Latest News


Latest News.



Everything You Should Know About Bitcoin Address.
A wallet address, comprising a string of 26-35 alphanumeric characters, is all it takes to send and receive bitcoin. Any bitcoin address can be used to transfer cryptocurrency to any other address on the network, provided the sender’s wallet software supports that address type.


Earn Bitcoin for FREE .!. Its Possible.
Many people are afraid of using they hard working money to buy or invest in cryptocurrency and that is ok, but there are many ways to earn crypto without using your money, this is a free way and you don't have to do nothing different that what you already do.

Venezuelan Airport using Bitcoin to Evade US Sanctions.
While the Trump administration continues to tighten its economic grip on nations of the world, Venezuelan President Nicolás Maduro has started to push back by using Bitcoin to circumvent US financial restrictions.


WHAT IS BINANCE COIN?
Binance held its ICO in July 2017. From there, the exchange decided to issue its own coin called, you’ve guessed it, Binance Coin. Its symbol: BNB. According to its website, BNB runs natively on Binance chain.

Bitcoin Paper Wallet Vulnerability That Gave Same Key to Multiple Users.
A paper wallet is an offline mechanism for storing Cryptocurrency like Bitcoin. The process involves printing the private keys and Bitcoin addresses onto paper. Physical wallets, also known as "physical Bitcoins".

More News.

New Bitcoin Core Software Update.
Bitcoin Core 0.19.0 (eventually 0.19.0.1 in the available download version, following the discovery of a last-minute issue) was overseen by lead maintainer Wladimir J. van der Laan and was reportedly developed by over a hundred contributors over....


Facebook esta explorando para hace su propia Cripto Moneda .
Se informa que Facebook está "explorando" la creación de su propia criptomoneda, informó el 11 de mayo el medio de comunicación Cheddar. Según fuentes anónimas de Cheddar, personas "familiarizadas con los planes de Facebook"


Bitcoin Time Traveler Real History from 5 Years Ago.
Please move on if you don’t believe me, I have no way of proving I’m going to tell you. I don’t want to waste your time, so I’m merely going to explain what happened and its consequences. The value of Bitcoin has increased by about a factor ten, on average, every year until 2013.


Coinbase Start it Visa Card for UK & EU.
Major American cryptocurrency exchange Coinbase has launched Coinbase Card, that enables its United Kingdom-based customers to pay in-store and online with cryptocurrency. The development was announced in a blog post published on April 10.


Walmart Stable Coin.
Banks Stopped Walmart Bank, Now the Retail Giant Hits Back With Crypto. it was discovered that the giant retail corporation Walmart has patented plans for a stablecoin that’s backed by U.S. dollars. If released into the wild, the USD-based cryptocurrency would be issued to select Walmart retailers and partners....

New Bitcoin Core Software Update

The Bitcoin Core development team released the latest update on Nov. 24 to Bitcoin (BTC)’s original software client — the nineteenth in the coin’s eleven-year history.

Releasing Bitcoin Core 0.19.0 (eventually 0.19.0.1 in the available download version, following the discovery of a last-minute issue) was overseen by lead maintainer Wladimir J. van der Laan and was reportedly developed by over a hundred contributors over a roughly six month period.


New wallet format, better SegWit interoperability
As Aaron Van Wirdum has revealed, 0.19.0.1 includes a range of performance improvements, updates and bug fixes, resulting from 550 merged pull requests.
The “bech32” address format (BIP 173) is now set for the first time as the default option in the Bitcoin Core wallet Graphical User Interface (GUI), having first been introduced in early 2018 with version 0.16.0. 
Bech32 contains a number of amendments, such as no longer making a distinction between lowercase and capital letters and formatting addresses to begin with “bc1” as opposed to 1 or 3. The addresses are thus a bit longer than existing format, but use fewer different characters. The changes are broadly intended to reduce the margin for human error in typos or reading aloud.
Bech32 also reportedly improves interoperability with SegWit wallets, with transactions now requiring less data to be transmitted over the Bitcoin network — and thus included in the blockchain — thereby reducing costs.
Van Wirdum indicates that the updated software client also now makes it possible for users to start a pruned node immediately from setup, even those with low disk space.


