Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Crypto Exchange. Show all posts
User Privacy
Crypto Exchange Data Breach Third-party breach United States User Privacy

Crypto Exchange Gemini Confirms Third-Party Data Breach

 

Cryptocurrency exchange Gemini has issued a warning about a data breach incident that resulted from a cyberattack at its Automated Clearing House (ACH) service provider. The identity of the attacker was kept confidential. On June 26, 2024, the American cryptocurrency exchange started notifying the affected parties. 

However, a sample of the letters was sent to the California Attorney General's Office yesterday. The warning states that between June 3 and June 7, 2024, an unauthorised actor gained access to Gemini's vendor's systems, resulting in a third-party data breach. 

The incident impacted some of Gemini's customers' banking details, including their full name, bank account number, and routing number, which Gemini utilized for ACH fund transfers. 

According to the cryptocurrency exchange, the systems of the service provider did not host or compromise any additional information, including date of birth, physical address, social security number, email address, phone number, username, or password. 

The data breach incident has been contained, and an outside team of experts is assisting with the inquiry. But as of right now, no other details are available. Recipients of the notices are urged to watch out for any suspicious activity using any of the data disclosed and to be on the lookout for incoming messages. 

In order to safeguard against future hacks, users are also advised to activate multi-factor authentication on the bank accounts they gave Gemini and get in touch with their bank to request the implementation of additional safety precautions or a new account number.

If suspected or unauthorised activity is identified on the impacted bank account, notify the banks immediately. Gemini also suggests that letter recipients consider placing scam alerts or security freezes on their credit reports, but it has not provided any identity theft protection services to the affected individuals. Gemini issued a statement following publication, stating that the incident impacted 15,000 individuals. 

"The incident at a third party involved information of approximately 15K Gemini customers," Gemini stated. "Although we notified the customers involved out of an abundance of caution, our analysis found no evidence of customer impact.”
Read more »
User Data
Crypto Exchange Crypto Firms Data Breach Data Privacy IRS User Data

Kraken to Provide 42,000 Consumers' Data with IRS Following Court Order

 

Kraken, a cryptocurrency exchange, has announced that it will comply with a June court order by providing the Internal Revenue Service (IRS) with data on tens of thousands of its users. 

In particular, the company will divulge data on cryptocurrency transactions that Kraken customers made between 2016 and 2020 that valued more than $20,000. Users with addresses in the United States who made these sorts of transactions will have their account history, name, date of birth, Tax ID, address, and contact details forwarded to the IRS. 

The company stated last week that emails were sent to every Kraken customer who was impacted by the announcement. A representative for Kraken also verified the development with Decrypt. The firm intends to share the user data in early November. 

After two years of litigation over data sharing between the federal government and the privacy-minded cryptocurrency company Kraken, a federal judge in June ordered Kraken to provide such information to the IRS. 42,017 Kraken accounts are expected to be impacted by the decision, according to court documents in that case. 

Even though Kraken has adamantly refused to give the IRS the information it is now obligated to provide, the company is portraying the situation as a win for privacy advocates and its legal battle with the IRS as having ultimately stopped a larger breach of users' personal data. 

“We objected to the IRS’s demands and fought the summons, because it sought intrusive and unnecessary information about U.S. clients, including IP addresses, employment information, sources of wealth, net worth, and banking details,” a Kraken spokesperson said in a statement shared with a local media outlet. “We convinced the court to reject these demands. Kraken will always stand up for the privacy of its clients as it did here.”

The exchange is not the first cryptocurrency firm to be compelled to abide by the IRS's requirements. In 2018, a federal judge ordered the American cryptocurrency exchange Coinbase to hand over certain user data to the tax collection agency. 

Another federal court in 2020 granted the IRS legal authority to search the records of cryptocurrency payments company Circle for data related to similar transactions of $20,000 or more made between 2016 and 2020. In addition, the agency secured a court order last year to acquire the same information from crypto prime brokerage SFOX.
Read more »
Security Framework
Crypto Exchange Crypto heist Crypto Phishing Cryptocurrencies Cyber Security Darknet Financial Institution Law Enforcement Security Framework

India Strengthens Crypto Crime Vigilance with Dark Net Monitor Deployment

India has made a considerable effort to prevent crypto-related criminal activity by establishing a Dark Net monitor. This most recent development demonstrates the government's dedication to policing the cryptocurrency market and safeguarding individuals from potential risks.

India has made a considerable effort to prevent crypto-related criminal activity by putting in place a Dark Net monitor. This most recent development demonstrates the government's dedication to overseeing the cryptocurrency industry and safeguarding citizens from any potential risks.

Drug trafficking, cyberattacks, and financial crimes using cryptocurrency are just a few of the criminal activities that have long been the center of the Dark Net, a secret area of the internet. Indian officials hope to efficiently identify and stop these illegal activities by implementing a Dark Net monitor.

According to officials, this cutting-edge technology will provide critical insights into the operations of cybercriminals within the crypto space. By monitoring activities on the Dark Net, law enforcement agencies can gain intelligence on potential threats and take proactive measures to safeguard the interests of the public.

Sneha Deshmukh, a cybersecurity expert, commended this move, stating, "The deployment of a Dark Net monitor is a crucial step towards ensuring a secure and regulated crypto environment in India. It demonstrates the government's dedication to staying ahead of emerging threats in the digital landscape."

