The U.S. Securities and Exchange Commission is said to be allowing the first Bitcoin futures exchange-traded fund (ETF), per a Bloomberg report. The publication said in a report on Thursday night that the U.S. regulator "isn't likely to block the products from starting to trade next week," citing people familiar with the matter. The report came several hours after the SEC said in a tweet through its investor education account that "Before investing in a fund that holds Bitcoin futures contracts, make sure you carefully weigh the potential risks and benefits."
More on The Block• 2021-10-16
Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. With a transaction volume of $3.4 billion, OpenSea is the world’s largest marketplace for buying, selling, and auctioning non-fungible tokens (NFTs) and other digital assets and collectibles. Details emerged today about an issue on the OpenSea platform that let hackers hijack user accounts and steal the associated cryptocurrency wallets. The attack method is as simple as creating an NFT with a malicious payload and waiting for a victim to take the bait and view it. Multiple users reported empty cryptocurrency wallets after receiving gifts on the OpenSea marketplace, a marketing tactic known as “airdropping” and used to promote new virtual assets.
More on Bleeping Computer• 2021-10-13
Unfortunately for the law-abiding of the world, ransomware is an idea that caught on immediately and never lost steam. In fact, it’s grown to the point that it now contributes to a thriving cybercrime business, often targeting large sectors, including education, finance, healthcare, the legal sector, and manufacturing. According to Fortinet research, by the end of 2020, there were as many as 17,200 devices reporting ransomware each day. Ransomware was widespread long before cryptocurrency came along, but in recent years, both have skyrocketed in tandem. Because cryptocurrency is difficult to trace, cybercriminals have rapidly switched to it as their preferred method for ransom payments. In fact, DarkSide, the group behind the high-profile attack on Colonial Pipeline, purportedly raked in $90 million in Bitcoin ransom payments before shutting down in May.
More on SecurityWeek• 2021-10-12
In a major blunder, cryptocurrency platform Compound accidentally paid out $90 million among its users. Shortly after the mistake, the platform's founder began asking users to return the money—or else they would be reported to IRS, and possibly doxxed, threatened the founder. Compound is an Ethereum-based money market protocol that enables users to earn interest or borrow assets against collateral. Lenders can provide assets to Compound's liquidity pool and start earning compounding interest, with interest rates dictated automatically by supply and demand. Yesterday, due to an erroneous upgrade process, the decentralized finance (DeFi) platform ended up spilling out Ethereum assets worth $90 million to its users.
More on Bleeping Computer• 2021-10-02
Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS multi-factor authentication security feature. Coinbase is the world's second-largest cryptocurrency exchange, with approximately 68 million users from over 100 countries. In a notification sent to affected customers this week, Coinbase explains that between March and May 20th, 2021, a threat actor conducted a hacking campaign to breach Coinbase customer accounts and steal cryptocurrency.
More on Bleeping Computer• 2021-10-01
A malicious Firefox add-on named "Safepal Wallet" scammed users by emptying out their wallets and lived on the Mozilla add-ons site for seven months. Safepal is a cryptocurrency wallet application capable of securely holding more than 10,000 types of assets, including Bitcoin, Ethereum, and Litecoin. Although the malicious browser add-on has been taken down, BleepingComputer has seen the phishing website set up by the threat actors is still up.
More on Bleeping Computer• 2021-09-27
Like many people, Mr Goxx is dabbling in cryptocurrency, hoping to strike it rich. He's notable for two reasons: first, he is making money, with his lifetime career performance up about 20% - beating many professional traders and funds. Second, Mr Goxx is a hamster. The business-minded rodent has a trading office attached to his regular cage. Every day, when he enters the office, a livestream starts on Twitch, and his Twitter account lets followers know: Mr Goxx has started a trading session.
More on BBC• 2021-09-27
China's central bank reiterated its stance on cryptocurrency on Friday, releasing a memo that banned cryptocurrency transactions and made it illegal for overseas exchanges to provide services to people in China. "Virtual currency-related business activities are illegal financial activities," the People's Bank of China said in a notice posted to its website on Friday afternoon. They slammed cryptocurrency for "disrupting economic and financial order" and facilitating "illegal and criminal activities" like gambling, fraud, pyramid schemes, money laundering and theft.
More on ZDNet• 2021-09-24
The U.S. Treasury Department on Tuesday imposed sanctions on Russian cryptocurrency exchange Suex for helping facilitate and launder transactions from at least eight ransomware variants as part of the government's efforts to crack down on a surge in ransomware incidents and make it difficult for bad actors to profit from such attacks using digital currencies. "Virtual currency exchanges such as SUEX are critical to the profitability of ransomware attacks, which help fund additional cybercriminal activity," the department said in a press release. "Analysis of known SUEX transactions shows that over 40% of SUEX's known transaction history is associated with illicit actors.
More on The Hacker News• 2021-09-22
Coinbase, the world's second-largest cryptocurrency exchange with approximately 68 million users from over 100 countries, has scared a significant amount of its users with erroneous 2FA warnings. As the crypto exchange revealed over the weekend in a Twitter thread, it accidentally alerted roughly 125,000 customers that their 2FA settings had have been changed on August 28, between 1:45 pm PST and 3:07 pm PST. In a Friday incident report, Coinbase explained that the notifications were sent in error and that customers are not required to take any action to restore their 2FA settings. "We are aware a large number of customers have received notifications (email/SMS) that 2FA settings were changed. This appears to have been sent in error. We are still investigating why this message was sent, but no action is required at this time," Coinbase said.
More on Bleeping Computer• 2021-08-31
Lately, it has been a turbulence-filled time for Poly Networks. The company creates software to handle the exchange between different blockchains for cryptocurrencies and other commodities. The company announced last week, by leveraging its security weaknesses, that a fraudster took hundreds of millions of dollars off its network in digital tokens, worth $600 million (roughly Rs 4,462 crores). But the same company has offered a Chief Security Advisor job role plus a sum of $500,000 to the crypto hacker involved in the heist that reaped over $600 million (roughly Rs 4,462 crores) last week. The criminal has started handing back digital money – and at least $260m of tokens were repaid after Poly Network encouraged netizens, crypto-exchanges, and miners to disallow the transactions containing the wallet credentials of the criminal. The business claimed that they have maintained communication with the suspect, known as Mr. White Hat.
More on E Hacking News• 2021-08-21
The administrator of Grams, one of the first darkweb search engines, pleaded guilty to money laundering charges. Larry Dean Harmon, 38, of Akron, Ohio, pleaded guilty to a count of Conspiracy To Launder Monetary Instruments. Court documents revealed that Harmon had created Helix, a well-known Bitcoin tumbler, from 2014 to 2017. Harmon was indicted in early 2020. As a part of his plea, Harmon agreed to forfeit more than 4,400 bitcoin, valued at more than $200 million at today’s prices. In 2016, an FBI investigator in the District of Columbia transferred 0.16 Bitcoin from an Alphabay wallet to Helix. The service mixed the Bitcoin and provided the FBI with Bitcoin that was not directly traceable to Alphabay.
More on Darknetlive• 2021-08-20