Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Home > OODA Analysis and Briefs
Proof of stake is a consensus algorithm originally invented by Sunny King and Scott Nadal in 2012. The idea for proof-of-stake (PoS) began as a way to create an alternative to Bitcoin’s proof-of-work algorithm, which requires miners to solve cryptographic puzzles to verify transactions on the blockchain. PoS was supposed to be an energy-efficient method…
When Wu Caizeng lost a 20,000-yuan (US$2,800) non-fungible token (NFT) to a phishing scam in September, he sought help on Twitter, where he publicised his thief’s public blockchain address. However, the anonymous nature that characterises much of the crypto world left him with no practical way to recoup his losses. “I’m so stupid,” he said…
A quick response from a number of blockchain security companies has helped facilitate the return of around 70% of the $23 million exploit of decentralized exchange (DEX) aggregator Transit Swap. The DEX aggregator lost the funds after a hacker exploited an internal bug on a swap contract on Oct. 1, leading to a quick response from…
Kim Kardashian has landed in hot water with the feds over an Instagram post promoting a cryptocurrency asset that has been blasted by critics as an alleged “pump and dump” scheme. The Securities and Exchange Commission announced on Monday that it has charged the reality television star and social media influencer “for touting on social…
Pro-Russian groups are raising funds in cryptocurrency to prop up paramilitary operations and evade U.S. sanctions as the war with Ukraine wages on, a research report published Monday revealed. As of Sept. 22, these fundraising groups had raised $400,000 in cryptocurrency since the start of the invasion on Feb. 24, according to TRM Labs, a digital…
The Los Angeles Unified School District was compromised by a threat actor group called the Vice Society earlier this year. It appears that the data from the hack has since been leaked on line after the school district confirmed that the hackers planned to post the data it stole from the institution. It is unclear…
A new hacking group that has been dubbed Witchetty has been observed by threat actors using a new steganographic technique to hide a backdoor within a fraudulent Windows logo. The group is reportedly targeting Middle Eastern governments. Broadcom released an advisory addressing the campaign in which it claimed that the group had connections to a…
Notorious North Korean-associated hacking group Lazarus has been identified in a new campaign weaponizing legitimate open-source software. The software is being leverages by the group to target employees in organizations across multiple industries and countries. Microsoft’s Threat Intelligence Center recently published an advisory regarding the threat on Thursday. The report states that the attacks were…
There has been significant growth in organizations deploying private blockchain technology. But despite its reputation, it is essential not to assume blockchain is secure just because it relies on cryptography. An appropriate security design with controls that addresses an organization’s acceptable risk should be applied and reviewed before deploying blockchain to a production environment. I have…
Aurora, an Ethereum Virtual Machine (EVM) compatible scaling and bridge solution built on top of the NEAR Protocol blockchain network, has completed the payment of a $2 million bug bounty to a pair of whitehat hackers that reported vulnerabilities on the platform back in June. According to a blog post written by ImmuneFi, a leading web…
In a landmark crypto-currency litigation case pending before the US District Court in the Southern District of New York, the Securities and Exchange Commission (“SEC”) brought an action against Ripple Labs, Inc. and its officers (“Ripple”). The crux of the SEC’s complaint is that Ripple sold unregistered securities – XRP – a virtual currency designed…
US Senators, Marsha Blackburn and Cynthia Lummis have introduced a bill to help crypto organizations report cybersecurity issues. Marsha Blackburn is a Republican from the state of Tennessee, and Cynthia Lummis is a Republican from Wyoming. According to reports, the reformed legislation which is titled Cryptocurrency Cybersecurity Information Sharing Act, would bring amendments to the Cybersecurity…
Cryptocurrency holders have been warned to be vigilant against a new malware spreading across the internet that is adept at stealing personal information. Dubbed “Erbium,” after the element, the malware steals personal information and data retained in browsers such as passwords, cookies, credit card information, and more. Reportedly, it has been able to access two-factor authentication codes…
Citizens of Ukraine have begun recognizing that the people they knew did not participate in the vote to annex Ukrainian territories to allow them to become part of Russia. The “voting” occurred in Zaporizhia, Kherson, Donetsk and Luhansk. Russian President Vladimir Putin recognized these areas’ independence early on Friday. Putin also signed accession treaties with…
The European Union has announced emergency measures that will allow them to charge energy firms on their record profits. These windfall taxes will be applied on certain companies and there will also be mandatory cuts in electricity use. The proposed plan also includes a levy on fossil fuel firms’ surplus profits and excess revenue made…
