Become a witness of new generation of financial age. But be careful of hack.


Bitcoin mining make the world crazy. Java base coin mining tools provides flexibility. A lightweight, small footprint let you involved to mining industry.

What is the actual reason to lure the people starting the mining work?

Reminder: Bitcoin mining like a games. Different types of crypto currencies will have different mining rewards policy.

It looks that it is easy to answer. We are looking for money that is the reward.

The Bitcoin block mining reward halves every 210,000 blocks, the coin reward will decrease from 12.5 to 6.25 coins, said bitcoinblockhalf (

So what is the target mining pool (blockchain) and coin types?

The hottest crypto currencies are Bitcoin (BTC), Ethereum (ETH), Monero (XMR), Litecoin (LTC), Dash and Pascal (PASC). But Ethereum mining is profitable, but it cannot maintain in the long run. However it is still the hottest topic. Ethereum has seen an almost 20x jump in price in 2017. What are Mining Rewards in Ethereum?

The proof of work(PoW) in Ethereum is run through Ethash. The successful PoW miner will receive a static block reward that is equal to 5 Ether.


Why a GPU mines faster than a CPU?

A majority of GPUs support add, multiply and multiply-add natively in hardware with single-cycle throughput, as the basic computation instructions.  And thereby it is better to using GPU conduct bitcoin mining. Since traditional CPU embedded instruction set and OS footprint. It is difficult to maximize the overall performance for bitcoin mining.

Does Java code is the best suit for Bitcoin Mining?

I watch a TV program years ago, a crew visited China report the status of this industry. Shown on the TV screen the bitcoin miner campus like a factory. A whole bunch of computer units which generates high temperature. You could not found a pretty office lady in that office. So, does it a artificial intelligence office? Seems it is not, you will find young Chinese men which wearing casual to working over there.

The traditional bitcoin mining require high CPU resources to do the calculation. A hints of the mining requirement recommend using GPU (graphics processing unit) instead of CPU (central processing unit). However, an HTML IFRAME tag is able to embedded java script to share visitor CPU resources to assists for bitcoin mining ((Embedding a javascript inside another using the<iframe> tag). As we know, web site open to the world not limited to area and visitor. From technical point of view, this is a win win situation. Coinhive offers a JavaScript miner for the Monero Blockchain that you can embed in your website.

To be honest, java programming provides flexibility for bitcoin miner do the mining. Below sample shown that a light-weight java programming can conduct a mining focusing on Ethereum blockchain. Some largeBitcoin mining farms switch to Ethereum today.

Remark: Ethereum is an open-source, public, blockchain-based distributed computing platform featuring smart contract functionality

package org.ethereum.core;

import java.math.BigInteger;

import org.ethereum.crypto.HashUtil;
import org.ethereum.util.ByteUtil;
import org.ethereum.util.FastByteComparisons;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.BigIntegers;
public class Miner {
public boolean mine(Block newBlock, byte[] difficulty) {

		BigInteger max = BigInteger.valueOf(2).pow(256);
		byte[] target = BigIntegers.asUnsignedByteArray(32,
				max.divide(new BigInteger(1, difficulty)));

		byte[] hash = HashUtil.sha3(newBlock.getEncodedWithoutNonce());
		byte[] testNonce = new byte[32];
		byte[] concat;

		while(ByteUtil.increment(testNonce)) {
			concat = Arrays.concatenate(hash, testNonce);
			byte[] result = HashUtil.sha3(concat);
			if(FastByteComparisons.compareTo(result, 0, 32, target, 0, 32) < 0) {
//				System.out.println(Hex.toHexString(newBlock.getEncoded()));
				return true;
		return false; // couldn't find a valid nonce

Cyber security view point

Researchers found that a sophisticated class of surreptitious mining software might penetrates your system. Hacker will delivered their services through infected image files or by clicking on links leading to a malicious site. n such a way that visitor will consume more CPU power. It is easy to figure it out what is the status of your personal computer at home. If you have everything closed but CPU usage is still super high, then you may have a crypto mining malware problem.

