Bitcoin Ransomware created fake Symantec Blog

Bitcoin ransomware called "CoinThief" created fake Symantec Blog website with fake "security" article
20 November 2017   1334

The news from the hacking and ransomware world has already become as fascinating as a first-class detective novel. And today we have some more interesting news.

The fake website of well known IT security firm Symanctec had appeared. Someone had created the almost exact copy of "Blog" section of original website. It looks almost 100% as original, besides two things: "Search" feature doesn't work and there is a fake article regarding CoinThief.

Original Symantec Blog
Original Symantec Blog

Take a good look at the screenshot above, and take even a better look on the left pic with girl in glasses. 

Fake Symantec Blog
Fake Symantec Blog

Now compare the left pic of the fake website with the original one. The text under says that "New Version of CoinThief Infects Mac Crypto Traders". 

Fake article says that the malicious program is distributed using the zero-day vulnerability in browsers [0day is a term denoting unresolved vulnerabilities, as well as malicious programs against which protection mechanisms have not yet been developed].

Also, the fake site reported that the modified version of CoinThief infects Mac users using the 0-day JavaScript vulnerabilities in the two main browsers (Gecko - Mozilla, Webkit - Chrome, Safari, Opera) without any user interaction.

It gives some fake recommendations, that can be very dangerous and gives a link to a suspected malware download. We strongly recommend you not to follow fake instruction. The original Symantec Blog is https://www.symantec.com/blogs/ It is also worth noting that fake website marked as "Secured" in the browser.

Poland’s Central Bank Sponsored Anti-Crypto Campaign

The Central Bank of Poland has admitted to sponsoring a smear campaign against cryptocurrencies on social networks
21 February 2018   38

According to a Polish news portal, the anti-crypto campaign was orchestrated by Youtube blogger from Poland, Gamellon. For this campaign, the Central Bank of Poland had spent 91,000 Zloty (about $27,000).

At the time of writing this article, this video has over 500,000 views and has not been marked as a paid promotion.

Gamellon used the hashtag #uważajnakryptowaluty, which stands for a website set up by the Polish government to warn users about cryptocurrencies. According to this site, there are several reasons on why users should be wary of cryptocurrencies.

Another blogger Planeta Faktów published a sponsored video on their channel titled ’10 Differences between money and cryptocurrency that you need to know’. It also has the same hashtag, #uważajnakryptowaluty. But unlike Gamellon ’s video, this one has an ‘Includes Paid Promotion’ tag at the start of the video.

There is no law against cryptocurrencies in Poland. But it is illegal to create sponsored content without explicitly mentioning it.