Anti-Money Laundering Service AMLBot Cleans House

Read Time:2 Minute, 40 Second

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.

Antinalysis, as it existed in 2021.

In August 2021, KrebsOnSecurity published “New Anti Anti-Money Laundering Services for Crooks,” which examined Antinalysis, a service marketed on cybercrime forums that purported to offer a glimpse of how one’s payment activity might be flagged by law enforcement agencies and private companies that track and trace cryptocurrency transactions.

“Worried about dirty funds in your BTC address? Come check out Antinalysis, the new address risk analyzer,” read the service’s opening announcement. “This service is dedicated to individuals that have the need to possess complete privacy on the blockchain, offering a perspective from the opponent’s point of view in order for the user to comprehend the possibility of his/her funds getting flagged down under autocratic illegal charges.”

Antinalysis allows free lookups, but anyone wishing to conduct bulk look-ups has to pay at least USD $3, with a minimum $30 purchase. Other plans go for as high as $6,000 for 5,000 requests. Nick Bax, a security researcher who specializes in tracing cryptocurrency transactions, told KrebsOnSecurity at the time that Antinalysis was likely a clone of AMLBot because the two services generated near-identical results.

AMLBot shut down Antinalysis’s access just hours after last year’s story went live. However, Antinalysis[.]org remains online and accepting requests, as does the service’s Tor-based domain, and it is unclear how those services are sourcing their information.

AMLBot spokesperson Polina Smoliar said the company undertook a thorough review after that discovery, and in the process found two other services similar to Antinalysis that were reselling their application programming interface (API) access to cybercrooks.

Smoliar said that following the revelations about Antinalysis, AMLBot audited its entire client base, and implemented the ability to provide APIs only after a contract is signed and the client has been fully audited. AMLBot said it also instituted 24/7 monitoring of all client transactions.

“As a result of these actions, two more services with the name AML (the same as AMLBot has) were found to be involved in fraudulent schemes,” Smoliar said. “Information about the fraudsters was also sent to key market participants, and their transaction data was added to the tracking database to better combat money laundering.”

Experts say the founder of Antinalysis also runs a darknet market for narcotics.

The Antinalysis homepage and chatter on the cybercrime forums indicates the service was created by a group of coders known as the Incognito Team. Tom Robinson, co-founder of the blockchain intelligence firm Elliptic, said the creator of Antinalysis is also one of the developers of Incognito Market, a darknet marketplace specializing in the sale of narcotics.

“Incognito was launched in late 2020, and accepts payments in both Bitcoin and Monero, a cryptoasset offering heightened anonymity,” Robinson said. “The launch of Antinalysis likely reflects the difficulties faced by the market and its vendors in cashing out their Bitcoin proceeds.”

Read More

php-Smarty-3.1.47-1.fc37

Read Time:3 Minute, 58 Second

FEDORA-2022-d5fc9dcdd7

Packages in this update:

php-Smarty-3.1.47-1.fc37

Update description:

[3.1.47] – 2022-09-14

Security

Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks #454

Fixed

Fixed use of rand() without a parameter in math function #794
Fixed unselected year/month/day not working in html_select_date #395

[3.1.46] – 2022-08-01

Fixed

Fixed problems with smarty_mb_str_replace #549
Fixed second parameter of unescape modifier not working #777

[3.1.45] – 2022-05-17

Security

Prevent PHP injection through malicious block name or include file name. This addresses CVE-2022-29221

Fixed

Math equation max(x, y) didn’t work anymore #721

[3.1.44] – 2022-01-18

Fixed

Fixed illegal characters bug in math function security check #702

[3.1.43] – 2022-01-10

Security

Prevent evasion of the static_classes security policy. This addresses CVE-2021-21408

[3.1.42] – 2022-01-10

Security

Prevent arbitrary PHP code execution through maliciously crafted expression for the math function. This addresses CVE-2021-29454

[3.1.41] – 2022-01-09

Security

Rewrote the mailto function to not use eval when encoding with javascript

[3.1.40] – 2021-10-13

Changed

modifier escape now triggers a E_USER_NOTICE when an unsupported escape type is used https://github.com/smarty-php/smarty/pull/649

Security

More advanced javascript escaping to handle https://html.spec.whatwg.org/multipage/scripting.html#restrictions-for-contents-of-script-elements thanks to m-haritonov

[3.1.39] – 2021-02-17

Security

Prevent access to $smarty.template_object in sandbox mode. This addresses CVE-2021-26119.
Fixed code injection vulnerability by using illegal function names in {function name=’blah’}{/function}. This addresses CVE-2021-26120.