Potential opportunities for hacker

Since those bitcoin mining java script not going to compile, Those programming coding something do not trigger the security alarm. Hacker is easy to mix their malware code contained in bitcoin mining java script then bypass the detective mechanism.

What next?

Perhaps Bitcoin environment looks like a new generation of new century. It is hard to draw into conclusion at this moment. Perhaps Bitcoin environment looks like a new generation of new century. It is hard to draw into conclusion at this moment. The similar case of traditional bank robbery will be replaced by new technology. The hacker will conduct similar criteria of criminal activities.


Monero: Mining metrics are calculated based on a network hash rate of 252 MH/s and using a XMR – USD exchange rate of 1 XMR = $ 88.35. These figures vary based on the total network hash rate and on the XMR to USD conversion rate. Block reward is fixed at 6.022756660193 XMRand future block reward reductions are not taken into account. The average block time used in the calculation is 120 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.

Ethereum: Mining metrics are calculated based on a network hash rate of 109,037 GH/s and using a ETH – USD exchange rate of 1 ETH = $ 307.61. These figures vary based on the total network hash rate and on the ETH to USD conversion rate. Block reward is fixed at 3 ETH and future block reward reductions are not taken into account. The average block time used in the calculation is 15 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.

Bitcoin: Mining metrics are calculated based on a network hash rate of 10,399,990,921 GH/s and using a BTC – USD exchange rate of 1 BTC = $ 6138.57. These figures vary based on the total network hash rate and on the BTC to USD conversion rate. Block reward is fixed at 12.5 BTCand future block reward reductions are not taken into account. The average block time used in the calculation is 600 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.

DASH: Mining metrics are calculated based on a network hash rate of 210,374 GH/s and using a DASH – USD exchange rate of 1 DASH = $ 283.43. These figures vary based on the total network hash rate and on the DASH to USD conversion rate. Block reward is fixed at1.801475954707712 DASH POW mining out of 3.602951909415424 DASH total mining reward and future block reward reductions are not taken into account. The average block time used in the calculation is 488 seconds. The electricity price used in generating these metrics is $ 0.12per kWh.

Litecoin: Mining metrics are calculated based on a network hash rate of 30,369 GH/s and using a LTC – USD exchange rate of 1 LTC = $ 56.5. These figures vary based on the total network hash rate and on the LTC to USD conversion rate. Block reward is fixed at 25 LTC and future block reward reductions are not taken into account. The average block time used in the calculation is 150 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.




SS7 flaw make two factor authentication insecure – Reveal the veil


Two factor authentications claimed itself that it is a prefect security solution. No matter online banking transaction, Bitcoin wallet, e-trading business system and application system which concern the data privacy are willing to apply two factors authentication.

The overall comments for two factor authentication on the market

Let’s take a review in below cyber security incident records

  1. Cyber Criminals stolen Bitcoin in electronic Wallets by counterfeit two factor authentication SMS messages.A investment trader so called night owl. He was notified the passwords had been reset on two of his email addresses on 11th Aug 2016. He losses among the largest in his bitcoin investment. The venture capitalists (Bo Shen) he had value of US$300,000 electronic money (Augur REP tokens) stolen by hacker, plus an undisclosed amount of bitcoin and other cryptocurrencies lost. Coinbase (US base world biggest bitcoin exchange) observed that a double growth of cyber heist among it customers during November to December 2016.
  2. Criminals carried out an attack from a network of a foreign mobile network operator in the middle of January 2017. Meanwhile the attackers use SS7 vulnerability to intercept and redirect mTANs ( mobile transaction authentication numbers) sent by banks in Germany to authorize transfers payment out of victim accounts.

