Tag: Security

UAE Crypto Insights: 72% Investors Lean Towards Bitcoin

by Blockchain News

KuCoin, a global cryptocurrency exchange, has recently disclosed a survey report, “Into The Cryptoverse: Understanding Crypto Users in the UAE”, which is the 17th edition in its report series. The survey engaged 597 cryptocurrency investors from the UAE, providing vital insights into the indispensable need for trust, security, and crypto education. The findings also reinforce the UAE’s emerging recognition as a cryptocurrency hub, with a remarkable 72% preference for Bitcoin among the respondents.

Alicia Kao, the Managing Director of KuCoin, underscored the pivotal insights brought forth by the survey, stating, “Our survey has unveiled the pressing needs and aspirations of the UAE’s crypto community. Trust, security, and education are at the core of their concerns.” This survey not only elucidates their preferences but also solidifies the UAE’s standing as a forerunner in the crypto revolution, with a pronounced 72% preference for Bitcoin and a robust enthusiasm for blockchain and AI integration. The UAE’s conducive environment, including access to funding, a robust financial infrastructure, and global networking, lays a fertile ground for the burgeoning crypto industry.

One of the critical aspects revealed by the survey is the concern regarding trust and crypto education. About 48% of UAE crypto users expressed concerns about the lack of trust in crypto platforms, and 32% of respondents identified a deficiency in crypto education and awareness as a significant challenge in the region. This reflects a pressing need for fostering trust and enhancing educational outreach in the crypto domain.

When it comes to choosing a crypto exchange, the elements of security and customer support stand paramount. The data shows that 63% of UAE crypto users prioritize security, while 47% emphasize the importance of customer support, illuminating the critical role of trust in crypto platform selection.

The survey also showcased a notable preference for Bitcoin, with a remarkable 72% of UAE crypto investors favoring it. This underscores the UAE’s leadership in regional crypto adoption and reflects a substantial inclination towards the seminal cryptocurrency.

Moreover, the survey unraveled a strong appetite among UAE crypto users for real-world applications beyond mere investment. About 40% showcased a preference for utilizing crypto in cross-border remittances and daily transactions, indicating a significant interest in exploring diverse crypto use cases.

Furthermore, a significant portion of respondents, 62%, expressed keen interest in the integration of AI and blockchain technologies. This reflects the UAE’s progressive and forward-looking approach towards crypto innovation, aligning with global technological trends.

Lastly, the survey highlighted the perceived advantages of the UAE for crypto industry development. A total of 53% of respondents recognized access to funding as a top advantage, closely followed by a robust financial infrastructure and a global network. This positions the UAE as an appealing destination for crypto entrepreneurs and businesses aiming for growth.

The survey offers a nuanced glimpse into the attitudes and preferences of crypto investors in the UAE, further elucidating the nation’s potential as a burgeoning hub for crypto innovation and adoption. The blend of technological enthusiasm and robust financial frameworks paves the way for a promising trajectory in the crypto realm within the UAE.

Image source: Shutterstock

Source

Tagged : / / / / / / / / / /

Scroll Launches zkEVM Mainnet

by Blockchain News

On October 17, 2023, Scroll, an open-source, community-centric Ethereum scaling solution, unveiled its mainnet, marking a pivotal stride towards augmenting scalability and propelling developer adoption on the Ethereum blockchain. This comes after two years of extensive development and stringent testing, utilizing zero knowledge (zk) proofs to offload computation from the primary blockchain, thereby addressing the challenges of rising network traffic and costs on Ethereum due to its burgeoning user and project base.

Scalability Unleashed

Employing zk proofs, Scroll has innovated a mechanism that significantly boosts transaction throughput, by expediting transaction processes and slashing costs, heralding a new chapter in Ethereum’s scalability. The proprietary bytecode-level Ethereum Virtual Machine (EVM) compatible zkEVM, delivers a near-identical user experience to Ethereum, enabling developers to effortlessly migrate their existing Ethereum projects onto Scroll, with zero requisite modifications to the codebase. This exemplifies Scroll’s dedication to scaling Ethereum without sacrificing either security or decentralization.

