Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label NFTs. Show all posts
Token Management
Digital Assets NFTs Technology Token Management

Here's How NFTs Can Transform Asset Management

 

NFTs are frequently discussed in terms of their role in digital art, but beneath the surface, there is a massive, unexplored potential for revolutionising real-world asset ownership and transaction.

This possibility was the focus of a recent conversation between Roundtable host Rob Nelson and Brittany Kaiser, chair of the board of Gryphon Digital Mining (GRYP) and co-founder of the Own Your Own Data Foundation. 

Together, they analysed the broader ramifications of tokenization beyond digital collectibles. Nelson began the conversation by clarifying common misconceptions about NFTs and emphasising their value beyond art collecting. 

"NFTs and tokenization bring real utility, wealth sharing, and growth opportunities," he said, laying the groundwork for an informative discussion of how these technologies may be applied in more traditional sectors. 

Kaiser presented a rudimentary overview of what a "token" actually entails, stating that at its foundation, a token is a smart contract. With her legal knowledge, she skillfully illustrated how these contracts automate and enforce themselves technologically rather than legally.

"A smart contract is a self-executing digital contract that encapsulates data or transactions in a secure, enforceable format," Kaiser said. 

She highlighted the practical advantages of this technology, particularly in data management. Individuals can govern how their data is utilised and ensure it is inaccessible after a set amount of time by using smart contracts, as opposed to traditional techniques, which leave data susceptible indefinitely.

Kaiser's ideas were applied on a broad scale, including the transfer of real-world assets and financial transactions. She described how tokenization may expedite the time-consuming due diligence processes traditionally connected with real estate purchases, transforming them into efficient and secure exchanges.
Read more »
Tokens
Blockchain Crypto cryptocurrency Decentralized Digital Assets digital currency Fintech NFTs Smart Contracts Technology Tokens

The United States is Monitoring Vulnerabilities in Bitcoin

 

The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022. The National Vulnerability Database (NVD), overseen by the National Institute of Standards and Technology (NIST), a branch of the U.S. Department of Commerce, has brought attention to this issue for public awareness. This underscores the growing focus of government agencies on the security dimensions of cryptocurrencies.

The vulnerability at the core of this development is specific to certain versions of Bitcoin Core and Bitcoin Knots. It enables the bypassing of the datacarrier limit by disguising data as code. In practical terms, this vulnerability could result in the Bitcoin network being inundated with non-transactional data, potentially causing congestion in the blockchain and affecting performance and transaction fees. This concern is not merely theoretical, as evidenced by the exploitation of the Ordinals inscriptions in 2022 and 2023.

The Ordinals gained prominence in late 2022, involving the embedding of additional data onto a satoshi, the smallest Bitcoin unit, similar to the concept of nonfungible tokens (NFTs) on the Ethereum network. However, the increased usage of Ordinals transactions has led to heightened network congestion, resulting in elevated transaction fees and slower processing times. For blockchain enthusiasts, these issues are not just technical glitches but critical challenges that could influence the future trajectory of Bitcoin.

Luke Dashjr, a Bitcoin Core developer, has been outspoken about this vulnerability, likening it to receiving a flood of junk mail that obstructs essential communications. This metaphor aptly encapsulates the essence of the vulnerability, disrupting the otherwise streamlined process of Bitcoin transactions.

In response to these concerns, a patch has been developed in Bitcoin Knots v25.1. However, Dashjr notes that Bitcoin Core remains vulnerable in its upcoming v26 release. He expresses hope that the issue will be addressed in the v27 release next year. The implications of this vulnerability and its subsequent patching are substantial. Rectifying the bug could limit Ordinals inscriptions, although existing inscriptions would persist due to the immutable nature of the network.

This situation underscores a broader theme in the cryptocurrency world: the constant evolution and the need for vigilance in maintaining network security. The involvement of U.S. federal agencies in tracking and cataloging these vulnerabilities may signify a step toward more robust and secure blockchain technologies. While the identification of Bitcoin's vulnerability by the NVD serves as a cautionary tale, it also presents an opportunity for growth and improvement in the cryptocurrency ecosystem.
Read more »
School Kids
Cyber Crime Discord Hack NFT Drainers NFTs Online Hack School Kids

School Kids are Stealing NFTs Worth Millions of Dollars to Purchase Roblox Skins

 

Being wary of journalists can be a good thing at times. Take the case of Orbiter Finance. A claimed journalist from a crypto news website contacted one of its Discord moderators last month and requested that they complete out a form. The moderator had no idea that this uncomplicated action would give someone else control of their Discord server.

