New Ripple Scam Targeting Ledger Wallet Users Has Drained Over 1,150,000 XRP ($297k)

Phishing scams targeting crypto users seem to be far from over as per an update by XRP Forensics, which says close to 1,150,000 XRP tokens have been stolen in a new scam. This particular one targeted Ledger wallet users and went to the length of sending security update emails to unsuspecting XRP token holders.

According to the update by XRP Forensics on Nov 5, there has been an uptick in XRP stolen reports, most of which it attributes to this scam. The team which handles analytics on the XRPlorer has since urged the community to stay alert to minimize the attackers’ opportunity window,

“We also see an uptick in reports of stolen XRP as a result of this scam. Stay alert!”

Like in the old phishing scam tricks, the attackers have made a substitute homoglyph of the letter ‘e,’ making the Ledger website wallet appear real on the first interaction. Victims were forced into downloading an update while, in the real sense, the attackers were directing them to the fake website to drain XRP balances in their Ledger wallets.

Despite recent collaborative efforts to stop such attacks, the hackers managed to withdraw all the compromised tokens by sending them to the Bittrex exchange in five transactions. At the time, the exchange could not seize the funds, resulting in the loss of around 1,150,000 XRP tokens from Ledger wallet users. At the time of publishing, that is worth about $297k.

Notably, the hardware wallet provider had fallen victim to a data breach back in July, where the data of around 9,500 clients was compromised. While they acted fast to patch the vulnerability, Ledger had already been exposed to a considerable amount of damage. The hackers now seem to be getting ahead of the game with a combination of phishing scams accompanied by legit-looking emails.

In this case, the attackers circulated an email that resembles official communication from the Ripple team. This information hinted at a community support program and incentive program as part of a financial recovery strategy and over 5 billion XRP tokens up for grabs. However, the catch is that the attackers require users’ wallet addresses and private keys to be registered.

Note: Don’t ever give up your private keys. They are called Private keys for a reason.

XRP has had its fair share of phishing scams, with roughly 6 million XRP being lost in 2019 while this year’s figure stands at 3 million. The firm has attempted to counter this challenge and recently filed a lawsuit against YouTube for not taking action against malicious actors impersonating Ripple CEO Brad Garlinghouse. Going by these stats, XRP tokens appear to be a favorite gem for phishing scammers.

Read Original/a>
Author: Edwin Munyui

Bitcoin Wallet Reveals Wasabi 2.0 With Stronger Privacy Features through WabiSabi Debut

Leading privacy-focused Bitcoin wallet, Wasabi Wallet announces the launch of its long-awaited update, Wasabi Wallet 2.0. The new update is expected to integrate CoinJoin-ed payments on its platform to enhance privacy automatically. According to the statement, the new improvements on Wasabi 2.0 aim at making Bitcoin payments private, faster ad effortless for non-technical users.

In a blog statement by Wasabi Wallet, three key improvements will be implemented on the new updated version – including rewriting the UX design, integrating easy-to-use and automatic UX for CoinJoin enabled payments launch of the WabiSabi protocol. The latter will facilitate faster and more cost-effective transactions on the Wasabi 2.0 wallet, laying the foundation for automatic CoinJoin Bitcoin payments and transactions.

CoinJoin (CJ) is a privacy enhancement method that mixes several Bitcoin transactions into one pool, obscuring the transaction sender’s view and receiving address.

According to the lead developer and co-founder at Wasabi wallet, Adam Ficsor, the new update will allow users to choose between implementing the CoinJoin privacy feature or making transactions on the public chain. Wasabi Wallet 2.0 users will have a selection of privacy targets, including “none, some, high and Snowden,” Ficsor further stated.

Not only will the updated wallet focus on privacy but user-experience as well, the statement reads. The Bitcoin wallet provider will offer an effortless method for novice users allowing automatic CoinJoin payments. It further reads,

“Manual CoinJoining will be a thing of the past or for power users only.”

However, de-anonymizing such transactions on CoinJoin can be easy if the number of transactions in the pool is low. This raises privacy issues that WabiSabi is looking to solve once it launches together with the Wasabi Wallet 2.0 update. According to the statement, WabiSabi will allow users to put in any amount of Bitcoin in the CoinJoin pool – independent from other users – which increases the levels of privacy on CoinJoin.

