Category: Security

Ledger’s new seed-recovery service received criticism for security concerns, prompting the CEO to announce changes, including open-sourcing the Ledger Recover code, and adding passphrase protection. However, not all firmware will be open-sourced, and users must still trust the manufacturer for crypto safety.

The cryptocurrency market saw a 70% reduction in attacks on token protocols and crypto projects in Q1 2023, compared to the same period in 2022, according to a TRM Labs report. However, the industry should remain vigilant against large-scale attacks and maintain proactive security measures amidst fluctuating hack statistics.

Chinese chemical manufacturers are increasingly accepting cryptocurrencies like Bitcoin and Tether for fentanyl ingredients, with transactions totaling over $27 million. Elliptic’s report reveals a 450% year-on-year increase in transaction volume and raises questions about digital currencies’ role in illegal drug trade. Increasing regulation may become crucial to address this issue.

Binance’s crypto custody platform, Ceffu, assures clients that digital assets stored in cold wallets are never commingled and maintains segregated accounts and wallets. This response comes amid Reuters’ accusations against Binance for commingling user funds at Silvergate Bank, which Binance denies as false.

The first quarter of 2023 saw a 70% drop in money stolen from crypto projects, with contributing factors including crackdown on hackers, legal sanctions, and anti-money laundering standards. However, TRM Labs analysts warn of a potential “rebound” in crypto hacks as the year unfolds, emphasizing the need for continued security efforts and regulatory measures.

The crypto market has seen a surge in meme coin popularity, leading to scammers creating fake tokens and duping investors out of millions. Research by PeckShieldAlert shows a significant increase in meme coin rug pulls, highlighting the potential risks associated with the crypto market. It’s crucial to maintain skepticism, conduct thorough research, and remain well-informed about emerging trends and risks to avoid falling victim to fraudulent schemes.

Crypto hacker exploits have declined by 70% in Q1 2023, with hackers increasingly returning stolen funds for “white hat” rewards, says a TRM Labs report. Increased regulatory attention, robust KYC/AML policies, and successful enforcement cases are contributing factors to this shift.

In a recent high-profile phishing attack, valuable tokens from Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) were stolen and sold on the Blur marketplace, resulting in losses surpassing 100 ETH. This alarming event underscores the importance of staying vigilant in the crypto and NFT space, as phishing scams continue to threaten the security and livelihood of cryptocurrency owners.

A scam vendor called “Inferno Drainer” has stolen $5.9 million in assets from 4,888 victims across 689 phishing websites. Specializing in multi-chain scams, Inferno Drainer provides scammers with ready-to-go code in exchange for a 20% cut of stolen funds. Crypto scams and hacks continue to pose a threat, reinforcing the importance of security and vigilance in the crypto market.

The attacker of decentralized autonomous organization, Tornado Cash, submits a proposal to return control, sparking skepticism and optimism among crypto enthusiasts. The incident highlights the vulnerabilities and potential resilience of decentralized systems while emphasizing the importance of community-based approaches to mitigate risks and maintain trustless relationships in blockchain technology.

A new proposal surfaces to potentially restore Tornado Cash’s governance after a malicious attacker hijacked it. Quick action by community member Tornadosaurus Hex aimed to limit damage while the attacker surprisingly signaled intent to return governance control. This incident highlights the need for constant vigilance in blockchain cybersecurity.

Q1 2023 saw a significant decline in crypto hacks with a 65% drop in average hack size. However, TRM Labs warns against complacency, as historical data suggests temporary reprieves don’t guarantee permanent trends. Continuous vigilance in security is necessary to maintain this positive development.

A security breach at the decentralized autonomous organization (DAO) of Tornado Cash raised concerns as an attacker initiated a malicious proposal, gaining control over certain project aspects. This highlights the potential risks of decentralized management and emphasizes the importance of increased vigilance and robust security measures in ensuring a secure future for digital assets.

A recent governance attack on crypto mixer Tornado Cash allowed attackers to gain full control, granting themselves 1.2 million votes through a malicious proposal. The attackers have been withdrawing TORN from the platform’s governance vault and trading it for Ethereum, causing TORN price to plummet 35% within 24 hours. Major crypto exchanges like Binance suspended TORN deposits as a precautionary measure.

Decentralized crypto mixer Tornado Cash fell victim to an attacker who gained full control of its governance through a malicious proposal. The attacker’s control now poses risks to locked votes, tokens, and router functionality, emphasizing the need for investors to scrutinize proposals and prioritize safety in the evolving crypto landscape.