A suicide bombing attack on an educaaion center in Kabul has killed at least 23 people. Most of the victims are believed to be women in this latest sign of a deteriorating security situation in Kabul. The bombing occurred on Friday att he Kaaj education center in a predominantly Hazara neighborhood. Students in the education…
What if an immutable and irreversible cryptocurrency transaction wasn’t? That’s the idea trio of Stanford University researchers proposed this week as a way to combat the seemingly constant string of thefts, fraud and hacks that have routinely seen hundreds of millions of dollars stolen in the crypto industry — including more than $14 billion last…
The Brazilian Securities and Exchange Commission (CVM), the securities market regulator in Brazil, has ordered Mercado Bitcoin, the largest cryptocurrency exchange in Brazil, to provide information on fixed-income tokens the exchange has issued over the last two years. According to reports by Estadão newspaper, the capital markets regulator wants to know the amount Mercado Bitcoin raised…
The data on hacks, scams and exploits is in, and 2022 is already the most expensive year for Web3 on record. Where 2021 saw losses of $1.3 billion, losses were already at $2 billion at the close of June 2022. Extrapolating from these numbers, 2022 is projected to see a 223% increase in the amount…
For many decades, the U.S. government has required financial institutions to take steps to help detect and prevent financial crimes including money laundering and terrorist financing. Federal law requires financial institutions to keep records of cash purchases of negotiable instruments, file reports of cash transactions exceeding $10,000, identify and assess risk of customers (Know Your…
The White House released its first comprehensive framework this month for the Responsible Development of Digital Assets following President Joe Biden’s March 9 executive order. The order called for regulators to assess the industry and develop recommendations to safeguard investors while simultaneously promoting innovation. While more work is needed, the framework is a step in…
Police in the southern Pakistani city of Karachi are investigating a recent attack against a dental clinic. The clinic was well known in the community and was the victim of an attack that killed one person and injured two others. The police are seeking to determine whether the attack was targeted against members of Karachi’s…
Cybersecurity researchers at SentinelLabs have called on the greater community to utilize their threat hunting skills in deciphering a new malware campaign that is targeting telecommunications companies, ISPSs, and universities. The attacks have been focused on the organizations in the Middle East and Africa. The threat actor has been identified as Metador, a group that…
Researchers at Securonix have detected a cyberattack campaign that is focused on cyber espionage. The campaign highlights the sophisticated nature of cyber threats agains the US, specifically defense contractors, and across the globe. The campaign has been dubbed STEEP#MAVERICK by Securonix researchers and has already hit multiple weapons contractors in Europe over the past several…
Multiple different hacker groups are leveraging the popular platforms Telegram and Signal to aid anti-government protestors in Iran. Iranian citizens have lost full access to the internet and are instead suffering from outages and regime restrictions. The hackers are also utilizing dark web tools to circumvent these restrictions. Check Point Research has released information regarding…
The Internal Revenue Service (IRS) has released an advisory warning US taxpayers of what it has identified as an “exponential” increase in text-based phishing attempts. The tax agency recommended that users report such phishing campaigns in order to help the government to identify and disrupt them before more individuals are targeted. The IRS stated that…
Last month, a cross parliamentary caucus was created in the Ukrainian parliament to promote economic and cultural cooperation with Taiwan. The head of the Ukrainian Parliament’s foreign policy committee had praised Taiwan’s immediate support of Ukraine when the Russian invasion began. The vow to create new ties comes as China and Russia had vowed a…
Russian President Vladimir Putin will hold a signing ceremony on Friday to formally annex four more areas of Ukraine after referendums that have been condemned by Ukraine and the West as a sham. Russian-backed officials had claimed the five-day exercise had almost complete popular support. Votes were held in Luhansk and Sonetsk in the east…
How do NFT thieves get away with heists in the millions (or even billions) of dollars, in plain sight? Crypto transactions happen on the public ledger, so finding the culprit should be simple. Despite this, NFT thieves are nearly impossible to catch. Part of the problem comes with the territory, since successful NFT scammers and thieves…
A recent study from Stanford University proposes the adoption of opt-in “reversible transactions” for use in cases of cryptocurrency hacks and theft – an idea that has sparked heated debate in the online crypto community. In a Sunday tweet, Stanford University blockchain researcher Kaili Wang shared a summary of the reversible token idea and linked back…
