MetaMask Users Email Addresses Exposed in Cybersecurity Incident

MetaMask, the popular Ethereum wallet, recently experienced a cybersecurity incident that exposed the email addresses of some of its users who submitted a customer support ticket between August 1, 2021, and February 10, 2023. Parent company ConsenSys released a blog post on April 14, 2023, which disclosed the details of the incident.

According to the post, unauthorized actors gained access to a third-party computer system that was used to process customer service requests. This allowed them to potentially view customer support tickets submitted by MetaMask users. While the tickets did not ask for information other than what was necessary to help the user, they did include a free text field that some users may have used to submit personally identifying information. This may have included economic or financial information, name, surname, date of birth, phone number, and postal address.

ConsenSys emphasized that it does not ask for personally identifying information in customer conversations, but some users may have provided it anyway. The breach may have affected up to 7,000 MetaMask users who submitted customer support tickets during the affected timeframe.

As a response to the incident, hardware wallet provider Keystone warned MetaMask users that they might receive more phishing emails. The attacker may use this swiped email database to look for potential victims. Phishing is a scam that tricks a user into providing sensitive information to an attacker. It is often performed by sending an email to the victim that appears to be from a trusted party or someone the victim knows.

ConsenSys said it had taken steps to eliminate unauthorized access in the future. As a result, tickets submitted after February 10 should be unaffected by the incident. The company also contacted the Data Protection Commission of Ireland and the Information Commissioner’s Office of the United Kingdom to report the breach. Additionally, the company’s third-party customer service provider is working with a cybersecurity and forensics team to perform a more detailed investigation of the incident.

This is not the first time MetaMask has come under scrutiny from privacy advocates. In late 2022, the company revealed that it sometimes logged users’ IP addresses. However, it updated its app in March to give users more control over which providers could obtain this information.

The incident highlights the importance of cybersecurity in the cryptocurrency industry. Users should remain vigilant and take steps to protect their personal information, such as using strong and unique passwords and enabling two-factor authentication.


Tagged : / / / / /

Shapella Upgrade, Privacy Concerns, Hacks, and Financial Inclusion

The DeFi space had a busy week with several significant developments. The highly anticipated Shapella upgrade on Ethereum’s mainnet was successfully completed, allowing validators to withdraw their staked Ether after three years. However, only 253 validators have signed up to fully exit their staked Ether position, with analytics firm Glassnode predicting that less than 1% of the staked ETH will be withdrawn.

In addition to the Shapella upgrade, an Ethereum researcher revealed that staking Ether could become a privacy concern. The researcher found that staking Ether shows a user’s IP address information, which could lead to privacy issues. This discovery raised concerns within the cryptocurrency community.

A DeFi hack also occurred during the week, where a hacker exploited an old contract and minted 1 quadrillion Yearn Tether (yUSDT). The hacker then swapped the yUSDT to other stablecoins, allowing them to take hold of $11.6 million worth of stablecoins.

However, the week also had positive news regarding financial inclusion in Africa. Fonbnk, a Web3 on-ramp that allows Africans to obtain cryptocurrency assets by exchanging their airtime credits, partnered with Tanda, a merchant network platform in East Africa, to launch an airtime trading marketplace across Tanda’s network of agents. This partnership aims to increase liquidity and earning opportunities for African micro-entrepreneurs.

Finally, the top 100 DeFi tokens had a bullish week, thanks to a late surge in the crypto market after Ethereum’s much-awaited upgrade. Most DeFi tokens traded in the green along with the rest of the market.

In conclusion, the DeFi space had a busy week with several significant developments, including the successful Shapella upgrade, privacy concerns related to staking, a major DeFi hack, and a partnership to increase financial inclusion in Africa. The top 100 DeFi tokens had a bullish week, and Glassnode predicted only a small percentage of staked ETH would be withdrawn.


Tagged : / / / / / / / / / /

Twitter and Alibaba Enter Global AI Race

In the rapidly evolving world of technology, artificial intelligence (AI) has become a focal point for many companies. Twitter and Alibaba have reportedly joined the global AI race by integrating the technology into their businesses. Twitter plans to use AI to “detect & highlight manipulation of public opinion,” while Alibaba is developing its own chatbot assistant called Tongyi Qianwen.