India's stance on cryptocurrencies has been closely watched by the global community. The government has expressed concerns about the potential misuse of digital currencies for illegal activities, money laundering, and tax evasion. The deployment of a Dark Net monitor aligns with India's broader strategy to strike a balance between innovation and regulation in the crypto space.

A spokesperson for the Ministry of Finance emphasized, "We recognize the transformative potential of blockchain technology and cryptocurrencies. However, it is imperative to establish a robust framework to prevent their misuse. The Dark Net monitor is a crucial tool in achieving this goal."

Experts believe that this move will bolster confidence among investors and industry stakeholders, signaling a proactive approach towards ensuring a secure crypto ecosystem. By leveraging advanced technology, India is poised to set a precedent for other nations grappling with similar challenges in the crypto space.

Initiatives like the deployment of the Dark Net monitor show India's commitment to staying at the forefront of regulatory innovation as the global crypto scene changes. This move is anticipated to be crucial in determining how cryptocurrencies will evolve in the nation and open the door for a more secure and safe digital financial ecosystem.

Read more »
User Privacy
Crypto Crypto Exchange cryptocurrency Data Breach FTX MFA Protocols security measures User Privacy

FTX Reinforces Security Measures After Recent Cyber Breach

 

A notable cryptocurrency exchange called FTX recently experienced a security compromise that briefly caused its gateway to be unavailable. The event sparked worries about the security of users' assets on the network among users and the larger crypto community. To strengthen its defenses against potential attacks, FTX quickly implemented stronger security measures as a response.

FTX CEO, Sam Bankman-Fried, assured users that their funds were safe and that the breach was quickly contained. He stated, "Our team acted promptly to isolate the breach and secure the affected systems. No user funds were compromised, and we have taken steps to prevent such incidents in the future."

Following the breach, FTX collaborated closely with cybersecurity experts to conduct a thorough investigation. The findings led to the identification of vulnerabilities that were promptly addressed. The exchange has now implemented additional security protocols, including multi-factor authentication and advanced intrusion detection systems.

Cybersecurity experts lauded FTX's swift response and proactive approach to fortifying their platform. Dr. Emily White, a leading cybersecurity analyst, commended FTX's efforts, saying, "FTX's rapid response and commitment to shoring up their security measures demonstrate a proactive approach to safeguarding user assets. This incident serves as a reminder of the evolving nature of cyber threats and the importance of continuous vigilance."

In the wake of the breach, FTX has taken steps to enhance communication with its user base. The exchange has established a dedicated channel for updates on security-related matters, providing users with real-time information and transparency about any potential risks.

The incident at FTX serves as a wake-up call for the entire cryptocurrency industry. As the digital asset space continues to grow, exchanges must prioritize security measures to protect user funds and maintain trust in the ecosystem.

The FTX response to the latest security issue emphasizes how crucially important strong cybersecurity procedures are in the cryptocurrency business. FTX has proven its dedication to protecting user assets by quickly fixing vulnerabilities and deploying improved security processes. This incident should serve as a reminder to all exchanges to emphasize security and keep lines of communication open with their user base.


Read more »
US Department Of Justice
Amazon Crypto Exchange cryptocurrency Cryptocurrency Frauds Cyber Fraud DOJ Security Professionals US Department Of Justice

Former Amazon Security Engineer Charged of Defrauding a Crypto Exchange


A prominent cybersecurity pro for Amazon is apparently facing a problem. The U.S. Department of Justice has detained security engineer, Shakeeb Ahmed, with charges of defrauding and money laundering from an unnamed decentralized cryptocurrency exchange, both charged carrying a maximum 20-year-imprisonment.

According to Damian Williams, the U.S. attorney for the Southern District of New York, this was the second case their firm was announcing that is highlighting the case of “fraud in the cryptocurrency and digital asset ecosystem.”

As noted by the DOJ, Ahmed – a former security engineer for an “international technology company” – was able to "fraudulently obtain" from the aforementioned exchange almost $9 million worth of cryptocurrencies. He executed this by creating bogus dates for pricing, in order to produce the fees that he later withdrew for himself.

Williams further added, "We also allege that he then laundered the stolen funds through a series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges. But none of those actions covered the defendant's tracks or fooled law enforcement, and they certainly didn't stop my Office or our law enforcement partners from following the money."

Ahmed is also charged with allegedly attempting to steal more money from the exchange via "flash loan" attacks, another type of crypto vulnerability

While it was initially imprecise as to what company the accused had worked for, cybersecurity blogger Jackie Singh on Tuesday mentioned that Ahmed was a former Amazon employee. Jackie further mentioned several other online profiles the accused appeared to have links with.

According to a LinkedIn profile that matches Ahmed's job description, he works at Amazon as a "Senior Security Engineer" and has worked there since November 2020. The user's profile continues to claim Amazon as his employer. However, it is still unclear if this profile is in fact representing Ahmed.

Following this, Amazon was contacted to confirm the aforementioned details, to which the company confirmed that he had worked for Amazon. However he is no longer employed with the company, they added. The tech giant said that it could not provide any further information regarding his role in the company.

