What is GrandCrab?

GrandCrab is a successful ransomware that encrypts files on the infected machine and demands payment to decrypt them.

Easy Money

What is you are a horrible human being willing to make gains from the suffering of others but you are lazy. You want to screw other people but don’t want to spend the time setup your own Command and control server? You don’t want to customize the malware to talk to your C2 server?

This is where Ransomware as a Service comes in.

Enter GrandCrab as a Service http://gandcr4cponzb2it.onion/

The offering

The GrandCrab RaaS has two tiers:

Standard at $230
Premium at $600

Standard Service

You can change and customize your ransomware
Name of the project
Change the demand of ransom
A description to help the victim in format .HTML, .PHP
You can change the logo, Remove GandCrab logo
You can choose the extension for example photo.png.gdb
Priority support
Automatically updated since the category (Ransom Builder)
The victim can pay you in Bitcoin or Dash
Withdrawal in Bitcoin or Dash
We will touch 10% fees ransom
You can add 3 users different free
You can create 3 ransomware
Victims can you contact by chat directly, you can also ban
You will have news about the dashboard
Geolocation victims infected
Show the IP of the victim
Manage the keys of decryption
You will be able to manage all the victims since the dashboard
With several possibilities
You can infected in unlimited
You can see the blockchain explorer
Spreading automatically without providing any effort or you can also spread manually
You will have full access to our forum with the rank Platinum (forum under construction soon available)
Victim URL automatically generated in .onion customize your own URL
View antivirus report in real time
Lifetime license !
Theme only white

Premium Service

The same features different even more fun
You receive 100% of the ransom paid by the victims no commission fees
Ransomware automatically updated by our support
Victims can you contact by chat directly, you can also ban
Spreading automatically without providing any effort or you can also spread manually
The victim can pay you in Bitcoin or Dash and Monero !
Withdrawal in Bitcoin, Dash, Monero
Automatically increases the ransom if no payment of the victim
Choose your own delete time
Create up to 10 different ransomware
You can add 8 users different free
Make the ransomware in format .pdf
bulletproof hosting, server VPN
Priority support by ticket since dashboard
Change all the logo, An icon in format .ICO, Remove the gandcrab logo, Add an animated logo in .GIF
Manage all the victims since the dashboard
You will have a fully functional 2019 tutorial to teach you, In format .pdf .mp4
Assignment on multiple computers in seconds from the same WIFI network
Undetectable by antivirus update regularly
Victim URL automatically generated in .onion customize your own URL
You can infected in unlimited
Manage the keys of decryption
Change the theme ransomware
You can see the blockchain explorer
Geolocation victims infected
You can also see the operating system
Show the IP of the victim
You will have full access to our forum with the rank Gold (forum under construction soon available)
You will have the ransomware source code, contact us from the dashboard with your login only for premium members
View antivirus report in real time
Crypter fud
Lifetime license !
Theme dashboard white, black

Conclusion

The conclusion is that security is hard and hackers are learning about the benefits of offering “things as a service” and using cloud to reduce costs. Attacking is become cheaper while protecting our organizations is becoming more costly

What is Bitcoin?

November 24, 2018GeneralEdward Kiledjian

Bitcoin is a decentralized digital currency, without a central bank or single administrator, that can be sent from user to user on the peer-to-peer bitcoin network without the need for intermediaries. Transactions are verified by network nodes through cryptography and recorded in a public distributed ledger called a blockchain. Bitcoin was invented in 2008 by an unknown person or group of people using the name Satoshi Nakamoto, and started in 2009 when its source code was released as open-source software.

Bitcoin is often called the first cryptocurrency, although prior systems existed. Bitcoin is more correctly described as the first decentralized digital currency. It is the largest of its kind in terms of total market value.

Bitcoins are created as a reward for a process known as mining. They can be exchanged for other currencies, products, and services. As of February 2015, over 100,000 merchants and vendors accepted bitcoin as payment. Bitcoin can also be held as an investment. According to research produced by Cambridge University there were between 2.9 million and 5.8 million unique users using a cryptocurrency wallet, as of 2017, most of them using bitcoin.

What is proof of work?

Proof of work is a system that is used to secure the Bitcoin network. Miners are rewarded with bitcoins for their work in verifying and committing transactions to the blockchain. Proof of work is also used to ensure that new blocks are added to the blockchain in chronological order and not randomly.

In order for a new block to be added to the blockchain, miners must solve a complex mathematical problem. The difficulty of this problem varies depending on the total amount of computing power that is being used to mine Bitcoin. When more miners join the network, the problem's difficulty increases, and vice versa.

Why do environmental groups have a problem with proof of work?

Environmental groups have a problem with proof of work because it requires a lot of energy to power the computers that are used for mining. In fact, according to one estimate, the amount of energy required to mine Bitcoin is more than the annual energy consumption of the country of Ireland.

This has led to concerns that proof of work is not sustainable in the long term and that it could have a negative impact on the environment. However, there are some proposed solutions to this problem, such as using renewable energy to power the computers used for mining or using proof of stake instead of proof of work.

