How to buy cryptocurrency bitcoin: step by step instructions

Bitcoin popularity  – and other coins continues to grow. Next, the number of people willing to invest in digital assets is increasing. However, the new financial instrument is not like traditional money, so potential buyers have many questions and difficulties. Complicated instructions, conflicting opinions are just a few of the problems that a newbie may face. Here’s how to get around all the pitfalls and buy bitcoin with credit card no verification.

Step №1 – Determine the purpose of the purchase

Cryptocurrency can be purchased for day-to-day expenses, long-term investments, trading on the exchange, or in parallel to use it for different purposes. Further actions depend on the scenario, including the choice of a wallet for storing and carrying out transactions with assets.

Step №2 – Select and register a wallet

A wallet is a program, service or device with a digital address, where crypto assets are stored, as in a bank account.

Each cryptocurrency wallet has its own public address. It is a complex combination of letters and numbers that is created at the time of registration. To send bitcoins from one wallet to another, it is enough to indicate the recipient’s public address when transferring. One person can have as many cryptocurrency wallets as they want.

Bitcoin wallet address example

Cold wallets are suitable for long-term storage of cryptocurrencies. They are represented by physical devices similar to a USB flash drive. To carry out transactions through “cold” wallets, you need an Internet connection. The rest of the time, the assets are stored offline, which means that hackers cannot access them.

An example of a cold wallet is Trezor One White. Its cost is 48.76 EUR (price at the beginning of October 2020). On the market, you can find more expensive and budget models.

Hot mobile clients are suitable for day-to-day operations with BTC. They are represented by applications for working on devices connected to the Internet. The security level of such wallets is lower than that of “cold” ones, but the speed of transactions and ease of use are higher. An example of a hot wallet is Mycelium.

Another option is a free exchange wallet. The security of an option depends on the trading platform: its technical solutions and capabilities. You can get it when registering on the exchange. For example, on Russified Binance.

There is a SAFU fund on the platform. In case of theft of user funds, losses are reimbursed by default from the reserves accumulated in it. The exchange has already reached out to SAFU after hackers stole 7,000 BTC from Binance accounts in May 2019.

Step №3 – Choosing a way to buy BTC

There are several ways to buy bitcoin. Each of them has its own characteristics. We will analyze the most popular options.

Through the exchanger

Cryptocurrency exchange allows users to quickly get the type of currency they want. The principle of operation of a crypto exchange is the same as in exchange offices, only everything happens much faster and online. With the accelerated development of modern technologies and Internet business, the number of exchangers on the Internet is rapidly increasing, which sometimes misleads users. After all, each of them offers its own rate, sometimes even hidden fees, for some it is overestimated, in others it is specially underestimated – it is very difficult to choose the most suitable service for yourself. That is why you should pay attention to the BestChange company, which is a service that allows you not only to make payments in cryptocurrency, but also to exchange it. This became possible thanks to the crypto exchanger, which charges a minimum commission for the exchange.. You can find a suitable offer on the popular service for monitoring exchange offices – BestChange. In the “list” section, you need to choose how you will pay and what cryptocurrency you want to buy. The service will offer the most profitable options at the time of the search.

Interface BestChange

On BestChange you can find offers for buying bitcoins from bank cards, wallets of electronic payment systems, through money transfers and even cash, to order click here. Operations are carried out on exchangers.

To buy the required cryptocurrency, you need to choose to click on the offer you are interested in.

Interface BestChange

After going to the exchanger, follow the site’s recommendations. The stages of buying a cryptocurrency may differ depending on the chosen payment method and platform rules. Verification is often not required to complete the transaction. As a result, exchangers have become one of the express options for purchasing cryptocurrencies.

Through the exchange

Take “” as an example. The first stage is registration.

Binance exchange interface

This will require:

  • enter your email address;
  • come up with a password;
  • read and agree to the Binance rules of operation;
  • enter the confirmation code from the letter sent to the specified e-mail.

To get started on Binance, you need to pass an identity check. To do this, you need to enter:

  • Date of birth.
  • Full residential address.

Binance isn’t the only exchange option for buying bitcoins. When choosing from other platforms, we advise you to pay attention to the following points:

  • The high anonymity of the sites negatively affects the level of their security. Verified exchanges that operate in accordance with regulatory rules are a less risky option.
  • It is worth choosing time-tested platforms with a large crypto community.
  • Before registering, you need to familiarize yourself with the rules of the site, its commissions and functionality.