The clarification of two factor authentication criteria

Two factor authentication (2FA) definition is based on providing two of the following three “somethings”: (1) something you know, which is your username and password combination or a pin, (2) something you have, which can be a bank card, mobile device, smartwatch, or another device you’ve flagged as safe, and in more advanced scenarios, (3) something you are, which includes biometrics like fingerprints, retina scans, or voice recognition. By requiring a user to verify their identity with two or more of these unique ways, 2FA is effectively extending security beyond the password. The final step of the authentication process is send one-time authorization code to a device via an SMS, which you then enter to prove your identity.

My doubt on above matter?

What if my situation in regards to key terms “something you are” function replace by a hardware token. In this scenario, my hardware authentication token will be synchronized in the 1st round of registration to RSA ACE server. Thereafter the dependence of the hardware token depends on a element (timing). This setup compliance to 2FA definition. In the sense that it did not involve SMS message. So the 2FA still trustworthy, right?

SS7 Vulnerability

A proof of concept shown that attacker could use the telephone network to access the voice data of a mobile phone, find its location and collect other information. Hacker able to manipulating USSD commands to spoof financial transactions such as the authorization of purchases or the transfer of funds between accounts.

The hacks exploit the SS7 vulnerability by tricking the telecom network believing the attacker’s phone has the same number as the victim’s phone. We know that hackers can hijack whatsApp and telegram via ss7. A vulnerability found on 2008.

SS7 design fundamental is going to trust any request.  We known that JSS7 is an implementation of SS7 telephony protocol in Java, aims to create an open source, multiplatform, SS7 protocol stack. And therefore counterfeit SMS message will more easier (see below information supplement 1 at the bottom of this page for reference). Carriers often “ask” one another for the whereabouts of a certain device so they can calculate the nearest cell tower to route a call. These sorts of automated interactions happen all the time. Nokia safeguards network operations with new security features in Sep 2015. The features consisting of Signaling Guard and Security Assessment service, detects and prevents attacks that exploit vulnerabilities in the SS7 protocol. It looks that such remediation step not effective to avoid insider threats.

Nokia safeguard network operation effectiveness

The fundamental of SS7 signal system is operate in a private network, meaning that cyber criminals have to hack it to gain entry—or find a telecom insider willing to offer illicit access.However there is another vulnerability on ASN.1. That is ASN.1 Compiler flaw leads to Network vulnerability. As such , hacker explore the back door on SS7 not only targeting to their internal staff. It might have possibility allow attackers to remotely execute unknown and unauthorized code inside the firmware of devices that use the compiled ASN1C code from within C and C++. Meanwhile java language fully compatible with SS7 protocol stack and platform. Oops! Do you think a design weakness will be happen in this place?

Hacker might reading shared memory data using Java . Program source that is written by C++.

Hacker can create a method in Java to read or write on shared memory. Hacker might have way relies on Java SS7 benefits hook to sharing memory process. As a result, it compromise the machine. It can send SMS to anyone or anywhere includes communicate with other Telco vendor. It is the most concern and dangerous way.


From technical point of view, 2FA (Two factor authentication) still a secure method for authentication. It looks that the flaw given by SS7 signaling system instead of 2FA itself. Since 2FA not limit to SS7 to conduct authentication. You are allow to use other alternative. Guys do not worry too much.

Information supplement 1: Open Source Java SS7 stack that allows Java apps to communicate with legacy SS7 communications equipment. JSS7 is an implementation of SS7 telephony protocol in Java, aims to create an open source, multiplatform, SS7 protocol stack. Below javascript sample is the pass along message implementation programming syntax for reference.

package org.mobicents.protocols.ss7.isup.impl.message;


import org.mobicents.protocols.ss7.isup.ISUPMessageFactory;
import org.mobicents.protocols.ss7.isup.ISUPParameterFactory;
import org.mobicents.protocols.ss7.isup.ParameterException;
import org.mobicents.protocols.ss7.isup.impl.message.parameter.MessageTypeImpl;
import org.mobicents.protocols.ss7.isup.message.ISUPMessage;
import org.mobicents.protocols.ss7.isup.message.PassAlongMessage;
import org.mobicents.protocols.ss7.isup.message.parameter.MessageName;
import org.mobicents.protocols.ss7.isup.message.parameter.MessageType;