Moreover, a report by Inner City Press – a New York outlet – confirms that Ahmed appeared at the court following his detainment on Tuesday. The report mentions him wearing flip-flops, shorts, and a T-shirt saying “I code,” to the court hearing. Later, he was released on bond after pleading not guilty and will be permitted to continue living in his Manhattan apartment, according to the site.

Read more »
Technology
Crypto Currency law Crypto Exchange Crypto Rules European Union Technology

EU's Implementation of Crypto Rules Faces Multiple Obstacles Across Continent

 

The European Union (EU) has approved a framework called Markets in Crypto Assets (MiCA), which is in charge of regulating cryptocurrencies in Europe. 

Christian Anders, CEO of the cryptocurrency company Btc.x, cautions that there may be difficulties in its successful deployment across the continent. 

Multiple obstacles 

Anders claims that the road to European MiCA standards approval is more like a marathon than a sprint. Even if the legislation itself gives the digital currency industry the much-needed structure, making it a reality might call for extra diplomatic skill.

Sweden and other European countries, for example, might require more convincing before they completely embrace the changes. 

European cryptocurrency exchanges are anxious for the MiCA framework to go into force so they may establish their businesses on a solid legal base. Some national governments, however, do not quite share this enthusiasm. A rising number of these countries, including Sweden, are reluctant to provide new licences to bitcoin businesses. 

The two-edged sword of crypto 

Even though such reservations won't prevent MiCA from being implemented, they might surely delay it. The MiCA framework's two sides are revealed here. It gives thorough restrictions for the bitcoin market on one side. On the other hand, it is susceptible to the various perspectives and degrees of acceptability of various European countries. 

The United States Securities Exchange Commission (SEC) appears to be trudging through its own regulatory minefield as the EU tries to manage similar difficulties. Because Crypto.com operates inside the US, Anders suggests that it will likely be the next company under SEC investigation.

Anders compares the regulatory environments in the US and Sweden, though on a much smaller scale, and compares the SEC's attack on Binance and Coinbase to the severe restrictions implemented by the Swedish government.

Anders continues to be enthusiastic on Bitcoin despite these regulatory ambiguities. He contends that the obstacles governments and banks have placed in the way of Bitcoin only strengthen his belief in the virtual currency. 

Particularly when compared to the flaws of fiat currency and the economic strain of inflation, Bitcoin's advantages in the struggle of monetary systems become increasingly clear.

Bitcoin appears to be doing well in terms of mining. With the creation of equipment that increases mining efficiency, businesses like Intel have entered the market. Anders claims that the increased use of renewable energy is accelerating the growth of bitcoin mining in Europe.

Given the strong popularity among the younger generation, the future of Bitcoin and other digital currencies appears secure. Their inclination towards these cutting-edge technologies is expected to influence how money and commerce are conducted across the continent and, by extension, around the globe.

The expansion and influence of the cryptocurrency business are unabated, even as the EU and other regulatory authorities struggle to come up with effective regulations.
Read more »
Data Leak
Crypto Breach Crypto Exchange Crypto Firms Data Breach Data Leak

Confidential Report Highlights Bitfinex Security Breach in Massive 2016 Hack

 

In 2016, a hacker or hackers gained access to the Bitfinex cryptocurrency exchange and took 119,754 bitcoins worth a total of $72 million. The stolen coins' worth had risen to almost $4 billion by the time US police detained rapper Heather Morgan and her husband, startup founder Ilya Lichtenstein, last year on suspicion of laundering them. The US Department of Justice's single greatest recovery in its history. However, the hack's culprit is still at large.

Ledger Labs, a Canadian cryptocurrency consulting and development company, was hired by one of Bitfinex's owners, iFinex, to conduct an investigation. The secret report from that inquiry was never made public. However, a copy of the study with specific conclusions has been obtained by the Organised Crime and Corruption Reporting Project. 

According to the document's in-depth findings, conclusions, and suggestions, Bitfinex failed to put the operational, financial, and technological controls recommended by its partner in cyber security, Bitgo, into place.

Although Bitfinex did not question the legitimacy of the report in contacts with journalists, OCCRP was unable to independently confirm the facts. Bitgo opted out of commenting but did not expressly deny the report's existence or its conclusions. Requests for response from Ledger Labs went unanswered, and the study's author, Michael Perklin, stated that he was unable to do so because his work on the iFinex report was subject to a non-disclosure agreement.

OCCRP was unable to independently verify the results, however in interactions with journalists, Bitfinex did not contest the validity of the study. Bitgo declined to comment, but did not expressly contest the report's validity or conclusions. An inquiry for response was not answered by Ledger Labs, and the study's author, Michael Perklin, declined to speak because his work on the iFinex research was subject to a non-disclosure agreement. 

For cryptocurrency sites, strict digital security is essential since mistakes cost users real money.

“When you’re dealing with the internet of money, the stakes are that much higher,” stated Hugh Brooks, director of security operations at blockchain security firm CertiK. “If you get breached or make a mistake, it’s not just some usernames and passwords, it’s someone’s life savings or potentially a massive amount of funds.”

According to the Ledger Labs report that OCCRP was able to receive, Bitfinex used a security mechanism that required an administrator to possess two out of the three security keys in order to do any substantial exchange activities, including moving bitcoin. 