Once inside, the offender froze other admins' access to the system and restricted community members' ability to submit messages. Everyone who clicked on the phoney airdrop announcement was taken to a phishing website intended to steal their NFTs. The plan was successful. They quickly took NFTs and tokens worth $1,000,000 while the squad was only onlookers.

"We were so concerned," Gwen, a business development manager at Orbiter Finance, said in an interview. "If we cause any damage to [our community members], we will just lose their trust."

The Orbiter attack is only one of many recent examples involving NFT drainers and compromised Discord servers or Twitter accounts. Data obtained by NFT researcher and security specialist OKHotshot shows that at least 900 Discord servers have been infiltrated for phishing attempts since December 2021, with a noticeable uptick in the previous three months.

According to statistics obtained by PeckShield and several dashboards on Dune Analytics by Scam Sniffer and others, such assaults have hit at least 32,000 victim wallets over the last nine months. Attackers have stolen NFTs and tokens worth a total of $73 million.

Culprits behind the attacks 

These methods frequently involve wheeling and dealing in a growing drainer code black market. The masterminds behind the phishing assaults first go to Telegram and Discord, where they can identify channels hosted by the creators of various drainers. 

They contact the developer and acquire the drainer, which is a set of code that can be installed into websites, while often agreeing to give the developer 20-30% of the proceeds. Then, using their own tactics, such as the fake news site stated above, they will hijack a Discord server or Twitter account and advertise a false website containing the NFT drainer code in order to steal NFTs and whatever else they can get their hands on. 

That is, when they are not preoccupied with homework. 

"95% of them are kids below the age of 18 who are still in high school," said Plum, a pseudonymous security researcher who works on the trust and safety team at NFT marketplace OpenSea, adding that the frequency of attacks tends to spike around the Summer holidays. 

“I personally have talked to quite a few of them and know they’re still in school,” stated Plum. “I’ve seen pictures and videos of various of them from their schools. They talk about their teachers, how they’re failing their classes or how they need to do homework.” 

These kids appear to make little effort to conceal their newfound wealth. “They'll buy a laptop, some phones, shoes and spend vast amounts of money on Roblox. They all play Roblox for the most part. So they'll buy the coolest gear for their Roblox avatar, video games, skins and things like that,” Plum added. 

Plum went on to say that they frequently buy gift cards with cryptocurrency on the gift card marketplace Bitrefill, spend thousands of dollars on Uber Eats, buy luxury clothes, pay individuals to do their homework for them, and even buy automobiles they can't drive yet. They also enjoy gambling. 

The exploiters try to hide their tracks by paying people in lower-income countries to use their personal information to register on exchanges, obscuring the trail when they cash out, according to Plum. They claim that if law enforcement had been interested in arresting them, at least some of them should have been apprehended by now because they leave adequate evidence of their actions.

Plum mused on why offenders believe they can get away with such crimes, saying that "they feel invincible, they have God mode — that no-one can touch them." 

While countries such as North Korea are also involved in phishing operations against NFTs, Plum claims that they normally employ their own drainers and are less connected with drainers for sale. The NFT drainers' creators, who in some cases carry out assaults using their own technology, are a little more elusive, but their pseudonymous profiles leave a unique trail. 

The growing problem of NFT drainers

Monkey, one of the first NFT drainers, launched their Telegram channel in August. But it wasn't until October that it really got going. According to PeckShield, their technology was utilised to steal 2,200 NFTs worth $9.3 million and an additional $7 million in tokens over the next few months. 

Monkey chose to retire on February 28th. Its creator stated in a parting message that "all young cyber criminals should not lose themselves in the pursuit of easy money." They advised its customers to use Venom, a competitor drainer. 

Venom was a worthy opponent. It was another of the first drainers, and it was used to steal over 2,000 NFTs from over 15,000 victims throughout time. Customers of the drainer employed 530 phishing sites to perform attacks on crypto projects such as Arbitrum, Circle, and Blur, netting a total of $29 million in NFTs, ether, and different currencies.

While Venom was one of the first NFT drainers to go multichain, security experts say they failed miserably. However, their drainer was the first to be used to steal NFTs from the NFT marketplace Blur. 

Inferno, which was used to steal $9.5 million from 11,000 victims, and Pussy, which was used to steal $14 million from 3,000 victims, were two other rivals. Customers of Angel, which began on a Russian hacking forum, used it to steal $1 million from over 500 victims in the form of NFTs and various tokens, most notably compromising the Twitter account of crypto wallet Zerion. 

