China Back on Attack Mode, Internet Blocking Exchanges & Bitcoin Miners Ordered to Shut Down

China Back on Attack Mode, Internet Blocking Exchanges & Bitcoin Miners Ordered to Shut Down

This time, Bitcoin price is not responding to the reports of a crackdown from China which extends beyond the crypto sector, ahead of the 100th anniversary of the ruling Communist Party on July 1, trading around $36,500.

China has taken some strict measures against cryptocurrency exchanges and bitcoin mining yet again ahead of the politically sensitive 100th anniversary of the ruling Communist Party on July 1.

However, these measures aren’t restricted to the crypto sector alone but extends to banks, education, and the internet.

Major internet services in China, Baidu, Zhihu, and Sogo, are blocking the keywords associated with the top three crypto exchanges Binance, Huobi, and OKEx.

“According to the relevant laws, regulations, and policies, the search results have not been displayed,” reads the message on social media. Over the weekend, Weibo also blocked a large number of crypto Key Opinion Leaders (KOLs) in China.

Reportedly, the Payment and Clearing Association, a subsidiary of the Central Bank of China, has also stated that 13% of gambling websites support crypto and use the anonymity of blockchain technology to conceal fund transfers.

Additionally, the Reform and Development Commission in the Changji Hui Autonomous Prefecture in Xinjiang issued a notice on Wednesday ordering its subordinate government officials in the Zhundong Economic Technological Development Park to shut down all crypto mining activities.

Xinjiang province is one of the major economic and technological development zones in China, which is home to coal-based power plants and industrial factories, including some of the largest Bitcoin mining facilities due to fossil fuel energy.

This move was taken by the authorities based on the high-level bitcoin trading and mining crackdown brought up during the China State Council meeting last month.

This has resulted in the hash rate of the top mining pools plummeting by 20% to 25%, as per BTC.com. So far, Bitcoin’s hash rate per day is at 166.1 Th/s, up from last month’s 118.7 Th/s caused by China’s crackdown but still down from 171.4 Th/s ATH on May 13, according to Bitinfocharts.

According to the Chinese publication Wu Blockchain, there are three mining regions in China: Inner Mongolia, which relies heavily on coal-based mining and has already stopped mining cryptocurrency completely, Sichuan depends on hydropower which may not stop, and Xinjiang, where the situation is complicated but the term used in the document is “to suspend for rectification,” and not as strict as Inner Mongolia. It added,

“In addition to the uncertainties of government supervision, China is experiencing a new power shortage. The core reason is that China’s main power generation area and main power consumption area are separated in the west and east, which also has an impact on current Bitcoin mining.”

Bitcoin and other cryptocurrencies continue to face price pressure due to rising regulatory concerns from China. This time, however, BTC price is not affected, going to $36,700 despite the reports, after the drop to $31,000 on Tuesday.

Read Original/a>
Author: AnTy

Acer Technologies Targeted In ‘Largest Ever’ Ransomware Attack; Hackers Demand Monero (XMR)

Acer Technologies Targeted In ‘Largest Ever’ Ransomware Attack; Hackers Demand Monero (XMR)

The global computer manufacturer is yet to confirm any attacks.

In what has been dubbed as the ‘largest ransom ever asked for,’ the notorious REvil ransomware gang is reportedly asking for $50 million from the Taiwanese computer manufacturer, Acer. First reported by Tech Radar, the hacking group is asking the amount to be paid in privacy-enabled Monero (XMR) cryptocurrency to decrypt their computers.

According to cybersecurity specialist company Malwarebytes, this is the largest ransom any operator has ever faced. Ransomware attacks involve hackers infiltrating your systems, encrypting valuable/confidential information, and asking for a fee to decrypt the systems.

If the reports are true, the hackers seem to have attacked the company’s back-office systems and not the production line. As of the time of writing, no spokesperson has released any comments from Acer. We will update you on this story as it develops.

The REvil group usually records and keeps the demand letters sent to their victims, especially those that do not cooperate. While the Acer documents are yet to be put up, the hackers blasted the Acer representative who was in touch with them as an “incompetent negotiator.” They asked to be linked with the management or a supervisor in their negotiation.

Monero is gradually becoming the coin of choice for hackers, given its highly private nature. Days before the 2020 U.S. Presidential elections, Donald Trump’s campaign website was hacked with the hackers asking for XRM payments to release the information.

In February this year, KIA Motors hackers asked for $32 million in Bitcoin or Monero in order to decrypt their systems.

Read Original/a>
Author: Lujan Odera

SEC vs Ripple Pretrial Conference Set for Feb; Majority of Customers & XRP Volume Not in the US

Ripple says the action against it is “an attack on the entire crypto industry” and the lawsuit has “affected countless innocent XRP retail holders” that have no connection with the company.