However, it discovered that Bitfinex made a crucial mistake by putting two of these three keys on the same piece of hardware. An attacker who managed to hack that one device would have complete access to Bitfinex's internal systems and to "security tokens" that gave them control over the operating system. According to the paper, "the hacker was able to take two...security tokens," and in less than a minute, he was able to increase the daily cap on the number of transactions that were allowed in order to fast drain as much bitcoin as possible. 

According to the Ledger Labs report, the hacker obtained tokens associated with a generic "admin" email account and another tied to "giancarlo," which belonged to Bitfinex CFO and shareholder Giancarlo Devasini, a former Italian plastic surgeon with a shady business past. The document did not assign blame for the hack to Devasini.

The paper stated that holding numerous keys and tokens on a single device constituted "a violation of the CryptoCurrency Security Standard," alluding to an industry-led best-practice initiative, however it is unclear whether this particular device was compromised in the hack. It also claimed that other fundamental security precautions, such as monitoring server activities outside of the server, and a "withdrawal whitelist" - a security feature that only allows cryptocurrency transfers to confirmed or approved addresses — were missing.

Based on a rigorous study of source IP addresses, the Ledger Labs document found that the attack most likely started in Poland. 

Although the hacker is still at large, US authorities detained dual Russian-American citizen Ilya Lichtenstein and his wife, Heather Morgan, last year for allegedly laundering stolen bitcoins. Both have pled not guilty and await trial. 

Lichtenstein is a self-described digital entrepreneur and investor who has created a few tiny apps, while Morgan, a trained economist and Forbes.com contributor, has taken over as CEO of some of Lichtenstein's software initiatives. Morgan has an interesting backstory that includes a rapping alter ego known as "Razzlekhan." Nonetheless, US authorities highlighted in an official Department of Justice document that Morgan used her own name to cash out some of the stolen cryptocurrency's online purchases.
Read more »
Threat Intelligence
Crypto Ban Crypto Exchange cryptocurrency Technology Threat Intelligence

Here's How the FTX Collapse Turned into an Identity Issue

 

The cryptocurrency love affair has ended. After years of expansion and investment profits, everything came crashing down in November 2022 with the demise of the FTX Trading exchange. The devastation was evident. 

Since then, investors have abandoned cryptocurrency, a steady stream of news reports about collapsed exchanges has been published, and political figures have demonised digital currencies. All of this is justified. 

John J. Ray, the new CEO of FTX, acknowledged to lawmakers that there had been "no record keeping whatsoever" and that the cryptocurrency exchange had effectively participated in "old-fashioned embezzlement" before a hearing of the US House Financial Services Committee in December. 

It makes sense that the public, the press, the markets, and the political class are all incensed. At first look, all this commotion and confusion suggests that there is a fundamental issue with crypto. But this couldn't be further from the truth. 

The exodus away from cryptocurrencies is not a critique of their importance to society or of the blockchain technology that underpins them. The root of the difficulty with encryption is an identification issue. 

Leaving currency behind 

Crypto facilitates transactions online and in the metaverse that would not otherwise be possible. It enables people to preserve ownership over money, data, and other assets in a highly connected digital environment without a centralised authority, together with blockchain. 

However, despite the fact that gaining digital ownership is essential for spurring a wide range of innovation, the FTX collapse has highlighted a dilemma. The digital wallets that stored people's cryptocurrency money have security weaknesses built right in. 

Clients at FTX lacked the only thing that could have safeguarded their money: they did not possess the encryption keys to their digital wallets. The central authority, FTX, did. Furthermore, things got out of control because there were no regulators in place to supervise interactions and transactions. 

Digital wallets control cryptocurrency

Using a crypto-based digital wallet, one can purchase and trade non fungible tokens (NFTs) and other digital assets, as well as use real-world goods in virtual environments and vice versa. 

Although blockchain made it possible for a central authority (such as a bank) to no longer administer digital assets, that authority has typically retained control over the digital wallet that serves as a vault for those assets. This is what made it possible for FTX to access client funds without their permission.

A system that is already in place for proving ownership online and protecting the wallet to that person is what's now missing. Fortunately, the solution isn't difficult to implement or prohibitively expensive. Users have authority over their digital identity and all of its associated elements thanks to self-sovereign identity (SSI). This encompasses NFTs, virtual things, digital money, and more. Consider an SSI as a private and secure digital passport that combines identity information and a wallet for identities. 

The development of a virtual environment that reflects existing trust in the real world depends heavily on SSI. These include the right to own property, the rules and guidelines established by governments and financial organisations to allow the transfer of ownership of commodities and property, and central administrators like escrow firms that handle bigger, more complicated transactions. 

The situation changes from one that is fundamentally risky and unreliable to one that provides a high level of security when using a secure digital wallet. Without it, Web3, the metaverse, and other decentralised token-based developments cannot be fully utilised.
Read more »
Vulnerabilities and Exploits.
Crypto Exchange Crypto Funds Malicious actor Private Keys Security Audit Two Factor Authentication Vulnerabilities and Exploits.

Sushiswap Smart Contract Exploited in $3.3 Million Hack

Sushiswap, a popular decentralized cryptocurrency exchange, recently fell victim to a smart contract hack that resulted in a loss of $3.3 million. The hack highlights the need for stronger cybersecurity measures in the cryptocurrency industry and the importance of taking proactive steps to protect one's funds.