The stages of buying cryptocurrency through different exchanges may vary depending on the rules of the site.

Buying cryptocurrency from hands

On the Internet, you can find offers for the sale of cryptocurrency without intermediaries – “from hand to hand.” The transaction will save on commissions of intermediaries and save time. The security of buying cryptocurrency from hands depends on the conditions. Including – from the presence of a verified guarantor.

Why invest in bitcoin

Bitcoin is the first cryptocurrency. Unlike traditional money, BTC is a completely decentralized financial instrument. None of the regulators in the world can directly influence the issue, circulation and distribution of coins.

Fiat’s value largely depends on the actions of the central bank. The regulator can print new money in unlimited quantities. An increase in the volume of the national currency in the market leads to its depreciation. The more offers, the lower the demand.

Unlike fiat, the maximum number of bitcoins is capped at 21 million BTC. Every 4 years, the network adjusts the release rate of new coins. This is how the system lowers bitcoin inflation.


There are many options to buy your first cryptocurrency. Buying on a verified exchange through a verified account will take longer, but will provide security. Transactions through exchangers and online sellers are more risky options with their own advantages. To other conclusions:

  • Cryptocurrency can be kept in different wallets.
  • Due to the lengthy verification of the account, several days may pass between the decision to purchase bitcoin and the moment of purchase.
  • One person can register an unlimited number of wallets.

Bookmark this article to always have full instructions at hand.

CyberSpark Group ZooPark attacks Android users in the Middle East

Last week Kaspersky Lab specialists told about the intricate cyber-spy campaign ZooPark , the victims of which are users of Android from the Middle East.

Researchers have been monitoring the development of this malicious program since 2015. Its current version is already the fourth and can steal from the infected smartphone almost any information, from contact data to logs of calls and records from the keyboard. ZooPark is able to collect and transfer to its owners the following information:

  • contacts;
  • information about user accounts;
  • call history;
  • audio recordings;
  • SMS content;
  • bookmarks and browser history
  • search history in the browser;
  • device location;
  • device information;
  • information about installed applications;
  • any files from the memory card;
  • documents from the device;
  • data , entered from the on-screen keyboard;
  • data from the clipboard;
  • application data (for example, Telegram messengers, WhatsApp and IMO, and Chrome browser).

In addition, ZooPark on the team can take screenshots and photos, and record video. For example, he can take a photo of the owner of the smartphone from the front camera and send it to his operators.

In this case, ZooPark is used for targeted attacks, that is, it is calculated not for all in a row, but for a specific audience. Thus, the victims of intruders are those who are interested in certain topics, and more specifically – the policies of some Middle Eastern countries.

There are two ways of propagation in ZooPark: via Telegram channels and using drive-by hidden-download attacks . For example, criminals offered an application for a remote referendum vote on the independence of Iraqi Kurdistan in the Telegram channel.

Also, cybercriminals crack popular in certain countries or circles resources, after which the site automatically starts to download the infected application, pretending to be useful, to example, the official application of this news resource. Finally, in some cases, the Trojan pretended to be an all-in-one messenger.

A week after the publication of this report, Vice Motherboard was approached by an unknown hacker who claims to have been hacked into one of the servers of ZooPark operators in Tehran. “10 minutes of effort; information about the Iranian APT, “the anonymous author writes. It should be noted that in their report Kaspersky Lab experts assumed that the so-called “government hackers” are most likely to be behind ZooPark, but they did not make any specific conclusions about their country.

Journalists acknowledge that the hacker the information was not without interest. The unknown man was able to retrieve text messages, emails and GPS coordinates extracted from devices infected by ZooPark, and even recording audio calls of affected users.

Photo: Kaspersky Lab

Targeted attacks: intelligence based on open sources (OSINT). Column of Denis Makrushin

The content of the article

  • Finding Unclosed Doors
  • From Editorial Conversations
  • Scan, mark, repeat
  • OSINT without interactivity
  • Collecting information for social engineering
  • Recon as art
In one of the last columns I talked about the stages of purposeful attacks (kill chain). The first stage, the “exploration” stage, begins long before the attacker touches the victim’s first car. The amount and quality of the data collected at this stage determines the success of the attack and, most importantly, the cost of conducting it.

Of course, it is possible to knock exploits on vulnerable services available on the perimeter (and, for example, to lighten the network and its presence in the logs protection systems), but you can use spear phishing and gain a foothold on the workstation inside the perimeter. The result will be achieved in both cases, but the cost of the attack is completely different.

