Allows businesses, investors, and the every day person involved in currency trading to mitigate and take necessary steps to safeguard their wealth against Black Hat Hackers and Cyber Criminals.
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
2. cyber crime series - crypto currency theft
1. CRYPTO CURRENCY
P o l i c e O f f i c e r F e l i c i a n o
THE CASE OF THE MISSING (bit) COIN – cyber crime series
“The Swarm is headed towards us" – Satoshi Nakamoto
2. One day while on your lunch break, you are browsing the web on your mobile
phone; you receive an alert from your recently downloaded Bitcoin Mobile App
that you must to update your security settings due to a possible incorrect setting
in it. You log into it, change it, then you log off properly and go about your
business. A later you find out that all your “10 bitcoins” have disappeared. You
freak out and call the police. Can you? Is it really a Crime? Who’s the victim –
you? Can you prove it? Who’s the perpetrator? How bad is the problem? Well, we
will soon find out – an 80 Thousand Dollar price tag to it and rising.
4. • Encryption Algorithm – Code (digital currency*)
(USA treats it as commodity – which is taxable)
• Think of it as a Bartering tool (USA in 1820s
trading among Pilgrims and Native Americans, or
Russia in 1555, or the middle ages (one goat for
bushel of wheat).
• Allows you to buy products, gift cards, services
(trips, hotels, etc.) and cars “Lamborghini”
• The trend of investments world wide is changing
this for “the official” nextgen currency
WHAT IS BITCOIN?
5. • Bit Coin exchange rate has been rising in value,
because of supply and demand, and rate
changes, also the trend and hype
• In 2009 – ONE bitcoin = 0.0001 of a 1 USD (1
Cent / 1000)
• In 2018 – ONE bitcoin = $8,500
• IT IS NOT backed by any known existing
(commodity – gold or silver) unlike USD is not
backed by Banking Institutions – NOT such
thing as FDIC
• It rises and drops very quickly in pricing, you
can loose or make a lot of money
EVOLUTION
6. 1
0
1
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
1
0
• Danger of buying counterfeit coins from overnight ops backed by
celebrities – leave country with your money
• No. 1 source of income for Hackers (Bitcoin Exchange Server hacks
– Mt. Gox or Nice Hash)
• Commonly used among the Hacking Community and Criminal Rings
as a official form of payments (Lite Coin) – money laundering, narco
ops, terrorism
• If it gets outlawed in USA (govt in works – to regulate and track it)
you will loose all your money (value back to 2009 or worse)
• Due to uptick crime trends – Law Enforcement must deal with “new”
type of Cyber Crime – fairly new vector – not enough resources at
this time – cases of Grand Larcenies (understandable), but
Kidnappings – really?!
SECURITY IMPLICATIONS
7. • Some Bitcoin Exchange Servers may show
you warning signs in their server or
glitches in the trading engine (unless your
pc savvy – you will miss the signs all
together)
• No known warnings of theft – until is too
late (as far as my experience, reading, etc.)
but I could be wrong (google it).
• Over (4) four different types of attack
vectors with multiple vulnerabilities
imbedded their own infrastructures
(online-cloud, desktop, cellphone, paper*)
ANATOMY OF ATTACK
8. Vector/CM 1. Online BitCoin Exchange (cloud) - Web Wallet Hosting – A.K.A “BANK”
• Most profitable vector for Hackers – Mt. Gox (80% transactions – 650K coins
stolen) and NiceHash
• Highly prone for Fraud and Hacking
• Your coins are all sitting in the server for the taking – remove them immediately
(just leave enough for trading)
• When coins are not in usage (day trading) – transfer then to an external device
(Cold Storage or other method)
• Be very careful when setting this option – you may hand over all your private
keys to the site owner
• Be careful while visiting websites due to Browser Attacks (Hacking)
• Do your own research to vet the Bit Coin Exchange – Kraken allegedly known
to be the ONLY server to never been breached
9. Vector/CM 2. Desktop (Application) – A.K.A “SAFE”
• Second Highest Target for Hackers
(behind Online – Cloud)
• Malware rich environment (trojans, key
loggers, crypto locker)
• Once it gets corrupted or hacked – you
loose everything including your private
keys (opens your bit coins – think here
like your signatures in your CAC ID) and
your emails access (don’t you just love
getting a new CAC card?!), what a pain!
• Do not store a lot of Bit Coins here – back
them up to an external device
• Rich environment for Phishing Scams –
cyber criminals and hackers send you an
emails to trick you into clicking on them
(security settings configurations, update
your profile)
10. Vector/CM 3. Cellphone – “Virtual Wallet” – A.K.A “Mini Cloud”
• Someone can get access to your phone (criminals, family, friends,
etc.) spend your Bit Coins
• Hackers can send you a link via text or app malware
• Hackers with high experience of app development will likely target
this approach first – do extensive research first, before
downloading
• Download a good mobile virus app and USE it
• Log-off fully from app especially if you have no screen password
• Don’t share your phone with anyone – duh! – think of it as a wallet
full of money – LOTS of it
11. Vector/CM 4. Paper – Physical Copy (Print-out) – A.K.A “Savings
Bond” – no relationship to James
• Safest method of all, but most inconvenient
• Can be saved under your pookey bear –
pillow, Seriously? – no man! – in your Safe
Deposit box inside your home.
• Prone to forget about them – never to be
claimed
• Thrown in garbage – thinking is regular
trash
• Destroyed in a fire
• Print it on PDF format and laminate it or
put it inside a sealable plastic bag
• Save the Bitcoins (code) to a USB or CD
• Save the Bitcoins to a Hardware Token
(Cold Storage)
• Cold Storage is an improvement between
Desktop (software version) and Paper
Prints – best of both worlds but combined
12. DISCLAIMER
This briefing is for informational purposes only. The content shared here does not
represent views of the New York Police Department nor the United States Armed Forces,
therefore readers (corporations or individuals) should take into account that the slides have
been collaborated with information from research, analysis, training and other sources. If
the reader desires help in mitigating an actual BITCOIN Exchange Attack/Theft, the
corporation, web hosting service, Bitcoin Exchange should activate their Incident
Response Team immediately or the individual (day trader) should seek advice from
their local Police Department.
DON’T BECOME A VICTIM OF CYBER CRIMINALS – RAISE YOUR SHIELD
THANK YOU