According to reports by Yahoo Finance, the hack involved an exploit in the smart contract of the exchange's lending platform, called Kashi. The attacker was able to use the exploit to transfer funds from the platform's vault to their own account, resulting in the loss of $3.3 million worth of cryptocurrency.

While the hack itself is concerning, what's more, concerning is the fact that the vulnerability in the smart contract was known to the Sushiswap team. A security audit had identified the vulnerability, but the team had not yet implemented the necessary fixes at the time of the attack.

In the aftermath of the hack, Sushiswap has urged its users to take steps to secure their accounts, such as changing their passwords and enabling two-factor authentication. Additionally, the exchange has promised to compensate users affected by the hack.

However, as a user of any cryptocurrency exchange, it's essential to take proactive steps to protect one's funds. This includes using a hardware wallet to store funds securely and never sharing private keys or passwords with anyone.

Moreover, it's crucial to conduct research and choose exchanges with strong cybersecurity measures in place, such as multi-signature authentication and cold storage of funds. It's also important to keep an eye out for any suspicious activity and report it to the exchange immediately.

The Sushiswap hack serves as a reminder that cybersecurity risks are prevalent in the cryptocurrency industry. It is essential to take proactive steps to protect your funds, such as using a hardware wallet and choosing exchanges with strong security measures. By staying informed and vigilant, users can reduce the risk of falling victim to cyber-attacks and safeguard their cryptocurrency investments.

Read more »
User Privacy
Access Tokens Backdoor Check Point Crypto Crypto Exchange Cyber Crime Investors User Privacy

Dingo Token Charging 99% Fee is a Scam

A major cryptocurrency scam by Dingo Token, as per researchers who discovered backdoor features intended to steal users' money.

Check Point analysts observed this fraudulent charge modification 47 times before issuing the alert. The Dingo Smart Contract's purchase and sell fees are adjustable by up to 99% using a backdoor method called 'setTaxFeePercent,' according to Check Point Research (CPR), which examined the code for the contract. Despite the fact that the project's whitepaper claims that only a 10% fee for each transaction, this is the case. 

According to the cyber security software company, one customer purchased 427 million Dingo Tokens for $26.89 but received 4.27 million, or $0.27 value of Dingo Tokens. Dingo Token had a current market valuation of $223,992 and was rated 1915 on CoinMarketCap.  Recent complaints about the Dingo Token have also been made by users of CoinMarketCap and Twitter. Crypto dealer IncredibleJoker stated in a post on February 5 they could not sell their assets.

According to Check Point's head of product vulnerabilities research, Oded Vanunu, what his group uncovered at Dingo Token is becoming more regular, "this is a popular method that locks users' funds until the scammers gradually withdraw the entire sum. A growing number of scammers are lured to cryptocurrencies. They can remain unidentified. It moves quickly. It's profitable." 

Users are worried that once the creators determine that the value has peaked, they will turn on the backdoor to steal 99% of all users' coins. Investors in cryptocurrencies should be upfront about their questions in order to hear what other people have to say about a project. Whether you are new to trading, it is advised to diversify your money over several different coins and only utilize reliable exchange providers.

DingoToken: What is it?

DingoToken enables users to quickly deposit ANY tokens, including BEP-20 tokens, into an NFT. Now, a rare NFT can be turned into a basket containing a variety of different tokens. An entirely new NFT world is made possible by the DingoToken platform, a new protocol layer. The decentralized app (DApp) built on top of the DingoToken Protocol and targeted at art/collectible NFTs will also be made available for our public launch.

The DApp enables users to Mint / Generate an NFT, deposit their preferred asset into it, and then create their own NFTs. Only NFTs produced with the Dingo NFT Minting Station are supported in our v1 online application. To protect platform users' safety, steps are being taken by the firm. The option to mint one's own NFTs or buy those produced by Dingo Token platform users is available to users.


Read more »
Technology
bankruptcy Binance Crypto Currency Crypto Exchange FTX Technology

FTX: Failed Crypto Exchange Could Owe More Than 1 Million Creditors


Following the collapse of the crypto exchange FTX, and its associated businesses, it could owe money to more than a million people and organizations, according to the bankruptcy filings. The documents filed in bankruptcy court demonstrated the extent of a corporate collapse that has stripped traders’ accounts, plunging the crypto sector into crises. 

The investigations for bankruptcy commenced last week when FTX experienced an $8 billion shortfall due to a run-on deposit. Consequently, this led to the company which was once regarded as one of the safest and most reliable institutions of the freewheeling crypto industry crumbling overnight. 

The exchange’s founder Sam Bankman-Fried reportedly transferred $10 billion of customer funds from FTX to his trading company ‘Alameda Research.’ A large amount of that total fund has since disappeared. The total amount is said to be between $1-2 billion. 

The financial hole later came to light in records shared by Bankman-Fried with other senior executives last Sunday. The records provided a real-time account of the situation, some sources said. 

The company’s sudden downfall due to the run-on deposits last week left FTX unable to fulfill its customers' demands. Consequently, Bankman-Fried struck a rescue deal to sell his firm to its largest rival exchange, Binance. 

After a lengthy online skirmish between Bankman-Fried and Changpeng Zhao, CEO of Binance, a review stating FTX’s finances revealed various problems, posing as a deal breaker and Binance pulled out of the deal. Bankman-Fried attempted to secure new financing but was unable to, and later declared bankruptcy. The Justice Department and SEC are currently looking into his management of FTX. They are apparently focusing on whether FTX inappropriately transferred customer funds to Alameda Research.  