What is proof of stake, and can it solve the environmental problems?

Proof of stake is an alternative to proof of work that is used to secure the Ethereum network. Miners are not rewarded with bitcoins for their work but instead earn a share of the transaction fees that are collected by the network.

This system is seen as more energy efficient than proof of work, as it does not require powerful computers to run the mining process. However, proof of stake is still in the early stages of development, and it is not yet clear if it will be able to scale to the same level as proof of work.

Examples of Darknet (TOR) sites

June 21, 2018GeneralEdward Kiledjian

I have received a lot of requests from readers, LinkedIn and Twitter connections to provide examples of some "interesting" darknet (TOR Onion Network) sites. I have posted over a dozen on my LinkedIn page but thought I would show a couple here.

My security team and I perform internet and darknet reconnaissance work to create briefing packages on cyber crime, determine trends and spot organizational dangers. As part of this research, we sometimes stumble on interesting examples that I share.

I have chosen not to hide the onion addresses (aka the URL) because I want to show that these are not made up designs but actual sites. I discourage anyone from using or visiting these sites. I am providing these as example for educational purposes only.

Bitcoin Fig is a centralized Bitcoin tumbler. A Cryptocurrency tumbler is a service that intakes identifiable, tainted or stollen cryptocurrencies and delivers them back with an obscure trail. This is used to improve anonymity when questionable transactions are being performed. These firms typically charge 1-4% of the "cleaned" amount and operate out of countries with strict private banking laws like Cayman Islands, Panama and the Bahamas.

The The Cannabis Growers and Merchants Cooperative CGMC is a "by invitation" cannabis market. They offer a trustless (aka escrow) shopping experience to protect buyers.

The sense of anonymity offered by TOR, attracts many with much more questionable products. Above is the French connection that deals in Heroin, Meth, brown sugar, Superman XTC pills, black tar, Amber glass BHO crumble and other products guaranteed to screw your life.

We've covered drugs and now we turn our attention to sports betting. BETTOR claims to be a marketplace that sells winning bets (not predictions). They claim to have 100% winning bets for football, basketball and tennis. I don't gamble so I cannot vouch for the quality of their recommendations.

CyberGuerrilla is another example of groups using the pseudo-anonymity of TOR to do what they probably wouldn't on the "normal" internet. This site describes it's mission as "The CyberGuerrilla Collective is an autonomous body based in Europe with collective members worldwide. Our purpose is to aid in the creation of a free society, a world with freedom from want and freedom of expression, a world without oppression or hierarchy, where power is shared equally. We do this by providing communication and computer resources to allies engaged in struggles against capitalism and other forms of oppression."

I describe this site as a blog platform for closet anarchists.

Escrow defense is a buyer/seller escrow service.

Cash is King is a get rich quick scheme. You pay them in BItcoin and they "sell" you cash that was destined for destruction. They claim to have a way of moving the cash before it is destroyed but need you to "launder it". How much is this service you ask?

What if you were scared as a king by Burger King and want nothing to do with a King? What is a cash strapped person to do? You can always buy counterfit US dollars from the USD site

What if you want to deal with digital currency? No worries, enter Vendor. Vendor sells hacked Paypal accounts.

How do you cash out these PayPal accounts without getting caught? Conveniently they offer a "cheap" laundered bitcoin service for a small nominal fee ($45USD for each BTC).

So now you have your drugs, your cheap cash and your cheap bitcoin. All this money is burning a hole in your wallet and you want to spend it on "cool" stuff. How about some counterfeit clothing?

What about stolen electronics like a Sony Playstation, an iPad, iPhone, Acer laptop, or Samsung Galaxy S9?

Since you haven't spent all your money yet, maybe you should think about the future and use DoubleBit to grow your crypto using darknet markets. For a "small" fee, they will "invest" your crypto for growth then will return "clean crypto" back to you with outrageously generous short term returns (I am being sarcastic, I have never used their service so I wouldn't know).

Why invest when you simply buy money from the BigDeal marketplace (http://bh3ly32vcg52brrc.onion/)

If you work for a publicly traded company and want to cash out some insider knowledge, you can use The Stock Insiders site

How to protect your Bitcoin from theft

November 24, 2017GeneralEdward Kiledjian

Bitcoin is all the rage, and everyone is talking about it. Any discussion or write up about Bitcoin usually starts with the fact that is it a decentralized digital currency. Decentralized means that no government or company controls it and it also means each participant is on his/her own when it comes to protecting their Bitcoin investment.

With US fiat currency saved in a bank, you have a high level of confidence that the money will be there in a day, week, month or a year. If the unthinkable happens and the bank is hacked, most bank deposits are federally insured, and the government will make you whole.

Bitcoin does not have any insurance or governmental oversight. Any Bitcoin left on an exchange is only as secure as that exchange's platform.