Ficsor finally stated many users would prefer privacy-enhanced transactions instead of normal wallet transactions despite the CoinnJoin transactions taking some time before being released. Hence the firm’s goals in introducing automatic CoinJoin transactions. He finalized by stating,

“To improve upon these, we’re planning to make CoinJoining automatic by default and build upon the realization that coin control is mostly friction when the user would like to spend conjoined coins, so we should be able to introduce a simple send for that.”

Wasabi 2.0 is expected to launch in the coming six months – with the time interval set anywhere between 3 and 14 months.

Read Original/a>
Author: Lujan Odera

Enel Group Attacked Again by Ransomware, Netwalker Demands for 1234.0238 Bitcoins

According to an update from Bleeping Computer, Enel, a multinational energy firm based in Italy, is facing yet another ransomware attack. Barely five months since the firm neutralized a Snake ransomware attack, a Netwalker has now attacked its systems, touting to have accessed 5TB of Enel’s data. They are demanding to be paid 1234.0238 BTC ($16.3 million at the time of publication) as a ransom to surrender its decryption keys and maintain Enel’s data privacy.

As per the Bleeping computer report, the attacker first shared a ransom note with them; it appeared to be from a Netwalker who had compromised Enel’s data. Notably, Enel is a leading Fortune 500 company and operates in over 40 countries, while its customer outreach is more than 61 million.

Netwalker-Enel-ransom-note (1)
Source; Bleeping Computer

While Enel has yet to comment on the issue, the attackers have shared links to confirm that they have compromised data from the Enel group. So far, Enel has yet to respond to Netwalker, a situation that now appears to be doubling the amount of ransom. The attackers are now asking for 1234.0238 BTC to give Enel access to the decryptor; something they say must be bought.

Nonetheless, the Netwalker attackers have communicated with the Enel group as per a recent post on Enel’s support chat.

“Hello, Enel. Don’t be afraid to write to us. Tomorrow we will make a blog post about you or start looking for good hands for your files.”

Meanwhile, they have shown that they are willing to leak Enel’s data if their demands are not met. The Netwalker has already released a screenshot of Enel’s unencrypted data, threatening to make it public and analyze further for ‘interesting things.’

As the crypto industry grows, attackers have found a ‘favorite’ in privacy coins like Monero while others don’t go past Bitcoin. Recent months have seen multiple malicious players demand ransom in BTC, one of the latest attacks on Argentina’s immigration office where the hackers demanded $4 million in BTC.

Read Original/a>
Author: Edwin Munyui

Decentralized Exchange IDEX Launches v2.0 With A Heavy Focus on Enhancing User Experience

IDEX has launched a new update called IDEX 2.O promising to enhance user experience on decentralized exchanges (DEX) amid growing popularity and users. The hype around defi (decentralized finance) in 2020 has propelled DEX’s to the forefront of discussions.

IDEX 2.0 is solely focused on improving the user interface and how consumers interact with DEX’s. While decentralized exchanges have been in the game for quite some time, centralized exchanges (CEX) have garnered all the attention and transaction volume.

IDEX is promising to bridge the gap between centralized and decentralized exchanges for users. Among the prominent changes that come with the version, 2.0 include front-running and failed-transactions. Failed transactions have been the biggest Achilles heel for the DEX. With IDEX 2.0, users won’t have to sacrifice the ease of maintaining and using truly decentralized platforms.

Alex Wearn, the IDEX CEO, addressed the issues which have plagued and limited the reach of decentralized exchanges and said,

“Decentralized exchanges put the users ‘closer’ to the blockchain. This means that they have to deal with some of the shortcomings of blockchains themselves.

In particular, this could include things like long wait times for transaction and trade execution. The open nature also exposes users to issues like front-running and trade failures.”

IDEX 2.0 promises to improve on this concerning issue and offer several improvements over the existing systems. Some of the key features include,

  • Frictionless onboarding, if you’ve traded on any centralized exchange, then you will know how to use IDEX 2.0
  • Instant trade execution
  • Front-running protection
  • Guaranteed trade settlement
  • Private order books
  • Capacity for thousands of users and hundreds of thousands of orders per second

DEX Protocols Have Highest Transaction Failure Rates

Uniswap, one of the most popular DEX’s which has seen a significant bump in the transaction volume; in fact, it has generated more volume than many mainstream centralized exchanges on several occasions. Despite such heightened popularity and user growth, Uniswap has also registered significantly higher translation failure rates.

