Cybersecurity

Issuance of a central bank digital currency (CBDC) requires adequate attention to security, the Bank for International Settlements (BIS) reminded central bankers in a report on Nov. 29. An integrated risk-management framework should be in place starting at the research stage, and security should ...

As Web3 gets bigger, it struggles to keep up with the malicious actors targeting users’ funds across different blockchains and networks. This security protocol takes a preventive approach against hacks and exploits, freezing assets before they get stolen.Web3 benefits from being a d ...

As companies continue to fall for hacks and exploits, professionals working in the cybersecurity space chipped in on what can be improved in terms of crypto security for digital asset companies and the broader crypto industry. Before September, almost $1 billion had already been lost ...

Multi-party computation (MPC) wallet provider Fireblocks has released a new trading system for institutions that use centralized exchanges, according to a Nov. 28 announcement. Called “Off Exchange,” the new system allows institutional traders to swap tokens without first depositing t ...

The United States, United Kingdom, Australia, and 15 other countries have released global guidelines to help protect AI models from being tampered with, urging companies to make their models “secure by design.”On Nov. 26, the 18 countries released a 20-page document outlining h ...

Web3 protocol Blast network has gained over $400 million in total value locked (TVL) in the four days since it was launched, according to data from blockchain analytics platform DeBank. But in a Nov. 23 social media thread, Polygon Labs developer relations engineer Jarrod Watts claimed that the n ...

Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you the most significant developments from the past week.The attacker who stole $46 million from the KyberSwap protocol has used a complex strategy described by ...

The attacker who drained $46 million from KyberSwap relied on a “complex and carefully engineered smart contract exploit” to carry out the attack, according to a social media thread by Ambient exchange founder Doug Colkitt. Colkitt labeled the exploit an “infinite mo ...

Data shared by blockchain security platform PeckShield shows that more than $86.6 million in digital assets were transferred from the HECO Chain bridge to suspicious addresses. The security firm suggests that the bridge is compromised and an exploit is ongoing. In response to the inci ...

Blockchain security firm dWallet Labs recently disclosed a vulnerability that they claim could affect up to $1 billion worth of crypto, with assets such as Ether (ETH), Aptos (APT), BNB (BNB) and Sui (SUI) at risk.In a paper sent to Cointelegraph, dWallet Labs reported a potential vulnerab ...

Crypto exchange Poloniex recently posted a message to the hacker responsible for stealing over $100 million in digital assets from one of its wallets saying that they’ve identified the person and are giving the perpetrators a chance to return the assets in exchange for a $10 million bounty.  ...

A recent video from blockchain security firm CertiK made a series of “inaccurate” claims about a potential security vulnerability in Solana’s crypto-enabled Saga phone, Solana Labs has said. In a Nov. 15 post on X (formerly Twitter), CertiK claimed the Saga phone con ...

A new report from blockchain security platform Immunefi suggests that nearly half of all crypto lost from Web3 exploits is due to Web2 security issues such as leaked private keys. The report, released on November 15, looked back at the history of crypto exploits in 2022, categorizing them into di ...

Ethereum Layer 2 networks reached a new milestone on November 10, reaching $13 billion of total value locked (TVL) within their contracts, according to data from blockchain analytics platform L2Beat. According to industry experts, this trend of greater interest in layer 2s is likely to continue, ...

While the crypto community is still weathering the effects of the recent $100-million Poloniex hack, another cybersecurity threat that could affect billions worth of crypto assets has been discovered by a team of blockchain security experts. On Nov. 14, cybersecurity company Unciphere ...

An anonymous group of hackers claims to have stolen personal information for about 300,000 customers of the Bitcoin (BTC) ATM company called Coin Cloud, the pseudonymous cybersecurity account Vx-underground posted on X (formerly Twitter). ...

Australian authorities will oblige local companies to be fully transparent and report any ransomware cyberattacks on their businesses. The country’s economy lost $2.59 billion to cybercrimes in 2021. As reported by the Australian on Nov. 13, the national cybersecurity strategy, which ...