The list of crypto service providers announcing no more support for XRP in light of the SEC suing Ripple and its top two executives now include Coinbase, Bittrex, OKCoin, Crypto.Com, Bitstamp, OSL, Beaxy, Swipe, CrossTower, Stex, Ziglu, Eobot, Sarson Funds, Jump Trading, Galaxy, B2C2, Bitwise, 21Shares, Bitcoin Suisse, Wirex, Simplex, and Grayscale.

An Indonesia-based exchange is also informing its customers of the risk of XRP delisting “in connection with the United States Securities and Exchange Commission (SEC) lawsuit against Ripple Labs, Inc which was deemed to have violated the regulations regarding securities.”

In response to market-wide delisting, Ripple published a statement where it says the “majority of our customers aren’t in the U.S. and overall XRP volume is largely traded outside of the U.S.”

While Ripple will continue to operate and support all products and customers in the U.S. there are “clear rules of the road for using XRP in the UK, Japan, Switzerland, and Singapore,” says the San Francisco-based company.

The company further reiterated that the SEC action against Ripple is “an attack on the entire crypto industry here in the United States.”

This lawsuit has “already affected countless innocent XRP retail holders with no connection to Ripple” and muddled the waters for traders, exchanges, and market makers said the fintech company adding that they will defend themselves and get clarity for the US crypto industry.

Meanwhile, the initial pretrial conference of SEC vs Ripple Labs Inc. is set for February 22nd, 2021.

“The point of this conference is to determine if there is a hope of settling and discovery dates,” said Jesse Hynes, an NJ Attorney.

In this process, the parties will basically learn everything they can about the other side’s facts and get to request documents and take depositions (interviews). “Judge Torres generally sets a 120 day period for fact discovery (which may be shortened if there are exigent circumstances),” said Hynes adding from there, another 45 days are allowed for Expert discovery.

It is after the final pretrial submission date, which is 30 days after, that the trial is set. As such, if case this goes to trial, at best the market is looking at September 5, 2021, “but that is unlikely” because “there are always delays and consents to push back dates and extend discovery.”

So, it will be a long battle that could take years to come to a result. Meanwhile, XRP price is suffering, having fallen to levels not seen since 2017, currently trading around $0.20.

In the meantime, XRP enthusiasts have launched a petition “Granting Ripples (XRP) token as a non security by the SEC” on Change.org. So far, the petition has only got 132 signatures.

Read Original/a>
Author: AnTy

Voyager Crypto Trading App Suffered Cyber Attack; Funds Are Safe And Now Back Online

Voyager Crypto Trading App Suffered Cyber Attack; Funds Are Safe And Now Back Online

On Monday, Voyager Digital announced the decision to switch their system to offline after their servers were compromised. Through a tweet, the firm stated that they were forcefully taking their system offline to secure their users’ accounts.

The firm however assured their customers that no personal details or funds had been compromised by the attackers. The firm also explained that it will take at least 24 hours to fully restore its services via the Voyager app.

The firm also took an opportunity to apologize to its clients and asked them to be patient as their engineers were working to restore the systems. The broker stated that more details will be provided after the full inspection was completed. The firm also stated that customer’s safety was paramount and they took drastic measures to secure them. They stated,

“Voyager would like to thank you for your patience while our system is offline. We detected a threat to our system, and as part of our process and procedures to secure funds and customer information, we promptly shut down the system. We want to reiterate that no funds or personal information were compromised. To ensure the on-going safety of customer funds and information, we anticipate it will take us approximately 24-hours to get the app back online.”

System Back Online

However, by the time of publication, Voyager announced that they had managed to restore the system after a thorough inspection and addressing the possible threats adding that trading has been restored and customers only need to log on again as they had been logged off.

Read Original/a>
Author: Joseph Kibe

DeFi Warp Protocol Losses $7.7 Million in a Flash Loan Attack

Lending protocol, Warp was exploited with a complex flash loan attack for $7.7 million worth of stablecoins. Hacken Club audited the project.

The attack on Thursday allowed the hacker to borrow more than their collateral value resulting in a loss of stablecoin lender funds. Later on Thursday or earlier on Friday, the team took to Twitter to share with the community,

“We are investigating irregular stablecoin loans taken out in the last hour, we recommend that you do not deposit anymore stablecoins until we have clarity on the irregularities.”

Out of the lost $7.7 million, the team plans to recover about $5.5 million that is still “secured in the collateral vault.”

“Upon successful recovery, these will be distributed to users who experienced a loss,” announced the team. Additional plans are also in place to compensate for users’ loss over time, they added.

The decentralized finance project team said they would share a detailed analysis of the attack in the coming days once they have more understanding of the exploit.

Just a day before the attack, the lending protocol that powers a liquidity engine migrated to Warp Finance v2 with a 24 hours grace period. The latest version enabled borrowing for protocol users against LP tokens and be rewarded with the to-be-released governance token WARP.