Privacy and security improvements
Nodes are now required to establish more connections to one another in a bid to better thwart partitioning attacks. Bloom Filters — a way for light clients, such as those running from mobile phones, to request relevant data from full nodes on the network —  have now been deprecated, as they are deemed to be weak on privacy.
Instead of Bloom Filters, 0.19.0.1 is evolving toward supporting a newer solution called “compact client-side block filtering” (BIP 158), which essentially reverses the operation of Bloom Filters by having full nodes create filters for each block and enabling light clients to use these filters to determine whether transactions relevant to them may have happened in a block.
Bitcoin Core 0.19.0 has removed payment protocol (BIP 70) from its GUI, noting that it was never widely adopted and that most wallets still use the more basic URI scheme (BIP 21) to receive payments.
The minor features outlined include support for the Partially Signed Bitcoin Transactions (PSBT) protocol, which is useful for multi-signature and CoinJoin transactions. 
Credit to Marie Huillet
This October, Bitcoin Core developer Greg Maxwell had criticized the “attractive mystery” that fear of a 51% attack on Bitcoin entails, arguing that any mechanism cooked up to mitigate it always implies centralization and represents a far greater threat to the network’s integrity.

Facebook Libras Project Failed


A November 15 blog post by Libra project developers detailing testnet developments has apparently failed to impress government regulators and influential voices in the space alike. CEO of blockchain company R3, David Rutter, commented at a London conference last week that “what they did was ridiculously stupid,” going on to call the announcement and approach of the project “naive.” The U.S. Congress is concerned as well, with members proposing a new bi-partisan bill Thursday, which seeks to classify the asset as a managed stablecoin security.



Libra Testnet Developments
The most recent Libra developers update notes that the testnet “has logged more than 51,000 transactions since we reset the testnet on September 17, 2019.” The blog post further details that the dev community has launched 10 wallets, 11 blockchain explorers, 2 IDEs, 1 API and 11 clients. “Until we launch mainnet, the best and fastest way we have to demonstrate Libra network functionality and provide early access is through our pre-mainnet. Pre-mainnet, a version of testnet available to Libra Association members, makes it easier and faster to test, troubleshoot, diagnose, and resolve software edge cases,” the update elaborates. Pre-mainnet currently has 7 deployed nodes and 14 in-process nodes, with a goal “to deploy 100 nodes on the mainnet, representing a mix of on-premises and cloud-hosted infrastructure.”


R3 CEO Criticizes Libra’s Actions
For all the developments that seem to be taking place in the Libra camp, some voices remain critical of the project’s bold announcement and entrance onto the scene last summer. Financial News London quotes R3 CEO and founder David Rutter as saying:

I think what they did was ridiculously stupid. The way they rolled it out… Yeah, you know it was just so… It was just so in your face. There’s a lack of understanding.
Rutter goes on to remark “When we saw [Facebook] talking about doing a basket of currencies with weighting, in reality when we want to translate that back to real-world currencies it’s not simple.” The ongoing saga of Facebook’s struggle against regulatory bodies, especially in the U.S., seems to underscore Rutter’s concerns with a series of congressional letters, hours-long hearings, and criticism from top government officials. This trend continued Thursday with a proposal from lawmakers to classify libra as a security, which could undercut the stated aims of the project.


Proposal for Classification of Managed Stablecoins as Regulated Securities
While the head of the Libra project for Facebook, David Marcus, has toyed with the idea of possibly utilizing stablecoins in the past, the newly proposed “Managed Stablecoins are Securities Act of 2019” probably is not what the group had in mind. Sylvia Garcia (D-Tex) and Lance Gooden (R-Tex) introduced the bill on Thursday, which would “establish the treatment of managed stablecoins under the securities laws.” Garcia reportedly named libra in a statement about the bill, affirming that libra and managed stablecoins “are clearly securities under existing law.”
With many highly prominent members of the Libra Association having already dropped out of the project, the proposal presents even more potential difficulty. Marcus has spoken against the notion that Libra should be regulated as a security previously, comparing it loosely to a platform like Paypal, and increased regulatory scrutiny from the SEC would likely make the project’s aim for large scale financial inclusion much more complicated.
What are your thoughts on Rutter’s remarks and the newly proposed legislation? Let us know in the comments section below.
Credit to Graham Smith

