Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Kraken. Show all posts

Data of Users on Prominent Crypto Exchange Set to be Shared with IRS

 

Starting in November, Kraken, a cryptocurrency exchange based in San Francisco, will begin sharing the personal information of over 40,000 users with the United States Internal Revenue Service (IRS) to comply with a court order issued in June. 

This change will affect American users whose transactions exceed $20,000 on the platform from 2016 to 2020. Kraken notified its U.S. users of this development, stating that the information covered by the court's order will be shared in early November 2023.

In May 2021, Kraken and its subsidiaries received an IRS summons, known as a "John Doe" summons, requesting a substantial amount of data related to U.S. customers. The IRS aimed to address tax evasion in the cryptocurrency space, where individuals were accumulating wealth without reporting it to tax authorities. 

The International Monetary Fund (IMF) has also highlighted the challenges posed by crypto assets due to their decentralized and pseudonymous nature, suggesting that tax systems need to adapt.

The IMF emphasized that crypto transactions are pseudonymous, meaning they use public addresses that are challenging to link to individuals or entities, potentially facilitating tax evasion. The IMF acknowledged that centralized exchanges are more accessible targets for implementing know-your-customer checks and already possess extensive customer data. 

Initially, Kraken resisted disclosing user data but was compelled to do so by a court order in June. The number of affected users was reduced to approximately 42,000 from an initial request for data from nearly 60,000 users.

Kraken will be required to provide user information such as names, dates of birth, Tax IDs or social security numbers, addresses, and contact details including phone numbers and emails, along with transaction history from 2016 to 2020. 

However, the exchange clarified that it will not share data on IP addresses, net worth, bank information, employment details, or sources of wealth. Kraken assured users that sensitive account information is encrypted for security.

Despite these measures, the IMF warned that determined tax evaders may turn to centralized exchanges located outside the U.S. to keep tax authorities uninformed. Additionally, there is concern that reporting requirements could lead people to conduct transactions through decentralized exchanges or peer-to-peer trades, which are harder for tax administrators to monitor.

New Golang Botnet Drains Windows Users’ Cryptocurrency Wallets

 

A new Golang-based botnet has been ensnaring hundreds of Windows PCs, each time its operators launch a new command and control (C2) server. This previously undiscovered botnet, dubbed Kraken by ZeroFox researchers in October 2021, utilizes the SmokeLoader backdoor and malware downloader to proliferate to new Windows systems. 

The botnet adds a new Registry key after compromising a new Windows device in order to accomplish persistence across system restarts. It also includes a Microsoft Defender exclusion to assure that its installation directory is never examined, and use the hidden attribute to hide its binary in Window Explorer. 

Kraken has a basic feature set that allows attackers to download and run additional malicious payloads on infected devices, such as the RedLine Stealer malware. RedLine is the most extensively used data thief, capable of gathering victims' passwords, browser cookies, credit card information, and cryptocurrency wallet information. 

ZeroFox stated, "Monitoring commands sent to Kraken victims from October 2021 through December 2021 revealed that the operator had focused entirely on pushing information stealers – specifically RedLine Stealer. It is currently unknown what the operator intends to do with the stolen credentials that have been collected or what the end goal is for creating this new botnet." 

The botnet, however, has built-in data-stealing skills and can steal cryptocurrency wallets before dropping other data thieves and cryptocurrency miners. Kraken can steal information from Zcash, Armory, Bytecoin, Electrum, Ethereum, Exodus, Guarda, Atomic, and Jaxx Liberty crypto wallets, according to ZeroFox. This botnet appears to be adding almost USD 3,000 to its masters' wallets every month, according to data obtained from the Ethermine cryptocurrency mining pool. 

The researchers added, "While in development, Kraken C2s seem to disappear often. ZeroFox has observed dwindling activity for a server on multiple occasions, only for another to appear a short time later using either a new port or a completely new IP."

Regardless, "by using SmokeLoader to spread, Kraken quickly gains hundreds of new bots each time the operator changes the C2."

Kraken Bug: Traders Buy Bitcoins and Sell Them For Almost Double?



Kraken, the world’s oldest crypto-currency exchange medium recently revealed that a bug allegedly allowed specific customers to purchase and then resell $8,000 worth Bitcoin for $12,000.

It was mentioned on Twitter that the bug was found in an “unreleased advanced order type”.

The bug caused the orders to automatically execute without having cleared the requisite liquidity. Stop orders were immediately activated and filled at market rate.

The victims of this incident were strongly advised to submit “support tickets” with their questions. Nevertheless, the exchange was vehemently condemned.

Kraken’s CEO in response tweeted that he’s not sure how a “legitimate” trade takes place for pricing reasons or at least what boundaries it exists within.

The charts tell the story that a few over-fortunate traders quickly bought for a low price and sold for a fairly higher amount but the tweets tell another story.