Johannesburg City Network Shutdown over Bitcoin Ransom Hack

Michael LaVere
  • The City of Johannesburg has been forced to shut down its network following hackers gaining access and demanding bitcoin for ransom.
  • Multiple South African banks experienced hacks earlier in the week as cybersecurity attacks become more sophisticated in the country.

The City of Johannesburg has been forced to shut down its official website and billing systems following unauthorized access by a hacking group that is now demanding bitcoin for ransom. 

According to a report by Bloomberg published Oct. 25, South African authorities were forced to turn off their network following a group of hackers gaining access to the system. The hackers demanded a ransom of 4 BTC ($30,000) in return.

An official tweet by the City of Joburg account said that call centers, cashiers and other digitally connected platforms were being forced offline following the breach as a precautionary measure. 

The city claims the incident is currently being investigated by “cyber security experts,” and is expected to resolve in 24 hours. Calls for emergency services are being diverted to the Provincial Call Centre until network function returns. 

The hacking group, which goes by the name Shadow Kill Hackers, briefly advertised their feat on the City’s official website prior to it being shut down. 

According to the report by Bloomberg, cybersecurity attacks have become an increasingly more sophisticated problem in South Africa. In July, Johannesburg’s power supply was crippled by a virus that limited customer’s ability to purchase electricity online. Multiple banks were also affected by hacks earlier in the week, but reportedly no customer data was put at risk.

Featured Image Credit: Photo via Pixabay.com

'Big Spender' Bitcoin Wallet Exploit Is an 'Issue With BTC Itself', Says BCH Supporter

Michael LaVere
  • Crypto security firm ZenGo has identified a double-spend exploit dubbed "BigSpender" which affected popular bitcoin wallets.
  • Exploit allows an attacker to cancel a bitcoin transaction without the receiving user knowing. 

A crypto security firm has identified a double-spend exploit targeting popular bitcoin wallet providers. 

According to a report by ZenGo, the security firm has discovered a double and multiple spend wallet exploit for bitcoin dubbed “BigSpender.” The report claims the exploit allows an attacker to cancel a bitcoin transaction but still have it appear in a victim’s vulnerable wallet. 

The report reads, 

The core issue at the heart of the BigSpender vulnerability is that vulnerable wallets are not prepared for the option that a transaction might be canceled and implicitly assume it will get confirmed eventually.

As CryptoGlobe reported, ZenGo found that a user’s balance would be increased following an unconfirmed incoming transaction, without a subsequent decrease in the event the transaction being double-spent. The firm outlined how an attacker could use the exploit to cancel transactions of sent bitcoin while still receiving goods and services in return. 

The security firm tested nine popular cryptocurrency wallets and found BRD, Ledger Live and Edge to be vulnerable to the exploit. All three companies were notified by ZenGo of the threat and subsequently updated their products. However, the firm noted that “millions” of crypto users may have been exposed to the attack prior to the update. 

Bitcoin Cash supporter Hayden Otto told Cointelegraph the exploit is particularly concerning for bitcoin-accepting merchants. 

He said, 

The technique is facilitated by RBF (replace by fee), a so-called ‘feature’ added at the protocol level by the Bitcoin Core developers.The issue exists if you use BTC. Wallet software can only make some trade off, which results in a worse BTC user experience, in order to try to protect BTC users.

Otto claimed the exploit was derived from “an issue with BTC itself” and had little to do with wallet software. 

Featured Image Credit: Photo via Pixabay.com