DeFi Startup Compound Finance Raises $25 Million




DeFi Startup Compound Finance Raises $25 Million Series A Led by A16z

Lending protocol Compound Finance just raised $25 million in a round led by Andreessen Horowitz’s a16z crypto fund, marking one of the largest venture capital investments in a decentralized finance (DeFi) startup to date.
According to DeFi Pulse, Compound has nearly $103 million worth of crypto locked up in its automated system, which can generate returns for users comparable to interest. Today’s announcement of the Series A follows Compound’s $8.2 million seed round in 2018.
Much like MakerDAO’s loans, users can take collateralized loans with ethereum-based tokens, with the locked assets automatically liquidating if an independent “oracle” determines the price has dropped too low.
Unlike MakerDAO loans, however, the Compound protocol supports multiple assets and allows people to lock up assets without borrowing. Because these assets are stored in a shared pool, even someone with liquidated collateral could claim tokens if they are able to repay the general pool.
Compound founder Robert Leshner said that so far “teams in crypto that have stockpiles of DAI and crypto” are the most frequent protocol users. This appears to correlate with investors’ interests.
Leshner said this recent round will help the San Francisco-based company further “decentralize” the protocol by setting it up so that crypto exchanges and custodians, like Coinbase, can maintain the protocol going forward.
"We’re planning to integrate Compound into as many custodians, exchanges, wallets, and brokers as we can,” Leshner said, “to allow exchanges and custodians to be the interface of the protocol.”
Leshner said Polychain Capital also participated in this recent venture round along with Paradigm Capital and Bain Capital Ventures.
For now, Leshner said the 12-person Compound team is focused on building this public infrastructure for institutions to tap into, rather than finding a unique business model for the startup itself.
“Our goal is to slowly transition the very limited functions that we control to the community over the next two years,” he said referring to exchanges and custodians. “Our highest priority is building something that is sustainable. … From there we could probably build on top of the protocol.”
Whether the startup’s future is to eventually build its own monetized service or exchange, Leshner said the next focus will be on supporting multi-collateral DAI in late November.
Credit to Leigh Cuen

Everything you Need to Know about the New Multicolateral Dai



Key facts:
*Users can make a profit by saving their Dai and anchor the token to various cryptocurrencies.
*Maker will enter a period of grace on November 18 to migrate from the old token to the new one.

Soon the MakerDAO community will be able to issue stable cryptocurrencies backed by various financial assets, in addition to ether (ETH) the Ethereum token. The network developers have launched a new token, the multicolateral DAI (MCD), which will integrate this function into the Maker protocol.
Yesterday, November 15, MakerDAO authorities announced the implementation of this new version of token in the main network . In this way, they confirmed the beginning of an extensive migration process; an event that will allow users to exchange the possessions of the DAI that currently works on the network - known as Sai - for the new multicolateral Dai.
The new version of Maker will bring significant changes to the operation of the network. Also, users should be aware of all the details to migrate their possessions in Sai or CDP without major problems. This article will focus on explaining the most important points a Dai owner should know about the new Maker token.
More anchors and possibility of saving
One of the most outstanding features offered by the multicolateral DAI is the possibility of issuing tokens anchored to various financial assets. Maker users can now generate a stable cryptocurrency (DAI) backed solely by a guarantee in ETH. However, in the future when the MCD is in operation, stable cryptocurrencies backed by multiple assets such as REP, BAT or GMO may be generated.
The community will generate a list of collateral assets that will be available for support , which will be selected in governance votes . Each of the proposed cryptocurrencies will be evaluated for their market diversity, daily volume and stability for long-term approval, authorities say.
The multicolateral Dai will also introduce one of the most anticipated functions by the Maker ecosystem, the DAI savings rate (DSR). Users can earn additional profits by saving stable cryptocurrencies in their wallet . MakerDAO said the savings rate will not be generated from DAIs issued on a whim, but from the funds generated by the Stability Rates.
The developers point out that the possibility of saving with DAI will differentiate this stable cryptocurrency from other tokens in the market. It was also noted that this function can be helpful due to the link between the price of DAI and the US dollar.

What should I know about migration?
Beyond the new options offered by the multicolateral DAI, Maker users should keep in mind that they will have a limited period of time to exchange their current tokens for the MCD or lose their funds . This is because the developers rewrote the core of Maker's smart contracts, making the new version of the protocol incompatible with current DAIs.
The migration of tokens will start on 18 November, according to press releases. However, before the exchange begins, users must participate in a governance voting process that will certify community consensus on the implementation of the multicolateral ICD. If the process is successful, the authorities will publish a migration portal, which will facilitate the exchange of tokens for owners, exchange houses, purses and even Dapps.
The migration portal may be used by common users, who must enter with their wallet and specify which funds they wish to exchange . The application has its own intuitive interface, says MakerDAO , which will guide users to transform their tokens without major problems. After the migration is finished, the portal sends the multicolateral DAIs to the owner's address.

