It’s hardly an exaggeration to say that our industry is facing tough times. We’ve been in the midst of a “crypto winter” for some time now, with the prices of mainstays, including Bitcoin (BTC) and Ether (ETH), tumbling. Likewise, monthly nonfungible token (NFT) trading volumes have fallen more than 90% since their multibillion dollar peak back in January of this year. Of course, these declines have only been exacerbated by the numerous black swan events rocking the crypto world, such as the FTX and Three Arrows Capital meltdowns. Taken together, it shouldn’t be a surprise that crypto is facing a …

The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink. The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker. 【12-26 #BitKeep Hack Event Summary】 1/n According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker …

Major cryptocurrency mining pool BTC.com has suffered a cyberattack resulting in a significant loss of funds by the company and its customers. BTC.com experienced a cyberattack on Dec. 3, with attackers stealing around $700,000 in client assets and $2.3 million in the company’s assets, the mining pool’s parent firm BIT Mining Limited officially announced on Dec. 26. BIT Mining and BTC.com reported the cyberattack to law enforcement authorities in Shenzhen, China. The local authorities subsequently launched an investigation into the incident, starting collecting evidence and requesting assistance from relevant agencies in China. The local coordination has already helped BTC.com recover …

Hackers linked to North Korea’s Lazarus Group are reportedly behind a massive phishing campaign targeting non-fungible token (NFT) investors — utilizing nearly 500 phishing domains to dupe victims. Blockchain security firm SlowMist released a report on Dec. 24, revealing the tactics that North Korean Advanced Persistent Threat (APT) groups have used to part NFT investors from their NFTs, including decoy websites disguised as a variety of NFT-related platforms and projects. Examples of these fake websites include a site pretending to be a project associated with the World Cup, as well as sites that impersonate well-known NFT marketplaces such as OpenSea, …

The stories about people getting their private keys hacked or stolen are nothing new, and users have reportedly lost their life savings because of these thefts. However, in quite an anti-climax scene, a crypto user managed to save their crypto holdings despite losing the private keys. Harpie, an on-chain security firm, revealed an instance of on-chain crime drama where the good guys eventually won. One of the users in their discord group reportedly raised concerns about the suspected theft of their private keys. When the firm looked into the said customer’s wallet, someone was indeed trying to transfer funds from …

The metaverse is coming for users at full speed. Companies and brands are jumping into digital reality, and according to a recent survey, consumer interest is climbing alongside all the activity. At the same time, as more users join in on metaverse activity, the risk grows for nefarious activity in digital reality. A report from cybersecurity firm Kaspersky revealed that exploitation and abuse in the metaverse are set to rise in the next year. Threats range from scams, to be expected with digital interactions but also avatar-related identity theft and abuse. For a better understanding of the dangers and risks …

The hardware wallet industry has emerged as one of the most resilient sectors to the ongoing cryptocurrency winter, with issues like the FTX crash bringing in even more cold wallet sales. The bear market of 2022 has once again reminded crypto investors of the importance of self-custody and independence from centralized exchanges (CEX). As a result, some major CEXs like Binance has increased their investment exposure to hard wallet firms, while CEO Changpeng Zhao even suggested that CEXs may no longer be necessary in the future. Should it be the case, the crypto industry of the future will be quite …

As the BNB Chain-based protocol Ankr was exploited and the hacker dumped Ankr Reward Bearing Staked BNB (aBNBc) tokens, a trader took advantage of the price discrepancies to turn $2,879 into $15.5 million. As previously reported by Cointelegraph, security firm Beosin suggested that the multi-million dollar exploit may have come from vulnerabilities in the smart contract code and compromised private keys due to a technical upgrade. Then, the hacker minted and dumped 20 trillion aBNBc tokens, significantly lowering the price of aBNBc. As this happened, a trader reacted quickly and took advantage of an opportunity. Going through on-chain data, analysis …

Improved blockchain analytics will become increasingly important to combat the use of cross-chain bridges for illicit means, which are estimated to surpass $10 billion in value by 2025. Blockchain analytics firm Elliptic forecasts a 60% rise in the value of illicit cryptocurrency laundered through cross-chain bridges from $4.1 billion in June 2022 to $6.5 billion next year. This figure is projected to double midway through the decade. Cross-chain crime has been a major talking point in 2022 with over $2 billion fleeced in hacks targeting cross-chain bridges. Aside from these bridges and their contracts being targeted, these bridges have also …

The Irish Data Protection Commission (DPC) announced on Nov. 28 that it has fined Facebook developer Meta €265m for breach of the European Union’s General Data Protection Regulation (GDPR). Specifically, the commission stated that it had fined Meta for failing to design Facebook in such a way that it would protect users from data breaches. The announcement followed a more than year-long investigation that began in April, 2021. The breach itself occurred even earlier, in late 2019. Data Protection Commission announces decision in Facebook “Data Scraping” Inquiry: https://t.co/xW9nVqiJ2Y pic.twitter.com/6iDYnyVk5R — Data Protection Commission Ireland (@DPCIreland) November 28, 2022 The data …

James Bromley, a partner at law firm Sullivan & Cromwell representing debtors in FTX’s bankruptcy case in the District of Delaware, has said that assets at the firm continue to be at risk from cyberattacks. In a livestream of FTX Trading’s bankruptcy proceedings on Nov. 22, Bromley said new FTX CEO John Ray had laid out core objections aimed at getting the firm, remaining employees, and funds through the controversial and public collapse. According to the FTX co-counsel, a core group of employees have continued to work at the exchange to ensure assets were secure and records maintained, but hackers …

Users losing funds due to malicious activity is hardly unknown on Ethereum. In fact, it is the very reason researchers recently developed a proposal to introduce a type of token that is reversible in the event of a hack or other unsavory behaviors. Specifically, the suggestion would see the creation of an ERC-20R and ERC-721R, which would be modified versions of the standards that govern both regular Ethereum tokens and nonfungible tokens (NFTs). The premise goes like this: this new standard would allow users to make a “freeze request” on recent transactions that would lock those funds until a “decentralized …