Members of the Zcash (ZEC) community have discovered a suspicious and potentially malicious counterfeit version of Zcash Foundation’s native ZecWallet. According to a Twitter post published on Oct. 20 and retweeted by Zcash developer Electric Coin Company, the fake ZecWallet likely contains malware. The tweet reads: “PSA to all Zcash users! There is a fake version of ZecWallet that likely contains malware (size and checksum is different) double check you are downloading from official @zecwallet repo on GitHub: https://github.com/ZcashFoundation/zecwallet” As Cointelegraph reported on Sept. 29, a bug was found in all Zcash implementations and most of its forks that could …

California resident Seth Shapiro has filed a lawsuit against wireless service giant AT&T alleging that its employees helped to perpetrate a SIM-swap which resulted in the theft of over $1.8 million in total, including cryptocurrencies. The complaint filed on Oct. 17 claims that Shapiro is “a two-time Emmy Award-winning media and technology expert, author, and adjunct professor at the University of Southern California School of Cinematic Arts.” The lawsuit alleges that between May 16 and May 18 AT&T employees transferred access to Shapiro’s mobile phone to outside hackers: “AT&T employees obtained unauthorized access to Mr. Shapiro’s AT&T wireless account, viewed …

Nir Kshetri, a professor of management at the University of North Carolina, has suggested that before blockchain-based voting can be considered safe and trustworthy, some major issues must be resolved. In an article published on Oct. 18, Kshetri claims that “small-scale tests run so far have identified problems and vulnerabilities in the digital systems and government administrative procedures” that must be solved before adopting the technology. Hard to audit Per the report, such systems need to verify voters’ identities — often by analyzing a portrait photo or video with facial recognition software. According to Kshetri, contemporary voting tokens are anonymous …

Major antivirus software supplier ESET has discovered a trojanized Tor Browser designed to steal Bitcoin (BTC) from buyers in the darknet. Fake browser distributed via 2 websites Targeting users in Russia, the fake Tor Browser was distributed via two websites and has been stealing crypto from darknet shoppers by swapping the original crypto addresses since 2017, ESET’s editorial division WeLiveSecurity reported Oct. 18. Created back in 2014, the two fake Tor Browser websites — tor-browser[.]org and torproect[.]org — are mimicking the real website of the anonymous browser, torproject.org. According to the Slovakian software security firm, these websites display a message …

Threat researchers have discovered malicious code in WAV audio files, code that hackers use to mine cryptocurrencies. Hackers earn thousand of dollars per month On Oct. 16, researchers at BlackBerry Cylance, a software company that develops antivirus programs, reported the discovery of malicious code hidden within WAV audio files. This type of malware campaign, where hackers conceal malware codes in ordinary-looking files, is known as steganography. The analysis showed that some of the WAV files contained code to deploy malware for financial gain and establish remote access within victim machines. The report reads: “When played, some of the WAV files …

At the beginning of October, a story released by CNN claimed that a student affiliated with the University of Michigan attempted to hack into West Virginia’s blockchain-based voting system called Voatz. As per the report, the FBI is now actively investigating the matter and is looking to authenticate the veracity of these claims. Voatz is a smartphone-based app that was used by the West Virginia government last year to collect ballots from its citizens that were either living overseas at the time or were stationed abroad for military purposes. The aforementioned disclosure was made by West Virginia Secretary of State …

The Federal Bureau of Investigation (FBI) is investigating whether a student at the University of Michigan attempted to hack the West Virginia’s voting app. “Not one single vote was changed” On Oct. 5, according to CNN, the United States Attorney for the Southern District of West Virginia, Mike Stuart, wrote that the FBI is investigating the “unsuccessful attempted intrusion” by an outside party to gain access to the Voatz app, a mobile app that was used to collect ballots from overseas and military voters in the 2018 election. Stuart said that during the West Virginia’s 2018 election cycle his office …

The hacker who stole 17 Ethereum domain names during the Ethereum Name Service’s (ENS) auction decided to return them all. The promise of hefty compensation On Oct. 4, digital-collectibles marketplace OpenSea said that all of the stolen ENS names were returned successfully and that bidding on domain names will restart again in the coming weeks. In the beginning of September, the ENS bidding process was exploited by a hacker who managed to steal 17 domain names for lower bids than other users placed. OpenSea, who ran the auction, explained that a bug distributed ENS domains to participants who did not …

Within the past few weeks, EOS blockchain protocol users have been experiencing periodic problems with network access. A recent article written by pseudonymous smart-contract developer and security engineer Dexaran described the apparent root of the problem: an inexpensive technique that allows hackers to “congest” the network — or put it into a low-efficiency mode — with just a few dollar’s worth of EOS. Seemingly, that exploit allowed a hacker to steal more than $110,000 in cryptocurrency from an EOS gambling application, EOSPlay, earlier in September. However, executives of EOS’s parent firm, Block.one, are not fazed, arguing that the network is …

Crypto companies often find out the hard way that hackers know their security systems better than they do. As hacks in the crypto world can and often do result in hundreds of millions of dollars worth of tokens being stolen, the fate of a company’s future can often ride on its security measures. In an effort to batten down the hatches, companies offer bug bounties. These bounties are essentially competitions in which hackers are encouraged to try to compromise software. The hackers then submit a vulnerability report to the respective companies so that they are able to patch the bugs …

BlockShow Asia 2019, an international blockchain event powered by Cointelegraph, is taking place at Singapore’s iconic Marina Bay Sands from Nov. 14 to 15. This year, the event is going to take the form of a Festival of Decentralized Technology. The guests will have the chance to take part in 10 conferences focusing on various aspects of the industry, including Privacy & Security, Development, Investments, Trading, Marketing & PR, Artificial Intelligence, Crypto Finance, Gaming & DApps, BAAS, as well as Regulations. Stay secure online Users often bump into malicious software while surfing the internet and downloading files. In the crypto …

Ethereum Name Service (ENS) name auctions were halted because of a bug that resulted in names being awarded to wrong users and for lower bids. Faulty documentation ENS’s editor Brantly Millegan announced the halt of the name auctioning service in a Medium article published on Sept. 30. He noted that most of the first auctions concluded successfully and only a few were affected by the bug. The anomalous result of some auctions had two distinct causes, one of which lies in documentation, not the software, according to Millegan. Per the announcement, “some bidders were given incorrect information on how to …