Please Do Not Store Crypto on Any Exchange, Warns CEO of Major Crypto Exchange Kraken

Jesse Powell, the CEO of a major crypto exchange Kraken, warned users of digital assets to not store funds on trading platforms.

 

The warning of Powell follows a high profile security breach suffered by Cryptopia, a New Zealand-based crypto exchange known for its listing of a wide range of small market cap tokens.

Why Investors Shouldn’t Hold Crypto on Exchanges

Any application or platform connected to the internet by nature is hackable. In essence, centrally operated crypto exchanges are similar to banks in that they hold the private keys and funds of users.

If a hacker gains access into the central servers or internal management system of an exchange, the hacker can steal user funds, private information, and financial data.

As Powell said, a more secure way of storing cryptocurrencies is in a hardware wallet or a non-custodial wallet that allows users to manage their own private keys.

“Please do not store more coins on an exchange (including @krakenfx) than you need to actively trade. Use Ledger or Trezor. DEXes are not a panacea — look at the DAO. Open source just means exploits will be discovered sooner (probably not by good guys),” he noted.

Some experts have argued that major centralized exchanges can be safer for casual or beginner crypto users because it is possible for new users to mismanage private keys and sensitive data.

ledger
Kraken CEO Jesse Powell has advised crypto adopters to store their coins in offline hardware wallets like Ledger, pictured above. 

Well regulated cryptocurrency exchanges like Gemini, for example, have insurers in place that are able to reimburse investors in an unlikely event of a security breach or a hacking attack.

In October, Gemini revealed that it obtained insurance coverage from Aon, one of the largest insurance service providers in Europe.

In light of recent hacking attacks on cryptocurrency exchanges, certain markets including South Korea have requested trading platforms to obtain insurance to protect investors and their capital.

Centralized crypto exchanges are still vulnerable to security breaches and it is difficult to have all of the user funds insured by insurance companies.

The risk in storing crypto in a hardware wallet or a non-custodial wallet is the lack of presence of a company or a representative that could help an investor recoup funds in an event that a private key is lost.

But, the responsibility is fully on the investor to securely manage funds and back up wallets on a regular basis and as long as the wallet is well maintained, there exists no possibility of a security breach.

Cryptopia Situation

The Cryptopia hack, which prompted Kraken CEO Jesse Powell to ask investors to avoid storing funds on an exchange, is currently being investigated by the New Zealand police.

In an official announcement, the New Zealand police said:

A significant value of crypto-currency may be involved and Police are taking this very seriously. We are currently talking to the company to gain a further understanding of what has occurred. A dedicated investigation team is being established in Christchurch including specialist police staff with expertise in this area.

It remains uncertain whether the exchange will be able to reimburse every investor affected by the hack.


Source
Author: JOSEPH YOUNG
Image Credit
Image Credit

Crypto exchange Cryptopia hacked, potentially $3.6 million ETH and CENNZ lost – latest

New Zealand-based cryptocurrency exchange Cryptopia has announced it has “suffered a security breach which resulted in significant losses.” The exchange is currently offline as they work with police to investigate the hack.

Cryptopia is a leading digital asset exchange in New Zealand with over two million users.

The first tweet that Cryptopia sent out regarding this outage came at 06:55 UTC on January 14th, although at that time Cryptopia did not explain the reason for the “unscheduled maintenance”:

However, at 08:00 UTC on January 15th, Cryptopia did finally announce via Twitter that it had been hacked the day before, that it had alerted New Zealand Police, and that it had gone into maintenance mode (with all trading suspended):


Whale Alert, which tracks large crypto transactions live, on Saturday indicated that 19,391 in ETH worth $2.4 million and around 48 million centrality (CENNZ) tokens worth about $1.2 million were transferred from Cryptopia to unknown wallets on the 13th January:

It remains unclear whether these funds were moved by the hacker or by the exchange.


Source
Author: Team Crypto Review
Image Credit

Fake Mobile Cryptocurrency Wallet Apps Found on Google Play Store

A recent discovery shows the presence of phony cryptocurrency wallets found on the Google Play Store. The fight against malicious apps seems not to be ending any time soon.