In regards to the case, Associate Professor in Finance Technology at the University of Liverpool, Gavin Brown referred to a recent report that suggested “42% of the exchanges which failed simply disappeared without traces.” 

According to Prof Brown “In the event of exchange failure, or even bankruptcy, it is the investors who are on the hook for losses” He, along with other industry experts warned that often smaller investors often end up back of the queue, after the remains of a crypto business are divided among themselves. They doubt much money will be coming back. 

"The unfortunate news is that the money's all gone. It's just not there anymore. Investors should expect pennies on the dollar," says crypto blogger and author David Gerard.   

Read more »
UK
Crypto Crypto Exchange Russia Technology UK

UK Agency Publishes New Guidelines for Crypto Exchanges to Stop Sanctions Evaders

 

Crypto exchanges are now required to report suspected sanctions breaches to UK authorities under new rules introduced amid concerns that digital currencies such as Bitcoin, Ether, and Tether, or non-fungible tokens (NFTs) are being used to evade Russian sanctions. 

On August 30, the Treasury’s Office of Financial Sanctions Implementation (OFSI) updated official guidelines to specifically include "crypto assets" among the things that must be blocked if sanctions are imposed on an individual or enterprise. 

According to the regulations established by the Treasury's Office of Financial Penalties Implementation, cryptocurrency exchanges will be breaking the law if they fail to report customers who are subject to sanctions. 

The regulations mean that exchanges now have the same legal obligations as professionals like estate agents, accountants, lawyers, and jewelers. The breach of guidelines will mean crypto exchanges are committing a criminal offense if they fail to report customers designated for sanctions. 

“It is vital to address the risk of crypto-assets being used to breach or circumvent financial sanctions,” a Treasury spokesperson stated. “These new requirements will cover firms that either record holdings of, or enable the transfer of, crypto-assets and are therefore most likely to hold relevant information.”

Financial sanctions on Russian business tycoons, politicians, and firms have been among the UK’s most prominent responses to the invasion of Ukraine. 

Earlier this year in April, Binance, the cryptocurrency exchange giant, blocked the accounts of relatives of Russian politicians, including Polina Kovaleva, the stepdaughter of the foreign minister, Sergei Lavrov, and Elizaveta Peskova, the daughter of Putin’s spokesperson, Dmitry Peskov. 

Employing crypto assets to bypass sanctions and shift money across the globe was already illegal in the UK under laws that cover all “economic resources”. However, the latest guidelines underline authorities’ concern regarding the new assets, which could be employed for circumventing sanctions because customers do not rely on regulated exchanges to make transactions. 

Anna Bradshaw, a partner in Business Crime Department at Peters & Peters, a London law firm, supported the UK’s move by stating the new guidelines were “in line with the more general expansion of financial services and anti-financial crime regulation to the crypto sector”.

“Crypto and virtual assets are treated no differently than any other type of assets for the purposes of an asset freeze. Having said that, reliance on crypto or virtual currencies could potentially make it more difficult to detect that a sanctioned party is involved, or that it relates to sanctioned trade or other sanctioned activity – at least in time for steps to be taken to prevent it.”
Read more »
UPI
Crypto Exchange cryptocurrency Indian Government Technology UPI

Indian Crypto Exchanges Disables Deposits Via UPI System

 

Multiple Indian crypto exchanges have disabled rupee deposits using the Unified Payments Interface (UPI) system, which is the most widely used retail payment method. This comes after the National Payments Corporation of India (NPCI) said last week that it was unaware of any crypto exchange using UPI. 

The Indian government has spent years working on a law to ban or regulate cryptocurrencies, with a ban backed by the central bank over risks to financial stability. However, recently the government has taken a decision to put a tax on the income from cryptocurrency and other digital assets. 

Crypto exchange Wazirx is not offering UPI support. The exchange tweeted on Wednesday, “Currently, UPI is not available,” and advised users to do P2P payments instead, which have zero fees. The platform also added that it has no estimated time limit to address the issue with UPI deposits. Coindcx is also not supporting payments by UPI, saying on Twitter Monday, “UPI is temporarily unavailable.”

Coinswitch Kuber, with over 15 million users went one step ahead and reportedly suspended all INR deposit services, including UPI and bank transfers via NEFT, RTGS, and IMPS. The Nasdaq-listed crypto exchange Coinbase, which recently launched in India, has also disabled all purchase options, including the UPI. 

Last month, multiple reports suggested that Coinbase has begun rolling out UPI and IMPS support for its users in India after users noticed the inclusion of the two payment systems (UPI & IMPS) on Coinbase’s app. The company acknowledged the same at its launch event on 7th April. 

“We are aware of the recent statement published by NPCI regarding the use of UPI by cryptocurrency exchanges. We are committed to working with NPCI and other relevant authorities to ensure we are aligned with local expectations and industry norms,” the exchange clarified. 

An industry source with direct knowledge of the matter said the NPCI was caught between a rock and a hard place when Coinbase claimed to launch with UPI support. “Once the launch of Coinbase happened in India and they announced the usage of UPI as a payment option, NPCI realized it needed to put a clarification out there,” the person said. 