 * Start time:xx<br>
 * Project: xx<br>
 * @author <a href="">xx </a>

public class PassAlongMessageImpl extends ISUPMessageImpl implements PassAlongMessage {
 public static final MessageType _MESSAGE_TYPE = new MessageTypeImpl(MessageName.PassAlong);

static final int _INDEX_F_MessageType = 0;
 private ISUPMessage embedded;
 * @param source
 * @throws ParameterException
 public PassAlongMessageImpl() {
 super.f_Parameters.put(_INDEX_F_MessageType, this.getMessageType());

public MessageType getMessageType() {
 return _MESSAGE_TYPE;

 public void setEmbeddedMessage(ISUPMessage msg) {
 this.embedded = msg;

 public ISUPMessage getEmbeddedMessage() {
 return embedded;

public boolean hasAllMandatoryParameters() {
 return this.embedded == null ? false: this.embedded.hasAllMandatoryParameters();

 public int encode(ByteArrayOutputStream bos) throws ParameterException {
 throw new ParameterException("No embedded message");

//encode CIC and message type
 this.encodeMandatoryParameters(f_Parameters, bos);
 final byte[] embeddedBody = ((AbstractISUPMessage)this.embedded).encode();
 // 2 - for CIC
 bos.write(embeddedBody, 2, embeddedBody.length - 2);
 return bos.size();

 public int decode(byte[] b, ISUPMessageFactory messageFactory,ISUPParameterFactory parameterFactory) throws ParameterException {
 int index = 0;
 //decode CIC and PAM message type.
 index += this.decodeMandatoryParameters(parameterFactory, b, index);
 byte targetMessageType = b[index];
 this.embedded = messageFactory.createCommand(targetMessageType, this.getCircuitIdentificationCode().getCIC());
 //create fake msg body
 byte[] fakeBody = new byte[b.length-1];
 System.arraycopy(b, 1, fakeBody, 0, fakeBody.length);
 index+=((AbstractISUPMessage)this.embedded).decode(fakeBody, messageFactory, parameterFactory)-2;
 return index;

// Not used, PAM contains body of another message. Since it overrides decode, those methods are not called.
 protected void decodeMandatoryVariableBody(ISUPParameterFactory parameterFactory, byte[] parameterBody, int parameterIndex)
 throws ParameterException {
 // TODO Auto-generated method stub


protected void decodeOptionalBody(ISUPParameterFactory parameterFactory, byte[] parameterBody, byte parameterCode)
 throws ParameterException {
 // TODO Auto-generated method stub


protected int getNumberOfMandatoryVariableLengthParameters() {
 // TODO Auto-generated method stub
 return 0;

protected boolean optionalPartIsPossible() {

throw new UnsupportedOperationException();


Information supplement 2: How to protect your IT premises? Found vulnerability sometimes isn’t a flaw.This is the original design! For more detail, please refer below:  

How to protect your IT premises? Found vulnerability sometimes isn’t a flaw.This is the original design!


New trend – Botnet infection technique empowered Ransomware infection


We known that botneck infection technique popular last few year. The objective of the botneck infection more on DDOS attack. But the status now has been change.

Below sample of code on how botnet operation.

using System.Threading.Tasks;

using log4net;

using Loki.Bot;

using Loki.Common;

using Loki.Game;


namespace MapBuddy.Tasks


    public class MapExplorationCompleteTask : ITask


        private static readonly ILog Log = Logger.GetLoggerInstanceForType();


        public async Task<bool> Logic(string type, params dynamic[] param)


            if (type != "task_execute") return false;

            if (LokiPoe.Me.IsDead || !LokiPoe.CurrentWorldArea.IsMap) return false;


            if (CurrentMap.HasBossRoom)


                if (!TrackMobTask.MapBossFound && !TrackMobTask.MapBossDead)


                    Log.Warn("[MapExplorationCompleteTask] insci_test dont allow finish map until boss is alive.");

                    return false;