However, the drainers' operation stays the same, with a few tweaks here and there. Plum believes that the solution rests in safety-oriented wallet extensions, which are successful in protecting wallets. It is also prudent to use and preserve multiple wallets in cold wallets.
Read more »
Suspected Hackers
Crypto Scam Cyber Crime Cybersecurity NFT NFTs Suspected Hackers

Five Suspects Charged for $2.5 million Worth NFTs Theft, Targeting Bored Ape NFT Owners

 

On Wednesday, October 12, five crypto scammers in France faced allegations of collaborating in a phishing scam and were consequently charged. Allegedly, the suspects have audaciously acquired and resold $2.5 million worth of blue chip non-fungible tokens (NFTs). The phishing scam prominently targeted Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) owners. 
 
As per the prosecution, the alleged suspects leveraged a phishing scam in order to steal the assets, enticing victims through a fake website, while promising to animate their NFTs, reports Agence France Presse (AFP) in a post by Barrons. 
 
The charged suspects aged between 18 and 24, are residents of Paris, Caen, and Tours. Two of the five scammers are charged with manufacturing the fraudulent phishing site that enabled the theft. The rest three were accused of taking charge of advertising and money laundering aspects of the phishing, says deputy chief of France’s cyber-crime authority, Christopher Durand. 
 
The prosecution charges included “fraud committed as a part of criminal gang, concealing fraud and criminal association.” The subjects have been placed in pre-trial detention by the French authorities, along with their parents. The parents of one of the accused have also been arrested, but later they were released without charge. 
 
The deputy chief says that the probe was initially started as a result of an investigation by well-known Twitter user “ZachXBT" ZachXBT, describing himself as an “on-chain sleuth" in a blog post mentioned how the Twitter user “Dilly Dilly" had clicked on a link shared by “a verified member of the BAYC Discord" and consequently had his BAYC NFT stolen after approving a transaction on website that “he was lead to believe would produce an animated version” of his NFT.  
 
ZachXBT claims that after selling the stolen tokens on the NFT marketplace Opensea, the accused tried to hide the tracks by using the now-sanctioned Tornado Cash protocol. 
 
A report by blockchain analytics firm Elliptic suggests that over $100 million worth of NFTs being stolen between July 2021 and July 2022. Along with these recent incidents, NFT fraud seems to be rapidly booming in general and thus has sparked security concerns.  
 
This news sees the light of day when the firm behind the Bored Ape collection, Yuga Labs is under investigation for its business practices. Although the organization has not yet been charged with any misconduct, the Securities and Exchange Commission (SEC) is now investigating the start-up, to check if the anonymous sources reported by Bloomberg are true.
Read more »
RedLine Stealer
Binance Blockchain Crypto Scam Crypto Wallets Cyber Security Netskope NFTs Phishing Attacks RedLine Stealer

Users' Crypto Wallets are Stolen by Fake Binance NFT Mystery Box Bots

 

Researchers have discovered a new campaign to disperse the RedLine Stealer — a low-cost password seeker sold on underground forums — by mutating oneself with the data malware from GitHub repositories using a fake Binance NFT mystery box bots, an array of YouTube videos that take advantage of global interest in NFTs. 

The enticement is the promise of a bot that will automatically purchase Binance NFT Mystery Boxes as they become available. Binance mystery boxes are collections of non-fungible token (NFT) things for users to purchase in the hopes of receiving a one-of-a-kind or uncommon item at a discounted price. Some of the NFTs obtained in such boxes can be used in online blockchain games to add unusual cosmetics or identities. However, the bot is a hoax. According to Gustavo Palazolo, a malware analyst at Netskope Threat Labs, the video descriptions on the YouTube pages encourage victims to accidentally download RedLine Stealer from a GitHub link. 

In the NFT market, mystery boxes are popular because they provide individuals with the thrill of the unknown as well as the possibility of a large payout if they win a rare NFT. However, marketplaces such as Binance sell them in limited quantities, making some crates difficult to obtain before they sell out. 

"We found in this attempt that the attacker is also exploiting GitHub in the threat flow, to host the payloads," Palazolo said. "RedLine Stealer was already known for manipulating YouTube videos to proliferate through false themes," Palazolo said. The advertising was spotted by Netskope in April. "While RedLine Stealer is a low-cost malware, it has several capabilities that might do considerable harm to its victims, including the loss of sensitive data," Palazolo said. This is why prospective buyers frequently use "bots" to obtain them, and it is exactly this big trend that threat actors are attempting to exploit. 

The Ads were uploaded during March and April 2022, and each one includes a link to a GitHub repository that purports to host the bot but instead distributes RedLine. "BinanceNFT.bot v1.3.zip" is the name of the dropped file, which contains a program of a similar name, which is the cargo, a Visual C++ installation, and a README.txt file. Because RedLine is written in.NET, it demands the VC redistributable setup file to run, whereas the prose file contains the victim's installation instructions.

