10 Jul

Data Security

The goal is not to necessarily stop a hacker, but to make it as difficult as possible for them to decrypt the data. As multiple companies have stated: It isn’t a matter of if a hacker will steal the data, it is a matter of when.

Son Nguyen on Data Security.

05 Jul

Crypto Fear & Greed Index

ABN is deeply involved in blockchain as a technology. Blockchain is still working to gain global adoption. Greed and Fear play a large role in people’s adoption of the Blockchain technology (not just the currencies). Hence we include the Crypto Fear and Greed index in our publication.

Below is how the math works out.

Why Measure Fear and Greed?

The crypto market behaviour is very emotional. People tend to get greedy when the market is rising which results in FOMO (Fear of missing out). Also, people often sell their coins in irrational reaction of seeing red numbers. With our Fear and Greed Index, we try to save you from your own emotional overreactions. There are two simple assumptions:

  • Extreme fear can be a sign that investors are too worried. That could be a buying opportunity.
  • When Investors are getting too greedy, that means the market is due for a correction.

Therefore, we analyze the current sentiment of the Bitcoin market and crunch the numbers into a simple meter from 0 to 100. Zero means "Extreme Fear", while 100 means "Extreme Greed". See below for further information on our data sources.

Data Sources

We are gathering data from the five following sources. Each data point is valued the same as the day before in order to visualize a meaningful progress in sentiment change of the crypto market.

First of all, the current index is for bitcoin only (we offer separate indices for large alt coins soon), because a big part of it is the volatility of the coin price.

But let’s list all the different factors we’re including in the current index:

Volatility (25 %)

We’re measuring the current volatility and max. drawdowns of bitcoin and compare it with the corresponding average values of the last 30 days and 90 days. We argue that an unusual rise in volatility is a sign of a fearful market.

Market Momentum/Volume (25%)

Also, we’re measuring the current volume and market momentum (again in comparison with the last 30/90 day average values) and put those two values together. Generally, when we see high buying volumes in a positive market on a daily basis, we conclude that the market acts overly greedy / too bullish.

Social Media (15%)

While our reddit sentiment analysis is still not in the live index (we’re still experimenting some market-related key words in the text processing algorithm), our twitter analysis is running. There, we gather and count posts on various hashtags for each coin (publicly, we show only those for Bitcoin) and check how fast and how many interactions they receive in certain time frames). A unusual high interaction rate results in a grown public interest in the coin and in our eyes, corresponds to a greedy market behaviour.

Surveys (15%) currently paused

Together with strawpoll.com (disclaimer: we own this site, too), quite a large public polling platform, we’re conducting weekly crypto polls and ask people how they see the market. Usually, we’re seeing 2,000 – 3,000 votes on each poll, so we do get a picture of the sentiment of a group of crypto investors. We don’t give those results too much attention, but it was quite useful in the beginning of our studies. You can see some recent results here.

Dominance (10%)

The dominance of a coin resembles the market cap share of the whole crypto market. Especially for Bitcoin, we think that a rise in Bitcoin dominance is caused by a fear of (and thus a reduction of) too speculative alt-coin investments, since Bitcoin is becoming more and more the safe haven of crypto. On the other side, when Bitcoin dominance shrinks, people are getting more greedy by investing in more risky alt-coins, dreaming of their chance in next big bull run. Anyhow, analyzing the dominance for a coin other than Bitcoin, you could argue the other way round, since more interest in an alt-coin may conclude a bullish/greedy behaviour for that specific coin.

Trends (10%)

We pull Google Trends data for various Bitcoin related search queries and crunch those numbers, especially the change of search volumes as well as recommended other currently popular searches. For example, if you check Google Trends for "Bitcoin", you can’t get much information from the search volume. But currently, you can see that there is currently a +1,550% rise of the query „bitcoin price manipulation“ in the box of related search queries (as of 05/29/2018). This is clearly a sign of fear in the market, and we use that for our index.

03 Jul

If This Then That (commonly known as IFTTT) – a new addition to ABN’s technology stack.

If This Then That (commonly known as IFTTT, /ɪft/)[4][5] is a service that allows a user to program a response to events in the world, and it’s coming to ABN Asia’s technology portfolio.

IFTTT has partnerships with different service providers that supply event notifications to IFTTT and execute commands that implement the responses. Some event and command interfaces are simply public APIs.[6]

The programs, called applets, are simple and created graphically.

15 May

BREAKING NEWS !!!!! 🇻🇳 – TNEX Digital Bank Vietnam

BREAKING NEWS !!!!! 🇻🇳 – TNEX Digital Bank has just been honoured with the ‘Best New Digital Bank’ Award at the Global Economics Awards. 🎉

Congrats to all TNEX’ers and a big thank you to our partners and our loyal customers for your trust and support 🙏.