 

Fake Wallets: The Latest Scheme by Cryptocurrency Thieves

According to The Next Web, European cybersecurity researcher, Lukas Stefanko, discovered that four fake virtual currency apps claimed to offer wallet services for NEO, MetaMask, and Tether.

Further findings by Stefanko revealed that the fake apps divided into two groups – phishing and plain counterfeit wallets. The fake MetaMask app fell into the phishing category. After the user installs the fake app, it would request for the user’s sensitive details such as private keys and wallet password. Provision of these details would cost the victim his/her virtual coins.

A screenshot by Stefanko showed that the fake MetaMask app had over 500 downloads and a 2.8-star rating by 48 reviewers. The real MetaMask app, however, does not have any app on the Google Play Store but is a web browser extension for Mozilla Firefox, Google Chrome, and Opera.

In contrast, the other group consists of fake wallets, and this is the category into which the other three fake wallets fall. Two of them masqueraded as NEO wallets, while the third pretended to be a wallet for Tether.

The fake apps display the scammer’s public address without access to the private key for the user, as the scammer owns the private key. Any cryptocurrency fund deposited into the fake wallet directly goes to the attacker’s wallet. The user cannot withdraw funds because he/she does not possess the private key.

Furthermore, research showed that the scammers used AppyBuilder, a drag and drop mobile app builder platform, to create the fake apps. Anyone can use the app builder, as coding skill is not a requirement. The number of scammed victims cannot is unclear. Google has, however, removed the fake wallets from its Play Store.

Tech Companies Going Hard on Cryptocurrency

Recently reported was the presence of a fake EOS wallet on Google Play Store. This was the latest attempt by hackers to steal funds from unsuspecting victims. A Brazilian developer company discovered and reported the malicious app to Google who promptly removed the app.

In August, there was also a report another scam app on the Android Google Play Store. Victims paid $390 to an app that called itself “Ethereum,” that claimed to sell one Ethereum for the exorbitant amount. What they got was a picture of the Ethereum logo.

In Q3 of 2018, Google announced the ban of mobile virtual currency mining from Play Store. This was in addition to its earlier mining script ban.

The American tech giant, Apple Inc., also updated its developer guidelines. Part of the new rules banned iPhone users from mining cryptocurrency.


Source
Author:  Osato Avan-Nomayo
Image Credit

Crypto Exchange Lost $500,000 Due to AurumCoin 51% Attack

A little-known cryptocurrency called AurumCoin (AU) has claimed that it was hit by 51 percent attack, and crypto exchange Cryptopia, where the cryptocurrency is listed, lost 15,752.26 AU (approx. $550,000 at the time of writing this article). However, the cryptocurrency has shifted the blame on Cryptopia. On AurumCoin’s website, it has claimed that it is not responsible to anyone since it is an open-source distributed currency. Cryptopia, on the other hand, has not yet acknowledged any loss.

AurumCoin Claims to Have Suffered 51 Percent Attack

AurumCoin (AU) is purportedly a gold-backed cryptocurrency, where each token is pegged to the value of pure 24K gold. AurumCoin claims to back each AU with 0.75 grams of gold stored in secure vaults worldwide. It has been running its own blockchain since 2014, where AU is mineable (despite its supposed gold peg) with a hard cap of 300,000 coins.

Also, the price of AU has not seen any stability that would expected out of a truly gold-backed cryptocurrency. AurumCoin (AU) is currently priced at $35.01, up by 72 percent in the last 24 hours. In the past week alone, AU shot up by nearly 400 percent from $9.50 to its current price.

What is a 51 Percent attack?

crypto exchange double spend attack

A 51 percent attack is when a hacker is able to take control over a crypto network with more than 51 percent of its hash rate. It would give them the authority to control transactions, including stopping new transactions, reversing transactions and double spending coins. It has been demonstrated in the past how easy it is to perform a 51 percent attack on small cryptocurrencies.