Meanwhile, the co-founders of cryptocurrency exchange Gemini, Tyler and Cameron Winklevoss, have funded their business with a personal loan of $100 million. The move comes after previous attempts to raise capital from external investors failed. The Winklevoss brothers are funding Gemini amid regulatory scrutiny in the United States, including charges from the Securities and Exchange Commission related to the exchange’s Earn program.

In addition, MetaMask has launched a new feature that allows users to purchase cryptocurrency with fiat currency directly from its Portfolio Dapp. The service is available in over 189 countries and accepts debit and credit cards, PayPal, bank transfers, and instant ACH. MetaMask claims the service follows local regulations and takes the user’s location into account.

The integration of AI into businesses is not without controversy. Twitter CEO Elon Musk, who recently purchased nearly 10,000 graphics processing units (GPUs) for the platform, previously spearheaded a letter calling for the halt of advanced AI development due to societal concerns. However, many companies see the potential benefits of AI and are investing heavily in the technology.

In the cryptocurrency world, the Winklevoss brothers’ loan to Gemini underscores the challenges that exchanges face in a volatile market and amid regulatory scrutiny. However, the loan also highlights the dedication of entrepreneurs to build a successful business in the face of adversity.

Meanwhile, MetaMask’s new feature for purchasing cryptocurrency with fiat currency is a welcome addition for many users who find it challenging to navigate the complex world of cryptocurrency exchanges. The service’s availability in over 189 countries and its acceptance of a wide range of payment methods make it an attractive option for those looking to invest in cryptocurrency.

Finally, Alibaba’s entry into the AI race with its chatbot assistant underscores the company’s commitment to innovation and its vast ecosystem of tech businesses. As the world becomes increasingly reliant on technology, the integration of AI into businesses will likely continue to be a significant trend. However, companies must balance the potential benefits of AI with the societal concerns surrounding the technology.


Tagged : / / / / / /

Man Sentenced to Prison for Stealing Bitcoin from Silk Road

The United States Attorney’s Office for the Southern District of New York has announced the sentencing of James Zhong, an individual who pleaded guilty to wire fraud charges connected to unlawfully obtained Bitcoin from the Silk Road marketplace in 2012. Zhong was sentenced to one year and one day in prison for charges related to executing a scheme to steal more than 51,680 Bitcoin.

According to U.S. Attorney Damian Williams, cyber-criminals should heed this message: we will follow the money and hold you accountable, no matter how sophisticated your scheme and no matter how long it takes. Zhong managed to conceal his crime for roughly 10 years before facing charges, but U.S. authorities were able to seize the Bitcoin holdings from his home in the state of Georgia in November 2021. The bulk of the crypto was found in a floor safe and a computer concealed in a popcorn tin. The coins were worth roughly $3.4 billion at the time.

The Silk Road marketplace, defunct for roughly 10 years, allowed users to buy and sell illicit goods such as weapons and stolen credit card information, drawing the attention of U.S. authorities. The creator of the platform, Ross Ulbricht, was arrested in 2013 and is currently serving two life sentences without the possibility of parole.

Cybercrime has become a growing problem in recent years, with the rise of digital currencies such as Bitcoin providing new opportunities for criminals to commit fraud and theft. Silk Road was one of the most high-profile cases of illegal activity using Bitcoin, and the U.S. government has made it clear that it will not tolerate such crimes.

The sentencing of James Zhong sends a strong message to cybercriminals that they will not be able to hide from the law forever. As technology continues to advance, law enforcement agencies are becoming increasingly sophisticated in their methods for tracking down and prosecuting those who commit cybercrime.

However, the case also highlights the challenges of dealing with digital currencies, which can be difficult to trace and recover once they have been stolen. The seizure of Zhong’s Bitcoin holdings is a rare example of a successful recovery of stolen cryptocurrency, and it remains to be seen whether similar cases will be as successful in the future.

In the meantime, the U.S. government is likely to continue to pursue cybercriminals who use digital currencies to commit fraud and theft. The case of James Zhong is a reminder that the law is catching up with those who seek to exploit new technologies for criminal purposes.