Security and Community at the Forefront

Scroll’s co-founder, Haichen Shen, emphasized the paramount importance of security, mentioning a holistic approach towards it, backed by a robust internal security team and multiple audits, retaining its open-source ethos from its inception. Over a year of triumphant testnet runs preceded the mainnet launch, with the recent Sepolia testnet alone registering over 900,000 wallet addresses and six million transactions within a two-month span. The mainnet mirrors the Sepolia testnet operations, which will persist as a developmental staging ground.

Collaborative Endeavors and Future Aspirations

Scroll, since its establishment in 2021, has been nurturing an open-source, scalable ecosystem via its zkEVM, while preserving Ethereum’s reputed security features and the community’s decentralization ethos. In the forthcoming period, Scroll eyes the launch of a decentralized prover network and a decentralized sequencer, further advancing its commitment towards a decentralized framework. The project’s collaborative efforts with the Ethereum Foundation’s Privacy and Scaling Explorations (PSE) group have also been notable, contributing to nearly half of the PSE zkEVM codebase.

The mainnet launch is expected to initially cater to onboarding infrastructure providers, gradually extending to global developer communities, fostering the creation of Web3 products, and ushering more users into the Ethereum fold. Scroll’s mission aligns with the broader vision of major value transfers occurring on Ethereum’s Layer 2 solutions, driven by enhanced user and developer experiences.

Image source: Shutterstock

Source

Tagged : / / / / / / / / / /

Platypus Finance Suffers Exploit Resulting in Over $2M Loss

by Blockchain News

On 12th October 2023, a notable incident occurred within the decentralized finance (DeFi) sector as the protocol Platypus Finance on the Avalanche blockchain faced an exploit. The exploit led to a loss surpassing $2 million, triggering a surge of concern within its community and beyond.

Platypus Finance, via its official Twitter handle @Platypusdefi, alerted the community to suspicious activities within their protocol. The tweet, timestamped at 3:11 pm, mentioned that as a precautionary measure, they had temporarily suspended all pools. The aim was to ensure the safety of the funds and the integrity of the protocol while they investigate the issue. The tweet ended with a note thanking the community for their patience and understanding during this period.

Within the hour, at 3:21 pm, the blockchain security company PeckShield Inc took to Twitter to notify Platypus Finance about a possible exploit. Under the hashtag #PeckShieldAlert, they mentioned that Platypus Finance on Avalanche (referred as #AVAX) had been exploited for approximately $1 million. However, an update following shortly after revealed that the total loss was over $2 million. PeckShield’s tweet contained a link to snowtrace.io, which provided a detailed transaction info related to the exploit, with the transaction hash 0x6a09d38505beeb29ed4dbb30de2803f30f3c62e2464c6a20ec17026c372c763e.

The abrupt suspension of all pools within Platypus Finance and the subsequent revelation of the exploit caused a ripple within the DeFi community on Avalanche. The news garnered significant attention, with the tweets from Platypus Finance and PeckShield Inc acquiring 23.8K and 5,090 views respectively. As the DeFi space continues to grow, incidents like these underscore the importance of robust security measures to ensure the safety of users’ funds and the stability of the protocols involved.

Platypus Finance assured its users that further updates regarding the incident and the measures to rectify the situation would be communicated timely. The DeFi community is now keenly awaiting more information on how Platypus Finance plans to address the security lapse and compensate the affected users.

Image source: Shutterstock

Source

Tagged : / / / / / / /

Bitfinex and Polygon zkEVM Facilitate Tether Gold Transactions

by Blockchain News

On Wednesday, October 11, 2023, cryptocurrency exchange Bitfinex announced the enablement of Tether Gold (XAUt) transactions through the Polygon zkEVM transport layer. The new functionality, which became effective from 03:00 PM UTC on the said date, allows Bitfinex customers to deposit and withdraw Tether Gold on the platform utilizing this advanced Layer-2 (L2) Rollup solution.

