Cryptocurrency

10
Aug
2020

Security Researchers Explain Methodology of Crypto Exchange Hackers

Security researchers who convened at the Black Hat virtual conference, reported on how the notorious group CryptoCore was able to hack $200 million worth of crypto money. The heist, as reported by Cointelegraph last June 2020, saw several crypto exchanges operating across the globe, losing cryptocurrencies from cyber attacks perpetuated by way of a phishing campaign that lasted for two years.

The report revealed how crypto exchanges become vulnerable to hackers despite claims of having high privacy and tight security measure in place to protect their funds. Researchers enumerated three methodologies that allowed hackers to succeed in attacking five crypto exchanges in Japan, the Middle East and the U. S, .Omer Shlomovits, cofounder of KZen Networks and Aumasson, a cryptographer categorized the attacks as:

1) Insider attack or inside job,
2) Exploitation of a relationship between a crypto exchange and a customer
3) Partial extraction of secret keys.

According to the report, the approach was similar to breaking open a conventional bank vault by turning on six keys all at the same, which means the hackers had to dissect private keys into smaller pieces in preparation for their cyber heist.

Insider Attack or Inside Job

An insider, explores and exploits the vulnerability of the cryptocurrency exchange’s open-source library. Using the refresh mechanism, an inside attacker who is also a key holder initiates a refresh. Then he or she does some manipulation to alter some keys but at the same time retain some. The manipulation will cause a denial of service that permanently locks out the cryptocurrency exchange out of its own digital funds.

Another way that an inside attacker launches an incursion is to figure out private keys generated by exchange customers when initiating multiple key refreshes. This enables the inside attacker to carry out the stealing process by manipulating exchange processes using false validation statements.

Exploitation of Relationship between Crypto Exchange and Customer

Shlomovits and Aumasson said attacks could occur once the insider becomes a trusted party in a crypto exchange for which they receive their portions of the key. Any of the trusted parties with malicious intent can generate random numbers that is up for public verification. However, the researchers found out that in the case of Binance, the site skipped the checking of random values generated by trusted parties.

Extraction of Secret Keys

Malicious trusted parties use the unvalidated values in sending constructed messages to other users, who in turn, assign the unvalidated information. Exchange users using multiple key refreshers become the targets of the malicious trusted parties, for purposes of extracting private keys to use in launching the cyber hack.

Posted by Madelina Feliks in Cryptocurrency
09
May
2020

Crypto Financing, Is It Possible?

If you have a smart business idea, you have to convince investors of your vision. In the beginning, it is often family and friends. You could be even seeking financial help from a lending club or traditional banks. Later, ideally, business angels and investors come in who provide venture capital. A time-consuming process.

The Top Crypto-Backed Loan Platforms

Now, there’s what is called crypto lending as explained by Cointelegraph. It works much like a regular loan but within the limitations of cryptocurrencies. This service connects willing lenders to seeking borrowers using online platforms. Lenders lend their Altcoins, Ether, or Bitcoins to borrowers under agreed terms and regulations.

The entrepreneur Zoe Adamovicz can imagine it all easier, faster, and cheaper. With her start-up “Neufund”, the Polish-born artist, together with her partner Marcin Rudolf, wants to create a platform on which investors can participate in start-ups using the Ethereum cryptocurrency. It is an experiment that no one can say at the moment whether it will succeed and what risks are involved for the investor. Bafin’s financial supervision is in the process of dealing with this business model.

The company is financed through venture capital. It recently mobilized $ 12 million from investors for the platform. The financiers include, for example, the investor Frank Thelen, who is known to a wider audience as a jury member of the start-up show “Höhle der Löwe”. Neufund has dubbed this process the “Initial Capital Building Mechanism” (ICBM). Supporters, therefore, commit funds that they can later invest on the platform in companies.

Adamovicz and Marcin are experienced entrepreneurs. In 2014, they sold their self-founded Xyo app search engine to an American, listed company. It is important for the manager to differentiate herself from so-called initial coin offerings (ICO). “New discovery does not make an ICO,” she clarifies. “No euro is used by the ICBM for the company. We don’t manage this money either. ”

She doesn’t want “newfound” to be lumped together with companies that use intransparent ICOs to collect money by issuing tokens. Much can be hidden behind tokens: some companies promise to share in possible future profits, others only declare the collected money as a “donation”. “At the moment, investors who finance companies using cryptocurrencies cannot be sure whether the tokens issued will actually be used for the purposes for which they were announced,” Adamowicz describes the dilemma. This is exactly what is supposed to work differently on the “Neufund” platform.

The ten largest cryptocurrencies

There, companies can finance themselves with so-called equity token offerings (ETOs). Adamowicz wants to ensure that the investor who participates in a company on the Neufund platform also benefits from possible profits or sales proceeds. At the same time, investors have to bear possible losses. “With an ETO, the investor acquires rights to the company, which he can also assert, if necessary,” she emphasizes. This is a big difference to tokens, which are awarded in the context of an ICO.

Posted by Laney Seward in Cryptocurrency, Finance
22
Apr
2020

Small- Scale Crypto Miners Not Optimistic Over Post-Coronavirus Comeback

As U.S. president Donald Trump wavers on decision to extend the U.S. lockdown or reopen economies, cryptocurrency miners are still weighing on potential outcomes.

Although cryptocurrency trading had slightly recovered, there is still hesitation among miners. The costs of analyzing blockchain transactions remain the same, while prices of digital currency fluctuate; earning them coin values not enough to even recover previous losses.

Most crypto traders do not foresee immediate economic recovery once businesses reopen. The public will have been left with reduced funds, or none at all, to even think of heading out for a buying spree. Besides, the Centers for Disease Control has warned that there could be a second wave that could be more severe than the first. It is likely that any plans for investing or buying will be put on hold as emergency funds; probably until there is certainty of a stable economy..

Unprofitable Bitcoin Mining Operations Could  Cripple Start-Up Mining Businesses

Ideally, the best scenario is one in which the bitcoin price will rise. That way mining operation will regain its profitable traits. In early March, the cryptocurrency industry saw several operators liquidating their bitcoin-backed loans, whilst miners decided to shut down their mining machines.

 

There are also analysis reports of start-up privately-owned mining corporations, to likely disappear. That is  if providers of hardware and funds will give priority to larger mining operators.

Posted by Madelina Feliks in Cryptocurrency