Tagged : / / / / /

Celsius Network Considers Legal Action Against Crypto Blogger

Celsius Network, a crypto lending platform, has been considering legal action against Tiffany Fong, a crypto blogger and Celsius creditor, for sharing leaked internal information regarding the company’s bankruptcy case. Fong, who has roughly $119,000 worth of crypto assets locked on Celsius, has been reporting on the bankruptcy case via YouTube and other social media platforms since the firm paused withdrawals in mid-June 2022 and filed for Chapter 11 bankruptcy the following month.

According to a recent court filing, Celsius’ legal counsel, Kirkland & Ellis International, has been working on the case for Fong since January 26, 2023. The filing shows that the law firm had worked 77 billable hours worth roughly $72,000 on an invoice titled “Tiffany Fong litigation” as of April 14, 2023. While no concrete legal action has been formulated yet, the filing suggests that Celsius’ legal counsel has been looking into the leaked information Fong reported on via her social media accounts.

Fong claims that she received the leaked information privately from disgruntled former Celsius employees, and has reported on various internal details, such as company bids on Celsius assets, alleged audio of private company discussions, and alleged transaction activity of executives such as former CEO and founder Alex Mashinsky.

In the filing, Celsius’ law firm also outlined that it was drafting cease and desist letters for Fong and a motion to compel, which generally asks courts to enforce a request for information relevant to a case. While Fong maintains that she has not done anything illegal, Celsius Network is seeking to prevent further dissemination of internal information related to its bankruptcy proceedings.

Fong’s attendance at the 2023 NYC NFT event has added fuel to the fire. In a Twitter post on April 15, she revealed that she had found Alex Mashinsky and his wife, Krissy Mashinsky, in public and approached them. A video posted to Twitter also shows the Mashinsky couple hurriedly walking away as other crypto content creators, such as BitBoy Crypto, approach alongside Fong in an attempt to engage them in conversation.

Celsius Network’s bankruptcy case is ongoing, with the company’s legal counsel actively pursuing action against Fong for leaking internal information. The case highlights the potential legal consequences of sharing confidential information regarding a company’s bankruptcy proceedings, even if the information is provided by former employees.


Tagged : / / / / /

Cryptocurrency Phishing Attacks Surge in 2022

When it comes to cryptocurrency-related cyberattacks, bad actors have seemingly reduced the use of traditional financial threats like desktop and mobile banking malware, shifting their focus to phishing. Russian cybersecurity and anti-virus provider Kaspersky has revealed that cryptocurrency phishing attacks witnessed a 40% year-on-year increase in 2022. The company detected 5,040,520 crypto phishing attacks in the year, compared with 3,596,437 in 2021. This represents a significant increase in the number of phishing attacks targeting crypto investors.

A typical phishing attack involves reaching out to investors through fake websites and communication channels that mimic official companies. Users are then prompted to share personal information such as private keys, which ultimately provides attackers unwarranted access to crypto wallets and assets. This is a serious threat, as once attackers have access to a user’s private keys, they can gain control over their cryptocurrency holdings and potentially steal their assets.

While Kaspersky could not predict if the trend would increase in 2023, phishing attacks continue to gain momentum in 2023. Most recently, in March, hardware cryptocurrency wallet provider Trezor issued a warning against attempts to steal users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site. This highlights the need for users to exercise caution and be vigilant in their interactions with cryptocurrency platforms.

In a survey conducted by Kaspersky in 2022, one out of seven respondents admitted to being affected by cryptocurrency phishing. While phishing attacks predominantly involve giveaway scams or fake wallet phishing pages, attackers continue to evolve their strategies. According to Kaspersky, “crypto still remains a symbol of getting rich quick with minimal effort,” which attracts scammers to innovate their techniques and stories to lure in unwary crypto investors.

Even established cryptocurrency platforms and their investors are not immune to phishing attacks. Arbitrum investors were recently exposed to a phishing link via its official Discord server. A hacker reportedly hacked into the Discord account of one of Arbitrum’s developers, which was then used to share a fake announcement with a phishing link. This highlights the importance of securing communication channels and taking measures to ensure that official channels are not compromised.

To protect themselves from phishing attacks, cryptocurrency investors should be wary of unsolicited communications and only interact with official channels. They should also avoid sharing their private keys or recovery phrases with anyone, even if they appear to be legitimate sources. Finally, it’s essential to use two-factor authentication and keep their software and anti-virus systems updated to ensure maximum protection against phishing attacks.

