suggesting the attackers' motivation may be financial and with a focus on such companies.

"As for the victims in our telemetry, installations of the infected 3CX software are located all over the world, with the highest infection figures observed in Brazil, Germany, Italy and France," Kaspersky experts added.

"As the Gopuram backdoor has been deployed to less than ten infected machines, it indicates that attackers used Gopuram with surgical precision. We additionally observed that the attackers have a specific interest in cryptocurrency companies."

3CX has confirmed its 3CXDesktopApp Electron-based desktop client was compromised to include malware one day after news of the attack first surfaced on March 29 and more than a week after multiple customers reported alerts that the software was being tagged as malicious by security software.

The company now advises customers to uninstall the Electron desktop app from all Windows and macOS systems (a script for mass uninstalling the app across networks is available here) and to switch to the progressive web application (PWA) Web Client App.

A group of security researchers has developed and released a web-based tool to detect if a specific IP address has been potentially impacted by the March 2023 supply chain attack against 3CX.

"Identification of potentially impacted parties is based on lists of IP addresses that were interacting with malicious infrastructure," the development team explains.

As BleepingComputer reported days after the incident (now tracked as CVE-2023-29059) was disclosed, the threat actors behind it exploited a 10-year-old Windows vulnerability (CVE-2013-3900) to make it appear that the malicious DLLs used to drop additional payloads were legitimately signed.

The same vulnerability has been used to infect Windows computers with Zloader banking malware capable of stealing user credentials and private information

3CX says its 3CX Phone System has over 12 million users daily and is used by over 600,000 companies worldwide.

Its customer list includes high-profile companies and organizations like American Express, Coca-Cola, McDonald's, Air France, IKEA, the UK's National Health Service, and multiple automakers, including BMW, Honda, Toyota, and Mercedes-Benz.

Read this article:
Cryptocurrency companies backdoored in 3CX supply chain attack - BleepingComputer

Software supply-chain attacks, in which hackers corrupt widely used applications to push their own code to thousands or even millions of machines, have become a scourge, both insidious and potentially huge in the breadth of their impact. But the latest major software supply-chain attack, in which hackers who appear to be working on behalf of the North Korean government hid their code in the installer for a common VoIP application known as 3CX, seems so far to have had a prosaic goal: breaking into a handful of cryptocurrency companies.

Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that's unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they're based in western Asia.

Security firms CrowdStrike and SentinelOne last week pinned the operation on North Korean hackers, who compromised 3CX installer software that's used by 600,000 organizations worldwide, according to the vendor. Despite the potentially massive breadth of that attack, which SentinelOne dubbed Smooth Operator, Kaspersky has now found that the hackers combed through the victims infected with its corrupted software to ultimately target fewer than 10 machinesat least as far as Kaspersky could observe so farand that they seemed to be focusing on cryptocurrency firms with surgical precision.

View more

This was all just to compromise a small group of companies, maybe not just in cryptocurrency, but what we see is that one of the interests of the attackers is cryptocurrency companies, says Georgy Kucherin, a researcher on Kaspersky's GReAT team of security analysts. Cryptocurrency companies should be especially concerned about this attack because they are the likely targets, and they should scan their systems for further compromise.

Kaspersky based that conclusion on the discovery that, in some cases, the 3CX supply-chain hackers used their attack to ultimately plant a versatile backdoor program known as Gopuram on victim machines, which the researchers describe as the final payload in the attack chain. Kaspersky says the appearance of that malware also represents a North Korean fingerprint: It has seen Gopuram used before on the same network as another piece of malware, known as AppleJeus, linked to North Korean hackers. It's also previously seen Gopuram connect to the same command-and-control infrastructure as AppleJeus, and has seen Gopuram used previously to target cryptocurrency firms. All of that suggests not only that the 3CX attack was carried out by North Korean hackers, but that it may have been intended to breach cryptocurrency firms in order to steal from those companies, a common tactic of North Korean hackers ordered to raise money for the regime of Kim Jong-Un.

It has become a recurring theme for sophisticated state-sponsored hackers to exploit software supply chains to access the networks of thousands of organizations, only to winnow their focus down to a few victims. In 2020's notorious Solar Winds spy campaign, for instance, Russian hackers compromised the IT monitoring software Orion to push malicious updates to about 18,000 victims, but they appear to have stolen data from only a few dozen of them. In the earlier supply chain compromise of the CCleaner software, the Chinese hacker group known as Barium or WickedPanda compromised as many as 700,000 PCs, but similarly chose to target a relatively short list of tech firms.

This is becoming very common, says Kucherin, who also worked on the SolarWinds analysis and found clues linking that supply-chain attack to a known Russian group. During supply-chain attacks, the threat actor conducts reconnaissance on the victims, collecting information, then they filter out this information, selecting victims to deploy a second-stage malware. That filtering process is designed to help the hackers avoid detection, Kucherin points out, since deploying the second-stage malware to too many victims allows the attack to be more easily detected.

