Page 64 - Veritas - 02.03.22
P. 64

Cryptocurrency: Cryptocurrency is a virtual asset used as a medium of








                          exchange through a network of computers. The currencies are








                          decentralized structures that use blockchain technology and









                          distributed ledgers across numerous computers, also called non-official








                          cryptocurrencies. They are no longer patronized by any government








                          authority and in most cases are without any tangible, physical assets.


















                          How is cryptocurrency earned?



















                          Crypto-mining: Bitcoin mining is the technique of creating new bitcoin








                          by solving computational puzzles. The mining process also confirms








                          transactions on the cryptocurrency’s network and makes them








                          trustworthy.









                          Crypto buying and exchange: Basically, crypto exchanges permit the








                          conversion of one crypto to another and the buying and selling of








                          cryptocurrencies. These platforms set the price of digital assets (both








                          coins and tokens), based on trading activities. Cryptocurrency can be









                          brought from trading platforms like Bitfinex and coinbase. And exchange








                          can be taken by offering to accept cryptocurrency in exchange for








                          service.








                          Attack Methodology: In his voluntary declaration to the CCB police,








                          Sriki said he had hacked the Bitfinex exchange twice. “Bitfinex became








                          his first largest Bitcoin exchange hack.” And the second instance was a









                          simple spear-phishing attack that led to two Israeli hackers operating for








                          the army and getting access to the computers of one of the employees,








                          which gave them access to the AWS cloud account. He exploited a bug in








                          the data centre which gave them KVM (Kernel-based virtual machine)









                          access to the server. They rebooted the server into GRUB (GNU Grand








                          Unified Bootloader) mode, reset the password, logged in, reset the








                          withdrawal server passwords and routed the money via bitcoin to his bit-








                          coin address. And he had made a profit of around 20,008 BTC (bitcoin).








                          In August 2019, authorities at the e-procurement cell filed charges with








                          the State Police Cyber Crime Branch, professing that an unknown









                          person took Rs 11.5 crore and the officials were able to prevent the theft








                          of another Rs 7.37 crore.








                          Sriki also admitted he had hacked into the Karnataka government’s








                          e-procurement portal in 2019. The accused alleged that he acquired









                          access to the procurement site in June 2019 by exploiting “a remote code








                          execution vulnerability’’, that gave him access to tender bid details such








                          as transaction details, bid reference, payment amount, IFSCs (Indian
   59   60   61   62   63   64   65   66   67   68   69