The Global Economics Awards organized by the London-based Global Economics Magazine aims to recognize and reward key players and the best performers in international markets from different sectors. These prestigious awards provide companies with global reach and recognition.


20 Aug

Security A major ransomware outbreak hit China back in April. WannaRen ransomware author contacts security firm to share decryption key

By Catalin Cimpanu for Zero Day | August 19, 2020 — 13:13 GMT (21:13 SGT) | Topic: Security

Image: QiAnXin

A major ransomware outbreak hit Chinese internet users earlier this year in April. For about a week, a ransomware strain known as WannaRen made tens of thousands of victims among both home consumers and local Chinese and Taiwanese companies.

Looking back, in retrospect, four months later, WannaRen’s virality can be explained due to the fact that its code was loosely modeled after WannaCry, the ransomware strain at the heart of the May 2017 global outbreak.

Just like their inspiration, the authors of the WannaRen ransomware incorporated the EternalBlue exploit into their infection chain, allowing WannaRen to spread without restrictions inside corporate networks before encrypting and ransom files.

And just like WannaCry, WannaRen spread like wildfire, far beyond what the ransomware’s authors had intended, creating more havoc than they anticipated, and the reason why, in the end, the malware’s authors gave up the master decryption key for free, so all victims could eventually recover their files.

The Hidden Shadow malware group

More than three years after it happened, we can now say for sure that WannaCry was created by North Korean government hackers as a way to infect a few victims, ransom their files, and use the ransom payments to raise funds for the Pyongyang regime. WannaCry authors never had big ambitions, and causing a global outbreak was never their intent, as this only brought more attention to their illicit sanctions-evading and criminal activities.

However, something similar can also be said for the authors of the WannaRen ransomware, a group that Chinese antivirus maker Qihoo 360 said it’s been tracking under the name of Hidden Shadow.

Described as a small-time threat actor, this group has been active for years, being involved in the distribution of an assortment of malware strains, usually via pirated software download sites.

Past operations involved the distribution of password-stealers, keyloggers, remote access trojans, and cryptocurrency-mining malware.

WannaRen was added to the group’s arsenal and incorporated into their distribution routine on April 4, this year.

According to multiple sources, WannaRen’s initial point of distribution was a modified installer for the Notepad++ text editor that was shared via the Xixi Software Center.

Image via ITnews

Because access to the official Notepad++ download site is often blocked in China due to the software maker’s anti-Chinese stance, and because Xixi is one of China’s largest software download sites, infections with WannaRen spike right away.

Thousands of Chinese internet users began asking for help decrypting their files on Chinese forums, social networks, and online chats, starting with the first day when WannaRen infections started getting detected, according to local press.

Hidden Shadow malware spread laterally across networks

While many users were home consumers, many asking for help were IT admins managing corporate networks, where WannaRen was particularly aggressive.

This was likely due to WannaRen’s infection routine.

On computers where users installed this booby-trapped version of Notepad++, the installer dropped a backdoor trojan, deployed the EternalBlue exploit to spread laterally across a network (via SMBv1), and used a PowerShell script to download and install the WannaRen ransomware or a Monero-mining module.

Image: Qihoo 360

Once it locked users’ computers, the ransomware would show a ransom note portraying North Korean dictator Kim Jong-un, and ask users to pay a decryption fee of 0.05 bitcoin (~$550) to decrypt their files.

All computers hit by this ransomware were pretty easy to spot, as all encrypted files had their names appended with the ".wannaren" extension.

Image via Weibo

WannaRen authors give out their own decryption key

From the pretty niche distribution method and the low ransom demand, it was pretty clear from the get-go that the Hidden Shadow group had not intended for their ransomware to spread so widely and so fast.

Likely fearing or anticipating a crackdown from Chinese authorities, less than a week after they started distributing WannaRen, the Hidden Shadow group reached out to a local Chinese cybersecurity firm named Huorong Security (火绒, or Tinder Security).

In a series of emails the company shared online, the WannaRen authors shared the ransomware’s private encryption key (also known as a master decryption key) with Huorong’s staff, asking the company to create and share a free decryption utility with infected victims.

Image: Huorong Security

On the same day, on April 9, Huorong released its WannaRen decryption utility, followed a few hours later by a similar decryption utility created by RedDrip, a cyber-security division inside QiAnXin Technology, which has also been tracking the ransomware‘s rapid spread across China.

However, while the vast majority of WannaRen users were in China, the ransomware’s extreme virality also allowed it to spread via internal networks from Chinese subsidiaries to some foreign companies as well.

Since not all these companies might be aware that there is a free decryption tool available, or they might not trust the tools created by the two Chinese security vendors, today, Romanian antivirus maker Bitdefender also released its own WannaRen decryption utility.

At the time of writing, WannaRen infections appear to have died out, but victims who may have copies of files encrypted by this threat back in April can now decrypt them for free.


April.2020 ABN Asia.

Call Now Button