Security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency threat actors mine on hijacked devices. This activity is generally attributed to certain financially motivated hacking groups, most notably TeamTNT, that perform large-scale attacks against vulnerable Docker Hubs, AWS, Redis, and Kubernetes deployments.…
The popularity of cryptocurrencies such as Bitcoin has plummeted in 2022, particularly among their most fervent supporters – millennial investors – according to a recent Bankrate survey. Americans of all ages have seen their comfort level with cryptocurrency sink sharply over the last year, as these digital currencies have plunged in value at a dizzying…
Ethereum won plaudits and the spotlight two weeks ago for smoothly pushing through its much-hyped Merge, a historic shift to a different “proof-of-stake” blockchain system designed to drastically reduce energy consumption – roughly 99% by some estimates. Now, the second-biggest blockchain appears to be proving itself on another promise of the Merge: greater inflation-resistance, a…
Defense company Elbit Systems of America has confirmed that it suffered from a data breach. The company is a subsidiary of Israeli defense giant Elbit Systems. The confirmation comes a few months after the ransomware gang Black Basta claimed to have hacked into the company’s systems. The notification was delivered to impacted customers by a…
New information has led researchers to believe that the Lazarus threat actor group has expanded its campaign leveraging fake job opportunities to lure cryptocurrency professionals. The fake job profiles have been extended to cryptocurrency exchanges that mislead job seekers into downloading malware. The attack is targeting macOS users, according to security researchers. SentinelOne released a…
Iran has attacked an Iranian-Kurdish opposition group in the Kurdish region of northern Iraq on Wednesday. The missile and drone attacks focused on bases in Koya, and killed nine people while injuring others. Iran’s state-run news agency said Iran’s Revolutionary Guard Corps ground forces targeted the bases of a separatist group in the north of…
Last week, Australian company Optus suffered from an attack against its customers. The attacker has since removed the leaked data from the internet and apologized for the attack. A user under the name ‘optusdata’ posted to BreachForums claiming responsibility for the attack and confirming that the only copy of the stolen data had been deleted.…
The EU has stated that leaks in two major gas pipelines from Russia to Europe were caused by sabotage, but did not directly accuse Russia. The head of the European Commission, Ursula von der Leyen stated that if there was deliberate disruption, there would be the strongest possible response from the EU. See: Russian Attack…
The popular social media platform TikTok will face fines of £27m in the UK due to breaches of the country’s data protection laws, the Information Commissioner’s Office (ICO) has announced. The Chinese social networking giant allegedly received a notice of intent that explains the laws broken. The violations noted in the statement occurred between 2018…
Earlier this week, Russian President Vladimir Putin announced that former US security contractor Edward Snowden would be granted citizenship. Putin allegedly singed a decree on Monday that offered 75 foreign citizens Russian citizenship. The decree has since been published on an official government website. Snowden has been residing in Russia since 2013 to evade prosecution…
On 16 September the White House released the Comprehensive Framework for Responsible Development of Digital Assets, offering recommendations designed to protect consumers, advance sustainability efforts, and further national security. A response to President Biden’s March 2022 Executive Order (EO) on cryptocurrency, which called upon federal agencies to produce a total of 21 reports exploring the…
One of the messiest and thorniest national security challenges is how to keep Australians safe from manipulative online content – now, and into the future. The matter cuts across departmental jurisdictions in a way few other national security issues do – taking in questions relating to freedom of speech, defamation law, commerce, defence and intelligence,…
To solve crime, the old saying still holds: “Follow the money.” But how do you do that for cybercrimes when the money itself is decentralized and anonymous—as is the case with cryptocurrency? In today’s threat environment, it’s becoming increasingly crucial for enterprises to boost their cybersecurity maturity. Over a decade ago, Silk Road—widely regarded as the…
The Japanese Government will reportedly put in place some remittance regulations in an effort to stop criminals from utilizing crypto exchanges to launder money. The new rules are expected to take effect from next spring, supposedly as early as May 2023. Japan has already implemented the Act on Prevention of Transfer of Criminal Proceeds which…
The IRS continues to chase U.S. taxpayers who failed to report and pay taxes on cryptocurrency transactions with a new court order allowing a summons for customer records. The agency will issue a so-called “John Doe summons” requiring M.Y. Safra Bank to turn over crypto transaction data for SFOX, a digital currency prime broker that…