The reconnaissance stage is the key to choosing tactics, techniques and procedures (TTPs) to be used to achieve the goal. However, most often the task of reconnaissance is to find as many potential entry points as possible to access the target and estimate the cost of implementing the detected vectors. In order to complicate the life of the attacker who conducts reconnaissance, it is necessary to understand which TTPs he is using at this stage.


All information is provided for informational purposes only. Neither the editorial board nor the author is responsible for any possible harm caused by the materials of this article.

Searching for Uncovered Doors

Many attack points depend on the number of attack points available to an intruder. You can formally classify the entry points:

• information systems located on the perimeter and having access to the Internet (servers, workstations, administrative panels of special equipment, etc.);
• mobile devices used by employees inside the perimeter and beyond
• accounts in the cloud services of employees (including those used for personal purposes).

The last paragraph often requires the attacker to “interact” with the victim (for example, communication with the object of a phishing attack ), which increases the risk of detecting an attack. Therefore, in some cases priority is given to exploitable entry points located on the perimeter.

The network perimeter is a concept that, with the development of technology and the widespread introduction of clouds, is gradually disappearing. The concept of Bring your own device (BYOD), which allows employees of companies to use personal devices for business processes, as well as the appearance of clouds (hello, office365!) Blur the perimeter. It is incredibly difficult to monitor the flow of data between the corporate network and the outside world. And this also makes life easier for intruders – the variety of options for penetration grows.

In large organizations, the perimeter is full of services that the admins have forgotten (or do not know) and who have not patched for a long time already. I propose to look for such services in your organization. On the example of my favorite medical organizations, we will consider many vectors of penetration. Subsequently, you can use this knowledge to inventory the perimeter of the networks that belong to you.

From editorial conversations

– Denis, let’s analyze ten interesting penetration scenarios on real examples from ART!

– I studied the topic, scratched the scenarios of target attacks and honestly say that there is nothing in them that would inspire me : almost all begin with the stage “threw a phishing letter” … 🙂

Scan, mark, repeat

Obviously, to understand what is located on the network perimeter, you need to get the range of IP- addresses belonging to the target organization. In this list, it is possible that there are IP addresses of third parties (service providers, contractors, etc.) – the attacker will accurately include them in the Osprey, and you, as an auditor of your network, can not do this. The resulting IP range can be entered into the port-scanner. Instead of Nmap I recommend using Masscan or ZMap – this will greatly shorten the scan time.

So, to assess the entry points to medical corporate networks, you can unload from RIPE ranges of IP addresses of all organizations in the name of which there are keywords:

• healthcare;
• medic;
• clinic;
• surgery;
• hospit;
• dental;
• pharmacist.

After that, you can start the port scanner and wait a few days for it to be issued.

 Fragment of the Masscan scan report
Report fragment Masscan scanning

If the scan using ZMap, then later you can use the utility ZTag for tagging each service discovery. Tags are placed on the basis of the collected banner database. In the case of medical scans, the services received are classified as follows:

 Top services on the perimeter of the medical infrastructure
Top services on the perimeter of the medical infrastructure

Among the trivial things like web applications and mail servers are interesting applications: building management systems building management systems, by the way, we have a whole series of articles written on this topic, for example), printers (often without any authorization to the admin panels), NAS stores (and even specialized PACS servers), the mind s kettles and so on. Using each of the services found, the attacker can determine attack vectors and evaluate the complexity (read – the cost) of their implementation.

 An example of information about a device using the Niagara Fox protocol
An example of information about a device using the Niagara Fox protocol
 Panel for example, a list of neighboring wireless networks
A printer control panel that, for example, shows a list of neighboring wireless networks
 An example of an vulnerable medical portal leading to medical data
Example of a

OSINT without interactivity

Another well-known way to get information about the perimeter and at the same time not to interact with it is to study the logs of Shodan and similar search engines, whose robots kindly did everything for the attacker .

As it was seen from the logs above, in public access are all kinds of servers that can carry the specific nature of the activities of the target organization and store valuable information. For example, speaking of medical companies, their perimeter contains DICOM-devices and PACS-servers (picture archiving and communication system). These are medical systems based on the DICOM standard (digital imaging and communications in medicine, the industry standard for the creation, storage, transfer and visualization of medical images and documents of patients surveyed) and consisting of the following components:

• DICOM client – medical device with the possibility of transferring information to DICOM-north;
• DICOM-server – a hardware and software complex that provides receiving and storing information from clients (in particular, such devices include PACS servers);
• diagnostic I DICOM-station and DICOM-printers – a hardware-software complex responsible for processing, visualization and printing of medical images.

