Group items tagged

"Although this paper does not assess which method of regulation of ICOs and cryptocurrencies can ultimately be qualified as best strategy, we conclude that a positive and facilitating approach offers more opportunities for investors and innovative companies. However, this approach requires a clear and detailed legislative and regulatory framework for all parties involved in the establishment, issuing, storing or trading of cryptocurrencies and ICOs. Such a framework should at least provide boundaries with regard to money laundering and other common forms of cybercrime. Moreover, it should provide some sort of consumer/investor protection and clarity when it comes to tax liability. A legislative and regulatory framework that provides all these aspects will prevent abuse and may enable governments to intervene when issues occur."

"A CBDC analogous to a digital form of paper money-a digital bearer instrument, would not require intermediaries for most transactions carried out by consumers today. Payments for everyday purchases could be done without revealing the identities of the parties involved in the same way that users may choose to pay in cash. This would help combat cybercrime while freeing up resources to identify truly illicit activities."

Reuters recently published a series of investigative reports on Binance and its association with illicit activity, claiming that Binance has become a hub for criminal activity and that it overlooked several money-laundering red flags. In a CoinDesk interview, Tigran Gambaryan and Matthew Price, key members of Binance's compliance team and former investigators at the U.S. Internal Revenue Service's cybercrime unit, disputed a number of these claims. In particular, they claimed that proportional to trading volumes, illicit trading on Binance is no worse than on other exchanges.

There's a huge imbalance between crypto hacker insurance supply and demand, but the $45B Lloyd's of London insurance marketplace is emerging as a major player, as is Aon, the second-largest insurance broker in the world.

Last month, Miller Thomson, the law firm representing Quadriga's former users, asked creditors for help in identifying if the failed Canadian exchange had used a payment processor known as Crypto Capital Corp.

This note outlines EIOPA's strategic priorities regarding the European cyber insurance market, as part of EIOPA's broader mission to promote sound technological progress for the benefit of the European Union economy and its citizens, while safeguarding financial stability, market integrity and investors' protection. The note puts EIOPA's cyber underwriting strategy into context, discusses the work undertaken so far by EIOPA and outlines the proposed way forward.

When cryptoasset exchanges get hacked and large monetary amounts get stolen, news tends to spread fairly quickly. However, articles tend to focus largely on the monetary amount stolen. Rarely do they explore the deeper consequences and fallout resulting from these shocks. In this feature, Coinmetrics use both on-chain and market data to analyze four of the largest Bitcoin exchange hacks and look at the deep consequences of each, both positive and negative.

The European Systemic Risk Board (ESRB) has today published a report on cyber incidents, such as cyberattacks. The report, which also summarises the latest estimates of the costs of cyber incidents, shows that a cyber incident could indeed evolve into a systemic cyber crisis that threatens financial stability. The ESRB has therefore identified cyber risk as one of the sources of systemic risk to the financial system which could have serious negative consequences for the real economy.

One of the main protagonists in the fateful crash on March 12 is BitMEX, which suffered a distributed denial-of-service (DDoS) attack on the worst day imaginable. Ironically, that attack may have helped stop and even reverse part of bitcoin's price plunge. 

"This week, a stunning story from Vice revealed how easy it is for an attacker to siphon away your text messages. They don't need access to your phone; they don't even need your SIM card. They just need to pay a trivial sum, convince a VoIP wholesaler that they're a reseller (also a trivial matter), and sign a form swearing that they're allowed to route messages to your number to another."

"A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages."

Volume on decentralized finance (DeFi) platforms was at an all-time high in 2020 - and so were the number of attacks and thefts in that arena, according to blockchain analysis firm CipherTrace's Crime Report. Over 50% of crypto thefts in 2020 stemmed from DeFi attacks, adding up to $129 million. That's more than 25% of the year's total volume from hacks and other incidents.

Yearn.Finance DeFi protocol has announced that one of its DAI stablecoin lending pools has been exploited, leading to the loss of $2.8 million. The suspect is said to have used an Aave flash loan to trigger the vault draining, thus getting away with $2.8 million and the vault losing $11 million. Yearn.Finance facilitates "yield farming" in which users lock up cryptocurrencies in the DeFi protocol so as to earn more crypto-assets. However, such protocols have become a nightmare for some crypto users who have been robbed and conned of millions of dollars in valuable digital assets.

Jennifer Robertson, the widow of QuadrigaCX founder Gerald Cotten, is transferring nearly C$12 million in assets to EY Canada, the bankruptcy trustee for the now-defunct crypto exchange.

While nowadays there are multiple ways of bypassing MFA protections, the FBI alert specifically warned about SIM swapping, vulnerabilities in online pages handling MFA operations, and the use of transparent proxies like Muraen and NecroBrowser.

Crypto investor Michael Terpin has written an open letter to US FCC chairman Ajit Pai requesting urgent action on SIM swapping fraud. He asked the regulator to make mobile carriers hide customer passwords from employees and to provide a "no port" option, whereby customers would have to go through a company's fraud department before transferring their SIM information to a new phone. In a SIM swap, criminals pose as the owners of a victim's mobile phone number, convincing telecom providers to grant them access to the SIM card.

A database containing the personal information of over 270,000 Ledger customers has been published on RaidForums, a marketplace for buying, selling, and sharing hacked information. The database contains the emails, physical addresses, and phone numbers of Ledger hardware wallet buyers. The leak is the result of a data breach Ledger suffered in June and also contains the emails of over 1 million Ledger customers.

The Singapore-headquartered digital asset exchange KuCoin detected large withdrawals of bitcoin (BTC) and ethereum (ETH) tokens to an unknown wallet beginning at 19:05 UTC time on September 25. One or more hackers obtained the private keys to the exchange's hot wallets. The address received transactions of 11,484 Ether, worth roughly $4 million, plus $146 million in transactions of other tokens. Many are little-known, such as Gladius, Chroma, Ocean Token, and Hawala, but there were also Maker, OMG, and YFI tokens in the mix. KuCoin transferred what was left in them to new hot wallets, abandoned the old ones and froze customer deposits and withdrawals. About $150 million worth of tokens were been moved to a different address.

The Singapore-headquartered digital asset exchange KuCoin detected large withdrawals of bitcoin (BTC) and ethereum (ETH) tokens to an unknown wallet beginning at 19:05 UTC time on September 25. One or more hackers obtained the private keys to the exchange's hot wallets. About $203 million worth of tokens were been moved to a different address. KuCoin transferred what was left in them to new hot wallets, abandoned the old ones and froze customer deposits and withdrawals. Also cryptocurrency exchanges and blockchain projects froze about $130 million of the stolen assets to minimize the damage.

Last week, the crypto community spotted transaction fees of up to $2.6 million featured in several transactions on the Ether (ETH) network. Vitalik Buterin has since suggested that the abnormous fees "may actually be blackmail," but some researchers have now challenged that claim. Alex Manuskin, blockchain researcher at Tel Aviv-based cryptocurrency wallet company ZenGo, said the blackmail theory "takes some very peculiar circumstances for it to be possible".