Australian police are reportedly investigating claims that a hacker released the stolen data of roughly 10,000 Optus customers. In addition, the hacker reportedly demanded $1 million ransom in cryptocurrency to not leak the data. Optus is a telecommunications company and the nation’s second-largest wireless carrier. The data breach allegedly occurred last week and impacted the…
During 11 days of protests sparked by the death of a woman in custody, at least 76 protesters have been killed by Iranian security forces. Iran Human Rights, a Norway-based organization, has accused authorities of using live ammunition and unequal force to suppress the protesters. State media has announced that the number of dead is…
Ebola infections have risen across districts in Uganda. The cumulative number of confirmed and suspicious deaths has risen to 23, according to health authorities in Uganda on Monday. The country declared an outbreak last Tuesday after a case was detected in the Mubende district. The virus has now spread to the Kyegegwa and Kassanda districts. …
French hospital Corbeil-Essonnes suffered from a ransomware attack a month ago and refused to give in to ransom demands. Now, the hackers may have released the personal records and patient data online. The hospital is located near Paris and is the latest victim of a series of cyberattacks targeting French institutions and healthcare organizations. The…
Ukraine’s Ministry of Defense’s Main Directorate of Intelligence has predicted an increase in attacks originating from Russia against Ukraine’s critical infrastructure, such as the energy industry. This prediction was made on the basis that as it gets colder and winter approaches, Russia will target the energy sector to impact civilians and threaten their security. Kyiv…
New information from ReasonLabs indicates that scammers with origins in Russia leveraged Amazon Web Services, GoDaddy, and eNom to conduct a large-scale scam operation that stole millions of dollars from credit cards. The scam began in 2019 and continued into 2020. ReasonLabs states that the victims of the plot were customers of major credit card…
Hacks and exploits continue to plague the decentralized finance (DeFi) sector as another vanity wallet address joins the roster of DeFi victims, which, collectively, have lost more than $1.6 billion in 2022. In an alert published by blockchain security firm PeckShield, a hacker was detected after stealing 732 Ether (ETH), around $950,000, from an address…
As of August 2022, there’s been $2 billion total in crypto losses, with 69% of stolen crypto funds originating from hacking protocols that bridge different blockchains. The cross-chain token bridge Nomad, lost $190 million in an exploit a few weeks ago and layer-1 blockchain bridging protocol Harmony Horizon lost $100 million after a hack in…
With hackers continuing to target prominent non-fungible token (NFT) owners, four NFTs estimated to be worth at least $150,000 were stolen from crypto entrepreneur Jason Falovitch, the co-founder of Leverage Game Media and business partner of billionaire Mark Cuban. “I got hacked last night on @opensea. Apes, doodles, eth. It’s not pretty. Please do not…
Cryptocurrencies made big news as prices skyrocketed, turning investors into overnight millionaires. When anything big happens in a financial market in the U.S., you can expect regulators won’t be far behind. Among other agencies, the crypto revolution caught the attention of the Federal Reserve, America’s central bank, and a top financial regulator. Here’s what you…
The vulnerability in private keys generated by the popular Profanity vanity key generator was noted in January and has already been implicated in at least one major hack. Blockchain cybersecurity company Certik has said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in private keys generated by the Profanity app was likely…
Last week, Russia announced plans to mobilize 300,000 individuals to fight in the ware against Ukraine. Tensions have grown since the announcement after two military recruitment centers were attacked. In addition, lines of draft-age men have accumulated at Russia’s borders and in airports as the men attempt to leave the country and avoid the draft.…
Researchers from SentinelLabs have identified a new threat actor dubbed Metador. The threat actor has reportedly infected a telecommunications company in the Middle East and multiple Internet service providers and universities located across the Middle East and Africa. In addition, the group may be responsible for two malware platforms described as extremely complex. Although SentinelLabs…
For the second day in a row, hundreds of ultranationalist Jews have entered the Al-Aqsa Mosque compound in occupied Est Jerusalem under the protection of Israeli authorities. Israeli police attacked Palestinians gathered in the compound and prevented others from entering. The Palestinian Red Crescent stated that at least 3 Palestinians were injured on Monday and…
The far-right leader Giorgia Meloni has won Italy’s election and is expected to become the country’s first female prime minister. Ms Meloni is also expected to form Italy’s most right-wing government since World War II. Italy is the EU’s third-biggest economy and Europe may be alarmed with the shift to the right. Speaking after the…
Informing your decisions with actionable intelligence
Copyright © 2025 — All Rights Reserved.
Notifications
Informing your decisions with actionable intelligence