The authorities indicate that there is still no tentative date for the end of the migration process. What is public knowledge is that the current DAI will be removed from the ecosystem exchange houses, introducing the commercialization of the new DCM.
Credit to Andrea Leal

Knowing Satoshi Nakamoto "Real Bitcon Creator"

Satoshi Nakamoto is the name used by the unknown person or people who developed bitcoin, created the bitcoin document and created and implemented the original bitcoin reference implementation. As part of the implementation, they also designed the first blockchain database. In the process, they were the first to solve the problem of double spending in digital currency using a peer-to-peer network. They were active in the development of bitcoins until December 2010.

Mr. Dorian Prentice Satoshi Nakamoto, a Japanese-American living in California, whose birth name is Satoshi Nakamoto, as the Nakamoto in question. I suspect that Satoshi has been denied several times that he is not in public, as shown in the video below.

There you will get some of the Wise and fun dating of Bitcoin by Satoshi Nakamoto
that are famous in the crypto conmunity.
-January 3, 2009: The Times 03 / Jan / 2009 Chancellor on the verge of the second
financial rescue for banks.
-January 28, 2010: I really wanted to find a way to include a short message, but the problem is that everyone could see the message. As much as I can keep reminding people that the message is completely non-private, it would be an accident waiting for it to happen.
-14 February 2010: if you are sad about paying a fee (a transaction), you can always turn tables and run a node yourself and maybe someday charge a fee of 0.44.
-14 February 2010: I am sure that in 20 years there will be a very large volume of transactions (bitcoin) or no volume.
-21 February 2010: In the absence of a market to establish the price (of bitcoin, estimates) based on the cost of production, it is a good estimate and a useful service (thanks). The price of any product tends to gravitate toward the cost of production. If the price is below cost, then production slows down. If the price is above cost, you can earn profits by generating and selling more. At the same time, the increase in production would increase the difficulty, pushing the cost of generating towards the price. In later years, when the generation of new currencies is a small percentage of the existing supply, the market price will dictate the cost of production rather than the other way around.
-26 February 2010: How do everyone feel about the symbol B with the two lines through the outside? Can we live with that as our logo?
-May 18, 2010: Creating an account on a website is much easier than installing and learning to use software, and it is a more familiar way of doing it for most people. The only disadvantage is that you have to trust the site, but that's fine for the pocket change amounts for micropayments and miscellaneous expenses. It's an easy way to start and if you get larger amounts, you can upgrade to the real bitcoin software.
-26 May 2010: if you are selling digital goods and services, where you do not lose much if someone gets a free access and can not be resold for profit, I think it's okay to accept 0 confirmations. Most of the time, if you sold gold or currency, you would need several confirmations.
-14 June 2010: SHA-256 is very strong. It is not like the incremental step from MD5 to SHA1. It can last several decades, unless there is a massive breakthrough attack.
-June 17, 2010: the nature of Bitcoin is such that, once version 0.1 was released, the design of the core was fixed in stone for the rest of its useful life.
-June 18, 2010: (I've been working on the design of bitcoin) since 2007. At some point I was convinced that there was a way to do it without the necessary confidence and I could not resist to keep thinking about it. Much more of the work was design than coding. Fortunately, until now all the problems raised have been things that I considered and planned before.
-June 18, 2010: (I planned to create a free bitcoin generator). When mortals become too difficult to generate 50 BTC, new users could get some coins to play immediately.
-21 June 2010: the lost coins only make the currencies of all others worth a little more. Think of it as a donation for everyone.
-June 22, 2010: we should not delay forever until all possible functions are completed. There will always be one more thing to do.
-26 June 2010: Like cash, you do not keep all your net worth in your pocket, (keep) walking for money for unforeseen expenses.
-June 27, 2010: for some things, novelty is a virtue, but for this type of software, maturity and stability are important. I do not want to put my money into something that is 1.0. Version 1.0 could be more interesting for a moment, but after that we are still 1.0 and everyone who comes with us thinks that we have just started. This is the third major release and 1.3 reflects the development story. (0.1, 0.2, 1.3)
-5 July 2010: Sorry for being a wet blanket. Writing a description for (bitcoin) for the general public is very difficult. There is nothing to relate it to.
-5 July 2010: we do not want to lead with "anonymous (currency)" ... (or) "currency beyond the reach of any government". I'm definitely not making a mockery or affirmation of this kind.
-8 July 2010: it is difficult to imagine that the Internet becomes hermetically segmented. It would have to be a country deliberately and totally isolated from the rest of the world.
-29 July 2010: if you do not believe me or do not understand, I do not have time to try to convince you, I'm sorry.
-August 5, 2010: Although I do not think that Bitcoin is practical for smaller micropayments at this time, it will eventually be so as storage and bandwidth costs continue to decline. ... Any size of micropayments you need will eventually be practical. I think in 5 or 10 years, the bandwidth and storage will seem trivial.
-August 5, 2010: free transactions are pleasant and we can keep them that way if people do not abuse them.
-Aug. 7, 2010: The utility of the exchanges made possible by Bitcoin will far exceed the cost of electricity used. Therefore, not having Bitcoin would be the net waste.
-August 27, 2010: Sorry, I've been so busy lately that I've been hiding messages and I still can not keep up
-27 August 2010: Bitcoins have no future potential dividends or dividends, therefore, not as an action. (They are) more like an object of collection or merchandise.
-19th September 2010: this is not the kind of software where we can leave so many unresolved errors that we need a tracker for them.
-23 September 2010: Bitcoin would be convenient for people who do not have a credit card or do not want to use the ones they have, either because they do not want the spouse to see it on the bill or do not trust giving their number to "guys of porn ", or fearful of recurring billing.
-5 December 2010: No, do not "bring it" (Wikileaks). The project needs to grow gradually so that the software can be strengthened along the way. I make this appeal to WikiLeaks not to try to use Bitcoin. Bitcoin is a small beta community in its infancy. I would not be willing to receive more than a pocket change, and the heat it would bring would probably destroy us at this stage.
-December 11, 2010: It would have been nice to get this attention in any other context (instead of being associated with WikiLeaks). WikiLeaks has kicked the wasp nest and the swarm is heading towards us.
-December 10, 2010: the fears about the secure purchase of domains with Bitcoins are a false trail. It is easy to exchange Bitcoins for other products not of good reputation.
-December 12, 2010: We should have a gentlemen's agreement to postpone the GPU's arms race while we can for the good of the network. It's much easier to get new users updated if you do not have to worry about compatibility and GPU drivers. It's good how anyone with only one CPU can compete equally at this time.