Chinese President Xi Jinping addressed an audience on Nov. 8 at the World Internet Conference Summit in Wuzhen, China calling for international cooperation on risks posed by artificial intelligence (AI). Xi’s speech, pre-recorded and broadcast at the conference, stressed the need for ...

The annual report from India’s Ministry of Home Affairs (MHA) revealed that officials from various cybercrime and police departments were trained in cryptocurrency forensics and investigation during the financial year 2022-23.The MHA, or the Home Ministry, highlighted that under the Narcot ...

Cryptocurrency exchange Bitfinex said it suffered a “minor” information security incident after one of its customer support agents was hacked earlier in the week (Oct. 30 — Nov. 5).It led to a spree of phishing attacks against Bitfinex users but little damage was done, th ...

Reacting to the rising attempts from bad actors to dupe crypto investors, the United Kingdom’s National Crime Agency (NCA) plans to form a specialized cryptocurrency and virtual assets team to counter the issue.The NCA posted a job opening on Nov. 4, looking to hire six individuals to crea ...

Lazarus Group used a new form of malware in an attempt to compromise a crypto exchange, according to an October 31 report from Elastic Security Labs. Elastic has named the new malware “KANDYKORN” and the loader program that loads it into memory “SUGARLOAD,” as the loader file has a novel “ ...

Layer 1 protocol NEAR has tapped blockchain security firm Nym to provide end-to-end encryption and metadata privacy services for its ecosystem.Nym, which provides blockchain agnostic ‘layer 0’ privacy infrastructure, will avail its mixnet tools to encrypt and cloak blockchain traffic and c ...

Cryptocurrency infrastructure firm Fireblocks has identified and assisted in tackling what it describes as the first account abstraction vulnerability within the Ethereum ecosystem.An announcement on Oct. 26 unpacked the discovery of an ERC-4337 account abstraction vulnerability in the sma ...

The United States Securities and Exchange Commission released its 2024 examination priorities report on Oct. 16. The agency’s Division of Examinations has been publishing similar reports for over a decade to let its registrants know the emerging risks it will be focusing on. Crypto dealer-b ...

The hacker responsible for stealing over $400 million from FTX and FTX US in November is suspected of using the trial of Sam Bankman-Fried (SBF), founder of FTX, as a smokescreen to obfuscate the stolen funds. The hacker, known as "FTX Drainer," has been moving millions in Ether obtained from the No ...

FTX hackers have taken a new approach, converting a substantial amount of stolen Ethereum (ETH) into Bitcoin (BTC) using THORChain, a decentralized platform. The hackers transferred 15,000 ETH, which is equivalent to approximately $24.75 million, in a strategic move to further obscure their activiti ...

Creditors of the troubled crypto lender Celsius Network are facing an increased risk of phishing attacks as the lender's bankruptcy proceedings near their conclusion. Reports on social media have indicated a rise in phishing attacks by scammers pretending to be Stretto, the bankruptcy services pl ...

TikTok is currently grappling with a surge in fake cryptocurrency giveaway scams, with many of them impersonating figures like Elon Musk, Tesla, or SpaceX, according to a recent report by Bleeping Computer. These scams typically involve tricking users into creating accounts on fraudulent cryptocurre ...

With millions of dollars worth of assets being lost to phishing attacks after signing malicious permissions, the threat of losing crypto assets from questionable links is very real. When these are paired with platforms allowing hidden links, users are subjected to a different kind of risk.  ...

Hackers have been employing a nefarious Windows tool for cryptocurrency mining malware distribution since November 2021, as uncovered in an analysis by Cisco's Talos Intelligence. In this audacious assault, the attacker capitalizes on Windows Advanced Installer, a tool often used by developers to bu ...

With the field of artificial intelligence evolving at near breakneck speed, scammers now have access to tools that can help them execute highly sophisticated attacks en masse, warns the co-founder of Web3 security firm Quantstamp.Speaking to Cointelegraph at Korea Blockchain Week, Quantsta ...