But Kucherin notes that the 3CX supply-chain attack was nonetheless detected relatively quickly, compared to others. The installation of the initial malware that the hackers appeared to use for reconnaissance was detected by companies like CrowdStrike and SentinelOne last week, less than a month after it was deployed. They tried to be stealthy, but they failed, Kucherin says. Their first-stage implants were discovered.

Given that detection, it's not clear how successful the campaign has been. Kucherin says Kaspersky hasn't seen any evidence of actual theft of cryptocurrency from the companies it saw targeted with the Gopuram malware.

But given the hundreds of thousands of potential victims of the 3CX supply-chain compromise, no one should conclude yet that crypto companies alone were targeted, says Tom Hegel, a security researcher with SentinelOne. The current theory at this point is that the attackers did initially target crypto firms to get into those high-value organizations, Hegel says. Im going to guess that once they saw the success of this, and the kinds of networks they were in, other objectives probably came into play.

For now, Hegel says, no single security firm can see the whole shape of the 3CX hacking campaign or definitively state its goals. But if North Korean hackers really did compromise a piece of software used by 600,000 organizations around the world and use it just to try to steal cryptocurrency from a handful of them, they may have thrown away the keys to a much larger kingdom.

This is all unfolding very quickly. I think well continue to gain better insight into the victims, Hegel says. But from an attacker standpoint, if all they did was target crypto firms, this was a dramatic wasted opportunity.

View post:
Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms - WIRED

According to cryptocurrency analysis firm Nansen, six blockchains saw over a million active addresses in March 2023. As per the data, Binances BNB chain had the highest number of active addresses, with 13.3 million users. BNB is followed by Solana (SOL) and Ethereum (ETH), with 5.8 million and 5.2 million, respectively. Polygon (MATIC) had 3.9 million active addresses, while Arbitrum had 2.2 million. Fantom finished the million list with 1 million active addresses in March.

In March, 6 blockchains had more than one million active addresses*:

BNB Chain: 13.3MSolana (Wallets): 5.8MEthereum: 5.2MPolygon: 3.9MArbitrum: 2.2MFantom: 1M

*Addresses that have executed a transaction. pic.twitter.com/DUFGR6ByWT

BNBs lead was fueled by Binance and PancakeSwap users. However, other Web3 projects also contributed to the spike, such as Lifeform, Link 3 and Space ID. Binances increase in users may have resulted from the FUD around a new lawsuit. Many people began taking their cryptocurrencies out of the exchange in fear. The US Commodities Futures Trading Commission (CFTC) accused Binance, its CEO Changpeng Zhao, and its former CCO, Samuel Lim, of breaking trading and derivatives regulations. Binance Coin (BNB), the companys native cryptocurrency, fell as much as 8% on the same day, from $330 to lows of about $300.

PancakeSwap DEX, on the other hand, has released its version 3 on BNB and Ethereum. Anticipation for the launch may have triggered an increase in users.

For Solana (SOL), Raydium Protocol was a major contributor. The STEPN Web3 application also played a significant role, along with Orca, a leading cryptocurrency marketplace.

On Ethereum, zkSync and Starknet saw a 1322% and 805% increase in users. According to Nansen, this is likely due to airdrop farmers bridging to other chains.

According to Nansen, Arbitrum saw a 8198% increase in users for the Gridex DEX. Bitkeep saw an increase of 7009%, while WINR Protocol saw an increase of 6340%. The Rhino.fi DEX also saw a whopping increase of 4601% in users.

Polygon (MATIC) and stablecoin cryptocurrencies USDC and USDT had a big role to play in the increased number of active addresses. Moreover, Bitget also made a significant contribution to the active wallet spike.

Read more from the original source:
These Cryptocurrency Blockchains Had the Most Active Addresses ... - Watcher Guru