A distinctive feature of most of these systems is the availability of a web interface for managing them through the Network. Here, vulnerabilities can be discovered that an attacker can use to gain access to valuable information and processes. It is worthwhile to consider these systems in more detail and check whether they are accessible from the Internet, that is, serve as a potential entry point for an attacker.

DICOM devices can be searched with the simplest query in the Shodan search engine: DICOM port: 104 .

 List of DICOM servers
List of DICOM servers

You can also try to find diagnostic DICOM stations – specialized PACS-systems that are used for data processing, diagnostics and visualization. Example request for the Censys search engine: pacs and autonomous_system.organization: [hospital or clinic or medical or healthcare] .

 Login-panel diagnostic stations
Login-panel diagnostic stations

Using standard requests to Shodan to obtain information on available resources on port 445 (SMB), the attacker can sometimes find out the names of internal resources (servers and workstations), through which to determine which nodes on the network are further of interest and which are not.


Collecting information for social engineering

Fixing within the corporate perimeter effectively allows the use of various scenarios of social engineering. For example, sending phishing messages that contain malicious attachments or links leading to phishing resources.

In order to implement these scenarios, the attacker must also collect information about the attack object in order to increase the likelihood that the addressee will follow the link in the email or open the attachment. Currently, the security services of large organizations are trying to raise their employees’ awareness of malicious mail, which obviously does not benefit the attackers. Now the villains need not only to circumvent the victim’s spam filters and deliver the “payload” to Inbox, but also to motivate the attack object to perform the necessary actions and, most importantly, not to cause suspicion.
The abundance of social networks, as well as the “emancipation” of their typical user, gives the attacker the opportunity to extract information about his victim and compose a convincing context of the “payload”: the text of the cover letter, the style of communication.

This is a creative task, and it depends on the concrete situation, but as a general example, you can use a resource that uses the public APIs of popular social networks to extract valuable account information.


For example, an attacker, by contacting LinkedIn, was able to identify key employees for organizing a spear-phishing attack, their names, surnames, contact information (e-mail). Using this data, it is easy to find the accounts of these employees in other social networks, for example, on Facebook. With the help of a web service, an attacker can collect interesting statistics of his victims, for example, where and in which hotels they “jumped”. Further on behalf of the hotel the villain can send a message with a reminder about the payment of some Resort Fee and an attached invoice as a PDF-document. Profit!

Recon as art

The topic of extracting data about the object of attack is very extensive, and there is more than one book written about exploration alone based on open sources. For this reason, I also focused on gathering technical information about the perimeter – it often contains unclosed doors that are not patched for years and which the owner may not know about.

In addition to this, an attacker, wading through external resources, does not interacts with a person (as is the case with social engineering), which means that the only obstacle is all kinds of IDS / IPS, WAF and everything that fixes activity on the perimeter. If these funds are there at all.

All About Telecom Security at PHDays


Today, news feeds are full of messages about mobile security issues. Listening to telephone conversations, interception of SMS, substitution of subscribers and breaking of SIM-cards are far from all that attackers can do. To get acquainted with the vulnerabilities of mobile networks and try to hack a carrier, you can be at Positive HackDays. We are talking about competitions and reports on telecom security that can not be missed.

Now it’s hard to imagine a sphere that does not depend on the telecom operator: a POS terminal in a coffee house, an alarm in a country house, a truck on the road, a gas meter – everything works with the built-in SIM card. But there is a reason to think about security: viruses on SIM cards, SDR and IMSI “catcher”, surveillance and audition through SS7, DoS in LTE networks, listening to GSM subscribers on the radio.

May 15 at 14:00 in the hall ” Seliger “ director of information security of telecommunication systems Positive Technologies Dmitry Kurbatov will make a report” Security and Telecom: has it gotten better or worse? “. He will talk about threats to the connected world – a world with smart energy, smart transport and smart cities.

In addition, a laboratory stand with its own mobile network will be deployed on the forum site. Positive Technologies experts on the security of telecommunications systems will demonstrate popular methods of attacks on mobile subscribers: IMSI disclosure, location determination, SMS interception, call forwarding. Visitors to the forum will be able to observe on the monitors the actions of “intruders”, as well as the operation of the security monitoring network PT Telecom Attack Discovery. In addition, the stand will be able to practice using SS7 vulnerabilities and using security methods, intercept and listen traffic to GSM and learn about SDR examples.