The government of South Korea is reportedly planning to submit a bill that will track and freeze North Korean crypto and virtual assets that are used to fund its capital Pyongyang's illicit weapons program. According to a report by local media outlet JoongAng Daily, multiple anonymous ...

An advisory report issued by various government agencies in the United States and the United Kingdom is warning users to beware of a new malware that is being used to target crypto wallets and exchanges. Various intelligence organizations including the National Security Agency (NSA), ...

Malicious actors targeting the crypto space have taken more than $45 million in digital assets from their victims in the month of August alone and a total of $997 million year-to-date (YTD), according to a report shared by the blockchain security firm CertiK. Within the report, CertiK ...

The developers behind file compression software WinRAR have patched a zero-day vulnerability that allowed hackers to install malware onto unsuspecting victims' computers, enabling them to hack into their crypto and stock trading accounts. On Aug. 23, Singapore-based cybersecurity firm Group-IB re ...

Palo Alto Networks CEO Nikesh Arora has urged companies to modernize their cybersecurity systems, cautioning that bad actors have become much faster at breaching company defenses than ever before. Speaking to Jim Cramer on CNBC’s “Mad Money” on Aug. 21, the cybersecurity firm CEO said that compan ...

The Harbor Protocol decentralized internetworking application team has announced that the project has been hit by a hacker attack, affecting stOSMO, LUNA and WMATIC storage. Representatives of the project refused to disclose the details of the incident and to report the exact amount of losses: ...

As reported by Asia Today, citing South Korean law enforcement agencies, North Korean hackers stole $180 million in cryptocurrency in the first half of 2023. According to the South Korean Intelligence Service (NIS), North Korea has illegally taken possession of more than $1.5 billion in virtual a ...

The decentralized exchange RocketSwap, created on the basis of the Base layer network, was hacked and lost 471 ETH. The hacker who hacked into the exchange created a meme token called LoveRCKT. Cybersecurity experts PeckShieldAlert reported that the attacker managed to ...

A July report from cybersecurity certification platform CER found that only six of 45 cryptocurrency wallet brands, or 13.3%, have undergone penetration testing to find security vulnerabilities. Of these, only half have performed tests on the latest versions of their products.The three bra ...

The controversial Worldcoin project had a serious security vulnerability, CertiK has disclosed on X (formerly known as Twitter). Worldcoin pays people to become part of its World ID ecosystem by submitting scans of their irises through a device Worldcoin calls an Orb. According to sec ...

A blockchain security firm tried to warn users of an imminent rug pull surrounding a crypto project, but investors became angry and fired back. The firm rescinded the security alert. Then, the project it accused of being a rug pull pulled the plug.This is the story of CertiK, a blockchain ...

Blockchain auditing is the process of examining and verifying the data and transactions stored within a blockchain network. It focuses on assessing the integrity and accuracy of the information recorded on the blockchain to ensure it aligns with the intended rules, protocols and regulations. ...

Smart contract computer language Lexon (LEX) launched a compiler on Aug. 3, allowing developers to write contracts in Lexon and have them be converted into Solidity, Sophia or JavaScript, according to statements made to Cointelegraph by Lexon founder Henning Diedrich. The compiler runs on the Aet ...

Binance CEO Changpeng 'CZ' Zhao warned his followers on X about a tricky and increasingly popular scam targeting the crypto community, in which fake wallet addresses are used to defraud users during transactions.The scheme generates addresses with the same starting and ending characters as ...

Public companies in the United States, including listed crypto firms, will be required to disclose any major cybersecurity incidents within a four-day time limit, under new rules adopted by the United States securities regulator.The rules from the United States Securities and Exc ...

Cryptocurrency payments platform CoinsPaid has pointed the finger at North Korean state-backed Lazarus Group as being behind the hacking of its internal systems, which allowed them to steal $37.3 million on July 22.“We suspect Lazarus Group, one of the most powerful hacker organisati ...

