Private transactions cryptocurrency PIVX and over 200 other blockchains are vulnerable to attackers obtaining disproportionately high staking rewards. A major staking vulnerability Cryptocurrency consulting firm Lunar Digital Assets claimed in a post published on its website on Aug. 12 that a staking vulnerability is being used across PIVX and its forks. The weakness reportedly allows the attacker to obtain mathematically impossible staking rewards on vulnerable proof-of-stake (PoS) chains. According to the post’s author, the PIVX development team claimed to have solved the issue in January. Nonetheless, a core developer of PoS altcoin BitGreen (BITG) noticed that the vulnerability in question …

Cyber criminals have netted $4.3 billion from digital currency exchanges, investors and users in 2019. Blockchain security company CipherTrace gave its summary crypto-related theft in its Anti-Money Laundering report that it shared with Cointelegraph on Aug. 12. According to CipherTrace, outright thefts, scams and other kinds of misappropriation of funds from digital currency holders and trading platforms resulted in around $4.3 billion in losses throughout 2019. In the first quarter of 2019, hackers reportedly stole over $124 million from cryptocurrency exchanges, with a total of $480 million stolen from exchanges in 2019. The largest single incident of loss cited by …

Malware Smominru mines Monero (XMR) on at least half a million infected computers and now also steals sensitive personal data. An updated malware Cybersecurity company Carbon Black claimed that its Threat Analysis Unit “uncovered a secondary component in a well-known cryptomining campaign” in a report published on Aug. 7. According to the firm, the malware has now been updated to “also steal system access information for possible sale on the dark web.” Per the report, the update is part of a broader trend in malware development: “This discovery indicates a bigger trend of commodity malware evolving to mask a darker …

On Aug. 7, Binance, the world’s largest cryptocurrency exchange (by daily trade volume), fell victim to a hacking scandal that saw the miscreant allegedly gain possession of a huge chunk of the firm’s Know Your Customer (KYC) data (10,000+ personal photos). The hacker is reportedly demanding a total of 300 Bitcoins (worth around $3.5 million) from the exchange, or else he or she will release all of the data. Also, it bears mentioning that upon commencing his activities, the hacker set up a couple of dedicated Telegram groups (which have since been shut down) that allegedly featured a lot of …

Governor of New Jersey Phil Murphy recently signed bill S2297, which is an act to create a so-dubbed New Jersey Blockchain Initiative Task Force. The purpose of the task force is purportedly to study blockchain solutions for the benefit of the state. The news that Murphy passed this bill comes by way of an announcement on the official site of the state of New Jersey on Aug. 8. According to the press release, the taskforce will study the risks and rewards related to blockchain and distributed ledger technology; public blockchains, private blockchains and consensus algorithms; current projects and use cases …

At least 4,836 Bitcoin (BTC) of stolen from Binance exchange in May 2019 was laundered through crypto mixing service Chipmixer. Attackers started laundering the stolen funds in a month after the hack Following a major Binance’s security breach that resulted in a loss of 7,000 BTC (more than $80 million at press time), hackers started to launder the stolen funds on June 12, 2019, according to research published by Luxembourg-based crypto capital flow firm Clain. As Clain noted in the study, it was pretty straightforward to trace the subsequent steps of the attackers as it is “practically impossible to launder …

Cryptocurrency swaps and hardware wallet producer ShapeShift addressed recent KeepKey hardware wallet vulnerability allegations. ShapeShift responded to an alleged vulnerability submitted through its responsible disclosure program in a Medium post published on Aug. 4. Per the announcement, the firm received a vulnerability report through the program on May 1, which described what the researchers believed to be a hardware vulnerability. The purported vulnerability would allow an attacker to read what was on the wallet’s screen by monitoring power fluctuations to the display in what is known as a side-channel attack. If attackers were monitoring the power levels while sensitive information …

Chinese state hackers are performing attacks against cryptocurrency and video game enterprises, cybersecurity company FireEye claims in a report published on Aug. 2. Chinese government facilitating hacking operations Per the report, Chinese state espionage cyber unit APT41 “targets industries in a manner generally aligned with China's Five-Year economic development plans.” Still, FireEye researchers claim that “the group is also deployed to gather intelligence ahead of imminent events, such as mergers and acquisitions and political events.” Industries targeted by the unit reportedly include healthcare, high technology (semiconductors, batteries, and electric vehicles), media, pharmaceuticals, retail, software, telecommunications, travel services, education, video games …

In a tweet Aug. 7, Changpeng Zhao described rumors circulating about the alleged Know-Your-Customer (KYC) data leak as an attempt to spread “FUD” (fear, uncertainty and doubt). “Don't fall into the ‘KYC leak’ FUD. We are investigating, will update shortly,” he wrote. Social media users had panicked earlier after what appear to be fake warnings showed figures posing with personal documents, apparently of Binance users. In an official statement, Binance said: “We would like to inform you that an unidentified individual has threatened and harassed us, demanding 300 BTC in exchange for withholding 10,000 photos that bear similarity to Binance …

North Korea has netted around $2 billion by hacking banks and cryptocurrency exchanges, according to the United Nations. UN: Hacked crypto funds weapons of mass destruction In a confidential report acquired by mainstream media outlets including Reuters on Aug. 5, the U.N. Security Council North Korea sanctions committee said that hackers formed an essential part of government funding. “Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD (weapons of mass destruction) programs, with total proceeds to date estimated at up to two billion US dollars,” Reuters quoted …

The massive-scale hack of major United States credit card issuer Capital One has left the personal data of over 100 million individuals exposed. As CNN reported on July 30, confidential data for around 106 million Capital One customers' accounts and credit card applications was stolen by an alleged hacker, Paige Thompson, 33, in March of this year. Capital One: a centralized trove of KYC data Thompson, a Seattle resident, was arrested by the FBI on June 29 and is accused by the US Department of Justice of having gained unauthorized access to personal data that included names, addresses, zip codes, …

The federal judge overseeing Terpin Vs. AT&T has dismissed the motion. This news is the latest in a legal battle pertaining to crypto stolen via SIM-swapping that has been going on for almost a year industry news outlet, The Block, reports on July 26. As Cointelegraph previously reported, in August last year Terpin filed a lawsuit against AT&T, since he believes that the telecoms giant had provided hackers with access to his phone number, which led to a major crypto heist. Earlier this month the federal judge overseeing the case has also denied the telecom giant’s motion for dismissal. Per …