            Log.Warn("[MapExplorationCompleteTask] Now finishing the map run.");


            await CommunityLib.LibCoroutines.CreateAndTakePortalToTown();


            //Second portal if we are

            //if (MapBuddySettings.Instance.Mode == OpenMethod.Laboratory)


            //    var currentBot = BotManager.CurrentBot;

            //    currentBot.Settings.SetProperty("NeedsTownRun", 2);



            return true;



        public string Name => "MapExplorationCompleteTask";


        public string Description => "Task for leaving the map.";


        public string Author => "ExVault";


        public void Start()




        public void Tick()




        public void Stop()




        public string Version


            get { return "1.0"; }



        public object Execute(string name, params dynamic[] param)


            return null;




Current status:

It looks that an alert shown that an unknown attack counterfeit HSBC email to widespread the infection.  This round of attacks seems focusing on banking industry. Sample counterfeit email display below: Guys be careful!


Tax heaven is also a hacker playground – Bermuda

Perhaps the legal firm Mossack Fonseca data breaches incident is a history. However headline news reveal another similar case which was happened on November last year.I was shock that Mossack Fonseca encountered data breach which astonish the world since Tycoon and famous people like President of Russia Putin virama was included in their customer list.  A slogan told that a Tax heaven is also a hacker playground. It looks that legal firm only know how to use law regulations to protect their client. On the other hand, former cyber security incident shown that they are ignore the technology risks. In the meantime, we receive the news on newspaper that a cyber attack encountered on their database November last year (2016). But sounds like another important factor might bring to their attentions. For instance, it is easy to find the lawyer public email address because of their business operation model. Such business running model let hacker easy to obtained the email address. A easy way to make use of email phishing techniques let receiver become a victim. Hacker will receive the credential after compromised the email account. As a result, it is easy to drawout the data. About the detail, please refer below url for reference. 

Another story of offshore law firm data leakage. The firm encountered cyber attack on Nov 2016.
The information released the news this month.

Existing encryption scheme looks have space to enhance – X.931security breach

The implementation of existing encryption scheme looks have space to enhance. Another bug has been found on X.931. It looks that the vulnerability found on encryption machanism last few months reveal the bottleneck in IT environment. Can you still remember that our Hero Edward Snowden alert. He was told that cyber espionage or government will relies ob backdoor of device or application to execute their task. A scandal reveal security vendor use the weak crypto scheme benefits to NSA to receive government contract.  Perhaps we did not focus on encryption mechanism since we believed that we are secure once we make it. However the design limitation is the cache. No matter  it is a hardware or software. Hacker relies on temporary cache retrieve the SSL key then execute man-in-the middle attack in antivirus software. A private key found on chipset which make more than million of mobile devices in security breach. My imagination of conspiracy theory, it looks that Hero Snowden and wikileak reveal how  NSA doing the surveillance program.  Since secret expose and therefore they are not going to use anymore. As a result more and more scandal or unknown bug will be open to public.  Below url will provides hints to you for reference.

RTOS(real-time operating system) is under attack. Do you think it is the 2nd round of test?

The terms IoT (Internet of things) looks a messed transformation of specifics definition. The suitable criteria to define a IoT component is that for a device demand data be processed without buffering delays. If you have habits read technology post daily. We known that IT security vendor (checkpoint) alert the world that a new IoT botneck is going to jeopardizing the world. Since the case is under their investigation. My personal opinion is that the specifics attacks focus on RTOS(real-time operating system). For instance, web cam, router, smart city facilities. I strongly believed that Microsoft not the major target. Since RTOS devices has large coverage on simplified linux base OS platform.  Keep your eye open, you might seen the result of reaper IoT attack relies on shellshock vulnerabilities and bruteforce attacks.In additional, if the device found vulnerabilities on the kernel. The malicious code will relies on it. Below url can provides the details to you in this regard. Perhaps we have more and more electronic computing devices supporting to our life daily. The hostile country engage the attack to suspend the daily operations of the enemy looks better than a bomb or military threatening.

