A number of folks got together to create a business that would take advantage of a crypocurrency protocol known as bZx that was supposed to be super-duper secure, or, as they put it, no depositor of cryptocurrency should “ever worry about … getting hacked or [anyone] stealing [their] funds.” Of course, that’s exactly what happened:…

As the DeFi sector continues to attract money and users, bad actors from around the world continue to view it as an attractive target that is ripe for the picking and poorly protected. Over the last several months, I have been keeping track of some of the most notable exploits of DeFi protocols, and at least…

The past few years have plagued the decentralized finance (DeFi) space with hacks, making critics of blockchain technology take a closer look at how this technology is threatening security. This year started off with a US$600 million hack on Axie Infinity’s Ronin sidechain, followed by a US$325 million attack on Solana’s Wormhole, both of which…

Monday morning, the chairman of the U.S. Securities and Exchange Commission (SEC), Gary Gensler, said on CNBC’s Squawk Box that the only token he would lump in with commodities was bitcoin. Why it matters: Gensler pointedly declined to name any cryptocurrency other than the original one, notable because the market has been operating under the assumption…

Cryptocurrency crime is as sinister and upsetting as most financial crimes. The crimes that are perpetrated range from ordinary theft of cryptocurrency to money laundering and market to market fraud. Investors and consumers are subject to phishing and scams, where they are instructed to send cryptocurrency to a specific location for ransom. Like all financial…

The dark side of automation was once a figment of science fiction, where fears of intelligent machines taking over the world ran wild. Now, there’s a very real sense that intelligent machines pose a real threat to humankind — or at least a real threat to humankind’s earning potential. In 2021, McKinsey estimated that one-quarter of…

We’re still firmly in Hard Times. Sure, my article last week about price and macro risk was published just before an eight-hour flurry when bitcoin gained 6.35%, but both hazards remain salient. This article is the second in a three-part series about the risks facing cryptocurrency markets right now. Next week we’ll look at public…

Trail of Bits has released an operational risk assessment report on blockchain technology. As more businesses consider the innovative advantages of blockchains and, more generally, distributed ledger technologies (DLT), executives must decide whether and how to adopt them. Organizations adopting these systems must understand and mitigate the risks associated with operating a blockchain service organization,…

Goldman Sachs is looking to raise $2 billion from investors to buy up distressed assets from troubled crypto lender Celsius, according to two people familiar with the matter. The proposed deal would allow investors to buy up Celsius’ assets at potentially big discounts in the event of a bankruptcy filing, the people said. Goldman Sachs…

With crypto prices in free fall, crypto firms laying off thousands of workers and coins that are considered “stable” losing all their value, it’s more important than ever to secure your remaining portfolio. The current crypto crash isn’t the only way people are losing their money. There have been an increasing number of scams that give…

Researchers have uncovered an email-based credential-phishing attack targeting users of MetaMask, a cryptocurrency wallet used to interact with the Ethereum blockchain. The campaign is directed at Microsoft 365 (formerly Microsoft Office 365) users and has targeted multiple organizations across the financial industry. It starts with a socially engineered email that looks like a MetaMask verification email,…

If you still think cryptocurrency can thrive best within the ambiguous, ill-defined, geographically varied and relatively lax regulatory system, you haven’t been paying attention. With the spectacular failures of TerraForm Labs’ LUNA/UST and Celsius, the systemic fallout from the liquidity challenges at Three Arrows Capital and the erasure of almost $2 trillion in value from…

Earlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are a complete and total disaster, and urging them to regulate the space. Nothing in that letter is out of the ordinary, and is in line with what I wrote about blockchain in 2019. In response, Matthew Green has written—not…

Sky Mavis, the developer behind the play-to-earn video game Axie Infinity said that it’s preparing to re-open the Ronin bridge that fell victim to a $552 million hack in March. The re-opening of the Ronin bridge, which was used by players to transfer assets between the Ronin chain and the Ethereum network, is planned on…

The Horizon Bridge to the Harmony layer-1 blockchain has been exploited for $100 million in altcoins which are being swapped for Ether (ETH). The hack may vindicate previously raised community concerns about the robustness of the two of four multisig that reportedly secures the bridge. Starting at about 7:08 am EST until 7:26 am EST, 11 transactions…