Following the integration of XAUt onto Polygon zkEVM, this initiative embodies a significant stride toward enhancing transaction efficiency and security. Polygon zkEVM, being in its Beta phase, is acclaimed for its Zero Knowledge (ZK) scaling solution, akin to the Ethereum Virtual Machine (EVM). This equivalency implies that the extensive array of existing smart contracts, developer tools, and wallets can function seamlessly on this layer, thereby broadening the horizon for digital asset transactions and applications.

Polygon zkEVM is engineered to drastically reduce transaction costs by leveraging the prowess of ZK proofs, an aspect that is crucial for the XAUt transactions on Bitfinex. The reduction in transaction costs is achieved through a minimized zkSNARK footprint size in L1, which in turn lowers the total cost of usage for end-users, culminating in an enhanced user experience.

Moreover, the framework promises high performance marked by fast network finality and frequent validity proofs, courtesy of Polygon Zero technology, which is termed as the fastest ZK proof in the world. The Recursive STARK protocol further propels extreme scalability, enabling developers to create a diverse array of decentralized applications (dApps) for varied user experiences.

The security facet of Ethereum is inherited in the L2 realm with an added advantage of L2 batching for scaling. ZK proofs play a pivotal role in ensuring transaction validity and shielding user funds from potential threats. The assurance that the stored information remains immutable adds another layer of trust and reliability to the framework.

The XAUt-Polygon-zkEVM contract address for these transactions is 0xa7Bd526e698a7EE6261982607D7B64cc8e7be0ef. The contract serves as a bridge for these assets on the Polygon zkEVM, devoid of issuance or redemption by Tether. Bridged versions of Tether tokens are categorized as third-party services and technology as per Tether Gold’s Gold Token Terms of Sale and Service.

Despite the correlation, Polygon PoS and Polygon zkEVM are distinct chains. Users are urged to exercise caution and ascertain the accuracy of the token contract address and the chain used for transactions to avert potential complications.

In essence, the collaborative endeavor between Bitfinex and Polygon aims to streamline and secure Tether Gold transactions, reflecting the ongoing efforts to foster a more flexible and secure digital asset ecosystem.

Image source: Shutterstock

Source

Tagged : / / / / / / / / / /

Friend.tech Users Lose $385K in Ether to SIM-Swap Scammer

by Blockchain News

On October 5, 2023, a blockchain investigator by the name of ZachXBT stated that a single scammer had stolen 234 ETH, which is roughly comparable to $385,000, from four customers of Friend.tech over the course of a single day. A SIM-swap assault was carried out by the con artist in order to acquire unauthorised access to the accounts of the victims. It was determined that the same hacker who had drained the accounts of the four victims was responsible for the theft of the assets.

One of the victims, who goes by the Twitter handle “KingMgugga,” reported the incident while it was happening in real time, saying that they were “getting f—ing sim swapped watching it happen.” Another user who goes by the name “holycryptoroni” stated that they had a similar experience by adding, “I got swapped sorry.” In the early part of this week, four more customers of Friend.tech reported losing a combined total of around 109 ETH as a result of SIM-swap or phishing attempts.

It has been brought to people’s attention that the website Friend.tech, which is a platform that enables users to buy “keys” for access to private chat rooms, does not have very solid security measures. A company that specialises in ecosystem tools called Manifold Trading projected that twenty million dollars out of Friend.tech’s total worth of fifty million dollars locked might be at danger. The company strongly suggested that Friend.tech use two-factor authentication (2FA) in order to beef up the account’s level of protection.

The incident has also revived demands for Twitter to adopt two-factor authentication (2FA) security measures. This is particularly the case following the high-profile SIM-swap hack that occurred in September on the account of Ethereum co-founder Vitalik Buterin. Users are encouraged to delete their phone numbers from their social media profiles by “0xfoobar,” who is the founder and CEO of wallet security company Delegate. This is done in order to reduce potential hazards.

The Friend.tech incident comes amid growing concerns about the vulnerability of two-factor authentication (2FA) systems to SIM-swap attacks. On April 27, 2023, a report by Blockchain.News highlighted that a recent update to Google’s Authenticator app, which stores one-time codes in cloud storage, has raised security questions. The update makes users susceptible to SIM-swap attacks, where scammers can trick telecom operators into associating a victim’s phone number with their own SIM card. If a hacker gains access to the user’s Google password, they could compromise all authenticator-linked applications.