If the infected machine is found in any of the following countries, the virus does not run, according to Palazolo: Armenia, Azerbaijan,  Belarus,  Kazakhstan,  Kyrgyzstan,  Moldova,  Russia,  Tajikistan Ukraine, and Uzbekistan.

The repository's GitHub account, "NFTSupp," began work in March 2022, according to Palazolo. The same source also contains 15 zipped files including five different RedLine Stealer loaders. "While each of the five loaders we looked at is slightly different, they all unzip and inject RedLine Stealer in the same fashion, as we discussed earlier in this report. The oldest sample we identified was most likely created on March 11, 2022, and the newest sample was most likely compiled on April 7, 2022," he said. These promotions, on the other hand, use rebrand.ly URLs that lead to MediaFire downloads. This operation is also spreading password-stealing trojans, according to VirusTotal. 

RedLine is now available for $100 per month on a subscription basis to independent operators, and it allows for the theft of login passwords and cookies from browsers, content from chat apps, VPN keys, and cryptocurrency wallets. Keep in mind that the validity of platforms like YouTube and GitHub doesn't really inherently imply content reliability, as these sites' upload checks and moderation systems are inadequate.
Read more »
non-fungible token
Bitcoin Scam Blockchain Crypto Scam Cyber Attacks Ethereum NFTs non-fungible token

 Ferrari Subdomain was Seized over to Promote a Bogus Ferrari NFT Collection

 

Cyberattackers hacked Ferrari's subdomains website to promote a fake NFT collection that pretended to be the much-anticipated official one and duped its consumers. 

Non-fungible tokens, or NFTs, are a new sort of digital asset that has been gaining popularity as big tech constructs the Metaverse. NFT is data recorded on a cryptocurrency blockchain that has been signed by a digital certificate to verify it is unique and cannot be copied. Having an NFT is similar to having a real asset, except the real deal is digital. The NFT trend is quickly spreading and is closely tied to cryptocurrency. It's also expanding rapidly. To mention a few, One Plus, Budweiser, Nike, Visa, Adidas, and Louis Vuitton have all entered the NFT realm. NFTs usually sell for a few dollars, however, in rare situations, the price of NFTs can surge. 

Sam Curry, an ethical hacker and bug bounty hunter, reported seeing one of Ferrari's subdomain forms on Thursday. A false NFT (Non-Fungible Token) fraud is hosted on ferrari.com.

Having a brand new Ferrari is exclusive for the wealthy, with prices ranging from $250,000.00 to 1.8 million dollars. Last year Ferrari announced it might soon sell digital Ferrari NFTs to appease its fan base, which made this scam all very convincing. 

Ferrari and Velas Network AG have established a new relationship. Velas stated that they would break into Formula 1 in 2022 alongside Ferrari. Internationally, the company is noted for its transparency and leadership in blockchain, digital products, and services. 

"Mint your Ferrari," a crypto scam, encouraged users to buy NFT tokens by falsely claiming Ferrari had launched "a collection of 4,458 horsepower [sic] NFTs on the Ethereum network." 

Further analysis by Curry and a security engineer is known as d0nut found how attackers hacked the subdomain and used an Adobe Experience Manager weakness to host its bitcoin fraud.

"After more investigation, it appears that this was an Adobe Experience Manager exploit. By poking around, you can still uncover remains of the unpatched site," Curry wrote.

Many people have criticized blockchains for conducting crypto trading and NFT services because of it's large energy consumption and environmental impact. Ferrari picked Velas for more than just the speed. The company operates in a carbon-neutral manner. Ferrari while announcing the big news claimed that "they have transformed the world of blockchain by inventing a pioneering, energy-efficient platform that functions at unprecedented speed."
Read more »
Technology
Crypto cryptocurrency Digital Assets digital currency Digital Money NFTs Technology

Hackers Steal NFTs Worth $3M in Bored Ape Yacht Club Heist

 

Hackers stole non-fungible tokens (NFTs) estimated to be worth $3 million after getting into the Bored Ape Yacht Club's Instagram account and uploading a link to a replica website that tried to capture marks' assets.

The fake post offered a free airdrop – essentially a promotional token giveaway, to customers who clicked the link and connected their MetaMask crypto-asset wallets to the scammer's wallet. Rather than receiving free items, victims had their digital wallets drained. 

Bored Ape Yacht Club tweeted Monday morning in a warning that came too late for some of its members, "It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything,"  

The Bored Ape Yacht Club, or BAYC, is a collection of photographs depicting bored primates in various attitudes and costumes, which can be used as internet profile avatars and sell for hundreds of dollars in crypto coins. 

