Troy Mursch

May 8, 2017

Website Flaw Let True Health Diagnostics Users View All Medical Records

This post was originally published on this siteOver the past two weeks readers have pointed KrebsOnSecurity to no fewer than three different healthcare providers that failed to provide the most basic care to protect their patients’ records online. Only one of the three companies — the subject of today’s story — required users to be logged in order to view all patient records. A week ago I heard from Troy Mursch, an IT consultant based in Las Vegas. A big fan of proactive medical testing, Mursch said he’s been getting his various lab results reviewed annually for the past two years […]
March 26, 2018

Who and What Is Coinhive?

This post was originally published on this siteMultiple security firms recently identified cryptocurrency mining service Coinhive as the top malicious threat to Web users, thanks to the tendency for Coinhive’s computer code to be used on hacked Web sites to steal the processing power of its visitors’ devices. This post looks at how Coinhive vaulted to the top of the threat list less than a year after its debut, and explores clues about the possible identities of the individuals behind the service. Coinhive is a cryptocurrency mining service that relies on a small chunk of computer code designed to be […]
September 2, 2018

Alleged ‘Satori’ IoT Botnet Operator Sought Media Spotlight, Got Indicted

This post was originally published on this siteA 20-year-old from Vancouver, Washington was indicted last week on federal hacking charges and for allegedly operating the “Satori” botnet, a malware strain unleashed last year that infected hundreds of thousands of wireless routers and other “Internet of Things” (IoT) devices. This outcome is hardly surprising given that the accused’s alleged alter ego has been relentless in seeking media attention for this global crime machine. Schuchman, in an undated photo posted online and referenced in a “dox,” which alleged in Feb. 2018 that Schuchman was Nexus Zeta. The Daily Beast‘s Kevin Poulsen broke […]
February 27, 2019

Crypto Mining Service Coinhive to Call it Quits

This post was originally published on this siteRoughly one year ago, KrebsOnSecurity published a lengthy investigation into the individuals behind Coinhive[.]com, a cryptocurrency mining service that has been heavily abused to force hacked Web sites to mine virtual currency. On Tuesday, Coinhive announced plans to pull the plug on the project early next month. A message posted to the Coinhive blog on Tuesday, Feb. 26, 2019. In March 2018, Coinhive was listed by many security firms as the top malicious threat to Internet users, thanks to the tendency for Coinhive’s computer code to be surreptitiously deployed on hacked Web sites to steal […]