Image source: Shutterstock

Source

Tagged : / / / / / / / / /

FTX Japan Launches Blockchain-based Proof of Solvency to Enhance Transparency and Security

by Blockchain News

In an effort to enhance transparency and bolster the trust of its customers, FTX Japan has unveiled a blockchain-based technology known as Proof of Solvency (PoS). This initiative was announced by Seth Melamed, the COO of FTX Japan, through a series of tweets on September 28, 2023. The newly introduced Proof of Solvency mechanism enables the company to prove, in an unalterable manner, that the reserves of the exchange surpass the assets held in custody for customers.

Proof of Solvency (PoS) is a method utilized to demonstrate a company’s capability to meet its long-term financial obligations, merging traditional financial audit practices with blockchain transparency. Highlighted by ICONOMI’s blockchain audit conducted by Deloitte on April 5, 2018, PoS comprises two core components: Proof of Liabilities and Proof of Reserves. Through the Merkle Tree approach, individual users can verify their account balances and overall liabilities without disclosing personal information, ensuring data integrity. Proof of Reserves entails disclosing total reserves encompassing digital and fiat assets, verified through blockchain addresses, bank, and exchange account information. Deloitte’s audit, covering 80 digital assets, confirmed ICONOMI’s $210.2M reserves surpassing its $133.6M liabilities, thus establishing its solvency. This PoS framework enhances transparency, security, and trust among stakeholders while maintaining user privacy.

The PoS is a significant stride towards addressing a central issue in the cryptocurrency market and, by extension, traditional financial markets. The technology aims to provide market participants, who have entrusted their assets to exchanges or financial institutions, with increased safety and information transparency. By doing so, it tackles the technical problem of information provision in a secured and transparent manner, which is a matter of concern for many in the industry.

FTX Japan has been ardently adhering to legal regulations by strictly managing the segregation of customer assets. However, with the introduction of PoS, the reliance on subjective verification or claims by the management has been replaced with cryptographic proofs such as Zero-Knowledge Proofs. These proofs and the corresponding results are reflected on the blockchain, thus allowing an objective verification of the asset management status by the customers of FTX Japan.

The PoS service is available to all customers of FTX Japan as well as the Liquid Japan platform. Customers can easily verify their balances with a mere three clicks via the Liquid GUI. Furthermore, details of the PoS are scheduled to be published weekly on the Ethereum blockchain, according to Melamed. This initiative is seen as a vital step towards resumption, and FTX Japan believes it to be a high-quality service for all participants in the cryptocurrency ecosystem.

The launch of the Proof of Solvency by FTX Japan underscores the growing importance of transparency and trust in the evolving digital asset marketplace. By leveraging blockchain technology, FTX Japan has established a robust mechanism to provide clear evidence of its financial solvency to its customers, thereby setting a positive precedent in the industry for security and transparency.

Disclaimer & Copyright Notice: The content of this article is for informational purposes only and is not intended as financial advice. Always consult with a professional before making any financial decisions. This material is the exclusive property of Blockchain.News. Unauthorized use, duplication, or distribution without express permission is prohibited. Proper credit and direction to the original content are required for any permitted use.

Image source: Shutterstock

Source

Tagged : / / / / / / / / / /

Gemini Allocates $24 Million for Expansion in India

by Blockchain News

Key Takeaways

  1. Gemini plans to invest INR 200 crore ($24 million USD) in India over the next two years.

  2. The investment aims to grow Gemini’s development center in Gurgaon, focusing on core platform fundamentals.

  3. India’s robust startup ecosystem and technological advancements make it an attractive destination for Gemini.

Investment Details

Gemini, the cryptocurrency exchange, has announced plans to invest INR 200 crore ($24 million USD) in India over the next two years. The investment will primarily focus on expanding the company’s development center in Gurgaon. As of September 2023, the center has already grown to over 70 staff members, supporting various aspects of Gemini’s business.