The TVL of the project has more than halved after the attack. Only $6 million funds are currently locked in the project, down from $17 million, as per DeBank.

Read Original/a>
Author: AnTy

Origin Offers to Hire OUSD Hacker as a Security Consultant in Exchange for the Stolen $7M

Yet another DeFi hack this week.

Matthew Liu, the co-founder of Origin Protocol, confirmed an attack on the Origin Dollar (OUSD) vault.

“OUSD has been hacked, and there has been a loss of user funds. We are actively investigating the issue. We are committed to making things right,” wrote Liu in the official Medium post.

In the attack, the hacker got away with over $3.3 million worth of ETH and 249,822 DAI after having laundered a substantial amount through Tornado.Cash, wBTC, and renBTC.

The team is now asking exchanges to blacklist any transactions from the wallets identified as belonging to the attacker.

“The attack was a reentrancy bug in our contract.

Unfortunately, our contract was safe from reentrancy bugs unless one of our supported stablecoins was attacking us.”

He explained that the attack originated from a contract deployed at Nov-17–2020 at 12:40:56 AM +UTC, which involved a flash loan of 70,000 ETH borrowed from dYdX. It further involves the stablecoin swaps, the minting of 7,500,000 OUSD as intended.

“At this point, the attacker held a little over half of all OUSD in existence”

The attacker basically exploited a missing validation check in mint multiple, minting OUSD with multiple stablecoins, to pass in a fake “stablecoin” under their control, which then called “transferFrom” on by the vault, allowing the hacker to exploit the contract with a reentrancy attack in the middle of the mint.

image1

The attacker was able to create a rebase event inside the second mint after funds had moved to OUSD from the first mint but before the supply of OUSD increased. This created a massive rebase for everyone in the contract, including the attacker. As such, the attacker received their first large OUSD mint, more OUSD than the contract had assets.

The attacker was able to take extra OUSD after withdrawing and selling it on Uniswap and SushiSwap for USDT.

The Origin Protocol team continues to recover the funds and asked the users to stop providing liquidity on SushiSwap, remove their funds, and not indulge in buying or selling OUSD.

The team has also asked the hacker to do the right thing by returning the funds, now that they have “demonstrated your superior skills as a hacker, and we’d happily hire you as a security consultant.”

As a result, the stablecoin pegged to $1.00 has dropped over 85% in value to $0.15.

More than $40 million has been lost in the last month alone in DeFi hacks such as Value DeFi, Akropolis, Harvest Finance, and CheesBank.

Read Original/a>
Author: AnTy

MimbleWimble Privacy Coin, GRIN, Becomes Latest Network to Be Hit With A 51% Attack

GRIN, a mimblewimble protocol-based privacy coin, had become the latest victim of a 51% attack when a group of unknown miners got control of more than 50% of the network’s hashing power.

On November 7th, the network came under attack by an unknown mining group, which was able to gain control of 57.4% of the hashing power.

A 51% attack occurs when more than 50% of the network’s hashing input is controlled by a single entity, which increases the risk of double-spending. As per on-chain data, the unknown miner group managed to reorganize one forked block at 23:17 UTC and since then increased their control on the network to 58.1% by Sunday. Currently, at 58.5%, according to Grinscan.

A tweet from 2Miners on Nov 8th revealed the 51% attack on the GRIN network, where they revealed that currently, they only have 19.1% of the hashing power of the network. The tweet read,

“Grin Network Is Under the 51% Attack! Payouts are stopped. Please mine at your own risk only because the new blocks could be rejected.”

GRIN Token Maintains Its Position in the Market

The news of the 51% attack didn’t really impact the token’s price as it remained a study showing a minimal drop of 1.4% over the past 24 hours.

The more diverse the mining input, the more secure the network, which is proven in the current case. The diverse mining input would ensure that a 51% attack would cost the miners more money than what he would gain in return. For example, the Ethereum Classic (ETC) network has the highest share of 51% attacks where the network experienced three 51% attack in August this year itself.

The miners needed $7,000 per hour to control more than 50% of the mining power; the cost is relatively low when compared to Bitcoin and Ethereum networks; however, it’s significantly higher than the GRIN network. The unknown miner group only required $25 per hour to control more than 50% of the platform’s hash input.

Read Original/a>
Author: Hank Klinger

ESET Discovers Trojan Attack Targeting Cryptocurrency Traders Using Apple’s MacOS

The Internet security firm, ESET, has discovered a new trojan attack targeting crypto traders who use applications from Apple’s macOS.

According to the findings, the malware targets crypto wallets and is integrated with pseudo digital asset trading apps, which can easily be confused for the legit platforms.

Dubbed ‘GMERA,’ and not the first time the malware was used. Researchers from Trend Micro, another cyber sec firm, had come across it back in September 2019 when it had posed as Stockfolio, a Mac-built stock investment app.