In conclusion, phishing attacks targeting cryptocurrency investors are increasing in frequency, and scammers are continually evolving their techniques to steal investors’ assets. It’s crucial for investors to remain vigilant and exercise caution in their interactions with cryptocurrency platforms to avoid falling victim to these scams. By taking the necessary precautions, investors can help safeguard their cryptocurrency holdings and prevent losses due to phishing attacks.


Tagged : / / / / /

Elon Musk developing AI startup to rival OpenAI

In a move to expand his footprint in the AI industry, tech entrepreneur Elon Musk is reportedly creating a startup to rival one of his own previous ventures, OpenAI. According to the Financial Times, Musk is putting together a team of AI researchers and engineers to develop a new AI company that will compete with OpenAI. While Musk resigned from the board of OpenAI in 2018, the launch of his new AI startup will put him in direct competition with other tech giants like Google and Microsoft.

The report also suggests that Musk is in talks with investors, including existing supporters of SpaceX and Tesla, for investment in the new AI venture. According to a source, “a bunch of people are investing in it, it’s real and they are excited about it.”

This revelation follows a recent report stating that Musk procured almost 10,000 graphics processing units to power Twitter’s AI initiatives. On March 9, Musk also incorporated a company named X.AI, which he listed as the sole director. He changed the name of Twitter to “X Corp” in company filings as part of his plans to create an “everything app” under the “X” brand.

Interestingly, despite Musk’s involvement in AI development, he and over 2,600 other tech leaders and researchers signed an open letter on March 30 calling for a temporary halt on further AI development due to “profound risks to society and humanity.”

In the broader context of AI competition, Amazon Web Services (AWS) has also recently launched its Amazon Bedrock initiative. This will allow AWS users to build generative AI from foundation models.

Overall, Musk’s new AI venture will undoubtedly be one to watch in the coming months. As one of the most well-known and influential tech entrepreneurs of our time, his latest AI startup will undoubtedly capture the attention of the industry and the wider public.


Tagged : / / / / /

BlockSec Launches Phalcon Fork for Collaborative Testing on Ethereum Mainnet

Blockchain security tech firm BlockSec has released a new toolkit for collaborative testing on private chains, called Phalcon Fork. This developer and security researcher-focused toolkit allows users to fork arbitrary transaction positions and block numbers on the Ethereum mainnet, providing greater control over testing, analysis, and debugging on testnets.

Phalcon Fork offers several advantages over traditional solutions such as Goerli. According to the Phalcon Fork user manual, users can retain services and states from the Ethereum mainnet, facilitating rapid integration and debugging with other DeFi contracts. Additionally, users have full control over block information, including Timestamp, BaseFee, and MixDigest.

One of the key features of Phalcon Fork is the ability to utilize snapshots, which allow users to save specific blockchain positions and revert back to them during testing processes. The snapshots record the transactions being executed and deployed by the user at a given time. This feature is particularly useful when a user wants to run multiple tests of a script or save certain states and return to them later.

Phalcon Fork also includes an integrated faucet, which allows users to acquire free fork network Ether (ETH) to conduct transactions on private chains. To directly interact with the chains and execute transactions, Phalcon Fork provides a remote procedure call node called Fork RPC. This can be integrated with Ethereum Virtual Machine-compatible development frameworks such as Hardhat, Foundry, Remix, or added to MetaMask.

Currently, users can only fork from the Ethereum mainnet; however, BlockSec has teased future support for additional blockchains, such as the BNB Smart Chain and Arbitrum.

April has been an exciting month for Ethereum developers, as the highly anticipated Shapella hard fork went live on the Ethereum mainnet without any issues on April 12. This upgrade allows Ethereum validators to withdraw staked ETH from the Beacon Chain. This has led to positive price action for Ether (ETH), with the asset gaining roughly 12% since April 12, trading at $2,092 at the time of writing.

Phalcon Fork is a significant addition to the Ethereum developer toolkit, offering greater control and flexibility over testing, analysis, and debugging on private chains. As the blockchain industry continues to evolve and expand, tools like Phalcon Fork will become increasingly important for developers looking to build on top of existing networks.