Blockchain security firm Quantamp is set to return $28 million raised in a 2017 initial coin offering (ICO) following charges brought by the United States Securities and Exchange Commission.The U.S. agency announced that it had formally charged the California-based firm on July 21 for cond ...

Lending app Era Lend on zkSync has been exploited for $3.4 million worth of crypto, according to a July 25 report from blockchain security firm CertiK. The attacker used a “read-only reentrancy attack” to drain the funds, which is a type of attack that interrupts a multi-step process ...

The Diabolic Drive’s name sounds as ominous as its potential payload. The recently developed USB wireless keystroke injection tool is intended to stress test networks, but could it potentially be used as a means to steal cryptocurrency from unwitting users?The new gadget is set to be ...

Bug bounties are programs organizations offer to incentivize security researchers or ethical or white hat hackers to find and report vulnerabilities in their software, websites or systems. Bug bounties aim to improve overall security by identifying and fixing potential weaknesses before malicious ...

Update (July 7 at 9:33 PM UTC): This article has been updated to include Coinbase's response. Coinbase’s users have been turning to Twitter to report scams and phishing attacks involving the company’s services and applications in recent wee ...

Yield Protocol announced on June 27 that it had fully recovered from the Euler flash loan attack. Liquidity providers can now update their strategy tokens, the protocol said on Twitter. That was the last step to protocol restoration after “a long journey.”Yield Protocol was one ...

Decentralized finance (DeFi) protocol Tres Finance warned the community about a scam that involves fake tokens designed to mimic legitimate transactions.In an interview, Tres Finance co-founder Tal Zackon and the company’s technical lead, Idan David, shared the details of a scam using frau ...

Cryptocurrency brokerage firm Floating Point Group (FPG) has confirmed it has halted trading, withdrawals and deposits on its platform after falling victim to a cyberattack on June 11. FPG estimates the attack resulted in a total loss of between $15 million and $20 million.According to a J ...

The United States Justice Department has unsealed charges against two men it says are responsible for the $400 million hack of former Bitcoin exchange Mt. Gox. According to the announcement, 43-year-old Alexey Bilyuchenko and 29-year-old Aleksandr Verner allegedly conspired to launder 647,00 ...

Pro-XRP lawyer, John Deaton, suffered a phone hack on June 4 amid a relentless cyberattack over several days.CryptoLaw, an account created by the attorney representing over 76,000 XRP (XRP) tokenholders in the Ripple vs. United States Securities and Exchange Commission (SEC) lawsuit, ...

Cryptocurrency risk management firm Elliptic has integrated ChatGPT to ramp up its efficiency in detecting crypto threats – a move which comes amid other crypto firms reporting mixed results in its implementation.Elliptic provides risk assessments to crypto users regarding transactio ...

The amount of cryptocurrency lost to "rug pull" or "exit scams" — where founders suddenly up and leave with investors’ money — had outpaced the amount stolen from decentralized finance (DeFi) projects in May, a blockchain security firm has revealed.A June 1 report from Beosin said in May t ...

Cybersecurity experts on the 0d team reported that a critical vulnerability was found in the Tron network's multi-signature system. Assets worth half a billion dollars were at risk, but the vulnerability was promptly closed. The 0d ...

The platform introduces the so-called "travel rule." It comes after a million-dollar fine from the U.S. Japan's largest crypto exchange BitFlyer has introduced the so-called "travel rule.". It went into effect on May 30. This means users will not be able to se ...

This idea was expressed by Commissioner Christine Johnson She believes all clearing organizations should be subject to the same rules The CFTC's Division of Clearing and Risk (DCR) has issued a formal warning to DCOs regarding the risks of cryptocurrency. More ...

As reported in local publications, the Beijing Municipal Science and Technology Commission has published its own Web3 White Paper on Innovation and Development. Beijing aims to become an international innovation center for the digital economy. The document describes Web3 ...

