The cryptocurrency exchange Kraken recently announced the delisting of #Monero from the European Economic Area to comply with EU regulations. This decision comes amid discussions on how to combat #moneylaundering on blockchain networks, particularly those that prioritize privacy.
Proposals for Attacks on Blockchains
An academic paper titled “Reconciling Anti-Money Laundering Tools and European Data Protection Requirements in Permissionless Blockchain Spaces,” published in the Journal of #cybersecurity , recommends that governments target cryptocurrencies, especially privacy-focused blockchains, as a way to fight money laundering.
The author suggests several methods to undermine trust in public blockchains, including 51% #Attacks , price suppression, and Sybil attacks, where one user creates multiple fake accounts to manipulate the network. The author explains:
"Successful attacks on blockchain networks could significantly erode users' trust and question the network's ability to ensure secure and smooth operation."
Attacks as a Last Resort
However, the paper emphasizes that these drastic measures should only be used as a “last resort” after other policy initiatives have been exhausted, such as blacklisting wallet addresses, flagging transactions, sanctions, or additional regulations. Any approach taken should strive to balance regulatory compliance, fostering innovation, and protecting individual user privacy.

Renewed Interest in the Paper
Although this paper was published in 2021, it has gained renewed attention as some users speculate that similar tactics are currently being used to manipulate the price of Monero, a privacy-focused cryptocurrency mentioned in the academic work.
#Cryptocurrencies and Terrorism Financing
According to the United Nations, terrorist organizations predominantly use cash to fund illegal activities. This finding was confirmed by a report from the U.S. Treasury, which revealed that criminal organizations prefer fiat currency over cryptocurrencies.
The U.S. Treasury's May 2024 report also acknowledged that while digital assets have been used in illegal activities, they tend to support longstanding schemes that could have been executed using cash or other asset classes.
Government Crackdown on Privacy Tools
Despite these findings, the U.S. government has continued to take action against cryptocurrency mixers and other privacy-enhancing tools. On September 26, 2024, a judge ruled that the case against Tornado Cash co-founder Roman Storm could proceed.
These actions have sparked debates about the viability of privacy-enhancing services, as many users wonder if cryptocurrency mixers can survive under the current regulatory regime.

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

 

Researchers from HP have discovered malware created using generative #artificialintelligence during the analysis of a suspicious email.

Generative AI Accelerates Malware Creation
The development of malware has become easier and faster thanks to generative AI. Malware developers can now use AI to speed up the process of writing code, leading to an increase in the number of #Attacks and allowing even less experienced individuals to develop harmful software.
A September report from HP’s Wolf Security team uncovered a new version of the AsyncRAT trojan, which is used to remotely control a victim’s computer. Researchers found this version while analyzing a suspicious email sent to one of their clients.
Malware Written with Artificial Intelligence
While the original AsyncRAT was developed by humans, this new version contained an injection technique that researchers believe was created using generative AI. Although AI has previously been used to create phishing lures, the report notes that there was little evidence of AI being used to write malicious code "in the wild" before this discovery.
One of the key indicators was that the code contained detailed comments explaining the function of each part. This is unusual for #Cybercriminals , who generally do not want others to understand how their malware works.

In-Depth Analysis of the Malware
Researchers initially encountered the suspicious email, which was sent to users of HP’s Sure Click threat containment software. The email appeared to be an invoice written in French, likely targeting French-speaking individuals. Initially, the contents of the file were difficult to determine because it was encrypted. However, after breaking the password, the hidden malware was revealed.
The #Malware consisted of a Visual Basic script that wrote data to the user’s registry, installed a JavaScript file, and launched Powershell. This led to the installation of AsyncRAT malware on the device.

AsyncRAT Development and Its Risks
AsyncRAT, originally released on GitHub in 2019, is a remote management tool. Although its developers claim it is a legitimate open-source software, it has been predominantly used by cybercriminals. It allows attackers to remotely control infected devices and can be used to steal sensitive data, such as private keys or phrases for cryptocurrency wallets, leading to potential financial losses.
Although AsyncRAT is not new, this variant uses a new injection method, which shows signs of having been created using generative AI. This indicates that the new technology is making it easier for attackers to carry out cyberattacks.
AI Increases the Threat of Cyberattacks
HP’s report highlights that generative artificial intelligence is accelerating #cyberattacks and lowering the barrier for cybercriminals to infect devices. Security researchers are still grappling with the effects of AI advancements on cybersecurity.
The risks associated with AI include its potential misuse to identify vulnerabilities in smart contracts, which could be exploited by both ethical and malicious hackers. In May 2023, Meta also warned that some malware creators are using fake versions of popular AI tools to lure victims.
Generative artificial intelligence is fundamentally changing the rules of cybersecurity and presents a new challenge in the fight against malware.

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

 

Cryptocurrency wallet provider Trust Wallet has sent shivers down the spines of crypto holders, urging iPhone users to disable iMessage immediately. Their warning stems from alleged intel regarding a high-risk zero-day exploit that could grant hackers control of iPhones.
What is a Zero-Day Exploit?
A zero-day exploit is a cybersecurity nightmare. It refers to a security vulnerability in software that the software developer is unaware of. This creates a window of opportunity for attackers to exploit the flaw before a patch can be released. The term "zero-day" signifies that there are zero days for developers to fix the issue before it's potentially used in attacks.
Trust Wallet's Urgent Warning
Trust Wallet claims to have "credible intel" regarding a zero-day exploit targeting iMessage on the dark web. This exploit is particularly concerning because it reportedly allows attackers to compromise iPhones without any user interaction, such as clicking a malicious link. This makes it especially dangerous, as users wouldn't be aware they are being targeted.
Trust Wallet emphasizes that high-value targets, likely those with significant crypto holdings, are most at risk. They further allege the exploit is being sold for a staggering $2 million on the dark web, highlighting its potential potency.
Is Disabling iMessage Necessary?
While Trust Wallet's warning is alarming, some security experts remain cautious. They point out the lack of concrete evidence beyond a screenshot of the alleged exploit being offered for sale. Disabling iMessage entirely can be a major inconvenience for many users.
What Should You Do?
Here are some steps you can take to mitigate potential risk:
Stay Informed: Keep yourself updated on official announcements from Apple regarding any iMessage security vulnerabilities.Enable Two-Factor Authentication: This adds an extra layer of security to your crypto wallet and other online accounts, making it harder for hackers to gain access even if they obtain your login credentials.Consider Alternatives: If you're highly concerned, explore using alternative messaging apps that may not be vulnerable to the reported exploit. However, ensure the chosen app has a strong reputation for security.Practice Safe Online Habits: Always be cautious of unsolicited messages, even from seemingly known contacts. Don't click on suspicious links or download attachments from untrusted sources.
The Final Word
The situation is developing, and Apple has yet to officially comment on the alleged iMessage exploit. While disabling iMessage may seem drastic, the potential consequences for crypto holders are significant. By staying informed, practicing good online security habits, and considering alternative communication methods, you can take steps to safeguard your crypto assets.
#Attacks
#etf