INFINEON chip design flaw – not vulnerable in ECC, flaw only encountered on RSA

Bitcoin technology looks luck this round since INFINEON chip design flaw – not vulnerable in ECC (Elliptic Curve Cryptography), flaw only encountered on RSA.


The flaw resides in the Infineon-developed RSA Library version v1.02.013. A design weakness has been found. A vulnerability in an implementation of RSA Key Generation could allow private encryption key disclosure.

This vulnerability affects any products using the affected code library “RSA Library version v1.02.013” developed by Infineon Technologies. Keys generated with smartcards or embedded devices using the Infineon library are vulnerable, as well as devices certified by NIST FIPS 140-2 and CC EAL 5+.

Queries of this vulnerability – in regards to so called security regulatory standard

It is hard to believe that a tough and harsh security requirements issued by NIST (FIPS 140-2) and Common Criteria. However the certified products are also the victim.

Do you think is there a verification and identification gap in between hardware vendor and security authority? And therefore such embarrass status happened today.

Known effect areas:


Component: Smartcards (manufacturers using Infineon smartcard chips and TPMs)


Component: Smartcards and IoT devices (manufacturers using Infineon smartcard chips and TPMs)

Home Users:

Component: IoT (manufacturers using Infineon smartcard chips and TPMs)

Vendor announcement:

Laptops and mobile devices use Trusted Platform Module (TPM) hardware chips with the affected encryption key code library. For instance Google, Microsoft, HP, Lenovo, and Fujitsu. They claimed that the have patched their respective software.


Should you have interest in related topic, please refer to below url for reference.

WPA2 vulnerability found. But online Banking system customer do not shock.


WPA2 vulnerability found. But online Banking system customer do not shock. Take it easy. The WPA2 wireless encryption scheme looks secure before specifics vulnerability occurred. Security expert found that hacker is able to relies on 3rd handshake doing injection which causes man-in-the-middle of attack. As a result your wireless network data traffic will be hunted by hacker. The data includes on-line banking credentials, social media credentials,….etc. But if you think it over. The SSL tunnel end point of online banking web application is seat on your mobile. Hacker must install the web server SSL public PKI key certificate in the 1st phase, otherwise he cannot view the data embedded in the traffic pattern. Perhaps hacker already install the public cert. However a HSM will be protect your password from online banking system. Since password will be shown as random code. Hacker cannot reuse. How about VISA 3D secure method? You will receive SMS alert of your payment transactions finally. You can verify by yourself.  For more detail about the WPA2 vulnerability, please refer below url for reference.

How will be effect to cyber world – a scandal from Microsoft

Reuters interviews with Microsoft former employees. A scandal given by former employees was that Microsoft responded quietly after detecting secret database hack in 2013. It looks that this is official commercial tactics. I have no surprise that hackers relies on known bug on vendor bug track database to formula new generation of virus. Believe it or not, we seen this virus already. We all know that the 1st version of Ransomware development relies on Microsoft bug which found by United Stated National Security Agency. The scandal happened this month. We have more and more news update afterwards. For more details about the journalist interviews.. Please see below url for reference. 

Reminder: Oct 2000 – Microsoft admits that its corporate network has been hacked and source code for future windows products has been seen. Hacker suspected to be from St. Petersburg.


Potential risk of CVE-2017-15265

CVE-2017-15265 found on Linux causes privileges escalation. Cisco expert found that it the vulnerability is due to a use-after-free memory error in the ALSA .The ALSA Framework design for audio function. However Android and IoT devices are deployed the ALSA framework on demand. Since Cisco do not have sound on their router, network switch, IDS and firewall devices. However hacker is able to use this vulnerability on all Linux OS platform. No one can say this is only a critical incident. This design weakness jeopardizing the IT world. Keep your eye open. Perhaps there are under going cyber attacks or data leakages cases relies on this design weakness which infiltrate the victim devices.However we do not find yet till now! For details of this vulnerability, Cisco provides their findings. Please refer below url for reference.