Upon digging deeper, ESET researchers found that GMERA operators had integrated the malware with macOS’ Kattana crypto trading application. They then created a replica of the firm’s website to promote four new copycat apps, namely; Trezarus, Licatrade, Cupatrade, and Cointrazer. Notably, these malicious apps direct users to a ZIP archive containing the trojan zed versions, which in turn target crypto wallets once downloaded.

The researchers went on to highlight that anyone who is not very familiar with Kattana’s website can, therefore, easily be compromised:

“For a person who doesn’t know Kattana, the websites do look legitimate.”

The GMERA Malware

To fully understand how it works, ESET researchers analyzed samples from Licatrade whose functionality is pretty similar to the other malware. As per the findings, GMERA installs a shell script on the target’s computer, giving the hackers access to a user’s system through the app.

They then leverage HTTP to create C&C or C2 servers to initiate communication between them and the compromised machine. In doing so, they can steal information such as location, crypto wallets, and screen captures stored in the user’s database. Following these findings, ESET raised the issue with Apple leading to the revokement of Licatrade’s certification.

Also Read: Twitter Hacker Managed to Scam Only 12 Bitcoin After Duping Major Accounts Using ‘Internal Tools’

Read Original/a>
Author: Edwin Munyui

Bitcoin Fork Successfully Prevents a 51% Attack that Could Have Resulted in a $75k Loss

On July 10, the Bitcoin Gold team saw an extremely long attack chain of over 1300 blocks, which have been mined since July 1, 2020, against the BTG network.

As per the announcement, the team has prevented the attack after detecting it early on and alerting the exchanges and mining pools about the potential attack.

The team released a new updated version of the Bitcoin Gold network at block 640,650, the most “honest” block mined by MiningPoolHub before the attack. This update, which wasn’t public knowledge, rejected the attacker’s chain when it was released on Friday.

For the attack, the perpetrator rented hash power on July 1 from NiceHash, a mining service provider, to secretly mine an alternative chain. The chain was mined for ten days and was 1,300 blocks long. On July 10, the secret chain was released by the attacker in an attempt to steal 8,000 BTG worth over $75k.

Now, everyone is required to upgrade their nodes to make sure they are on the honest chain.

“51% attack on BTG defeated by a user-activated soft fork providing a checkpoint and hence explicitly banning the attack chain. Excellent news,” commented Ethereum co-founder Vitalik Buterin. “In PoS, in such cases, the attacker would lose many millions of dollars to slashings/inactivity leak,” he added.

Bitcoin Gold might have successfully stopped a block reorganization attack, but it’s not the first time such a thing happened. The network has a history of reorg attacks, it faced a $70k attack earlier this year and then back in May 2018 lost $18.6 million in a double spent attack.

Read Original/a>
Author: AnTy

Estonia Revokes License of Over 500 Crypto Companies to Curb Money Laundering

European Union member Estonia is now cracking down on cryptocurrency firms to attack money laundering in the country.

Estonia has been in the spotlight for Europe’s biggest money-laundering scandal, about €200 billion were laundered from Denmark’s biggest financial institution Danske Bank’s Estonian branch from 2007-2015. To put it in perspective, in 2017 Estonia’s GDP was €29 billion.

The scandal raises serious questions over the capacity of not only banks but also the government in combating money laundering. Now, the country has set its eyes on crypto businesses that exchange and help hold virtual currencies like bitcoin, reported Bloomberg.

Interestingly, Estonia was among the first in the EU to license these firms in late 2017.

But now, the regulators have stripped more than 500, a third of the total permits this year. According to Madis Reimand, head of the Baltic country’s Financial Intelligence Unit, the decision was made because the regulators are worried these firms are using their local credentials to help commit fraud elsewhere. Reimand told Bloomberg,

“This is a first step in tidying up the market, allowing us to take care of the most urgent issues by permitting operations only for companies that can be subjected to Estonian supervision and coercive measures.”

According to FIU’s annual report released on Thursday, there has been an increase in sectoral risks in 2019 amid “extremely fast” growth in service providers.

Out of the 56 supervisory inspections last year, 34 were of the virtual currency companies suspected of embezzlement of clients and providing financial services abroad without proper authorization.

So far, the crackdown has been those companies that failed to start operations in Estonia within six months of receiving the permit.

They were “probably giving out those permits too easily to God knows what companies,” which were then used to “create credibility for some evil schemes,” said Andre Nomm, a member of the Estonian Financial Supervision Authority’s management board last year.

After warnings from supervisors about the increase in issuance since 2018, parliament has also been enacting stricter licensing rules.

Now, more than half of the remaining 900 cryptocurrencies risk losing their licenses if they have no operations in Estonia.

Read Original/a>
Author: AnTy