The Hong Kong Police Cybersecurity and Technology Crime Bureau (CSTCB) has unveiled a new meta-universe platform called CyberDefender The Cyber Police and the Police Technology Crime Bureau (CSTCB) launched a platform called CyberDefender of the Metaworld and held its first online event, "Explori ...

The Hong Kong Cybersecurity and Technology Crime Bureau (CSTCB) has launched the CyberDefender Metaverse platform to inform the public about the dangers associated with the Web3 industry and metaclasses. Hong Kong Police Cybersecurity Unit assures that CyberDefender Metav ...

Countries should adopt regulation as soon as possible And developers should take responsibility for fakes and security issues Microsoft president Brad Smith urged governments to speed up regulation of artificial intelligence. He considers fakes the biggest pro ...

The company said it would never add a seed-phrase extraction feature Ledger, which also got caught lying about the firmware of its wallets, had previously been noticed in such a way This is why demand for Trezor products increased Last week sales of T ...

This video is visually indistinguishable from real CZ In addition, the AI has learned to perform voice instructions to verify The technology is becoming a real security threat The chief security officer of Binance revealed a dipfake video about his di ...

The volume of cryptocurrencies stolen in the first quarter of 2023 fell 65% from the same period in 2022, according to analyst firm TRM Labs. However, the number of break-ins has hardly decreased. 2022 was the biggest year in terms of stolen cryptocurrencies - hackers man ...

The founder of Waves told DL News reporters that attackers broke into the blockchain's control system and collected information for six months. In December 2022, Alexander Ivanov received a message from hackers claiming that they had been accessing information in the Wave ...

Ledger Recovery introduces a new recovery feature that allows the developer company to transfer and store backups of the original phrases. Hardware cryptocurrency wallet maker Ledger notified users about the launch of a new service to restore access to Ledger Nano X devices ...

The U.S. government believes that cyberattacks and cryptocurrency theft have become a major source of income for the North Korean authorities. At least half of North Korea's missile program is funded by cybercrime, says Anne Neuberger, de ...

Hackers managed to steal more than $15 million in various cryptocurrencies using a website that mimicked the HitBTC crypto exchange page. The information was provided by SlowMis The company's analysts identified and published fou ...

North Korean-linked hacker groups stole $721 million in cryptocurrency from Japanese entrepreneurs between 2017 and Jan. 1, 2023, according to an Elliptic study published by Nikkei. The amount represents 30% of total losses from DPRK hack ...

A former Ubiquiti employee posed as an anonymous hacker while working for the company and tried to extort $2 million in crypto assets. Nickolas Sharp was arrested in December 2021 and sentenced to six years in prison at the conclusion of the investigation. According to i ...

Blockworks Media Portal has raised the most money Three projects have not announced investments The most active funds this week were Polygon Fund, Animoca Brands and Alchemy All of them participated in three rounds of funding A ...

Australian bookmaker PointsBet urged its customers to delete an email offering to invest in cryptoassets. On Thursday evening, May 11, the betting company announced to customers a complete suspension of communication via email channels. The reason was a suspected phish ...

The central bank of Brazil has invited financial institutions and other stakeholders to participate in the testing of the digital Brazilian real. Submissions for inclusion in the central bank's digital currency testing are open from May 2 to 12. The pilot program was o ...

Cryptoblogger decided to check the KYC ("Know Your Customer") procedure on the Gate.io exchange and registered under the name Kim Jong-un. It took him only a few minutes to verify his identity. A blogger named ZachXBT decided to check how ...

India's federal cyberattack technology arm, CERT-In, has warned of the Royal ransomware encryption program. Hackers attack critical facilities, demanding ransom in bitcoins. Ransomware attack telecom and manufacturing companies, healthcare organizations and educational in ...

This is the decision issued by U.S. regulator NYDFS The reason is a violation of cybersecurity rules Cryptocurrency exchange has promised to "work on the errors" Cryptocurrency exchange BitFlyer USA received a fine from the New York Department of Fina ...

