The Monetary Authority of Singapore (MAS) has recently issued a warning to financial institutions after 4 high-risk bugs were found in Microsoft’s Windows system.
Windows-Based Banking Machines Pose Risks for Attack
The Monetary Authority of Singapore (MAS) has warned of critical risks to legacy financial systems after Microsoft announced a patch of 49 bugs found in its Windows 7 system. The 4 main vulnerabilities, CVE-2020-0601 CVE-2020-0609 CVE-2020-0610 and CVE-2020-0611, affect all Windows users. It has been urged that all users update their systems with this latest patch.
The Cyber Security Agency of Singapore (CSA) outlined the severity of these vulnerabilities, according to an article by CIO.
… successful exploitation of CVE-2020-0601 vulnerability could have allowed attackers to conduct man-in-the-middle attacks and further decrypt confidential information on user connections to the affected software.
The CSA continued,
If the other three vulnerabilities were successfully exploited, attackers could perform remote code execution and take control of the affected systems. With these controls they can perform malicious activities, unauthorized installation of programmes. Further, they could have created rogue administrator accounts to view, change or delete data.
So far, Windows-based systems have not exposed private keys, but the threat lies in using veiled Monero mining software. Examples include .wav files, as well as .jpeg. In one of the latest cases, a Taylor Swift photo was used to deliver a malicious payload.
Microsoft Windows 7 Holds Biggest Risk of Mining Malware
But with more recent versions patched, Windows 7 usage remains one of the big risks. Daniel Goldberg, a senior cybersecurity researcher at Guardicore Labs, views the system as wide open to attacks.
“The risks are crazy high to organizations facing this WAV-based attack if they are running a Windows 7 system after EoL,” Goldberg said for Forbes, “…before the quarter is over, there will be other vulnerabilities discovered in Windows 7 too that will not be fixed by Microsoft and will also be easy to exploit.
The chief advice to mitigate the risk is to leave all Windows 7 machines offline, if they are critical. Exposure to the Internet means the machines can be exploited.
In a more recent Forbes article, Microsoft has released a statement advising 400 million of its customers to buy new PC’s instead of updating their existing Windows 7 software.
Monero Mining Loses Profitability
While crypto mining Monero is becoming increasingly less profitable, it may have a positive impact on the level of malware that’s distributed over the course of this year. In 2020, the relatively low price of XMR coupled with an altered mining algorithm, may mean that malware attacks become less popular. Even large botnets running mining software will likely struggle to make decent returns. With XMR at around $64.68, previous incentives to mine are starting to diminish.
Additionally, in the past the Monero network has shown high mining activity, which turned out to belong to specialized rigs. Currently, it is uncertain what causes the record levels of Monero mining, which is now amenable to some of the new and fast generations of processors. The Monero network hashrate is at 1.21 GH/s a small fraction of the activity for Ethereum (ETH) or Bitcoin (BTC).
What do you think about the threats on Windows machines? Share your thoughts in the comments section below!
Images via Shutterstock The post appeared first on Bitcoinist.com. origin »
Kraken Exchange’s decision to delist Monero (XMR) sent shockwaves across the cryptocurrency space. Trading and deposits for Monero in the European Economic Area (EEA) will be shut off before the end of October, 2024.
A strong outlier in the current market situation, Monero (XMR) moves against the broader downturn that plagues the market. According to CoinGecko, Monero gained nearly 13% since last week, putting the coin under the spotlight as one of the strongest gainers within the bear market.
LocalMonero is a peer-to-peer (P2P) trading platform for privacy-focused coin Monero (XMR). The platform is winding down, with the website set to shutter on November 7. LocalMonero, the largest peer-to-peer (P2P) trading platform for Monero (XMR), is shutting down.
Monero’s XMR token has fallen to its lowest point against Bitcoin in the last eight years amid regulatory pressure on privacy-focused blockchain networks. According to CoinMarketCap data, the XMR-BTC chart reached as low as 0.
Kraken has announced it will delist Monero (XMR) from its exchange in Ireland and Belgium. Other exchanges, including Binance, have previously delisted XMR amid regulatory scrutiny. XMR price was at $132, largely flat after the Kraken news.
Pointing to new regulatory requirements and '“evidence of unethical or fraudulent conduct" Binance has announced its decision to delist the Monero privacy coin.
Privacy coins remain a bone of contention when it comes to governments trying to regulate crypto transactions but that has not diminished their popularity. As more blockchains become easier to track, crypto investors have moved to privacy coins in a bid to better conceal their financial footprints.