With a market cap of just $10 million, AurumCoin was an easy target. The hacker sent 15,752.26 AU to Cryptopia and sold it for a different cryptocurrency. Once the transaction was done, the hacker allegedly used their superior hash power to reverse the transaction, as though it never happened. Based out of New Zealand, Cryptopia is a popular cryptocurrency exchange known for listing a variety of small-cap coins like these.

AurumCoin Shifts Blame On Cryptopia

Although Cryptopia has not acknowledged the attack, AurumCoin published the following statement on top of their website:

“Aurum coin (AU) network was hacked (51 percent attack), a total of 15,752.26 AU is missing from Cryptopia’s wallet (cryptopia.co.nz exchange). Aurum coin network is not the responsibility of anyone, same as bitcoin network, it is an open source distributed crypto currency. What’s worse is that cryptopia exchange do not admit it. This is not the way to solve this problem.”

It is not clear what AurumCoin expects Cryptopia to do. It has constantly insisted that Cryptopia was hacked. However, the fact is, AurumCoin lacked the hash rate to prevent a 51 percent attack which resulted in Cryptopia losing over half a million dollars. Recently, Bittrex delisted Bitcoin Gold after losing some funds due to a similar 51 percent attack.

Editor’s Note: CCN has reached out to Cryptopia for confirmation on whether it lost funds as the result of a double spend attack. According to the exchange’s website, no AU trades have been processed since early October, when the token’s markets were halted for an “infrastructure upgrade.”


Source
Author: Vignesh Salvasundar
Image Credit
Image Credit

Hackers Nab $58,000 from Cryptocurrency Exchange by Trading Fake EOS Tokens

Hackers were able to steal nearly $58,000 worth of cryptocurrency from the Newdex exchange by exploiting a vulnerability in the exchange, according to TheNextWeb. The hackers flooded the Newdex exchange with fake EOS tokens they created themselves to buy ADD, BLACK and IQ tokens from the centralized platform.

Newdex acknowledged that an EOS account issued 1 billion phony EOS tokens. The EOS account, oo1122334455, placed purchase orders for ADD, BLACK and IQ. A total of 11,800 phony EOS orders were made. The hackers then exchanged the tokens for real EOS.

Newdex acknowledged the hackers nabbed 4,028 real EOS tokens, worth around $20,000, and sent them to Bitfinex, leaving Newdex users with cumulative losses around $58,000.

Newdex stopped the service at 15:52 on Sept. 18 after discovering an exception and activated an emergency response repair system, according to an observer on Reddit. The repair was completed at 16:33, and normal operation was resumed.

Newdex apologized for the loss, but has no plans to compensate people, according to the report.

EOS Users Warned About Newdex

Several days prior to the incident, the EOS community noted on Reddit that Newdex is not a genuine decentralized exchange (DEX) despite its “misleading marketing.” The PSA said not to trust Newdex since it does use a smart contract and has not published the source code of its centralized matching server.

Instead, Newdex matches orders off-chain in a centralized server, according to the Reddit post. The post also presented a response form Newdex’s support stating it is “the first global decentralized exchange built on EOS,” and requires no deposit, no withdrawal, safe assets, and is open and transparent.

In addition, Scatter (an ecosystem for creating accountability and security in the blockchain space) is used as a login and trading interface so that Newdex would appear to be a genuine DEX, the Reddit post noted. The reality is that users were sending funds to regular EOS accounts that don’t have any kind of smart contract running on them.

Also read: Two EOS gambling platforms fall prey to $260,000 hack

Newdex Issues Continue

According to Trybe, a tokenized knowledge and content sharing platform, Newdex has been plagued with trade issues, token issues, and extensive transfer times.

After allegedly encountering issues trading EOS on Newdex and communicating these issues to the exchange, Newdex responded that there are issues with the EOS network.

Trybe posted a note from Newdex claiming that there has been instability with the EOS mainnet causing unstable trades on all major exchanges, causing some exchanges such as Bithumb and Huobi Pro to withdraw service for EOS, ADD, and IQ.