On May 15, a series of technical reports on mobile security will be held in the press room network of experts of the department of security expertise of telecommunication systems Positive Technologies. At 10:00 AM Sergey Mashukov will make a presentation on “Exploiting the Vulnerability of Next Generation Networks” dedicated to the security of the Diameter protocol. He will share the results of the security assessment conducted for various telecom operators, and he will give examples of successful attacks. Further, at 11:00, Vadim Yanitsky and the postgraduate student of the Warsaw Polytechnic University Petr Krysik will tell how to make a mobile phone from SDR using free software (OsmoBTS or OpenBTS).

in the role of burglar can be in the traditional competition MITM Mobile. Participants are asked to perform tasks to intercept the radio air of a special cellular operator, which will work on the site. The award will be given to two participants who will fulfill the maximum number of assignments. The competition will need to take Osmocom, SDR, virtual machines and other equipment.

In addition, the forum will host a 30-hour cyberbite The Standoff, in which teams of attackers, defenders and security operations centers will fight for control of the city. The gaming site is a large-scale emulation of the urban infrastructure. The plot has a telecom operator, an Internet provider, and residents actively use not only cellular and mobile Internet, but also IOT-devices and VOIP-telephony. During the game, the attacking teams will have the opportunity to test the security of real telecom systems for strength. Only registered teams can participate in The Standoff.

We are waiting for PHDays! Register and buy tickets for the forum here.

Researchers have identified a number of problems in the OPC UA protocol


Kaspersky Lab ICS experts on the response to cyberncidentals CERT – analyzed the protocol OPC UA (Object Linking and Embedding for Process Control Unified Automation), developed specifically for industrial facilities.

The study identified 17 0-day vulnerabilities in OPC Foundation products, as well as several vulnerabilities in commercial applications, who use them. By exploiting these bugs, attackers could run third-party code and perform Denial of Service (DoS) attacks. It is reported that all gaps were detected and eliminated in March 2018.

The IEC 62541 OPC Unified Architecture (OPC UA) was developed in 2006 by the OPC Foundation consortium for reliable and secure data transmission in the process network. In fact, this is an improved version of the OPC protocol, which is universally applied in various industrial areas. New properties and well thought-out architecture of OPC UA make it more popular among automation system manufacturers, and over time the standard should become the basis of communication in industrial Internet systems of things and smart cities around the world.

Initially, Kaspersky Lab ICS CERT conducted security audit and pentest at several industrial sites. All audited organizations used the same software product for process control (ICS), and the experts looked for vulnerabilities in it. It turned out that part of the network services interacted precisely with the OPC UA protocol. This prompted experts to study the protocol.

During the research, all discovered vulnerabilities were immediately reported to the software developers. Representatives of the OPC Foundation and other commercial product development teams responded promptly to notifications and promptly fixed the problems found.

Most of the errors in third-party software products using OPC UA Stack were due to the fact that the developers misused the functions provided by the OPC Foundation API , implemented in the library uastack.dll – for example, misinterpreted the values ​​of the fields of transmitted data structures.

“Very often software developers overly trust industrial protocols, and implement these technologies without conducting a thorough safety inspection. In this case, vulnerabilities can affect the success of the entire product line. It is necessary to pay close attention to innovations that are widely used in various industrial sectors. Many people think that creating their own protocols more efficiently and safely, but even completely new software can contain numerous vulnerabilities, “says Sergey Temnikov, senior researcher at Kaspersky Lab ICS CERT.

The Ubuntu Snap Store found a hidden miner


The vigilant user, known by the nickname Tarwirdur, drew attention to the hidden crypto-currency miner , who was present in the 2048buntu application (clone of the popular 2024 game) on the Ubuntu Snap Store.

Miner disguised himself as a systemd and extracted Bytecoin (BCN) currency for an account tied to the mail address [email protected] The code that caused suspicion from the user can be seen below.

After reacting to the message Tarwirdur, the administration of Ubuntu Snap Store quickly removed the application from the catalog, thanking the supervisory user. As it turned out, the application belonged to the developer Nicholas Tomb, and while his other packages were also excluded from the Ubuntu Snap Store before the investigation was completed.

Since there are no download counters and settings in the Ubuntu Snap Store, the number of affected users is unknown. Moreover, anyone can add their own snap-package to the directory, in essence. Unlike official Google or Apple directories, snap-packages do not undergo a multi-step security check