Strategic Focus

The Gurgaon-based teams will be responsible for core platform fundamentals, including compliance, data pipelines and warehousing, security, and payments. This expansion complements Gemini’s existing 500+ strong global workforce. The center will also act as a developer for the exchange’s new features in nonfungible tokens and asset marketplaces.

Why India?

Gemini cited India’s “robust support framework that allows startups to thrive” as a key reason for the investment. The Indian government’s Startup India initiative and the country’s ranking as the third-largest global startup ecosystem make it an attractive destination for technological investments. Additionally, India has been actively adopting blockchain technology, with a significant number of local and state-level governments incorporating it into their data management systems.

Broader Context

The investment aligns with Gemini’s disclosed plans for international growth in the Asia-Pacific region. Pravjit Tiwana, the firm’s CEO for the APAC region, referred to India as a “global hub for entrepreneurship and technological development.” Between 2021 and 2022, India saw investments of $1.5 billion in 450 Web3 startups, indicating a fertile ground for blockchain and crypto-related ventures.

Disclaimer & Copyright Notice: The content of this article is for informational purposes only and is not intended as financial advice. Always consult with a professional before making any financial decisions. This material is the exclusive property of Blockchain.News. Unauthorized use, duplication, or distribution without express permission is prohibited. Proper credit and direction to the original content are required for any permitted use.

Image source: Shutterstock

Source

Tagged : / / / / / / / /

Google’s Authenticator Update Raises Security Concerns

by Blockchain News

Google has published an update to its Authenticator app that keeps a “one-time code” in cloud storage. This update is part of the company’s endeavor to assist customers in maintaining access to their two-factor authentication (2FA) systems. Users who have misplaced their device that contained their authenticator may still access their two-factor authentication using this code. The storage of one-time codes in a user’s Google Account, as recommended by Google, is said to improve both convenience and security and shield users from being locked out of their accounts. However, this approach is causing other people to worry about their safety.

In a post made to the r/Cryptocurrency forum, the user u/pojut pointed out that keeping one-time codes in cloud storage connected with the user’s Google account might render users more susceptible to attacks from cybercriminals. If a hacker were to get the user’s Google password, they would be able to gain complete access to all of the user’s authenticator-linked applications. An outdated phone that is utilized just for the purpose of housing the authenticator app was recommended by user u/pojut as a solution to this problem.

Developers of cybersecurity software called Mysk have also taken to Twitter to provide a warning about the extra issues that come with using Google’s cloud storage-based approach to two-factor authentication (2FA). Users that use Google Authenticator as a second factor of authentication for logging into their cryptocurrency exchange accounts and other services linked to finance may find this to be a substantial cause for worry. The two-factor authentication (2FA) system is vulnerable to a variety of attacks, the most prevalent of which is known as “SIM swapping.” This kind of identity theft allows con artists to take control of a phone number by deceiving a telecoms operator into associating the number with their own SIM card.

A recent example of this may be seen in a lawsuit that was recently filed against the cryptocurrency exchange Coinbase, which is situated in the United States. In the case, a client claimed that he had lost “90% of his life savings” as a result of being a victim of such an assault. Notably, Coinbase itself recommends using authenticator applications for two-factor authentication rather than sending a verification code by text message. The company calls SMS two-factor authentication the “least secure” type of authentication.

An upgrade to Google Authenticator may benefit users who have misplaced their authenticator app, but it has caused some users to be concerned about the service’s level of security. The use of cloud storage to store one-time codes leaves users open to attack by cybercriminals, who may then be able to discover the user’s Google password and, as a result, acquire complete access to all of the authenticator-linked applications used by the user. Users who use Google Authenticator for two-factor authentication should take precautions to safeguard themselves, such as installing their authentication app on a different device and avoiding two-factor authentication through SMS.

Source

Tagged : / / / / /

The Sandbox partners with Ledger Enterprise for NFT security integration.

by Blockchain News

In its latest move to bolster security and enhance its partners’ experiences, The Sandbox has partnered with Ledger Enterprise to develop security integration. This partnership will enable The Sandbox’s partners to migrate their nonfungible token collections to the Ledger wallet, ensuring the highest level of security for these assets.

