Bitcoin Stolen in 2016 $72 Million Bitfinex Hack Moving

Some of the stolen BTC during the $72 million hack of crypto exchange Bitfinex in 2016 has been just moved.

Whale Alert that tracks large movements of top cryptocurrencies reported that 28.3 BTC worth more than $255k has been moved to an unknown wallet.

Four years back, Bitfinex lost 120,000 BTC worth $72 million, when the price of bitcoin was about $600. Today, with each BTC at $9,160, this stash is now worth more than $1 billion.

This isn’t the first time that these hackers are moving their funds. Back in June, last year about 185 BTC were transferred to unknown addresses, at that time BTC price was up over 60% YTD at around $10,000. Then in August, 30 BTC were also moved.

Now, just as happens with large transfers, the crypto community fears the worst.

One twitter user said, “If btc does not crash to sub 4k in 1 month, I’ll delete my twitter.”

Large amounts of Bitcoin on the move surely affects the price as happened on May 10. The BTC price fell about 16% that day after a large deposit took place on Gemini; but that deposit was “abnormally” large at 2,500 BTC unlike just over 28 BTC.

Such kind of big deposits result in heightened activity on the exchange where they were made but also triggers market sell on other exchanges as well. This causes a significant increase in trade volume across all exchanges, resulting in a drop in Bitcoin’s price.

However, at times, relatively small and few orders can also have a significant impact on liquidity across many major exchanges.

Just this week, there was speculation led sell-off that resulted in a brief decline of about 7% in BTC price.

It was after Whale Alert reported that 50 Bitcoin had been moved from a wallet dormant since February 2009. Whale Alert suggested it might have been bitcoin’s pseudo-anonymous creator Satoshi Nakamoto who moved the coins, triggering the panic among the market, but as we reported it was very unlikely.

Read Original/a>
Author: AnTy

The Largest DeFi Hack: dForce Engaging with the Attacker For The $25M In Stolen Funds

In the largest decentralized finance (DeFi) hack so far, $25 million were drained from the dForce smart contract.

On April 19, Lendf.Me, the lending protocol in the Multicoin Capital-backed network dForce was attacked. As per the company’s report, they became aware of the breach at 9:15 am (UTC+8) and temporarily paused Lendf.Me and USDx.

The hackers exploited a weakness with a mix of using ERC777 tokens and DeFi smart contract to secure the reentry attack. In this attack, 99.9% of dForce’s funds have been lost which also includes the funds of the co-founder himself.

Source: DeFiPulse

Mindao YANG, Founder of dForce and founding partner of Blockpower Capital wrote,

“The callback mechanism enabled the hacker to supply and withdraw ERC777 tokens repeatedly before the balance was updated.”

According to Yang, they have been contacted by the hacker/s and wish to hash this out with them. They have also reached out to exchanges to help find and blacklist the addresses belonging to the hackers.

dForce wasn’t the only one, a day before that, DeFi platform Uniswap was also attacked by a hacker where the attacker exploited the vulnerability to drain the Uniswap liquidity pool of ETH-imBTC (of about $1,278 ETH worth $228k).

Amount loss of various assets in this incident

Part of these stolen funds have already made their way to other DeFi projects like Compound Finance and are being sold for other crypto assets.

Currently, there is an exchange going on between the hacker and dForce. The dForce attacker also sent $126k in PAX back to the project’s admin account with a “better future” memo and dForce has also reached out with their contact email. Victims are also sending $0 transactions to the attacker pleading with them to return their funds.

dForce was also accused of shipping its code from Compound Finance and with this trend continuing to accelerate, it warrants increased focus and funds directed towards their security.

Yet another DeFi hack is raising questions on the resilience of these projects and the DeFi sector, also these so-called “decentralized” projects’ ability to pause their networks. However, Melody He, co-founder, and partner at crypto hedge fund The Spartan Group says,

“The Dao didn’t kill Ethereum, Parity hack didn’t stop Polkadot, this incident will not be hope lost for Defi. But we have to acknowledge Defi is far away from deserving mainstream adoption.”

Read Original/a>
Author: AnTy

IOTA Urges Users To Use New Seed Migration Tool After Trinity Wallet Hack

Following IOTA’s recent hack on its Trinity Wallet, the development team is urging the users to protect their wallets by changing their passwords and implementing a secure way for users to protect their funds. Here’s how.

One of the most highlighted news stories in the past month is the hack that happened on IOTA’s top wallets on Trinity, raising concerns on the overall security of funds in the crypto industry. The hack, which compromised a number of wallets, as reported by Iota Foundation. The official tweet read,

While fears of the hack spread to mobile based Trinity wallets and desktop wallets as well, the Foundation confirms only the desktop wallets were compromised calling everyone who used their Trinity wallet to take necessary steps to secure their wallets.

