/ Malicious 'Safepal Wallet' Firefox add-on stole cryptocurrency

A malicious Firefox add-on named "Safepal Wallet" scammed users by emptying out their wallets and lived on the Mozilla add-ons site for seven months. Safepal is a cryptocurrency wallet application capable of securely holding more than 10,000 types of assets, including Bitcoin, Ethereum, and Litecoin. Although the malicious browser add-on has been taken down, BleepingComputer has seen the phishing website set up by the threat actors is still up.

More on Bleeping Computer2021-09-27

/ Mr Goxx, the crypto-trading hamster beating human investors

Like many people, Mr Goxx is dabbling in cryptocurrency, hoping to strike it rich. He's notable for two reasons: first, he is making money, with his lifetime career performance up about 20% - beating many professional traders and funds. Second, Mr Goxx is a hamster. The business-minded rodent has a trading office attached to his regular cage. Every day, when he enters the office, a livestream starts on Twitch, and his Twitter account lets followers know: Mr Goxx has started a trading session.

More on BBC2021-09-27

/ Chinese government declares all cryptocurrency transactions illegal

China's central bank reiterated its stance on cryptocurrency on Friday, releasing a memo that banned cryptocurrency transactions and made it illegal for overseas exchanges to provide services to people in China. "Virtual currency-related business activities are illegal financial activities," the People's Bank of China said in a notice posted to its website on Friday afternoon. They slammed cryptocurrency for "disrupting economic and financial order" and facilitating "illegal and criminal activities" like gambling, fraud, pyramid schemes, money laundering and theft.

More on ZDNet2021-09-24

/ US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs

The U.S. Treasury Department on Tuesday imposed sanctions on Russian cryptocurrency exchange Suex for helping facilitate and launder transactions from at least eight ransomware variants as part of the government's efforts to crack down on a surge in ransomware incidents and make it difficult for bad actors to profit from such attacks using digital currencies. "Virtual currency exchanges such as SUEX are critical to the profitability of ransomware attacks, which help fund additional cybercriminal activity," the department said in a press release. "Analysis of known SUEX transactions shows that over 40% of SUEX's known transaction history is associated with illicit actors.

More on The Hacker News2021-09-22

/ Coinbase seeds panic among users with erroneous 2FA change alerts

Coinbase, the world's second-largest cryptocurrency exchange with approximately 68 million users from over 100 countries, has scared a significant amount of its users with erroneous 2FA warnings. As the crypto exchange revealed over the weekend in a Twitter thread, it accidentally alerted roughly 125,000 customers that their 2FA settings had have been changed on August 28, between 1:45 pm PST and 3:07 pm PST. In a Friday incident report, Coinbase explained that the notifications were sent in error and that customers are not required to take any action to restore their 2FA settings. "We are aware a large number of customers have received notifications (email/SMS) that 2FA settings were changed. This appears to have been sent in error. We are still investigating why this message was sent, but no action is required at this time," Coinbase said.

More on Bleeping Computer2021-08-31

/ Hacker Rewarded with $500,000 and a CSA Job by Poly Network

Lately, it has been a turbulence-filled time for Poly Networks. The company creates software to handle the exchange between different blockchains for cryptocurrencies and other commodities. The company announced last week, by leveraging its security weaknesses, that a fraudster took hundreds of millions of dollars off its network in digital tokens, worth $600 million (roughly Rs 4,462 crores). But the same company has offered a Chief Security Advisor job role plus a sum of $500,000 to the crypto hacker involved in the heist that reaped over $600 million (roughly Rs 4,462 crores) last week. The criminal has started handing back digital money – and at least $260m of tokens were repaid after Poly Network encouraged netizens, crypto-exchanges, and miners to disallow the transactions containing the wallet credentials of the criminal. The business claimed that they have maintained communication with the suspect, known as Mr. White Hat.

More on E Hacking News2021-08-21

/ Grams Admin Admits Laundering $300 Million in Bitcoin

The administrator of Grams, one of the first darkweb search engines, pleaded guilty to money laundering charges. Larry Dean Harmon, 38, of Akron, Ohio, pleaded guilty to a count of Conspiracy To Launder Monetary Instruments. Court documents revealed that Harmon had created Helix, a well-known Bitcoin tumbler, from 2014 to 2017. Harmon was indicted in early 2020. As a part of his plea, Harmon agreed to forfeit more than 4,400 bitcoin, valued at more than $200 million at today’s prices. In 2016, an FBI investigator in the District of Columbia transferred 0.16 Bitcoin from an Alphabay wallet to Helix. The service mixed the Bitcoin and provided the FBI with Bitcoin that was not directly traceable to Alphabay.

More on Darknetlive2021-08-20

/ Liquid cryptocurrency exchange loses $94 million following hack

Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. Liquid is one of the largest cryptocurrency-fiat exchange platforms worldwide (based on daily traded spot volume). The exchange has more than 800,000 customers from over 100 countries and says that it reached a $1.1B+ daily trade volume this year. After discovering that its warm wallets were hacked, the crypto exchange moved assets into the cold wallet.

More on Bleeping Computer2021-08-19

/ At least $611 million stolen in massive cross-chain hack

Cross-chain protocol Poly Network has been hacked for $611 million in the largest DeFi hack to date. "We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon," tweeted Poly Network today, adding, "We call on miners of affected blockchain and crypto exchanges to blacklist tokens coming from the above addresses." Poly Network is a protocol for swapping tokens across multiple blockchains, including Bitcoin, Ethereum and Ontology. It was formed by an alliance between the teams behind multiple blockchain platforms, namely Neo, Ontology, and Switcheo.

More on The Block2021-08-10

/ Miami Launches 'MiamiCoin' to Make Millions and Fund the Police

Thousands of Bitcoiners in June descended on Miami for Bitcoin 2021, a semi-religious event that celebrated all things related to the world’s biggest cryptocurrency. Speakers included Twitter and Square CEO Jack Dorsey, boxing champion Floyd Mayweather and ex-presidential candidate and firebrand libertarian Ron Paul. It was the start of something big, crypto-enthusiastic Miamians hoped: Magic City would become the crypto capital of the world. And as from today, thanks to the city’s tech-obsessed mayor, Francis Suarez, Miami looks like it is one step closer to that dream. The city launched its own cryptocurrency, MiamiCoin, which claims to allow city citizens to earn Bitcoin “in their sleep.”

More on VICE2021-08-05

/ IT Specialist Caught Mining Cryptocurrency at Police Headquarters in Poland

Officers from the Polish National Police have found what local media described as a crypto mining farm at the Policja headquarters in Warsaw. The mining operation was allegedly organized by an IT technician, a civilian employee of the law enforcement agency, tvn24.pl news portal reported quoting two independent sources. The crypto miner used police computers that he upgraded with video cards and specialized software. Although the mining equipment has probably consumed a serious amount of electricity due to the energy-intensive coin minting process, the biggest worry is that records from the police database might have been leaked, one of the sources noted.

More on Bitcoin.com2021-08-01

/ Ethereum Dev Violated Bail Conditions by Signing into Coinbase

Former Ethereum Foundation member Virgil Griffith has been taken into custody after violating the terms of his bail by signing into his Coinbase account. Griffith, a well-known Ethereum developer, violated the terms of his bail conditions by attempting to access his frozen Coinbase account. The account contained assets worth close to $1 million, according to court documents.

More on Darknetlive2021-07-23