And the last known Appointments before disappearing
-Yes, (we will not find a solution to the political problems in cryptography), but we can win a major battle in the arms race and win a new territory of freedom for several years. Governments are good at cutting off the heads of centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to stand on their own.
-(Bitcoin is) very attractive to the libertarian point of view if we can explain it correctly. Although I'm better with the code than with the words.
-December 12, 2010: There is more work to be done in DoS, but I am doing a quick compilation of what I have so far in case it is necessary, before venturing into more complex ideas.
-6 March 2014: I am not Dorian Nakamoto.



THE PRETTY FIRST MESSAGE SENT BY SATOSHI IN THE FIRST BITCOIN BLOCK "GENESIS BLOCK"


THE ENCRYPTED MESSAGE WAS A PICTURE OF THE NEWSPAPER OF THAT DAY
Leave us your comments below and let us know if you think Satoshi Nakamoto is really Mr Dorian or maybe more than one person including Dorian?


Stealing Your Bitcoin Transactions from Your Own Browser


Masad Stealer: Exfiltrating using Telegram

masad_ad_blackmarket1.png
Juniper Threat Labs discovered a new Trojan-delivered spyware that uses Telegram to exfiltrate stolen information. Using Telegram as a Command and Control (CnC) channel allows the malware some anonymity, as Telegram is a legitimate messaging application with 200 million monthly active users. 
The malware is being advertised on black market forums as “Masad Clipper and Stealer”. It steals browser data, which might contain usernames, passwords and credit card information. Masad Stealer also automatically replaces cryptocurrency wallets from the clipboard with its own.
Masad Stealer sends all of the information it collects - and receive commands from - a Telegram bot controlled by the threat actor deploying that instance of Masad. Because Masad is being sold as off-the-shelf malware, it will be deployed by multiple threat actors who may or may not be the original malware writers.