Tagged : / / / / /

Terraform Labs CEO Sends Millions to Law Firm Before Collapse

South Korean prosecutors have confirmed that Terraform Labs CEO, Do Kwon, sent 9 billion won ($7 billion) to Kim & Chang, a top South Korean law firm, right before the spectacular collapse of the Terra ecosystem. This move by Kwon has been flagged by prosecutors as deliberate, reaffirming his awareness of the impending collapse and anticipated legal problems.

The Terra ecosystem, a blockchain-based payments platform, was launched in 2018 by Terraform Labs. The company’s cryptocurrency, LUNA, reached an all-time high in November 2021 before experiencing a sharp drop. Following this, Terraform’s system became unstable, leading to a spectacular collapse of the ecosystem.

KBS News reported that prosecutors believe Kwon’s decision to send millions to the law firm was a deliberate move to prepare for the anticipated legal issues that would arise following the collapse of the Terra ecosystem. Prosecutors are now trying to tie Kwon’s ill intent in prepaying the law firm, and they believe the information will help in the ongoing fraud case.

In addition to Kwon’s payment to the law firm, lawyers from Kim & Chang also visited Montenegro to meet with Kwon and Terraform’s former chief financial officer, Han Chang-joon. Kwon was later arrested at Podgorica airport in Montenegro after trying to fly to Dubai using fake documents. Following his arrest, both United States and South Korean authorities have sought Kwon’s extradition. However, the court is yet to decide.

On April 7, South Korean prosecutors revealed that they suspected Kwon of converting illicit funds from Terra (LUNA) to Bitcoin (BTC). The prosecutors requested Binance, a cryptocurrency exchange, to halt all withdrawal requests linked to Kwon.

Prosecutors have identified over $314 million in illicit assets associated with Terraform Labs co-founder Kwon and his associates, out of which about $69 million is reportedly directly linked to Kwon. The ongoing investigation is likely to reveal more information, shedding light on the Terra ecosystem’s collapse and the role played by Kwon and his associates.

In summary, Terraform Labs CEO Do Kwon’s prepayment of millions to a South Korean law firm right before the collapse of the Terra ecosystem has raised suspicions among prosecutors that his actions were deliberate. Prosecutors suspect Kwon of converting illicit funds from Terra to Bitcoin and have identified over $314 million in illicit assets associated with Kwon and his associates. The investigation is ongoing and is likely to reveal more information on the collapse of the Terra ecosystem and Kwon’s role in it.


Tagged : / / / / /

Arbitrum’s Governance Token Return Proposal Rejected

In a bid to re-establish dialogue with the community, Arbitrum’s Foundation introduced a set of improvement proposals after facing community backlash over its governance proposal AIP-1. However, a controversial proposal, AIP-1.05, seeking the return of 700 million ARB governance tokens to Arbitrum’s DAO Treasury, was recently rejected by the community. The proposal was introduced after the Foundation transferred funds without community approval in March.

The rejected proposal aimed to demonstrate that the governance holders ultimately control the DAO, not the Arbitrum service provider nor the Foundation. However, 84% of the total votes received rejected the proposal, with 14.5% of the total votes cast in favor of the proposal and around 2 million ARB tokens abstaining.

The rejection of the proposal has generated mixed reactions from the community. Some believe that the proposal would have added an unnecessary step, thereby delaying the Foundation’s ability to support the growth of the Arbitrum ecosystem. However, others believe that balance is necessary to promote decentralization and progress in the ecosystem.

The rejection of the AIP-1.05 proposal comes amidst a dispute between the Arbitrum community and its Foundation over the governance proposal AIP-1. The latter called for the investment of nearly $1 billion worth of ARB tokens to fund its operations. However, after facing community backlash, the Foundation clarified that AIP-1 was a ratification, not a proposal. It also noted that some of the tokens were already sold for stablecoins.

Arbitrum’s community and Foundation are now at a critical juncture, and it remains to be seen how they will navigate the challenges ahead. With the rejection of the AIP-1.05 proposal, the community has sent a strong message that it is not willing to relinquish control over the DAO’s governance tokens. The Foundation will need to take a collaborative approach and engage in constructive dialogue with the community to address its concerns and promote the growth of the Arbitrum ecosystem.


Tagged : / / / / /
Bitcoin (BTC) $ 26,567.12 0.18%
Ethereum (ETH) $ 1,592.35 0.29%
Litecoin (LTC) $ 64.84 0.07%
Bitcoin Cash (BCH) $ 207.94 0.33%