As per a report published by Dex Tokenlon, Uniswap registered a whopping 22%+ failure rates during the peak trading hours as of the first couple of weeks in September. While the success of defi has been quite unprecedented, so was the transaction failure rate. This could prove to be one of the biggest points of frustration for active users and traders and, in many cases, turn away the new users.

Apart from Uniswap, many other popular Dex has registered similar failure rates, and in many cases, a defer rate of 10%. IDEX, in its report, noted that these DEX are required to “keep order matching and execution off-chain, guaranteeing successful trades all while keeping the user in control of their assets.”

Read Original/a>
Author: James W

Love it or Hate it, UNI Token Stands to Benefit from Uniswap’s Evolution

After releasing the UNI token as part of Uniswap V3, the first update for Uniswap V3 has been made on Github. It might say “trigger a new major release,” but for now, it just seems to be a tease with an IPFS deployment release.

Amidst the growing hype around Uniswap V3, such teases only push the market sentiments towards excitement, which in the DeFi world doesn’t take much to turn into euphoria.

For now, the UNI token is trading at $5.17, still in the green by 6.14%, slowly uptrending towards its ATH of over $8.

Today, with Ethereum Layer 2 solution Ethereum Optimism entering the first phase of its testament launch, Uniswap has announced itself as the early adopter, along with Synthetix and Chainlink.

Additionally, Mask Network rolled out a widget that lets users trade tokens on the biggest decentralized exchange (DEX) by volume, through its Twitter extension. The aim is to make it easier for Web 2 users to migrate to Web 3 apps.

The Question of Decentralization

The top DeFi project, with nearly $2 billion in deposits, is gaining a lot of attention these days thanks to its governance token, which was airdropped to its early adopters.

But not all of its is good; as we reported, there have been questions on the regulatory nature of the UNI token, which is also allocated to team members, advisors, and investors — Uniswap raised $11 million in a Series A round led by Andreessen Horowitz along with USV, Paradigm, Version One, Variant, Parafi Capital, SV Angel, and A.Capital.

At the time, it has been said the resources will be used to build Uniswap V3, which will “dramatically increase the flexibility and capital efficiency of the protocol.”

Besides the legal nature, the latest report from Glassnode also took a stab at the decentralized nature of the token launch, which raised a few questions.

“With the launch of its UNI token, Uniswap has branded itself as “decentralized,” but it still has a long way to go to reach this point. By giving itself a skeleton key to the protocol, Uniswap has (at least in the near term) sacrificed decentralization for the sake of control,” noted Glassnode.

But the crypto data provider also noted that the decision was “almost certainly” made with the protocol’s best interests at heart. Moreover, the control will gradually transition to the community.

“Despite the team’s lack of transparency and somewhat deceptive marketing, the UNI token remains a strong and likely extremely valuable asset,” combined with Uniswap’s impressive growth, V3 deployment in the pipeline, and activation of fee switch that will enable UNI holders to earn a portion of trading fees.

Read Original/a>
Author: AnTy

Twitter Hackers Accessed 36 DM’s From Compromised Accounts in Large Scale Bitcoin Scam

Twitter has released an update following last week’s hack, which saw over 100 accounts compromised. The social media giant confirmed on July 22 that the hackers accessed the direct messages of some of these exposed accounts. Some notable mentions include Geert Wilders, an elected official in the Netherlands, and Coindesk’s.

“We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including one elected official in the Netherlands. To date, we do not indicate that any other former or current elected official had their DMs accessed.”

They were, however, keen to highlight there are no indications that any other former or current public officials, some sort of relief given Joe Biden and Barack Obama’s accounts were among the compromised. Nonetheless, Twitter has found itself at a tricky position in the past week, this new development following a review of the 130 accounts might just be the beginning of more frequent updates before the platform fully recovers from the recent hack.

The firm is communicating with the account owners that were exposed, with some yet to gain back access to their accounts. Notably, these hackers who scammed $120,000 worth of Bitcoin from tweeting with 45 of the accounts also downloaded the archive twitter data of 8 accounts, including Coindesk’s.

Jitters are now emerging from stakeholders, including federal lawmakers on Twitter’s security practices. The firm’s DMs have previously been faulted as below standard when it comes to encryption. However, it’s not clear whether the hackers got inbox access directly via the compromised administrative tool. With the FBI and other agencies now on the case, things might develop faster than we thought!