Miscreants stole four Bored Apes, six Mutant Apes, and three Bored Ape Kennel Club NFTs, as well as "assorted additional NFTs estimated at a total value of $3 million," according to Yuga Labs, the company that launched Bored Ape Yacht Club. 

"We are actively working to establish contact with affected users," a Yuga Labs spokesperson said, adding that its hijacked Instagram account did have two-factor authentication enabled, "and the security practices surrounding the IG account were tight." 

"Yuga Labs and Instagram are currently investigating how the hacker was able to gain access to the account," the spokesperson stated. 

This is the second time in less than a month that the NFT collection has been hacked. Bored Ape Yacht Club said on March 31 that their Discord server had been compromised. According to security firm PeckShield, a cybercriminal stole one NFT: Mutant Ape Yacht Club #8662 in a previous incident. 

In March, following the launch of the ApeCoin cryptocurrency by the Bored Ape Yacht Club, fraudsters stole around $1.5 million by claiming a huge amount of tokens using NFTs they did not own and obtaining bogus flash loans. Flash loans are given and repaid in a single blockchain transaction, which might take as little as seconds to get and return the funds. These and other recent hacks have raised security concerns about NFT and cryptocurrency technologies.
Read more »
Trojan Attacks
Crypto Wallets DeFi IP Address Lazarus Group malware NFTs North Korea Remote Code Execution Spear Phishing attacks Trojan Attacks

Hackers in Dprk use Trojanized DeFi Wallet App to Steal Bitcoin

 

North Korean government-linked hackers have now been circulating a trojanized version of a DeFi Wallet for holding bitcoin assets to obtain access to cryptocurrency users' and investors' systems.

Securing economic benefits is one of the primary motives for the Lazarus threat actor, with a focus on the cryptocurrency industry. The Lazarus group's targeting of the financial industry is increasing as the price of cryptocurrencies rises and the appeal of the non-fungible asset (NFT) and decentralized finance (DeFi) enterprises grows.

In this attack, the threat actor used web servers in South Korea to distribute malware and communicate with the implants that had been placed. Kaspersky Lab researchers recently identified a malicious version of the DeFi Wallet software that installed both the legal app and a backdoor disguised as a Google Chrome web browser executable. When the trojanized DeFi application was launched on the machine, it introduced a full-featured backdoor with a compilation date of November 2021. It's unknown how the hackers spread the word, but phishing emails or contacting victims through social media are both possibilities. 

Although it's not clear how the threat actor persuaded the victim to run the Trojanized program (0b9f4612cdfe763b3d8c8a956157474a), it is believed they used a spear-phishing email or social media to contact the victim. The Trojanized application initiates the previously unknown infection technique. This installation package masquerades as DeFi Wallet software, but it actually contains a legal binary that has been packed with the installer. 

The virus installed in this manner, as per the researchers, has "sufficient capabilities to manage" the target host by issuing Windows commands, uninstalling, starting or killing processes, enumerating files and related information, or connecting the computer to a particular IP address. 

The malware operator can also collect relevant data (IP, name, OS, CPU architecture) and the discs (kind, free space available), files from the command and control server (C2), and retrieve a list of files stored in a specified area using additional functionalities. According to Japan CERT, the CookieTime malware group known as LCPDot has been linked to the DPRK operation Dream Job, which enticed victims with phony job offers from well-known firms. 

Google's Threat Analysis Group (TAG) revealed recent activity related to Dream Job earlier this month, finding North Korean threat actors used a loophole for a zero-day, remote code execution bug in Chrome to aim at people working for media, IT companies, cryptocurrency, and fintech companies. "The CookieTime cluster has linkages with the Manuscrypt and ThreatNeedle clusters, which are also attributed to the Lazarus organization," Kaspersky adds. 

The links between the current trojanized DeFiWallet software and other malware attributed to North Korean hackers go beyond the virus code to the C2 scripts, which overlap many functions and variable names. It's worth mentioning that Lazarus is the umbrella name for all state-sponsored North Korean threat operations. Within the DPRK, however, several threat groups are operating under different institutions/departments of the country's intelligence establishment. 

Mandiant analysts prepared an evaluation of the DPRK's cyber program structure using data collected over 16 months from its digital activity tracking for the entire country, OSINT monitoring, defector reporting, and imaging analysis. Targeting bitcoin heists is certainly within the scope of financially motivated units inside the country's Reconnaissance General Bureau's 3rd Bureau (Foreign Intelligence), according to their map (RGB).   
Read more »
Subscribe to: Posts (Atom)