Crypto Wallet Maker Ledger Loses 1M Email Addresses in Data Theft

Ledger

Ledger said customer details have been stolen in a data breach that may well have been exploited for over two months. In a note to clients Wednesday, CEO Pascal Gauthier said the French hardware wallet provider fell victim to a large-scale data breach from an unauthorized third party. The hacker, whose identity remains unknown, gained access to Ledger’s e-commerce and marketing database. Customers affected include those who signed up for Ledger’s newsletter or to receive promotional material. Information stolen included email addresses, with a smaller “subset” of 9,500 customers also…

Read More

Twitter hacked in Bitcoin scam

Twitter Bitcoin scam

Twitter was hacked yesterday when Bitcoin scammers sent a series of tweets from the official accounts of Apple, Uber, Joe Biden, Elon Musk and hundreds of others, reaping more than $100,000 (£79,500, €87,750). The platform said that some of its employees had been targeted by a social engineering campaign, allowing hackers to gain access to its internal systems. The severity of the incident is still being investigated. Appearing across multiple high-profile accounts in a matter of minutes, various tweets promised users that the account holders would double donations from anyone…

Read More

BitMEX’s downtime on 13 March prompted by DDoS attack, not ‘hardware issues’

bitmex downtime

BitMEX’s Chief Technology Officer [CTO], Samuel Reed, had provided a gist of the attack that hit the exchange platform on 13 March. Now, BitMEX’s Chief Executive Officer [CEO], Arthur Hayes, has come out to update the community with more info, stating that the BitMEX team will be addressing the issue soon. He elaborated on the same in a blog post, one that expanded on the two DDoS attacks that took place on 13 March. The CTO had previously noted that the exchange was under a botnet attack, the same it…

Read More

OKEx and Bitfinex Suffer a DDoS Attack

DDoS Attack

In what’s turning into a series of crypto exchanges with issues this month, Bitfinex and OKEx have both reported a distributed denial-of-service (DDoS) attack. Just this morning (UTC time), Bitfinex took to Twitter to notify the user that they are investigating what seems to be a DDoS, sharing a status page for further updates on the matter. A DDoS attack is used to flood a website from many different sources in order to disrupt the service and make it unavailable. It’s like intentionally crowding a shop from all sides, not…

Read More

Penalty for mining BTC on nuclear research center supercomputer

nuclear mining

An employee at a nuclear research center in the closed town of Sarov in Russia was fined for illegally mining Bitcoin (BTC). Convicted to pay $7,000 fine According to a Sept. 27 article by Russian news outlet Meduza, a man was fined 450,000 rubles ($7,000) for trying to mine Bitcoin by using a petaflop-capable supercomputer at his workplace, the All-Russian Scientific Research Institute in Sarov, Russia. Sarov, about 230 miles east of Moscow is a closed town as it is the Russian center for nuclear weapons research. The court delivered…

Read More

Exit scams swindled $3.1 billion from crypto investors in 2019

cryptocurrency scams

Cryptocurrency crime made good money last quarter, although less than in the first quarter of 2019. According to an initial release of CipherTrace’s Q2 2019 Cryptocurrency Anti-Money Laundering Report to CoinDesk, aggregate crypto losses reached $4.3 billion this year. Hacking thefts amounted to $125 million, adding to a 2019 total of $227 million. Excluding the QuadrigaCX hacking of $195 million, hackers stole $161 million in Q1. Given that CipherTrace’s price estimations are set at the time of initial reporting, current valuations would be much higher. CipherTrace further claims 2019 may…

Read More

Major Web Browser Firefox by Mozilla Now Blocks Web-Based Cryptojacking

Protections Against Fingerprinting and Cryptocurrency Mining

Major open-source browser Mozilla Firefox has launched new protections against crypto mining malware in its new browser versions, according to a blog post published on April 9. In its latest Firefox Nightly 68 and Beta 67 versions, Mozilla has enabled a new level of protection against crypto mining and fingerprinting hack attacks in a part of the browser’s Content Blocking suite of protections. The new browsing feature has been developed in collaboration with privacy and security software firm Disconnect, and represents a collection of blacklists of malware domains associated with…

Read More

New York rejects Bittrex Bitlicense application

New York

According to the press, the New York Department of Financial Services (NYDFS) decided to reject the BitLicense application from the Bittrex exchange. According to the New York Tax Office’s official report sent to Bittrex CEO Bill Shihare, New York, Bittrex Bitlicense rejects the lack of stock exchange policies and controls against AML, Know Your Customer (KYC), and Office of Foreign Asset Control (OFAC) ). Bittrex ranked 54th in the CoinMarketCap list of digital currency exchanges in terms of adjusted trading volume. The Bittrex case in brief BitLicense is a set…