Trybe noted, however, that it has not encountered issues trading EOS on other exchanges.


Source
Author: Lester Coleman
Image Credit: Image from Shutterstock

$1.3 Billion Worth Of BTC Locked Up By Mt. Gox Won’t Move Till Next Year

Mt. Gox are back in the headlines, this time as a result of a decision made by authorities that will see money owed by Mt. Gox, held until summer 2019.

Just to recap, Mt. Gox are due to credit the accounts of customers who had funds stolen during the Mt. Gox hack. This came after a court ruling that made Mt. Gox liable for the return of assets to their customers. As the case continues via a rehabilitation plan, it now seems that Mt. Gox are unable to pay until this time next year, as, according to Bitcoinist, the civil rehabilitation plan states:

“Mt. Gox is not capable of returning all BTC deposited by creditors. Accordingly, we consider that all assets of Mt. Gox should be distributed to creditors and not to shareholders.”

Interestingly, the plan does dictate that payments will be made in Bitcoin and Bitcoin Cash, instead of FIAT:

“In general, we consider it appropriate to make payments to creditors who had been depositing BTC (BTC creditors) with Mt. Gox, in BTC and BCH instead of cash. In this case, we think it desirable that the cash be sent to the accounts of the exchanges, as chosen by the creditors.”

Bitcoin and Bitcoin Cash have been chosen carefully, as refunding through altcoins could be seen to manipulate the markets, which could cause widespread issues. The plan states:

“There is a possibility that the sale of the altcoins by the trustee would cause a sudden fall in the price of altcoins and security problems may arise if the trustee moves the altcoins. Therefore, the trustee should proceed with the sale of altcoins with careful consideration of these matters.”


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author: Robert Johnson
Image Credit

Don’t forget to join our facebook page for Crypto, Business & Technology news delivered to you daily.

 

Bithumb will fully compensate investors after hack: ‘$450 million in company fund’

Bithumb has ensured customers that it will fully cover the loss of over $30 million worth of stolen cryptocurrencies during a hack earlier this week. The Korean exchange revealed more details in a statement today.


Bithumb states that immediately after the incident, it reported the hack to the KISA (Korea Internet & Security Agency) following the procedure. The exact amount of cryptocurrency stolen during the hack has not been confirmed yet.

The current expectation is that 35 billion Korean Won was stolen, but Bithumb says: ‘As we undergo the recovery process on each cryptocurrency, the overall scale of damage is getting reduced. Hence we expect that the overall damage will be less than the amount we initially expected’. Details on the exact scale of damage will be announced later.

Bithumb ensures that the damage will be fully covered by the company fund. According to the exchange, there is about 500 billion KRW ($450 million) in the company fund. Next to that, the exchange is considering a compensation for users because of the current withdrawal delays. All the cryptocurrencies of the company and customers are safely stored in the cold wallet, while KRW assets are stored on a bank account. Bithumb states that ‘all the assets of costumers are intact and fully secured’.


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source 
Author: JELMER VAN DER DUSSEN
Image Credit

Cryptocurrency Trading App Taylor Says All Funds Have Been Stolen In Cyberattack

A nightmare for promising startups but a common problem in the cryptocurrency industry is theft — and the attacker which allegedly targeted Taylor did not hold back.

Join in the fun and play on the world’s First Hybrid on-line Casino with BTC and Fiat currency payments. Check on-line for latest promotions.

Taylor is a startup which wants to bridge the connection between cryptocurrency exchanges and mobile technology through the design and launch of a dedicated trading app.

The team has apparently developed the Taylor smart cryptocurrency trading assistant which is touted as “an easy to use app that will help you to make profit every day.”

However, the project has been scuppered by an attack which has completely drained the startup of its cryptocurrency store.

The attack apparently took place on Tuesday last week. The Taylor team said that “all of our funds have been stolen. Not only the balance in ETH (2,578.98 ETH) but also the TAY tokens from the Team and Bounty pools.”

This equates to approximately $1.5 million.

However, the team claims that some funds were not stolen, and these were held in the Founders’ and Advisors’ pools and bound by a vesting contract.