Earlier this month, popular payment service Mobikwik also disabled offering services to crypto exchanges. Meanwhile, crypto exchanges have been declining in India after the 30% tax on crypto income went into effect without allowing loss offsets or deductions on April 1. From July 1st, a 1% tax deducted at source (TDS), will also be applicable on crypto transactions. 

There are no official data available on the size of India's crypto market, but industry experts believe the number of investors ranges from 15 million to 20 million, with a holding of about Rs 40,000 crore ($5.25 billion).
Read more »
UK Platform
Crypto Exchange Cyber Attacks Ransomware attack UK Platform

Cryptocurrency Platform BTC-Alpha Acknowledges a Ransomware Attack

 

Cryptocurrency platform BTC-Alpha was hit by a ransomware attack earlier this month, and the company's founder accused a rival.

The reports of a potential attack came to light last week when threat intelligence firm DarkTracer shared an image of a public leak site operated by the Lockbit ransomware group that claimed to have encrypted BTC-Alpha's data on Twitter. 

The ransomware group threatened to make the stolen information public if a ransom was not paid by December 1. That same day, Vitalii Bodnar, founder, and CEO of BTC-Alpha issued a press release on PRLeap alleging that a rival cryptocurrency firm carried out the attack. However, the cryptocurrency exchange did not issue a public statement on its website. 

In a Telegram conversation with SearchSecurity, BTC-Alpha acknowledged it was "hacked in the beginning of November" and the normal service at the U.K.-based cryptocurrency exchange had already restarted. "Vitalii Bodnar feels like a competitor was responsible for the attack," Alpha stated when questioned regarding Bodnar’s PR Leap statement. While the firm has not disclosed which competitor it believes is behind the attack, further details on the incident have been provided on the exchange’s official Telegram channel. 

Once normal services were restored, BTC-Alpha advised users to follow precautionary measures. This involved updating the app, authenticating accounts, and confirming the verification when withdrawing cash, as well as establishing new API keys because the old ones were removed. 

According to a Telegram video posted by Bodnar, all customers of BTC-Alpha will be "forced to use two-factor authentication" (2FA), which is now obligatory. Furthermore, the cryptocurrency strongly recommends against using an old password because they "find it as compromised." 

While it does not seem that cryptocurrency exchanges are frequently targeted by ransomware, Emsisoft threat analyst Brett Callow claims this is not the first instance. Several security flaws issues regarding the BTC-Alpha case remain unanswered, including whether file-encrypting ransomware was used and what types and volumes of data were taken. 

According to Dirk Schrader, global VP of security research at Netwrix, crypto platforms are the victims of their own making. The U.S. government is also issuing sanctions on cryptocurrency platforms in an attempt to counter ransomware gangs, which depend on exchanges and mixers to move and hide ransom payments.

"Attacking a competitor in a largely unregulated environment bears no risk of prosecution. The players in the field are already used to ‘wild west’ manners, given the fact that a sizeable portion of the transactions in those exchanges is related to shady or criminal activity. Becoming a target of a ransomware attack when operating in this space can have a multitude of motives: damaging a competitor is one, sending a message to all in the space can be another,” Schrader stated.
Read more »
Scam
Bitcoins BitConnect Crypto Exchange Cryptocurrency Frauds Cyber Fraud Fraud Schemes Scam

$57 Million in Seized Cryptocurrency Being Sold for Victims of BitConnect Scam

 

US law enforcement authorities will begin liquidating around $57 million in cryptocurrency confiscated from the now-defunct BitConnect crypto exchange. 

The amount is insignificant in comparison to the $2 billion that BitConnect executives defrauded from American and foreign investors over the course of the company's two years of presence. Nonetheless, the US Department of Justice considers this liquidation to be "the largest single recovery of cryptocurrency for victims to date" and the first step in assisting BitConnect victims regain some of their losses. 

BitConnect, an open-source cryptocurrency exchange with its own token, the BitConnect Coin, was founded in 2016. (BCC). The platform, which offers a high-yield investment programme (up to 1% per day), swiftly gained traction, with the token's value hitting the 'top 20' by the summer of 2017. 

Soon, clouds gathered above BitConnect as regulators accused it of being a Ponzi scheme, a charge the company frequently denied. After several probes, the platform was eventually shut down in January 2018, BCC's price collapsed, and a restraining order was filed to freeze all of the company's assets. 

During the subsequent investigations, it was found that one of the top executives was actively involved in money laundering as well as a second fraud known as 'Regal Coin.' On September 1, 2021, the company's founder, Glen Arcaro, pleaded guilty to the criminal allegations brought by the US Department of Justice. 
 
Arcaro agreed that he deceived investors about BitConnect's allegedly patented technology, which promised investors a profit. Early BitConnect investors were compensated with money from later BitConnect investors, as he admitted, a classic Ponzi scheme example (SEC complaint). 

Acting U.S. Attorney Randy S. Grossman of the Southern District of California stated, "Arcaro and his confidantes preyed on investor interest in cryptocurrency. As a result, a staggering number of individuals lost an enormous amount of money. To the investing public, let this also serve as a cautionary tale to safeguard your money and invest it wisely." 

The offender now faces up to twenty years in jail, $250,000 in penalties, forfeiture, and restitution, or double the gross gain or loss from the offence. Arcaro's sentence will be heard on January 7, 2022.
 