Got Crypto? Make sure you own and have access to it in a secure digital stronghold. Having self-custody of your crypto keys and managing your digital assets can help stave off digital bankruptcy or loss through theft, warns cryptocurrency storage provider CompoSecure. Cryptocurrency is an increasingly familiar term since Bitcoin emerged in 2009. Since then, numerous cryptocurrencies…

The explosiveness and high dollar value of nonfungible tokens (NFTs) seem to either distract investors from upping their operational security to avoid exploits, or hackers are simply following the money and using very complex strategies to exploit collectors’ wallets. At least, this was the case for me way back when after I fell for a classic…

Chainalysis has launched Crypto Incident Response, a rapid response service for organisations that have been targeted by a cyber-attack or unauthorised network intrusion that involves a cryptocurrency theft or demand. The growth in the legitimate use of cryptocurrency is far outpacing the growth of criminal usage, with transactions involving illicit addresses representing just 0.15% of cryptocurrency…

A hacking group out of China has been identified using a rather low-tech yet effective way to steal money from Web3 wallets: distributing altered versions that have holes programmed into them. The Chinese hackers cloned the distribution sites of legitimate wallets, tricking users into downloading a compromised version. Researchers with digital advertising security firm Confiant…

Trustless blockchain bridges will play an important role in cross-chain interoperability and in reducing the risk of hacks in the blockchain industry. This problem was brought to the fore earlier this year with a couple of major attacks on blockchain bridges—the $320 million hack on the Solana Wormhole bridge in February and the theft of…

According to Wikipedia, the first known non fungible token (NFT) was created in 2014 and the first NFT project was launched in late 2015. It took a few more years and more projects for the concept to trickle into the consciousness of the general public, and then a few more for the massive investments into…

Cryptocurrencies are generally not subject to federal regulation unless they are deemed to be “securities,” in which case the Securities Act of 1933 requires them to abide by disclosure requirements and antifraud regulation by the Securities and Exchange Commission (SEC) if they are offered to the public. The test the SEC uses to determine whether a…

At 1 a.m. on March 29, Jiho Zirlin, a co-founder of the Vietnamese crypto gaming company Sky Mavis, received a text from his fellow co-founder Aleksander Larsen. Zirlin, who is also the company’s head of growth, was in Los Angeles at the time, winding down for the night at his Airbnb. He was scheduled to…

The recent Terra LUNA collapse and Celsius’ restrictions on withdrawals have sparked fears of a crisis in crypto lending. Economists at the Bank of International Settlements (BIS) said while on-chain collateral in DeFi lending overcomes asymmetric information, it doesn’t make the space immune from boom-bust episodes, compounded by liquidation spirals. Cryptocurrency lending platforms — where borrowers…

You can often hear from me and my colleagues security engineers about the defense in depth approach to protecting the user data. Does this mean putting as many tools and security controls in your code or system as the whole market suggests? By no means. When speaking about defence in depth we mean that carefully…

The ongoing crypto crash has brought a lot of investors back down to earth. In the case of current and former Terraform Labs employees, it’s keeping them literally grounded. Dozens of past and present staff from the company behind two notorious crypto coins, terraUSD and Luna, have been barred from leaving South Korea, according to multiple…

A Cloudflare outage on Tuesday knocked out numerous popular web services, including major crypto exchanges FTX, Bitfinex, and OKX, raising questions about the security of centralized crypto platforms. The CEO of OKX, which saw $1.47 billion in trading volume in the past 24 hours, tweeted asking for “web3 alternative in the future” after the company’s website…

One day after cryptocurrency firm BlockFi moved to lay off 20% of its staff, over a thousand Coinbase employees woke up to find their workplace access cut and an email informing them they were part of the 18% of staff let go due to tough industry conditions. “Although I understand that difficult decisions have to be…

Whether prices are up or down, for many investors in cryptocurrency, the real appeal is that there’s nobody in charge. As the crowd chanted at the recent Bitcoin 2022 conference in Miami, it’s all about “Freedom!” By design, the system is meant to be from interference by banks, companies and governments. But a new report…

Just two months after losing $15.6 million in a price oracle manipulation exploit, Inverse Finance has again been hit with a flash loan exploit that saw the attackers make off with $1.26 million in Tether (USDT) and Wrapped Bitcoin (wBTC). Inverse Finance is an Ethereum-based decentralized finance (DeFi) protocol and a flash loan is a type…