What it does 

This malware is written using Autoit scripts and then compiled into a Windows executable. Most samples we have seen are about 1.5 MiB in size, however, Masad Stealer can be found in larger executables as it is sometimes bundled into other software.
When Masad Stealer is executed, it drops itself in %APPDATA%\folder_name}\{file_name}, where folder_name and file_name are defined in the binary. Examples include amd64_usbhub3.inf.resources and ws2_32.exe, respectively. As a persistence mechanism, mMasad Stealer creates a scheduled task that will start itself every one minute.
schtask.png
Stealing routine
After installing itself, Masad Stealer starts by collecting sensitive information from the system, such as:
Cryptocurrency Wallets
PC and system information
Credit Card Browser Data
Browser passwords
Installed software and processes
Desktop Files
Screenshot of Desktop
Browser cookies
Steam files
AutoFill browser fields
Discord and Telegram data
FileZilla files
It zips this information into a file using 7zip utility, which is bundled into the malware binary.
stolen_info.png

The above screenshot is a view of what Masad Stealer tries to exfiltrate from a sandbox. But the data that it can exfiltrate can expand to the following list:
stolen_info_complete.png
Using a hardcoded bot token, which is basically a way to communicate with the Command and Control bot, Masad Stealer sends this zip file using the sendDocument API.
sendDocumentAPI.png
In order to communicate with the Command and Control bot, Masad Stealer first sends a getMe message using the bot token to be able to confirm that the bot is still active. Upon receiving this request, the bot replies with the user object that contains the username of the bot. This username object is useful for identifying possible threat actors related to this malware. This is an important consideration because of the off-the-shelf nature of this malware - multiple parties will be operating Masad Stealer instances for different purposes.
telegram_bot_getme.png
Where the bot’s token is “719604859:AAE3Pg_oJ8cPgTxKzDtysU-3Zpj6hsBxNqI”.

Clipping Routine

This malware includes a function that replaces wallets on the clipboard, as soon as it matches a particular configuration. Below are the regular expressions and supported wallets that it matches against the clipboard data:
clipping_regex.png
Below is a list of coins/wallet it tries to clip:
Monero
Bitcoin Cash
Litecoin
Neo
Web Money
ADA
ZCASH
DogeCoin
Stratis
QIWI Pay
Bicond
Waves
Reddcoin
Qtum
Payeer
Bytecoin
Bitcoin
Black Coin
VIA
Steam Trade Link
Bitcoin Gold
Emercoin
Lisk
Ethereum
Dash
Ripple
Yandex Money
If the clipboard data matches one of the patterns coded into Masad Stealer, the malware replaces the clipboard data with one of the threat actors’ wallets, which are also found in its binary. Below are the bitcoin and monero wallets found in one of the samples:

Bitcoin: 1AtwyYF2TGR969cyRDrR2XFDqSPzwCXKfe

Monero: 42Mm9gjuUSmPNr7aF1ZbQC6dcTeSi1MgB1Tv41frv1ZRFWLn4wNoLH3LDAGn9Fg2dhJW2VRHTz8Fo9ZAit951D2pDY8ggCR

Below is a snapshot of the bitcoin wallet transaction, as of this writing. This wallet has already received around $9,000 USD equivalent of bitcoins (as of Sept 15, 2019), which may or may not come from the activity of this malware.
sample_fraudulent_bitcoin_wallet.png

Attack Vector

Based on our telemetry, Masad Stealer’s main distribution vectors are masquerading as a legitimate tool or bundling themselves into third party tools. Threat actors achieve end user downloads by advertising in forums, on third party download sites or on file sharing sites. Below are the currently known list of software that Masad Stealer has been seen mimicking:
ProxySwitcher (legitimate version here: https://www.proxyswitcher.com/)
CCleaner.exe (legitimate version here: https://ccleaner.com/)
Utilman.exe (legitimate version comes with Windows)
Netsh.exe (legitimate version comes with Windows)
Iobit v 1.7.exe (legitimate version here: https://www.iobit.com/)
Base Creator v1.3.1 [FULL CRACK].exe (there is no legitimate version)
EXEA HACK CRACKED (PUBG,CS GO,FORTNITE,GTA 5,DOTA).exe ( there is no legitimate version)
 Icacls.exe (legitimate version comes with Windows)
WSManHTTPConfig.exe (legitimate version comes with Windows)
RADMIR CHEAT MONEYY.exe (there is no legitimate version)
Tradebot_binance.exe (legitimate version here: https://tradesanta.com/en)
Whoami.exe (legitimate version comes with Windows)
Proxo Bootstrapper.exe (this is actually a reasonably popular form of malware)
Fortniteaimbot  2019.exe (there is no legitimate version) 
Galaxy Software Update.exe (https://www.samsung.com/us/support/answer/ANS00077582/)