The New York State Department of Financial Services (NYDFS) fined cryptocurrency exchange BitFlyer $1.2 million for violating cybersecurity regulations. In 2017, BitFlyer USA, a subsidiary of BitFlyer Holdings, received a license from the New York regulator allowing the e ...

CertiK, a cybersecurity and auditing firm, says more than $103 million was stolen from cryptocurrency projects during April as a result of hacking attacks. CertiK specialists tweeted a report on exploits, fraud and hacks on cryptocurrency platforms. Since the beginning of ...

ScamSniffer, a platform dedicated to detecting fraudulent activity online, has recently reported that users have lost more than $4 million in just one month as a result of falling prey to cryptocurrency phishing scams. The creators of these malicious sites have been utilizing Google Ads, a contex ...

Banco de Venezuela, the largest financial institution in the country, has suffered a devastating ransomware attack that has left its digital infrastructure compromised. The attack reportedly took place on April 19, and sources in the cybersecurity community have identified the culprit as the Lock ...

According to the Allbridge project team, users who were affected by the hack that occurred in early April are now receiving their funds back. The team announced that the first round of return payments was completed between April 5 and 9. For those who were not included in this first round, the ...

The superintendent in charge of the New York State Department of Financial Services (NYDFS) has dismissed claims that Signature bank's closure was related to its dealings with cryptocurrency companies, deeming such allegations as absurd. Adrienne A. Harris clarified that the actual reason for the ...

An unidentified individual had managed to penetrate Allbridge's bridge and extracted digital assets worth $573,000. However, the perpetrator was willing to give back the majority of the funds to the initiative. The developers received 1,500 BNB (approximately $465,000) from an anonymous donor, wh ...

Based on a recent report by Mandiant, a cybersecurity firm based in the US, North Korean hacker group APT43, also known as Kimuski, is utilizing cloud mining services to launder the cryptocurrencies they've stolen. The report further reveals that APT43 is stealing enough digital assets to purchas ...

The Lazarus Group, a notorious hacking group believed to be associated with North Korea, has targeted the hackers who recently stole almost $200 million worth of cryptocurrency from Euler Finance, a DeFi lending platform built on the Ethereum blockchain. According to Coindesk's sources, Lazarus h ...

BlockSec security experts successfully thwarted an attempted theft of 2,900 ether worth $5 million from Paraspace's decentralized lending protocol, which allows users to lend and borrow crypto assets on the Ethereum blockchain. The vulnerability in the platform's lending protocol allowed hackers ...

In the official Discord channel of the Shiba Inu community, a user going by the name Steve has made a discovery regarding the Shibarium blockchain identifier (Chain ID). According to Steve, the Chain ID used in Shibarium beta testnet matches that of another blockchain called Rinia TestNet. Thi ...

It is concerning to hear that more than 280 blockchain networks are affected by critical vulnerabilities, potentially putting over $25 billion worth of digital assets at risk. The vulnerabilities identified by Halborn are related to P2P communications and RPC, and if exploited, could lead to deni ...

The DeFi protocol smart contracts of the Hedera project have suffered a significant loss of $5 million following a recent hacker attack and the subsequent suspension of Hedera's services. DeFiLlama's analysts reported a 16.8% decrease in Hedera's total value locked (TVL) from $29.6 million to $24 ...

Cybersecurity experts from PeckShield have reported that a whopping $35.5 million worth of cryptocurrencies were stolen in February. The largest number of successful hacks, a total of 141, occurred on February 11th. As per the analysis, the biggest amount that hackers could steal from one project ...

The head of the State Duma Committee on the financial market, Anatoly Aksakov, said that the authorities are discussing the need for mandatory verification of users, in fact equating legal crypto exchanges with banksIn Yekaterinburg, the company at the Cybersecurity in Finance f ...

The top manager of Sberbank spoke about these events at the Yekaterinburg forum “Cybersecurity in Finance”. According to Kuznetsov, front men withdraw money using some crypto-exchanges in the capital's office center. Then these funds, the speaker tried to assure his interlocutors, are sent to some e ...