In Bitcoin, your ownership is confirmed using a super secret private key. When you store coins on an exchange, they hold the private keys for these coins. Any hacker that manages to obtain these private keys can, therefore, control your (now their) coins and move them into a new account they control. Once your coins are gone, there is no way to recover them.

How to secure your Bitcoin

The first rule is: do not leave your Bitcoins on an exchange. Most theft happens from exchanges because hackers know that compromising one exchange can yield millions in gains.

Some Exchanges (e.g., Coinbase) offer offline cold storage options. These are more secure than their traditional active accounts (since they double check transaction requests and have long waiting periods), but if someone steals the private keys due to infrastructure insecurity, they would be able to access your coins.

The second rule: control your private keys. When managing your private keys, computer security becomes critically important. I have written dozens of articles about it, so I won't take a deep dive here, but you'll have to spend some time thinking about it.

In TL;DR form: I recommend that you chose the safest and most robust computing environment when processing your private keys or performing Bitcoin transactions (purchase, sale or transfer). For most individuals, I recommend using a name brand Chromebook. A Chromebook a purpose-built device running Google Chrome on a very secure Linux operating system. Google continuously updates Chromebooks. Chromebooks offer a small attack surface and are less susceptible to compromise than a Windows or MacOS device.

Now that you have a secure platform to complete your transactions, the next question is: Where do I store my private keys?

You should keep a small amount of Bitcoin in a reputable smartphone app, where you can access it quickly if you feel like spending it. I like the Jaxx wallet (it is simple, well written and cross-platform).

You should store most of your bitcoin in a purpose-built offline (not on your computer or connected to the internet) hardware device. My device of choice is the Trezor wallet, but there are other excellent options (e.g., Ledger). These devices generate and protect your private keys. By keeping your private keys offline, they are immune to infections on your computer or constant hacking attempts. A Chrome extension powers the Trezor wallet, therefore it works beautifully on a Chromebook.

When setting up these hardware wallets, you generate a special recovery sentence (typically consists of 20 unrelated words). You should write this down on paper and store it somewhere safe. Never save this online, since anyone with access to this code could recover your private keys and steal your money. In the unlikely event that your hardware wallet dies, you can order a replacement and restore your private keys (during initialization) by entering your unique secret recovery sentence.

As cryptocurrency matures and becomes more widespread, I believe people will have to take a more active role in protecting their own money. It's probably a good idea to dip your toe now and start learning the ins and outs of crypto currency.

Companies buying bitcoin to prepare for cyber extortion

February 22, 2017GeneralEdward Kiledjian

In an uncertain world where kidnapping for ransom is an all too common occurrence, many hostage negotiators use the no-concession policy. They justify this position by explaining that paying a ransom makes it more likely that the perpetrators will try it again and often times the ransom is used to fund illegal or terrorist organizations.

Although I have seen very little empirical evidence to prove that this no-concesion approach is more desirable than paying the ransom, this mentality was brought into the digital age when cyber-ransoms, cyber-extortions and crypto-malware became prevalent.

More and more companies though have started to take a different approach and are now prepared to pay ransom in exchange for saving their networks, devices and information. To meet these demands quickly, some companies have started to store bitcoin as a risk mitigation strategy.

Why this change of heart? Many of the most popular well written malware was actually designed to ensure victims could recover their data when the ransom was paid. This attention to detail and solid customer service by the bad guys, means victims are now relatively certain that they will be saved if they pay the ransom.

Sure paying the ransom means funding organized crime and will likely fuel the next wave of crypto-malware but companies have a duty to protect their organization (rather than take the moral high ground).

This change in mindset is so pronounced that traditional physical K&R (kidnap & ransom) negotiation experts have started to test the cyber-extortion and cyber-ransomware negotiation space.

True verifiable numbers are hard to find but firms like Recorded Future ( a cyber intelligence company) has stated that it believes the cyber-ransom market has now reached the 1B$ mark. Kaspersky says a company is cyber-attacked every 40 seconds.

Obviously crypto-malware can be counter-acted by proper, regular offline backups but many companies don't start a robust recovery program until it's too late. They either pay the ransom or lose their data. Its that plain and simple.

Right now the advantage is with the attacker. Corporate information security groups have to bat 100% to keep the company safe. This is expensive, time consuming and not always achievable. The attacker just need to infect 1 machine on the network and then can propagate and move laterally from there.

Companies have started to jump on the Ransomware protection bandwagon. An EDR &"next-generation AV" company called Cybereason offers a free product called RansomFree. They claim it protects against 99% of ransomware by monitoring how applications interact with files on your computer. Did I mention RansomFree is free? I haven't used their product and thus can't recommend it but it does seem to be useful and could really help the average consumer ensure they don't end up getting victimized.

It is clear that this malware is written by extremely skilled and determined threat actors. This isn't code written in somebody's basement but rather a professional extortion company with developers, quality assurance and even customer support to ensure a paying customer is taken care of.

So the question is will your company prepare by buying and storing bitcoin? If you will, how much should you store? that is the new question.