Hardware wallet users have nothing to worry about at the moment but the team calls on users to switch their passwords for extra security.

Securing your IOTA trinity wallet

According to the post mortem carried out on the nature of the hack, the compromise started on the MoonPay feature that allows users to buy IOTA on the desktop wallet. The breach allowed the hackers to obtain private keys on the wallets hence allowing the stealing of funds.

In order to secure the wallet from the breaches, password changes are not the only security measure the Foundation proposes. Users are urged to upgrade to the new patch developed to protect themselves, as the new patch does not include the MoonPay feature. The users will need to acquire new passphrases (seeds), an 81 character keys that hold the IOTA tokens on the Tangle coordinator.

The IOTA protocol will be reopened once the new tool is launched.

Read Original/a>
Author: Lujan Odera

Alleged Binance Hacker Reappears And Makes Claims of a New Wave of Data Leaks Coming Soon

It looks like the hacker allegedly behind the Binance data hack is ready to unveil more leaked information soon. On a recent tweet, the criminal nicknamed only as Bnatov Platon, affirmed that he was only warming up and that there was a lot more to come yet.

The cybercriminal also published an outline of the Know Your Customer process of the company and included some Telegram records to prove that he had the information. He did not give any timeframe for the release of any other possible leaks, though.

At the moment, however, there is simply no evidence that the hacker actually has the images that he claims on his hands. The hacking of the exchange happened at the beginning of August, but Binance denies that any information was actually taken.

According to the company, the hacker was unable to access any of the data, so what was posted online was fake. The exchange is still during its investigations, though, so the issue is still not ended. The only official statement is that no evidence shows that the hacker may have invaded the KYC images, especially because the leaked images lack the Binance watermark.

The exchange also highlighted that all the images are dated from February 2018 and that this was around the time in which the company hired a third-party to handle KYC. This means that the third-party may have been hacked instead of the company.

At the moment, we can only wait before we determine if the alleged hacker will indeed have some more material or if the information of Binance’s clients is protected.

Read Original/a>
Author: Bitcoin Exchange Guide News Team

Mt. Gox Founder Jed McCaleb Stands Accused of Misrepresentation in New Lawsuit

Mt. Gox Founder Jed McCaleb Stands Accused of Misrepresentation in New Lawsuit
  • Mt. Gox filed for bankruptcy in 2014 after a hack worth millions of dollars.
  • Two former traders are going after the former CEO for misrepresenting the issues faced by the exchange.

Mt. Gox is one of the most notable failures in the cryptocurrency industry, and the troubles were thought to be over a long time ago. However, for the founder, the troubles are still present. Jed McCaleb is now being faced with a lawsuit, based on his mishandling of the exchange.

Reports from CoinDesk confirm that that the legal action was filed on May 19th by Joseph Jones and Peter Steinmetz, adding that the former CEO knew about the “serious security risks” imposed on the exchange at the end of 2010 and the beginning of 2011.

The lawsuit was filed by two former traders of Mt. Gox, who say that McCaleb was not truthful about the financial situation of Mt. Gox after the hack occurred. The court filing said that the defendants were made aware of the risks that Mt. Gox took that let hackers get into the exchange in the first place. The filing adds:

“Rather than secure the exchange, McCaleb sold a large portion of his interest in the then sole proprietorship and provided avenues to the purchasers to cover-up the security concerns at the time without ever informing or disclosing these issues to the public.”

Towards the end of 2011, Mt. Gox was the largest Bitcoin exchange for their trading volume when it was hacked. The attack took 850,000 Bitcoin with it, which was valued at $400 million at the time.

However, this theft was preceded by a missing 80,000 Bitcoin on the exchange, which was not as highly publicized. As a result, the exchange ended up shutting down all trading operations by 2014 when it filed bankruptcy. At the time, Steinmetz said that he personally owned 43,000.

The complaint claims that McCaleb decided to sell most of his interest in Mt. Gox to Mark Karpeles, rather than have the publicity around the lack of refund to users. Court documents indicate that Karpeles was placed in charge of the exchange in 2011 and happened to hold 88% of the shares for the exchange.

In comparison, McCaleb only held 12%. He was charged with data manipulation in the exchange, prosecuted in the courts in Japan, and found guilty.

Despite being eight years since the hack, there are still creditors of the exchange that are working to get back the funds that they lost. However, the trustee of the exchange was ultimately accused of taking the wrong steps when they liquidated the assets, even extending the deadline in April to continue their efforts.

