WannaMine Can Hack Any System, CrowdStrike Says

According to CrowdStrike security company research, WannaMine XMR miner can hack any system
01 February 2018   1878

Experts in the field of information security from CrowdStrike reported a significant increase in WinnerMine's cyber attacks, intended for the hidden mining of the Monero crypto currency. As part of the program, hackers use the EternalBlue exploit, stolen from the US National Security Agency.

According to experts, in some cases, the work of companies affected by WannaMine, was stopped for several days or weeks. To establish the fact of infection is not easy, because the malicious program does not download any applications to the victim device.

WannaMine employs “living off the land” techniques such as Windows Management Instrumentation (WMI) permanent event subscriptions as a persistence mechanism. It also propagates via the EternalBlue exploit popularized by WannaCry. Its fileless nature and use of legitimate system software such as WMI and PowerShell make it difficult, if not impossible, for organizations to block it without some form of next-generation antivirus.
 

CrowdStrike Research

It is worth noting that EternalBlue is not the main component of WannaMine. First of all, the program uses the Mimikatz utility in order to get logins and passwords from the computer's memory. If this fails, WannaMine resorts to EternalBlue.Thanks to this feature WannaMine can hack any system, even with the latest updates.

For the first time, WannaMine's attack was recorded by Panda Security experts in October of last year.

Monero's Lead Developer to Create Tari Protocol

New protocol, built on Monero's network may include loyalty points, concert tickets and in-game items
23 May 2018   73

Based of the Monero network, a new protocol for digital assets called Tari will be created soon, CoinDesk reports.

According to the authors of the new protocol, Tari will focus on tokens with unique characteristics that contain information about ownership rights (for example, loyalty points or virtual goods). Also, developers note that their protocol will allow issuers of digital assets to participate in the secondary market.

Leading developer at Monero Ricardo Spagni will take part in Tari development. The project website noted that the new protocol will "support any kind of digital assets" and is capable of processing "many thousands of transactions per second".

If you have a decentralized distributed trustless system that supports non-fungible tokens that enforces the rule sets around digital assets, that changes the game because now you have an opportunity for consumers to trade those digital assets. We don't want to make a lot of future statements, we just want to prove ourselves along the way and we think that's a great way to build trust and build our community. 
 

Naveen Jain

Tari

He believes protocols and networks looking at specific use cases may be more useful than general-purpose ones.