According to Taylor, an investigation is taking place but the team says that the threat actor behind this attack may be the same as those connected to a cyberattack reportedly levied against CypheriumChain.

Taylor claims that security measures were in place to prevent such an attack, but these appear to have failed and while “we are all aware of the good practices, we confess that we may have neglected some very important details.”

The company says the incident appears to be a “highly advanced and coordinated attack” but has revealed no further details.

The market for TAY tokens has closed on IDEX. The Taylor team claims that after witnessing a stolen fund dump attempt on IDEX, they themselves made the request to delist.

“We will probably not recover the stolen funds, but we have one of the most important assets a company can have: a strong community,” Taylor says. “We’re doing the best we can to overcome this unfortunate incident and grow even bigger and stronger, so your support is absolutely paramount to Taylor’s success.

We reassure that we will spare no efforts to find a way to mitigate the implications of this incident for every single legit token holder.”

In an open letter sent to the startup’s supporters, Taylor said in an update that the firm had only $25,000 left, which has forced the company to rethink its future.

Fabio Seixas, Taylor co-founder and CEO said that a rebrand may be on the cards, as well as an “emergency” token sale to raise funds.

Seixas also suggested a cash injection from angel investors could save the project but warned this could take months.

“The goal for both funding options is to raise only enough to have a small and lean team to work for 12 months, paying for the basic operational and infrastructure costs,” the executive added. “This timeframe should be enough to release the app, acquire the first users, start gaining some traction and generating revenue.”

Whenever a cryptocurrency or blockchain-related startup or Initial Coin Offering (ICO) claims that a cyberattack has taken place, there is always skepticism as so many end up ghosting with investor funds and conducting exit scams.

Taylor was due to release its mobile app within the coming weeks and now is, instead, asking for participation in an emergency token sale.

As with any startup, project, or new face in the cryptocurrency industry, traders should make sure they perform due diligence before investing.

Last week, the Bitcoin Gold (BTG) network suffered a 51 percent attack; a bold technique used by a well-resourced threat actor which resulted in the theft of $17.5 million in BTG coins.

The attack lasted several days. However, it was not due to a vulnerability in the Bitcoin Gold network, but rather, 51 percent attacks are theoretically possible against all blockchain networks — but it is rarely seen in practice.


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author: Charlie Osborne
Image Credit

Crypto Exchange Bitgrail Opens For Three Hours Before Legally Forced Shutdown

Recently hacked Italian crypto exchange Bitgrail tweeted Wednesday, May 2, that they reopened their exchange, only to report its temporary closure three hours later.

Bitgrail posted a statement on its website later that day in order to explain the reason for the abrupt shutdown, which they “don’t agree with”:

“This morning, following the re-opening, we were notified of a deed by the court of Florence requesting the immediate closure of BitGrail and this situation will persist until a decision is made by the courts, about the precautionary suspension request made by the Bonelli law office on behalf of a client.

The decision is scheduled for May 16 2018.

Even though we don’t agree with this decision, we are obliged to respect the law and to suspend any BitGrail business immediately.”

On Feb. 8, 17 mln coins of cryptocurrency Nano – now worth around $136 mln – were discovered missing from the Italian exchange. The loss led to controversy between Nano developers and BitGrail’s owner and operator, Francesco “The Bomber” Firano, after the developers reported that Firano had reportedly asked for the Nano ledger to be altered to cover the losses – a claim Firano denied.

It is still unclear where the fault for the hack lies – either subpar security from Bitgrail or an issue with Nano’s blockchain – but a mid-March update from Bitgrail noted that users would be refunded as long as nobody sued.

At the beginning of April, a US class action suit was filed against the Nano developers that alleges that Nano’s core team illegally sold unregistered securities as well as negligently misrepresented the reliability of crypto exchange BitGrail. The lawsuit asks that a hard fork be implemented to restore users’ funds.


Here at Dollar Destruction, we endeavor to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author: Molly Zuckerman
Image Credit 1
Image Credit 2