Read Original/a>
Author: Edwin Munyui

EOS’s Voice Goes Live; Ethereum Co-founder has ‘Regrets’ & Cardano Creator Feels Rivals Getting ‘Worried’

Today, Voice is officially live.

Salah Michael Zalatimo, CEO at Voice posted an update that starting July 4, 2020, registered community members can publish while everyone can read the posts.

The company was preparing for a “big reveal in the fall—but things changed,” wrote Zalatimo. And now they decided to open their platform and invite the community to be part of the building process on which they have been working on for months.

Beginning August 15th, everyone that is already registered will be able to invite their friends to join Voice and in fall, a variety of features will be released.

“This global moment has fully exposed the corrupt social spaces created by Big Tech. It’s time to break away and put humans first,” reads the post.

Brief Early Release

EOSIO-based social media platform Voice developed by Block.one, the company behind the cryptocurrency EOS briefly went live yesterday before its scheduled launch.

First revealed in June 2019, Voice temporarily started displaying several posts with multiple likes and comments only to flash ‘Error 1020’ later on.

Cardano creator and CEO of IOHK, Charles Hoskinson took to Twitter to share his views as to the reason behind this temporary early release.

One Cardano enthusiast echoed Hoskinson’s sentiments pointing to Ethereum co-founder Vitalik Buterin talking about handling Ether’s creation differently had he done it now. Hoskinson also co-founded Ethereum.

“Definitely a lot of regrets and wasted time,” he said on “Hashing it Out” podcast about all the time taking in sharding and proof-of-stake.

“We definitely did kind of underestimate how much time it would take to finish a lot of the things that we didn’t start back in 2015,” he said.

In the past two-days, IOHK’s Cardano has released a number of big announcements that have seen the price of ADA surge 20% and 193% YTD. These gains have the cryptocurrency climbing to the 6th spot, as per Messari.

Yesterday, it was also announced that IOHK has signed an agreement with Coinbase Custody, and from Q4 2020, users can take their ADA right from Coinbase’s cold storage. Staking rewards will be coming to Cardano in mid-August.

It won’t’ be a surprise if ADA will also be listed on the US-based cryptocurrency exchange soon.

Read Original/a>
Author: AnTy

BTCPay Server Update Streamlines Refund Process; Adds Notification for Payment Status

The open-source bitcoin payment server BTCPay Server introduced a new system update called Update 1.0.5 on Friday. The updated aim is to ease the interaction between the server and the merchant. This update would make it easier for the merchants to manage their crypto transactions on their website.

The latest update brings a set of new features, including notifications, pull payment, and refunds, along with a few upgrades to the wallet. The BTCPay Server was launched back in 2017 and helped merchants in processing their bitcoin transactions. It also kept all the invoices organized for the owner. The server also has a native wallet that can be used to store bitcoins.

The most talked-about feature of the update is the refund, which streamlines the otherwise quite cluttered process of re-issuing of coins. The update feature would allow merchants to decide a certain amount of bitcoin that can be pulled from the escrow. Before the update, merchants had to manually authorize the payment, where the sender and receiver had no common platform to connect onto, which made the process complex and challenging.

With the new update, merchants won’t have to send and receive numerous messages as the process is automated, where the refund is generated via invoices without the need for any formal communication between the two parties.

The other notable feature is notifications, which comes with an API integration option and allows merchants to monitor their payment status, whether it is confirmed or not. It would also include the status of partial payment and many other similar payments related notifications. All of these will be managed through a dedicated notification page.

Read Original/a>
Author: James W

Cardano Successfully Tests Ouroboros BFT on the Bryon Testnet, Ready for Deployment

  • Cardano reaches the “important” step of OBFT update as it moves towards the Shelley era
  • This protocol update is the bridge for the currently in use Ouroboros Classic to Ouroboros Genesis, which will power the Shelley era
  • Network fundamentals on a steady rise, the number of daily active addresses reaches a peak of 9.76K

On Feb. 20th, Ouroboros will be updated on the Byron mainnet to Ouroboros BFT, stated IOHK while sharing the latest developments. It’s been more than 18 months since the IOHK has been building a new architectural foundation for the Shelley era on the mainnet.

As the network moves towards the Shelley era, they have reached a “really important” step that is the OBFT update, Ouroboros Byzantine Fault Tolerance. This hard fork will basically act as a bridge between Ouroboros Classic, which is currently in use on the Byron mainnet, to Ouroboros Genesis, which will power the Shelley era.