Country

United States of AmericaUS Virgin IslandsUnited States Minor Outlying IslandsCanadaMexico, United Mexican StatesBahamas, Commonwealth of theCuba, Republic ofDominican RepublicHaiti, Republic ofJamaicaAfghanistanAlbania, People's Socialist Republic ofAlgeria, People's Democratic Republic ofAmerican SamoaAndorra, Principality ofAngola, Republic ofAnguillaAntarctica (the territory South of 60 deg S)Antigua and BarbudaArgentina, Argentine RepublicArmeniaArubaAustralia, Commonwealth ofAustria, Republic ofAzerbaijan, Republic ofBahrain, Kingdom ofBangladesh, People's Republic ofBarbadosBelarusBelgium, Kingdom ofBelizeBenin, People's Republic ofBermudaBhutan, Kingdom ofBolivia, Republic ofBosnia and HerzegovinaBotswana, Republic ofBouvet Island (Bouvetoya)Brazil, Federative Republic ofBritish Indian Ocean Territory (Chagos Archipelago)British Virgin IslandsBrunei DarussalamBulgaria, People's Republic ofBurkina FasoBurundi, Republic ofCambodia, Kingdom ofCameroon, United Republic ofCape Verde, Republic ofCayman IslandsCentral African RepublicChad, Republic ofChile, Republic ofChina, People's Republic ofChristmas IslandCocos (Keeling) IslandsColombia, Republic ofComoros, Union of theCongo, Democratic Republic ofCongo, People's Republic ofCook IslandsCosta Rica, Republic ofCote D'Ivoire, Ivory Coast, Republic of theCyprus, Republic ofCzech RepublicDenmark, Kingdom ofDjibouti, Republic ofDominica, Commonwealth ofEcuador, Republic ofEgypt, Arab Republic ofEl Salvador, Republic ofEquatorial Guinea, Republic ofEritreaEstoniaEthiopiaFaeroe IslandsFalkland Islands (Malvinas)Fiji, Republic of the Fiji IslandsFinland, Republic ofFrance, French RepublicFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabon, Gabonese RepublicGambia, Republic of theGeorgiaGermanyGhana, Republic ofGibraltarGreece, Hellenic RepublicGreenlandGrenadaGuadaloupeGuamGuatemala, Republic ofGuinea, RevolutionaryPeople's Rep'c ofGuinea-Bissau, Republic ofGuyana, Republic ofHeard and McDonald IslandsHoly See (Vatican City State)Honduras, Republic ofHong Kong, Special Administrative Region of ChinaHrvatska (Croatia)Hungary, Hungarian People's RepublicIceland, Republic ofIndia, Republic ofIndonesia, Republic ofIran, Islamic Republic ofIraq, Republic ofIrelandIsrael, State ofItaly, Italian RepublicJapanJordan, Hashemite Kingdom ofKazakhstan, Republic ofKenya, Republic ofKiribati, Republic ofKorea, Democratic People's Republic ofKorea, Republic ofKuwait, State ofKyrgyz RepublicLao People's Democratic RepublicLatviaLebanon, Lebanese RepublicLesotho, Kingdom ofLiberia, Republic ofLibyan Arab JamahiriyaLiechtenstein, Principality ofLithuaniaLuxembourg, Grand Duchy ofMacao, Special Administrative Region of ChinaMacedonia, the former Yugoslav Republic ofMadagascar, Republic ofMalawi, Republic ofMalaysiaMaldives, Republic ofMali, Republic ofMalta, Republic ofMarshall IslandsMartiniqueMauritania, Islamic Republic ofMauritiusMayotteMicronesia, Federated States ofMoldova, Republic ofMonaco, Principality ofMongolia, Mongolian People's RepublicMontserratMorocco, Kingdom ofMozambique, People's Republic ofMyanmarNamibiaNauru, Republic ofNepal, Kingdom ofNetherlands AntillesNetherlands, Kingdom of theNew CaledoniaNew ZealandNicaragua, Republic ofNiger, Republic of theNigeria, Federal Republic ofNiue, Republic ofNorfolk IslandNorthern Mariana IslandsNorway, Kingdom ofOman, Sultanate ofPakistan, Islamic Republic ofPalauPalestinian Territory, OccupiedPanama, Republic ofPapua New GuineaParaguay, Republic ofPeru, Republic ofPhilippines, Republic of thePitcairn IslandPoland, Polish People's RepublicPortugal, Portuguese RepublicPuerto RicoQatar, State ofReunionRomania, Socialist Republic ofRussian FederationRwanda, Rwandese RepublicSamoa, Independent State ofSan Marino, Republic ofSao Tome and Principe, Democratic Republic ofSaudi Arabia, Kingdom ofSenegal, Republic ofSerbia and MontenegroSeychelles, Republic ofSierra Leone, Republic ofSingapore, Republic ofSlovakia (Slovak Republic)SloveniaSolomon IslandsSomalia, Somali RepublicSouth Africa, Republic ofSouth Georgia and the South Sandwich IslandsSpain, Spanish StateSri Lanka, Democratic Socialist Republic ofSt. HelenaSt. Kitts and NevisSt. LuciaSt. Pierre and MiquelonSt. Vincent and the GrenadinesSudan, Democratic Republic of theSuriname, Republic ofSvalbard & Jan Mayen IslandsSwaziland, Kingdom ofSweden, Kingdom ofSwitzerland, Swiss ConfederationSyrian Arab RepublicTaiwan, Province of ChinaTajikistanTanzania, United Republic ofThailand, Kingdom ofTimor-Leste, Democratic Republic ofTogo, Togolese RepublicTokelau (Tokelau Islands)Tonga, Kingdom ofTrinidad and Tobago, Republic ofTunisia, Republic ofTurkey, Republic ofTurkmenistanTurks and Caicos IslandsTuvaluUganda, Republic ofUkraineUnited Arab EmiratesUnited Kingdom of Great Britain & N. IrelandUruguay, Eastern Republic ofUzbekistanVanuatuVenezuela, Bolivarian Republic ofViet Nam, Socialist Republic ofWallis and Futuna IslandsWestern SaharaYemenZambia, Republic ofZimbabwe

Original post:
Soluna Reports $24.4 million in Cryptocurrency Revenue in Full ... - WV News