Victims of the BitConnect scam can identify themselves as possible victims by filling out this victim impact statement form. Victims can also willingly provide their information to the FBI to help with the investigation. 

It's suggested to keep an eye out for counterfeit wallet software, spoofed websites, and multiplier frauds while investing in cryptocurrency. Even if people find a platform that looks to be reliable, it’s recommended to not put all the money in one place. Rather, diversify the cryptocurrency and investment portfolio to reduce the danger of losing everything all at once.
Read more »
Cyber Attacks
Crypto Currency Crypto Exchange Crypto Hack Crypto Wallets cryptocurrency Cryptocurrency exchange Cyber Attacks

As Crypto Exchange Attacks Surge Users Must Protect Their Crypto Wallets



As cryptocurrency goes from being an academic concept to becoming a type of transaction that has the potential to significantly reduce cyber fraud, cryptocurrency crimes have seen a likewise rise with cybercriminals targeting cryptocurrency exchanges and crypto-wallets. 

Despite the global pandemic wreaking havoc on economies, cryptocurrency has continued to grow, leading to a rise in the number of crypto exchanges worldwide. Subsequently, several top crypto companies in the Bay area were seen investing in Indian exchanges as well. 

While cryptocurrencies are particularly secure, crypto exchanges are susceptible to a number of vulnerabilities as they remain largely unregulated. It has resulted in exchanges being hacked every year in large numbers. The sudden surge in the popularity of cryptocurrency has meant investments by many amateur investors who didn't take time to fully understand how the crypto scene works. The lack of knowledge has been rampantly exploited by threat actors who saw it as a chance to scam and exploit crypto space. 

Throughout 2020, attacks linked to Blockchain alone accounted for nearly a third of all time attacks targeted at blockchain. Reportedly, the total monetary losses in a total of 122 attacks were almost $3.78 billion. Ethereum (ETH) DApps were the most often targeted – costing users nearly $436.36 million in 2020 alone. There were 47 successful attacks aimed at decentralized applications based on the Ethereum smart contract. 

New-Zealand-based, Cryptopia exchange was breached in 2019 as hackers managed to siphon $11 million worth of funds from the exchange. Following the security breach, the exchange went dark citing an announcement that read: “We are experiencing an unscheduled maintenance, we are working to resume the services as soon as possible. We will keep you updated.” 

Altsbit, an Italian crypto exchange, lost $70,000 in a hack within a few months of being around. The exchange announced that it will refund the affected users and will terminate its services in May 2020. “We will refund whatever we are holding on cold storage to users and then the platform will close down, ” the company stated in an email to Cointelegraph. Though it remained unclear how the hackers pulled off the attack, reports stated that the cybercrime group 'Lulzsec' was behind the hack. 

UPbit, a popular South Korean cryptocurrency exchange lost approximately $45 million (342,000 ETH) in a 2019 crypto theft. It went on to become the seventh-largest crypto exchange hack of the year. 

Liquid Global, a Japanese crypto exchange reported suffering a massive hacking incident, which resulted in the loss of digital assets worth $97 million. It included Bitcoin, Ethereum, XRP, and stablecoins. Liquid claimed that the attacker targeted a Multi-Party Computation wallet (an advanced cryptographic technique). 

In order to stay ahead of the crypto hackers, a few ways to secure your cryptocurrency are: ensuring the security of the Internet, using a cold wallet, changing passwords at regular periods, maintaining multiple wallets, staying wary of phishing attacks, and securing your personal device.
Read more »
WazirX
$2 Billion Crypto Exchange Technology WazirX

Crypto Exchange Platform WazirX Hit a Record High of $2 Billion in Trading Volumes

 

Cryptocurrency exchange platform, WazirX has almost doubled its trading volumes since February 1st, 2021 regardless of fears of a government-imposed ban on crypto assets. According to a tweet by Nischal Shetty, founder of WazirX, India’s largest crypto exchange platform reached $2.3 billion in trading volumes on 21 February. On 21 January, exactly a month, ago volumes were at $1.4 billion and on 20 December volumes were at $500 million.

The future of crypto trading in India looks very bleak, the government of India will be introducing a bill in parliament that will explicitly ban private cryptocurrencies such as bitcoin. The cryptocurrency and Regulation of Official Digital Currency Bill, 2021 as named by the government will “create a facilitative framework for the creation of the official digital currency to be issued by the Reserve Bank of India.”

However, the government didn’t define the word ‘private cryptocurrency’ but experts believed that the bill will make it illegal to buy, sell or deal in Bitcoin, Ethereum, and other cryptocurrencies in the country.

In April 2018, the Reserve Bank of India issued a notice directing all the financial institutions to cut all ties with individuals or companies trading with virtual currencies such as Bitcoin within three months. For those trading with digital currency, the commission further proposed a prison sentence of up to 10 years and substantial penalties. Two years later in 2020, the Supreme Court overturned the decision of the Reserve Bank of India and allowed banks to control exchanges and traders’ cryptocurrency transactions.

Nischal Shetty told Mint that “crypto is a global phenomenon. The moment a Tesla spends $1.5 billion, your wealth in India has increased. Most of your investments are very local, but in crypto, anyone anywhere in the world can affect your wealth. People in India have been joining based on all of this positive news that’s been coming.”
Read more »
Subscribe to: Posts (Atom)