Read More

Google Deletes Crypto Malware Targeting Blockchain.com

Crypto Malware

A Google Chrome browser extension tricking users into participating in a fake airdrop from cryptocurrency exchange Huobi claimed over 200 victims, a security researcher reported in a blog post on March 14. The extension for Chrome web browser, with the name NoCoin, gained 230 downloads before Google deleted it, according to Harry Denley, who runs cryptocurrency scam database EtherscamDB. Denley noted that hackers had purposely disguised the malicious extension to look like a tool protecting users from cryptocurrency malware or so-called cryptojacking. “From the start, it looked like it did…

Read More

Businesses Increasingly See Crypto Mining Attacks in Cloud Infrastructures

cloud crypto mining

Cryptocurrency mining is reportedly one of the most observed objectives of hackers attacking businesses’ cloud infrastructures, according to a report by AT&T Cybersecurity on March 14. The cybersecurity wing of United States telecoms firm AT&T stated that organizations of all sizes continue to face major crypto mining attacks despite the ongoing bear market. In the new report, AT&T examined the most significant forms of cryptojacking associated with mining attacks on organizations’ cloud infrastructure. AT&T outlined four major cryptojacking tactics used by hackers such as compromising container management platforms, control panel…

Read More

Major crypto brokerage Coinmama reports 450,000 users affected by data breach

Coinmama security

Israel-based crypto brokerage Coinmama — which allows users to purchase Bitcoin (BTC) and Ethereum (ETH) using a credit card — has suffered a major data breach affecting 450,000 of its users. The incident was disclosed in an official company announcement on Feb. 15. The breach is reportedly part of a mammoth, multi-platform hack that affected 24 companies and a total of 747 million records — among them gaming, travel booking and streaming sites. Coinmama says a list of around “450,000 email addresses and hashed passwords” of users who registered on…

Read More

Vulnerability Is Found in Constantinople

Constantinople Hard Fork Postponed

Ethereum’s (ETH) Constantinople hard fork faces a delay over a newly discovered security vulnerability allowing a reentrancy attack. The critical issue was detected by smart contract audit firm ChainSecurity and reported in a blog post Jan. 15. According to the company’s report, the Constantinople upgrade introduces cheaper gas cost (transaction fees) for some operations on the Ethereum network. As an unexpected side effect, this allegedly enables reentrancy attacks via the use of certain commands in ETH smart contracts. A reentrancy vulnerability allows a potential attacker to steal cryptocurrency from a…

Read More

Cryptopia goes offline after hack

Cryptopia

A New Zealand-based crypto-currency trading company went offline after it was hacked at the weekend. Cryptopia, based in Christchurch, announced on Twitter that on January 14, it suffered a security breach that resulted in significant losses. “Once identified, the exchange was put into maintenance while we assessed damages,” it added. The exchange has not disclosed the value of the losses, the tokens and currencies affected or any measures to refund users. But Whale Alert, which tracks large crypto transactions, reported that 19,391 ether (ETH) tokens worth nearly $2.44 million, and…

Read More

Two Thirds of Korean Crypto Exchanges Fail Government Security Check

crypto fail

Only a third of cryptocurrency exchanges inspected got a full pass in a recent government security audit. The Ministry of Science and ICT, the Korea Internet & Security Agency and the Ministry of Economy and Finance inspected a total of 21 crypto exchanges from September to December 2018, examining 85 different security aspects. Notably, only 7 of them – Upbit, Bithumb, Gopax, Korbit, Coinone, Hanbitco, and Huobi Korea – cleared all the tests, CoinDesk Korea reported Thursday. The remaining 14 exchanges are “vulnerable to hacking attacks at all times because…

Read More

Coinbase suspended Ethereum Classic (ETC) trading after a successful 51% attack

Ethereum Classic attack

The cryptocurrency exchange Coinbase suspended the trading of Ethereum Classic (ETC) after double-spend attacks worth $1.1 Million. The cryptocurrency exchange Coinbase has suspended the trading of Ethereum Classic (ETC) after double-spend attacks that consist in spending digital coins twice. Ethereum Classic (ETC) is the original unforked Ethereum blockchain, the attacks resulted in the loss of $1.1 million worth of the digital currency. 51% attack refers to an attack on a blockchain by a group of miners that controls over 50% of the network’s mining hashrate. “On 1/5/2019, Coinbase detected a…

Read More