The collaboration will also see The Sandbox appear as a decentralized application (DApp) on Ledger Enterprise, and a specific widget will be integrated into the Ledger Live desktop application. This will allow for the transfer of all NFTs in The Sandbox collection wallet to the Ledger Enterprise wallet, thereby ensuring their security.

As part of the partnership, The Sandbox will recommend Ledger Enterprise to its LAND owner ecosystem, while Ledger will promote The Sandbox metaverse to its clients. The initiative extends the recently established partnership between The Sandbox and Ledger to promote crypto education in the metaverse.

This partnership follows a successful collaboration between The Sandbox and Ledger in 2022, which saw the two companies promote crypto security education through a game called School of Block in The Sandbox’s metaverse. According to the VP of Communications at The Sandbox, Ariel Wengroff, the company was thrilled with this experience.

Ledger recently raised $109 million (100 million euros) in a Series C funding round extension, placing its valuation at $1.4 billion (1.3 billion euros). The capital, provided by investors such as VaynerFund, Cité Gestion SPV, True Global Ventures, and Digital Finance Group, will be used to expand the company’s distribution network, increase production, and develop new products.

The Sandbox is actively broadening its partnerships network and signed a memorandum of understanding with the government of Saudi Arabia in February to explore, advise and support each other in metaverse development. The Sandbox has also previously partnered with some of the biggest names both inside and outside of the Web3 space, including Snoop Dogg, Gucci, Tim, Atari, HSBC, and Warner Music Group.

In conclusion, The Sandbox’s partnership with Ledger Enterprise is a significant step in ensuring the security and safety of nonfungible token collections on its platform. The collaboration will enable The Sandbox’s partners to enjoy the highest level of security and enhance their overall experience on the platform. With its growing list of partnerships, The Sandbox continues to position itself as a leading decentralized metaverse platform in the Web3 space.

Source

Tagged : / / / / /

MetaMask Denies Involvement in Massive Wallet-Draining Exploit

by Blockchain News

MetaMask, a leading cryptocurrency wallet provider, has recently been accused of being involved in a massive wallet-draining operation that resulted in the loss of over 5,000 ETH, worth more than $10.5 million in crypto and nonfungible tokens (NFTs) since December 2022. However, MetaMask has strongly denied these claims, stating that the exploit was not specific to its wallet.

In response to a series of tweets by Taylor Monahan, the founder of Ethereum wallet manager MyCrypto, MetaMask issued a statement on April 18, saying that recent reporting on Monahan’s thread has incorrectly claimed that a massive wallet-draining operation is a result of a MetaMask exploit. The wallet provider confirmed that the 5,000 ETH was stolen “from various addresses across 11 blockchains,” adding that the claim that funds were hacked from MetaMask “is incorrect.”

MetaMask’s security team is currently researching the source of the exploit and is working with others across the Web3 wallet space. According to an official statement from the company, it is possible that there had been “some sort of private key or seed phrase leak.” There are also numerous independent security researchers who are investigating the incident.

Monahan, in her thread on the exploit, stated that “no one knows how” this massive attack was conducted, but her “best guess” was that a significant amount of old data was obtained and used to extract the funds. She also originally claimed that the attacker was draining long-time MetaMask users and employees by using the wallet. However, she later stated that the exploit is not specific to MetaMask, and “users of all wallets, even those created on a hardware wallet,” have been impacted by the exploit.

MetaMask is known for its strong security features, and the company has taken steps to address the issue. It is essential to note that users should always take precautions when storing their crypto assets in any wallet, as there is always a risk of theft or hacking. It is crucial to keep private keys and seed phrases secure, and to use multi-factor authentication whenever possible.

In conclusion, MetaMask denies its involvement in the massive wallet-draining exploit that has impacted many cryptocurrency users across different wallets. The company’s security team is currently working to determine the source of the exploit, and it is essential that all crypto users take necessary security precautions when storing their assets.

Source

Tagged : / / / / /
Bitcoin (BTC) $ 41,821.21 4.78%
Ethereum (ETH) $ 2,234.35 5.03%
Litecoin (LTC) $ 72.83 7.18%
Bitcoin Cash (BCH) $ 232.49 8.44%