McCaleb appears to be doing rather well for himself at the moment. After all, he ended up founding Ripple, and he co-founded Stellar, which are both flourishing. Unfortunately, no matter the progress that he has made since the travesty of Mt. Gox, these problems seem to keep following him.

Read Original/a>
Author: Krystle M

As Cryptopia’s Bankruptcy Proceeds, Hacked Users’ Funds May Not Be Reimbursed Completely

As Cryptopia's Bankruptcy Proceeds, Hacked Users’ Funds May Not Be Reimbursed Completely
  • Cryptopia’s January hack has led the company to pursue bankruptcy proceedings.
  • Issues in the security of the exchange may point to a greater problem in the cryptocurrency industry.

Cryptopia has had a really rough year. In January, the exchange was hacked, losing millions of dollars before the exchange cut off customers from their withdrawals. The company worked hard to try and bring their platform back to consumers in March, but ultimately had to shut down when the relaunch was unsuccessful.

The proceedings for their bankruptcy case began a few weeks ago, and the liquidators are already running into trouble.

The former New Zealand exchange had made creditors hopeful that they would see their funds again as the bankruptcy commences. However, that optimism has not lasted, as the Grant Thornton auditing and liquidation firm has revealed that the entire process will end up taking “some months at least.”

Executive David Ruscoe of Grant Thornton added that the firm plans to “conduct a thorough investigation,” adding that they will be collaborating with multiple stakeholders, members of management, and shareholders for a satisfactory solution. Even in the last week alone, there has been new information discovered, which is why it is so necessary to continue with the wait for the firm to continue their research.

Even though the company has already stated which crypto wallets were responsible for holding most of the funds that were stolen, the actual hackers are difficult to figure out. Furthermore, actually figuring out which customers are owed the funds that the firm finds is becoming even more difficult. Looking at the filing on May 24th, which was processed through the Bankruptcy Court in the Southern District of New York (SDNY), shows that the liquidators have no idea which customers should be given the funds they find.

With the filing for the emergency provisional relief, the court first needs to issue an order that would preserve an SQL database, which is presently being held in Arizona.

While the information in this database has a lot of necessary details for reconciliation, the company that hosts it publicly ended their relationship with Cryptopia during their difficulties, which is why an order from the court is crucial. In fact, Grant Thornton has already said that the reconciliation of the funds and the distribution to users simply cannot be achieved without the data.

Speaking with Cointelegraph, Pauline Shangett from ChangeNOW said that the cryptocurrency market is young, and the traditional legal system just is not set up to deal with it yet. Shangett believes that there’s two solutions that could be implemented –

“Either the space moves on to being fully decentralized and self-regulated, or it adopts the best practices of regulators. The former might lead to anarchy as cases like Cryptopia’s have a chance to happen again, which would hinder mass adoption.”

With all of the chaos that Cryptopia has come against, there’s more of a sense of urgency for legal entities to get involved in fraud causes in the industry. CEO Kamil Gorski of Blockhunters pointed out that there is plenty of tools that exchanges could implement in a way that will prevent the hacks from happening, but “there’s no obligation to use them.”

Those tools can include ways to track the funds that have been stolen, protocols that would stop payouts if something triggers it, and even ways to track bugs. Essentially, Gorski believes that that the only lesson learned here is that “this approach can end up biting them, and more importantly their users, in the a–.”

With such a lazy attitude towards security creates a problem that just leaves investors unprotected, when it would not take much to implement. Still, by lacking protection, the fault comes back on Cryptopia when the hacks occur. No amount of avoidance can help Cryptopia to escape the fact that the money will have to come from themselves.

The majority of the funds stolen in this circumstance has come from American users, which means that the SDNY could end up getting involved in the reconciliation. However, the fact that a company from New Zealand is largely profiting from predominantly Americans is a reason to be a little concerned about how the crypto industry works.

A crypto commentator named Stephen Palley even said that the purpose of a Chapter 15 bankruptcy would be to rope in the US bankruptcy court in an effort to:

“give effect to a foreign bk/liquidation proceeding.”

It also lets the courts issue an order with the database provider in Arizona to hold on to the information that they need, which was the purpose of hiring Grant Thornton in the case.

As the drama continues to unfold, it is clear that the problems that Cryptopia faces are indicative of much bigger problems in the cryptocurrency space. The regulation in the space has been the biggest focus of the market for so long, but perhaps the necessity for clearer security requirements needs to be pushed to the forefront.

Read Original/a>
Author: Krystle M