[3.1.38] – 2021-01-08

Fixed

Smarty::SMARTY_VERSION wasn’t updated https://github.com/smarty-php/smarty/issues/628

[3.1.37] – 2021-01-07

Changed

Changed error handlers and handling of undefined constants for php8-compatibility (set $errcontext argument optional) https://github.com/smarty-php/smarty/issues/605
Changed expected error levels in unit tests for php8-compatibility
Travis unit tests now run for all php versions >= 5.3, including php8
Travis runs on Xenial where possible

Fixed

PHP5.3 compatibility fixes
Brought lexer source functionally up-to-date with compiled version

[3.1.36] – 2020-04-14

Fixed

Smarty::SMARTY_VERSION wasn’t updated in v3.1.35 https://github.com/smarty-php/smarty/issues/584

[3.1.35] – 2020-04-14

remove whitespaces after comments https://github.com/smarty-php/smarty/issues/447
fix foreachelse on arrayiterators https://github.com/smarty-php/smarty/issues/506
fix files contained in git export archive for package maintainers https://github.com/smarty-php/smarty/issues/325
throw SmartyException when setting caching attributes for cacheable plugin https://github.com/smarty-php/smarty/issues/457
fix errors that occured where isset was replaced with null check such as https://github.com/smarty-php/smarty/issues/453
unit tests are now in the repository

3.1.34 release – 05.11.2019

13.01.2020
– fix typo in exception message (JercSi)
– fix typehint warning with callable (bets4breakfast)
– add travis badge and compatability info to readme (matks)
– fix stdClass cast when compiling foreach (carpii)
– fix wrong set/get methods for memcached (IT-Experte)
– fix pborm assigning value to object variables in smarty_internal_compile_assign (Hunman)
– exclude error_reporting.ini from git export (glensc)

3.1.34-dev-6 –

30.10.2018
– bugfix a nested subblock in an inheritance child template was not replace by
outer level block with same name in same child template https://github.com/smarty-php/smarty/issues/500

29.10.2018
– bugfix Smarty::$php_handling == PHP_PASSTHRU (default) did eat the “n” (newline) character if it did directly followed
a PHP tag like “?>” or other https://github.com/smarty-php/smarty/issues/501

14.10.2018
– bugfix autoloader exit shortcut https://github.com/smarty-php/smarty/issues/467

11.10.2018
– bugfix {insert} not works when caching is enabled and included template is present
https://github.com/smarty-php/smarty/issues/496
– bugfix in date-format modifier; NULL at date string or default_date did not produce correct output
https://github.com/smarty-php/smarty/pull/458

09.10.2018
– bugfix fix of 26.8.2017 https://github.com/smarty-php/smarty/issues/327
modifier is applied to sum expression https://github.com/smarty-php/smarty/issues/491
– bugfix indexed arrays could not be defined “array(…)””

18.09.2018
– bugfix large plain text template sections without a Smarty tag > 700kB could
could fail in version 3.1.32 and 3.1.33 because PHP preg_match() restrictions
https://github.com/smarty-php/smarty/issues/488

Read More

php-Smarty-3.1.47-1.fc36

Read Time:3 Minute, 58 Second

FEDORA-2022-52154efd61

Packages in this update:

php-Smarty-3.1.47-1.fc36

Update description:

[3.1.47] – 2022-09-14

Security

Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks #454

Fixed

Fixed use of rand() without a parameter in math function #794
Fixed unselected year/month/day not working in html_select_date #395

[3.1.46] – 2022-08-01

Fixed

Fixed problems with smarty_mb_str_replace #549
Fixed second parameter of unescape modifier not working #777

[3.1.45] – 2022-05-17

Security

Prevent PHP injection through malicious block name or include file name. This addresses CVE-2022-29221

Fixed

Math equation max(x, y) didn’t work anymore #721

[3.1.44] – 2022-01-18

Fixed

Fixed illegal characters bug in math function security check #702

[3.1.43] – 2022-01-10

Security

Prevent evasion of the static_classes security policy. This addresses CVE-2021-21408

[3.1.42] – 2022-01-10

Security

Prevent arbitrary PHP code execution through maliciously crafted expression for the math function. This addresses CVE-2021-29454

