report from ZDNet has highlighted that some notorious hackers have been able to breach two services designed for websites. As a result, they’ve infected more than 4,600 websites with malicious code. The two services in question are open source Alpaca Forms and analytics service Picreel. These attacks were first spotted by security researcher Willem de Groot.
With the help of the malicious script, which is still live, the hackers are able to record all the data that’s entered in the form fields. While the exact route of infection remains unknown, it seems that hackers have breached the CDN of Cloud CMS; Cloud CMS developed Alpaca Forms and open sourced it about 8 years ago.
As told to ZDNet, Cloud CMS has intervened and disabled the CDN that was serving the notorious script.
For a better understanding of the risk, let me briefly tell you about the infected projects. The open source Alpaca Forms lets one create interactive HTML5 forms for mobile apps and the web. It makes use of JSON Schema and Handlebars to help you create forms easily.
On the other hand, Picreel tracks the interactions made by website visitors by keeping an eye on their scrolls and mouse movements in real-time. With this data, the website owners can trigger targeted offers and collect leads.
Supply chain attack of the week: @Picreel_
marketing software got hacked last night, their 1200+ customer sites are now leaking data to an exfil server in Panama.
— Willem de Groot (@gwillem) May 12, 2019
Another example of supply chain attack
Also called a third-party or value-chain attack, a supply chain attack takes place when a hacker is able to enter the systems via some outside provider. With the expanding usage of third-party services and data sharing, this attack vector is becoming increasingly common these days. We’ve also seen attacks that involve installing a rootkit or hardware spy components in the devices right in the middle of the manufacturing process.
As per a report from cybersecurity firm Symantec, the supply chain attacks have increased by 78 percent between 2017 and 2018. As such attacks have a very high potential to cause financial damage to an organization, cybersecurity is also becoming an integral part of Supply Chain Management.
Recently discovered Cryptojacking Scripts may have infected thousands of computers
- Malicious Cryptojacking Scripts have been discovered in11 open-source code libraries of Ruby.
- The malware was found inside the Github code repository and has been downloaded >3,500 times.
Malicious Cryptojacking Scripts have been discovered in11 open-source code libraries of Ruby, a widely-used programming language. According to a report by Decrypt, the malware was found inside the Github code repository. This has infected the language manager RubyGems.
Experts believe that thousands of computers are infected with this though the exact number is not disclosed. According to the report, the hackers downloaded the well-known code libraries from RubyGems and uploaded them under different names with malicious pieces of code. Juskoljo, a Github user stated:
“On August 19, @juskoljo observed the malicious gem version and created this issue. Later that day, the RubyGems security team yanked the offending gem version and locked the affected maintainer’s account. Several other gems were similarly affected.”
Of the eleven libraries, five were directly related to crypto. These included doge_coin, coin_base, and blockchain_wallet. Overall, the eleven libraries were downloaded around 3500 times and may have infected thousands of computers.
Cryptocurrency Exchanges with ‘Lower Quality’ amassed significant market share in 2018
Cryptocurrency exchanges often pose a significant conundrum to the larger industry. On one hand, formally established exchanges are the best medium of acquiring digital assets with ease, on the other, several cases have emerged over their dubious use as a means to inflate volume thereby presenting an unclear picture.
A recent report by CryptoCompare sought to detail cryptocurrency exchanges’ credibility on more than just the volumes they tout, as several reports have questioned the reported figures. With the use of “wash trading,” and order book manipulation, reported volumes should not be taken at face value and the recent report by the data aggregator has curated a new set of metrics to judge these exchanges.
On an overarching analysis of Geography, Trade Surveillance, Regulatory Assessment and the quality of the company, data, and market, CryptoCompare imparted a host of exchanges with grades ranging from AA to F. Taking the top spot on the exchange rankings is Coinbase with only five other exchanges recording an AA rating.
Charting out a historical analysis of the graded exchanges in terms of volume with the recorded BTC price over the past year, the report stated that the exchanges with “lower quality,” in terms of the grade awarded, performed better by market share in 2018.
The report read,
“By applying our current exchange grading system to historical volumes, we can show that lower quality exchanges have gained market share in the last year.”
CryptoCompare deemed this an ill-effect of the prolonged bear market of 2018, infamously referred to as the “crypto-winter.” As a result of the declining prices, the “organic trading volume,” decreased leading to exchanges opting for “new strategies,” to compete with the existing exchange fold.
The report cited two key factors which presumably acted as catalysts for this trend. Firstly, because of the “dwindling customer base,” in reference to customers who viewed cryptocurrencies as investment avenues leaving the space in search of greener pasture. Secondly, due to “chronic over supply,” arising out of the number of altcoins birthed out of the 2017-ICO boom.
Additionally, “incentivized trading schemes,” like Trans-Fee Mining [TFM] offered exchanges the chance to boost “volumes,” “status,” and allow increased fees to “list their tokens.”
The CryptoCompare report concluded,
“The ‘Fake Volume’ narrative has become a growing trend and in recent months research has been conducted to better understand the digital asset exchange market.”