Exciting Months Ahead

Ouroboros is the consensus protocol, “the algorithm that sits behind Cardano’s capability as a decentralized proof-of-stake platform.” Ouroboros BFT has been implemented as a bridge by the developers as a “stepping stone in compatibility (…) to enable the evolution of Cardano on the Byron era, with its federated blockchain, to the decentralized Shelley era.”

Ouroboros BFT has been successfully tested on the Byron testnet and the team has announced that it’s time to deploy on the Byron mainnet. The deployment will be on Feb. 20th which the team says is “a really positive next step in the development of the Cardano platform.”

For the ADA holders, they don’t need to do anything as the update will happen behind the scenes and there will be no change to the coin, wallet, or exchange account or even if you have been involved with a Shelley incentivized Testnet, you won’t’ be affected in any way, shared the team on Wednesday.

The next few months will be “exciting” ones for the Cardano community as the network continues to evolve.

Fundamentals on the Rise

In other news, the fundamentals of the Cardano network are also on the rise. The network activity has been seeing a rise with the number of daily active addresses reaching its all-time high (ATH) at nearly 10,000 on Feb. 12. This has been an increase of over 300% since January 1st, 2020.

The active address ratio has surged 231% from the beginning of the year, up from 0.58% on Jan.1 to 1.93% earlier this week.

Additionally, the number of transactions on the network has also seen a spike, recording an average of just above 3600 transactions daily. At the beginning of the year, the transactions were down at 1,000 but it has now jumped above 4,200.

In terms of price, ADA is currently trading at $0.0624, up 85% in 2020 so far.

Read Original/a>
Author: AnTy

Ethereum Muir Glacier Update: Parity Upgrade Alert Due to Attack, 75.7% of Node Operators Ready

  • Those running Parity nodes are asked to update their clients “ASAP”
  • 75.7% of the node operators are ready for Muir Glacier
  • Down 92% from ATH, it is still one of the best performers of the decade, with nearly 18,000% gains

Just a day before Ethereum’s latest and unexpected network upgrade Muir Glacier, Ethereum client Parity came under attack.

Parity Ethereum took to Twitter to announce that on investigating the reports of some of the Parity Ethereum nodes not syncing, they came to believe there may be an attack underway.

Reportedly, valid blocks with manipulated directions, added or replaced, caused the client to stall, according to GitHub. Sergio Demian Lerner, a cryptocurrency security consultant, explained:

“The attack is simple: you send to a Parity node a block with invalid transactions, but valid header (borrowed from another block). The node will mark the block header as invalid and ban this block header forever but the header is still valid.”

New versions v2.6.8-beta & v2.5.13-stable have been released that will protect against this attack. As per this upgrade,

“Make sure to not mark block header hash as invalid if only the body is wrong.”

Those running Parity nodes are asked to update their clients “ASAP.”

Parties involved were already unhappy with the situation as Ethereum chose New Year’s Day for the upgrade. And now Parity underwent an attack.

Moreover, currently, 75.7% of the node operators are ready for Muir Glacier, as per Ethernodes.org.

Binance however, has announced its support for the ETH Muir Glacier upgrade. Because of which, deposits and withdrawals of ETH will be suspended.

When it comes to mining pools, only one, Ethermine is ready while the rest Sparkpool, F2Pool, Nanopool, Zhizhu, and MiningPoolHub still showing ‘no information’.

Earlier this month, the Ethereum network has its Istanbul upgrade and now they are ready for another. Ethereum was forced to have another update (EIP-2387) in less than a month due to a mistake and to delay the difficulty bomb feature that will slow down the Ice Age by about 611 days.

2020 to be the year of Ethereum?

The second-largest cryptocurrency by market cap is currently trading at $131, down 92% from its all-time high of $1,570. Ethereum’s 2019 performance surely has turned negative by 3.50% but it is still one of the best performers of the decade, with nearly 18,000% gains.

For the next year, Ethereum might be in for some good time as it might have hit the bottom.

Trader Crypto Michaël also sees 2020 a good year for Ether as he says, “Each massive breakout of ETH in January showed a significant move.”

Historically, he says Q1 of the year has been a great period for altcoins and their dominance bottoming. So “Let’s rock in Q1 2020!”

Read Original/a>
Author: AnTy