For many years now, the media periodically reports news regarding the alleged mischiefs pinned on the North Korean hackers that are seemingly detriment to target fintech businesses. But this fact seems quite odd, considering that the International Telecommunication Union estimated that the actual percentage of the population of the Democratic People's Republic of Korea using the internet is close to zero. Definitively, it is an environment not favorable for nourishing the skills and ambitions neither of vicious cyber-criminals nor honest cyber-entrepreneurs. However, the North Korean case shows how cryptocurrencies — born as nationality-neutral and government-free — could be twisted to …

Australian citizen Katherine Nguyen has pleaded guilty to stealing $450,000 in XRP — over 100,000 tokens — in January 2018. Local news channel 7News Sydney reported the latest about the case on Aug. 23. According to the report, Nguyen hacked into the email account of a man with the same last name. She then proceeded to steal all of his XRP, before unlocking his account two days later. Police reportedly investigated the theft for 10 months before locating and arresting her. Nguyen has since pleaded guilty to the theft, for which she will reportedly face jail time. A special hearing …

Major cryptocurrency exchange Binance states that some leaked Know Your Customer (KYC) images overlap with those processed by a third party vendor. In an announcement on Aug. 23, Binance said that its investigation of a KYC data leak that occurred on Aug. 7 is still ongoing. The exchange’s security and investigations team is purportedly trying to identify the source of KYC images similar to those leaked by an unidentified hacker. Cryptocurrency exchanges will often require users to submit an image of themselves presenting credentials in order to verify their identity. Binance states that some of the leaked images overlap with …

Democratic candidate Andrew Yang says he will implement blockchain-based mobile voting if he wins the 2020 United States presidential election. On his campaign website, the blockchain advocate says he believes American citizens should have the option of voting on a mobile device — with blockchain technology used for verification purposes. “It’s ridiculous that in 2020 we are still standing in line for hours” Yang also believes that, in terms of security risks, most voting machines are just as vulnerable to hackers as modern technology is. He wrote: “It’s ridiculous that in 2020 we are still standing in line for hours …

A cryptojacking code was found in 11 open-source code libraries written in Ruby, which have been downloaded thousands of times. Hackers downloaded the software, infected it with malware, and subsequently reposted it on the RubyGems platform, industry news outlet Decrypt reported on Aug. 21. The malicious code was first noticed by a GitHub user, who posted about the issue on Aug. 19. He said that, when executed, the library downloaded additional code from text hosting service Pastebin, which then triggered the malicious mining. The malware also sent the address of the infected host to the attacker, alongside environment variables which …

Professional services firm Grant Thornton claims that it has made good progress in securing and preserving the cryptocurrencies of hacked exchange Cryptopia. In a news release published on Aug. 21, Cryptopia’s liquidator said there were two reasons why it had taken so long to determine what the exchange’s customers had held. Grant Thornton explained that some customers did not have individual wallets and their funds were pooled together, as Cryptopia kept details of customer holdings in its database. As a consequence of this, the firm said it is impossible to determine individual ownership by relying on wallet keys. The liquidator …

Crypto market aggregator CoinGecko has joined the network of blockchain analytics and anti-money laundering (AML) company Coinfirm. This partnership will reportedly allow CoinGecko to improve its exchange Trust Score algorithm, as well as provide users with a means to report scams and hacks. The companies shared a press release with Cointelegraph on Aug. 16. According to documentation from Coinfirm, the company runs the AMLT network that allows members to report cryptocurrency addresses tied to hacks, ransomware, scams and fraud. Coinfirm then blocks these users and funds across the AMLT network. In return for supplying good information, Coinfirm rewards its members …

Elliot Gunton, aged 19 and of Mounteney Close in Norwich, pleaded guilty to supplying online personal data and hacking services for cryptocurrency. A hacker for hire A press release published on Aug. 16 by the Norfolk police reports that the man was sentenced to 20 months in prison and ordered to pay back more than £400,000 (over $485,000) by the Norwich Crown court. Per the report, the police seized his laptop in April last year after finding the software which allowed him to commit cybercrimes. The discovery was reportedly made during a routine visit to Gunton’s home due to a …

The hacker behind private user data allegedly stolen from cryptocurrency exchange Binance is preparing to release further material. Hacker “warming up” for leak In a series of tweets on Aug. 16, the Twitter account known as Bnatov Platon published an outline of Binance Know-Your-Customer (KYC) records allegedly in his or her possession. “Warming up,” an accompanying commentary reads. While no timeframe was given for the potential release, the hacker included records of Telegram chats, including with a user described as a member of Binance’s customer service team. Another appeared to show an attempt to trick the hacker into visiting a …

Developers of the private transactions cryptocurrency PIVX replied to crypto consulting firm Lunar Digital Assets regarding claims its blockchain was vulnerable to a bug. In a reply published on Aug. 13, PIVX developers addressed claims made by Lunar Digital Assets CEO Han Yoon. They argued that there has been no resurgence of attacks on its proof-of-stake (PoS) algorithm, and that neither PIVX nor its users’ funds are at risk. According to the post, PIVX fixed its “fake stake” exploit in February, and its network stability and chain trust are not currently compromised. However, the post did note that there is …

Dash has released Dash Core v0.14.0.3, a new version of the wallet and P2P client for its cryptocurrency DASH in light of recent transaction spikes on its mainnet. Security upgrade Dash Core announced the news in an official blog post on Aug. 15. According to the announcement, Dash was hit with either an external stress test or attack on Wednesday and Thursday this week. The post said that “the upgrade is strongly recommended for all Masternodes and is also recommended for all users, exchanges, partners and full node operators.” The developer subsequently discovered issues including mempools not being emptied, a …

Cybersecurity company Varonis has discovered a new cryptojacking virus, dubbed “Norman,” that aims to mine the cryptocurrency Monero (XMR) and evade detection. Varonis published a report about Norman on Aug.14. According to the report, Varonis found Norman as one of many cryptojacking viruses deployed in an attack that infected machines at a mid-size company. Hackers and cybercriminals deploy cryptojacking hardware to use the computing power of unsuspecting users’ machines to mine cryptocurrencies like the privacy oriented coin Monero. Norman in particular is a crypto miner based on XMRig, which is described in the report as a high-performance miner for Monero …