Download additional malware
 Some samples of Masad Stealer have the capability to download additional malware. We have seen samples that download other malware, usually a miner, from these URLs:
https://masadsasad[.]moy.su/base.txt (miner)
https://zuuse[.]000webhostapp.com/mi.exe (miner)
http://37[.]230.210.84/still/Build.exe
http://37[.]230.210.84/still/SoranoMiner.exe
http://187[.]ip-54-36-162.eu/steal.exe
http://bgtyu73[.]ru/22/Build.exe
The figure below is a response from the request to https://masadsasad[.]moy.su/base.txt. This response contains an executable file with modified header. In addition to connecting via TLS, the modified header is an added trick by the malware to hide itself.
download_miner.png


TLS streams are more difficult to inspect, helping to hide them from network-based security defenses. The modified header helps to hide the fact that the payload being downloaded is an executable from endpoint security products.

Threat Actors
This malware is being advertised in several hack forums as Masad Stealer. It starts with a free version and ladders up to versions asking up to $85, with each tier of the malware offering different features.
There is at least one dedicated website (masadproject[.]life) in existence to promote the sale of Masad Stealer. The developers have also created a Telegram group for their potential clients, and presumably to offer tech support.  At time of writing, this group has more than 300 members.
masad_telegram_support.png
Of the more than 1,000 samples we identified to be variants of this malware, there where 338 unique Telegram Command and Control bot IDs. From this data, we can estimate the number of threat actors - or at least the number of different campaigns being run using the Masad Stealer malware - and the size of their operations. We used the getMe API, along with the bot token, to identify the usernames. Among the top bot IDs are as follows:
Telegram Bot ID
Telegram Bot Username
Unique Hashes
bot610711208
potterk_bot
45
bot830353220
reaper228bot
24
bot661438794
RanisYolo19_bot
23
bot796671289
dfsklnjfmkdvehfsf454sdfbot
22
bot870978042
dawdvwabot
20
bot753197414
korote_bot
14
bot823037532
NA/Inactive
13
bot699800942
RcbBots_Bot
13
bot831297312
xAmytBot
13
bot883608782
bichpaket777_bot
12
bot656889928
notius_bot
12
bot813438470
idontknowubot
12
bot911603667
Masat_bot
11
bot963764792
NA/Inactive
11
bot930786995
reborntodes_bot
9
bot884837464
istrong_bot
9
bot646596033
SkyDen_bot
9
bot865594389
gnoy199519bot]
8

Previous versions of this malware (or possibly a direct ancestor) are called “Qulab Stealer”.

How does Juniper Networks protect you against this?

Juniper Advanced Threat Protection products JATP and Sky ATP use machine learning to be able to accurately identify malware. The following images show the Sky ATP detecting multiple variations of this malware.
skyatp_detecttions.png
The use of machine learning is critical to defending against this malware because of the number of rapid iterations it underwent throughout its development. Machine learning allows Juniper Connected Security to identify Masad Stealer variants as they emerge, helping to keep customers protected even before new strains have been identified.

Conclusion
Juniper Threat Labs believes that Masad Stealer represents an active and ongoing threat.  Command and Control bots are still alive and responding as of this writing, and the malware appears to still be available for purchase on the black market.
In order to protect your organization, make sure that you have a next generation firewall (NGFW) with Advanced Threat Protection. NGFWs have the ability to identify the Telegram protocol and block it, if there is no legitimate business use, while Advanced Threat Protection products offer other methods to detect and counteract this malware.
Juniper Sky ATP, in conjunction with our SRX firewall will block any client infected with Masad Stealer from reaching out to the Command and Control bot master. It will also block the download of the Masad Stealer malware files in the first place, offering both remediation and prevention capabilities.

Urls:

https://masadsasad[.]moy.su/base.txt 

https://zuuse[.]000webhostapp.com/mi.exe

http://37[.]230.210.84/still/Build.exe

http://37[.]230.210.84/still/SoranoMiner.exe

http://187[.]ip-54-36-162.eu/steal.exe

http://bgtyu73[.]ru/22/Build.exe


All Credit to  ,
from Juniper.net