[3.1.41] – 2022-01-09

Security

Rewrote the mailto function to not use eval when encoding with javascript

[3.1.40] – 2021-10-13

Changed

modifier escape now triggers a E_USER_NOTICE when an unsupported escape type is used https://github.com/smarty-php/smarty/pull/649

Security

More advanced javascript escaping to handle https://html.spec.whatwg.org/multipage/scripting.html#restrictions-for-contents-of-script-elements thanks to m-haritonov

[3.1.39] – 2021-02-17

Security

Prevent access to $smarty.template_object in sandbox mode. This addresses CVE-2021-26119.
Fixed code injection vulnerability by using illegal function names in {function name=’blah’}{/function}. This addresses CVE-2021-26120.

[3.1.38] – 2021-01-08

Fixed

Smarty::SMARTY_VERSION wasn’t updated https://github.com/smarty-php/smarty/issues/628

[3.1.37] – 2021-01-07

Changed

Changed error handlers and handling of undefined constants for php8-compatibility (set $errcontext argument optional) https://github.com/smarty-php/smarty/issues/605
Changed expected error levels in unit tests for php8-compatibility
Travis unit tests now run for all php versions >= 5.3, including php8
Travis runs on Xenial where possible

Fixed

PHP5.3 compatibility fixes
Brought lexer source functionally up-to-date with compiled version

[3.1.36] – 2020-04-14

Fixed

Smarty::SMARTY_VERSION wasn’t updated in v3.1.35 https://github.com/smarty-php/smarty/issues/584

[3.1.35] – 2020-04-14

remove whitespaces after comments https://github.com/smarty-php/smarty/issues/447
fix foreachelse on arrayiterators https://github.com/smarty-php/smarty/issues/506
fix files contained in git export archive for package maintainers https://github.com/smarty-php/smarty/issues/325
throw SmartyException when setting caching attributes for cacheable plugin https://github.com/smarty-php/smarty/issues/457
fix errors that occured where isset was replaced with null check such as https://github.com/smarty-php/smarty/issues/453
unit tests are now in the repository

3.1.34 release – 05.11.2019

13.01.2020
– fix typo in exception message (JercSi)
– fix typehint warning with callable (bets4breakfast)
– add travis badge and compatability info to readme (matks)
– fix stdClass cast when compiling foreach (carpii)
– fix wrong set/get methods for memcached (IT-Experte)
– fix pborm assigning value to object variables in smarty_internal_compile_assign (Hunman)
– exclude error_reporting.ini from git export (glensc)

3.1.34-dev-6 –

30.10.2018
– bugfix a nested subblock in an inheritance child template was not replace by
outer level block with same name in same child template https://github.com/smarty-php/smarty/issues/500

29.10.2018
– bugfix Smarty::$php_handling == PHP_PASSTHRU (default) did eat the “n” (newline) character if it did directly followed
a PHP tag like “?>” or other https://github.com/smarty-php/smarty/issues/501

14.10.2018
– bugfix autoloader exit shortcut https://github.com/smarty-php/smarty/issues/467

11.10.2018
– bugfix {insert} not works when caching is enabled and included template is present
https://github.com/smarty-php/smarty/issues/496
– bugfix in date-format modifier; NULL at date string or default_date did not produce correct output
https://github.com/smarty-php/smarty/pull/458

09.10.2018
– bugfix fix of 26.8.2017 https://github.com/smarty-php/smarty/issues/327
modifier is applied to sum expression https://github.com/smarty-php/smarty/issues/491
– bugfix indexed arrays could not be defined “array(…)””

18.09.2018
– bugfix large plain text template sections without a Smarty tag > 700kB could
could fail in version 3.1.32 and 3.1.33 because PHP preg_match() restrictions
https://github.com/smarty-php/smarty/issues/488

Read More

php-Smarty-3.1.47-1.el7

Read Time:3 Minute, 58 Second

FEDORA-EPEL-2022-576e858e93

Packages in this update:

php-Smarty-3.1.47-1.el7

Update description:

[3.1.47] – 2022-09-14

Security

Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks #454

Fixed

Fixed use of rand() without a parameter in math function #794
Fixed unselected year/month/day not working in html_select_date #395

[3.1.46] – 2022-08-01

Fixed

Fixed problems with smarty_mb_str_replace #549
Fixed second parameter of unescape modifier not working #777