Arbitrum-based decentralized exchange Swaprum allegedly conducted a rug-pull, swiping around $3 million of customer deposits. The culprits took 1,628 Ether from the platform’s liquidity pools and laundered it through Tornado Cash. The incident highlights challenges in crypto security and the importance of user vigilance and thorough research before investing.

Ledger introduced a seed phrase backup product called Ledger Recover, potentially creating a security risk by introducing a third party as a single point of failure. Concerns arise regarding access to users’ private keys with hardware updates and open-source solutions are suggested to improve trustworthiness.

The demand for Ethereum self-custody solutions is growing, driving companies like Bitcoin wallet provider Casa to offer Ethereum support. Casa aims to simplify self-custody by incorporating best security practices, making it more enticing for users to control their crypto assets instead of relying on centralized exchanges, thus enhancing security.

Decentralized exchange Swaprum disappears with $3 million of client funds just weeks after being audited by CertiK. As DeFi projects face growing security threats, the need for thorough security audits and due diligence is more crucial than ever.

The blockchain community faces a new scam as a service called “Inferno Drainer,” which has reportedly stolen nearly $6 million from crypto users. This incident underscores the need for increased security, vigilance, and collaboration within the blockchain and cryptocurrency sectors.

The recent Swaprum exit scam on Ethereum Layer 2 network Arbitrum reveals the ongoing security challenges in the crypto world. This incident highlights the importance of credible security audits, regulatory framework, and user education in addressing growing concerns about hacks, scams, and the future of cryptocurrencies.

Cryptocurrencies capture attention with stories of financial success and technological innovation, countered by crime and fraud. Cases like Nevin Shetty’s $35 million embezzlement for personal cryptocurrency investment and its subsequent loss demonstrate potential risks within the volatile DeFi sector, serving as a cautionary tale for enthusiasts.

LayerZero Labs announces a record-breaking $15 million bug bounty program in collaboration with crypto-focused bug bounty platform Immunefi. This initiative aims to incentivize white hat hackers to identify vulnerabilities in the LayerZero protocol, prioritizing security, and setting a positive example for the crypto industry.

Ledger introduces a new wallet recovery service, but faces mixed reactions from the crypto community due to concerns over privacy and security. The optional recovery service backs up users’ seed recovery phrases by encrypting and splitting them among third parties, aiming to prevent irreversible asset loss. However, some users fear it increases vulnerability.

Australia’s Westpac bank plans to launch a pilot trial in late May for crypto scam protection measures, aiming to combat fraudulent activities linked to digital currency market. This responds to the rising number of scams, with approximately 50% of customer-related losses involving investment scams and one-third of reported cases involving direct transfers to cryptocurrency exchanges.

A scammer or group used a sophisticated phishing method to steal approximately $15 million in cryptocurrency on a fake HitBTC exchange platform. The fake website gained unauthorized access to users’ holdings, compromising their assets. It is crucial to verify the browser’s URL to combat such attacks.

Ledger’s hardware wallet is facing criticism after announcing an update that allows users to link their seed phrase to their identity card or passport, raising privacy concerns. This update necessitates trusting a third party with sensitive ID information, making recovery seed phrases potentially vulnerable to data leaks, hacks, and possible government surveillance.

Scammers have stolen millions of dollars in cryptocurrency by impersonating HitBTC exchange through a fake website (hitbt2c.lol). They trick users into depositing crypto into fraudulent wallets, which have allegedly accumulated over $15 million. Victims’ funds are directed to multiple blockchain addresses, with the scammers utilizing DeFi tools and centralized methods to cash out stolen crypto.

The rise of cryptocurrencies has led to an increase in DeFi scams, making it challenging for victims to recover their stolen assets. By collaborating with law enforcement, cybersecurity companies, and reputable exchanges, as well as implementing best practices for security, individuals and organizations can enhance their chances of recovering stolen Bitcoin and protecting against future scams.

Ledger introduced the “Ledger Recover” feature, aimed at future crypto users, storing encrypted seed phrases with third-party custodians. Critics argue it undermines privacy and security. The challenge lies in balancing user experience with dedication to core principles while attracting new users to blockchain and cryptocurrencies.

The crypto community is divided over Ledger’s seed phrase recovery feature, Ledger Recover, which divides the user’s seed phrase into three encrypted fragments sent to external entities. Critics argue it undermines hardware wallets’ security principles, while supporters appreciate the added security layer.

Cybersecurity firm Kaspersky warns of fake hardware crypto wallets mimicking major wallet firm Trezor, enabling fraudsters to steal Bitcoin by seizing control of private keys. Kaspersky recommends purchasing wallets directly from official vendors and using official guides to authenticate them, ensuring supply chain security and reducing financial loss risk.