Prague-based crypto wallet manufacturer Trezor has responded to а report about hardware vulnerabilities from its competitor Ledger on Tuesday, March 12. Trezor claims that none of the weaknesses revealed by Ledger in a detailed report on March 10, are critical for hardware wallets. As per Trezor, none of them can be exploited remotely, as the attacks described require “physical access to the device, specialized equipment, time, and technical expertise.” Trezor further cites the results of a recent security survey performed in partnership with major cryptocurrency exchange Binance. According to the survey, only around 6 percent of respondents believe that physical …

Major hardware wallets manufacturer Ledger has unveiled vulnerabilities in its direct competitor Trezor’s devices, according to a report published on Monday, March. 11. As of press time, Trezor was not immediately available to comment on Ledger’s findings. The study states that the vulnerabilities were found by Attack Lab, the company’s department that hacks into both its own and competitors’ devices to improve security. Ledger claims that it has repeatedly addressed Trezor about weaknesses in their Trezor One and Trezor T wallets, and has decided to make them public after the responsible disclosure period ended. The first issue is related to …

North Korea has reportedly amassed $670 million in fiat and cryptocurrencies by conducting hacking attacks, Asia-focused financial newspaper Nikkei Asian Review reports on Friday, March 8. The publication cites a U.N. Security Council report. The report, prepared by a panel of experts, was presented to the Security Council's North Korea sanctions committee ahead of its annual report. According to the documents obtained by Nikkei, the hackers attacked overseas financial institutions from 2015 to 2018 and purportedly used blockchain “to cover their tracks.” As cited by Nikkei, the report states that the attack were allegedly conducted by a specialized corps within …

In Japan, the number of hacked Internet of Things (IoT) devices and cryptocurrency networks nearly doubled in 2018 when compared to the previous year. English-language local media Asahi reported on March 7. Per the report, the Japanese Police Agency data shows that an average of 2,752.8 intrusions per sensor per day were detected last year, up 45 percent from the previous year. Furthermore, the data also reportedly shows that almost all of the attacks came from overseas. According to the article, if one considers only cryptocurrency networks and IoT devices, the data shows an average of 1,702.8 intrusions per sensor …

This week, at least two seperate bugs related to Monero (XMR) were reported by crypto community members. The first one allegedly lead to a Ledger hardware wallet user losing around 1,680 XMR (nearly $80,000, as of press time) of his funds after making a transaction. The other vulnerability allowed hackers to make fake XMR deposits to cryptocurrency exchanges. Anonymity above all: What is Monero and how it works Monero is a cryptocurrency with an additional focus on anonymity. It was launched in April 2014, when Bitcointalk.org user thankful_for_today forked the codebase of Bytecoin into the name BitMonero. To create the …

Big Four consulting and auditing company PwC has linked Iranian nationals behind Bitcoin (BTC) ransomware scheme SamSam to the crypto exchange WEX in a recent report published in February. The report is based on information that was previously disclosed by the United States Department of Justice (DoJ). As per the DOJ, two Iranians — Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri — were responsible for creating SamSam. SamSam is a ransomware demanding Bitcoin that reportedly damaged multiple U.S. companies, government agencies, universities, and hospitals. Within 34 months the hackers managed to extort over $6 million in Bitcoin and cause …

A bug in the Monero (XMR) wallet software that could enable fake deposits to exchanges has been recently brought to public attention through a Medium post, published by the official Ryo (RYO) account on March 3. According to the post, an email reportedly sent to the Monero-announce mailing list warns exchanges and service operators using the coin that the Monero Vulnerability Response team received a disclosure concerning a vulnerability. The vulnerability consists of the mishandling of outputs in coinbase transactions (the first transactions in a block, always made by miners). This mishandling could potentially allow an attacker to fake the …

Hacked New Zealand cryptocurrency exchange Cryptopia will reopen for business on Monday next week, officials confirmed on social media on Feb. 26. In a series of updates, Cryptopia revealed its two founders would be returning to the company to help spearhead operations following an overhaul of its structure. Police formally granted permission for trading to resume in mid-February, but a subsequent notice from staff implied it was not yet possible to begin processing users. This now appears to have changed. “We are aiming to have the Cryptopia site re-opened as read only by Monday,” one tweet reads. Hackers stole millions …

An anonymous hacker managed to move 2.09 million EOS ($7.7 million) from a hacked account due to an alleged failed update by an EOS block producer (BP), according to a Telegram post by EOS block producer EOS42 on Feb. 23. The EOS blockchain has a feature that requires BPs to blacklist compromised accounts; all top 21 BPs are required to blacklist a certain account in order for the blacklist to function properly. On Feb. 22, a new EOS block producer dubbed “games.eos” apparently did not update the blacklist for EOS mainnet accounts. Subsequently, the security team of major global crypto …

The New Zealand police have returned the office building back to recently hacked crypto exchange Cryptopia and granted permission to resume trading. However, the exchange is not ready to renew its activity, according to a message purportedly sent by a Cryptoptia staff member on the official Discord channel on Feb. 24. After the hack that led to more than $16.1 million stolen from the crypto exchange, New Zealand police had launched an investigation along with international law enforcement to track the hackers. The initial hacking attack began on Jan. 15 and reportedly lasted about two weeks, with funds removed from …

MIT Technology Review magazine has published an article today, Feb. 19, arguing that security-touted blockchain tech is still vulnerable to hacks. The magazine is fully owned by the United States Massachusetts Institute of Technology (MIT). In the recent article, the MIT Technology Review stressed that blockchain technology represents a complex economic system that depends on unpredictable human behavior. As such, the Review pointed out multiple security breaches that have been increasingly emerging in cryptocurrency and smart contract platforms since the inception of crypto, citing a number of incidents including the recent double spending vulnerability that was found on a major …

Two prominent research papers have shed light on the latest crime trends affecting the cryptocurrency community over the past two years. Crypto analytics companies Chainalysis and CipherTrace released reports at the end of January that unpack some interesting data on the methods that criminals have used to steal and defraud users within the cryptocurrency and blockchain space. These reports paint an interest picture of the ever-changing cryptocurrency landscape and provides some food for thought about the use of crypto in criminal activity around the world. Exchange hacks and darknet trading still a threat As Chainalysis outlines in its January 2019 …