[3.1.45] – 2022-05-17

Security

Prevent PHP injection through malicious block name or include file name. This addresses CVE-2022-29221

Fixed

Math equation max(x, y) didn’t work anymore #721

[3.1.44] – 2022-01-18

Fixed

Fixed illegal characters bug in math function security check #702

[3.1.43] – 2022-01-10

Security

Prevent evasion of the static_classes security policy. This addresses CVE-2021-21408

[3.1.42] – 2022-01-10

Security

Prevent arbitrary PHP code execution through maliciously crafted expression for the math function. This addresses CVE-2021-29454

[3.1.41] – 2022-01-09

Security

Rewrote the mailto function to not use eval when encoding with javascript

[3.1.40] – 2021-10-13

Changed

modifier escape now triggers a E_USER_NOTICE when an unsupported escape type is used https://github.com/smarty-php/smarty/pull/649

Security

More advanced javascript escaping to handle https://html.spec.whatwg.org/multipage/scripting.html#restrictions-for-contents-of-script-elements thanks to m-haritonov

[3.1.39] – 2021-02-17

Security

Prevent access to $smarty.template_object in sandbox mode. This addresses CVE-2021-26119.
Fixed code injection vulnerability by using illegal function names in {function name=’blah’}{/function}. This addresses CVE-2021-26120.

[3.1.38] – 2021-01-08

Fixed

Smarty::SMARTY_VERSION wasn’t updated https://github.com/smarty-php/smarty/issues/628

[3.1.37] – 2021-01-07

Changed

Changed error handlers and handling of undefined constants for php8-compatibility (set $errcontext argument optional) https://github.com/smarty-php/smarty/issues/605
Changed expected error levels in unit tests for php8-compatibility
Travis unit tests now run for all php versions >= 5.3, including php8
Travis runs on Xenial where possible

Fixed

PHP5.3 compatibility fixes
Brought lexer source functionally up-to-date with compiled version

[3.1.36] – 2020-04-14

Fixed

Smarty::SMARTY_VERSION wasn’t updated in v3.1.35 https://github.com/smarty-php/smarty/issues/584

[3.1.35] – 2020-04-14

remove whitespaces after comments https://github.com/smarty-php/smarty/issues/447
fix foreachelse on arrayiterators https://github.com/smarty-php/smarty/issues/506
fix files contained in git export archive for package maintainers https://github.com/smarty-php/smarty/issues/325
throw SmartyException when setting caching attributes for cacheable plugin https://github.com/smarty-php/smarty/issues/457
fix errors that occured where isset was replaced with null check such as https://github.com/smarty-php/smarty/issues/453
unit tests are now in the repository

3.1.34 release – 05.11.2019

13.01.2020
– fix typo in exception message (JercSi)
– fix typehint warning with callable (bets4breakfast)
– add travis badge and compatability info to readme (matks)
– fix stdClass cast when compiling foreach (carpii)
– fix wrong set/get methods for memcached (IT-Experte)
– fix pborm assigning value to object variables in smarty_internal_compile_assign (Hunman)
– exclude error_reporting.ini from git export (glensc)

3.1.34-dev-6 –

30.10.2018
– bugfix a nested subblock in an inheritance child template was not replace by
outer level block with same name in same child template https://github.com/smarty-php/smarty/issues/500

29.10.2018
– bugfix Smarty::$php_handling == PHP_PASSTHRU (default) did eat the “n” (newline) character if it did directly followed
a PHP tag like “?>” or other https://github.com/smarty-php/smarty/issues/501

14.10.2018
– bugfix autoloader exit shortcut https://github.com/smarty-php/smarty/issues/467

11.10.2018
– bugfix {insert} not works when caching is enabled and included template is present
https://github.com/smarty-php/smarty/issues/496
– bugfix in date-format modifier; NULL at date string or default_date did not produce correct output
https://github.com/smarty-php/smarty/pull/458

09.10.2018
– bugfix fix of 26.8.2017 https://github.com/smarty-php/smarty/issues/327
modifier is applied to sum expression https://github.com/smarty-php/smarty/issues/491
– bugfix indexed arrays could not be defined “array(…)””

18.09.2018
– bugfix large plain text template sections without a Smarty tag > 700kB could
could fail in version 3.1.32 and 3.1.33 because PHP preg_match() restrictions
https://github.com/smarty-php/smarty/issues/488

Read More

CVE-2017-20149

Read Time:19 Second

The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later.

Read More