Critical bug identified and remedied in Circle’s Noble-CCTP

August 27, 2024 Coin Telegraph

Circle

Blockchain security firm Asymmetric Research privately disclosed the vulnerability to Circle, which has since been addressed.

On Aug. 27, Asymmetric Research revealed it identified a critical bug in Circle’s Noble-CCTP, a component of the USDC (USDC) Cross-Chain Transfer Protocol, on the Cosmos network.

According to the Web3 security firm, a malicious actor could have potentially sidestepped the cross-chain transfer protocol’s message sender verification process to mint fake USDC tokens on the Noble bridge.

More specifically, the Noble-CCTP “ReceiveMessage” handler was accepting “BurnMessages” from any sender without first checking that the bridging message was sent from a verified “TokenMessenger” address on the original chain. The security firm outlined the vulnerability in greater detail:

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As ,288,567,567,400 National Debt Approaches Ceiling

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Avalanche Discord Compromised—Fake Token Scammers Strike Again

August 26, 2024 Bitcoin.com

Avalanche

Following the hack of the Polygon Discord server, Avalanche’s official X account (@avax) alerted the public that their Discord channel had also been breached. “SECURITY ALERT,” Avalanche announced. “The official Avalanche Discord has been compromised. Please do not interact with any accounts or click any links until further notice.” Just like the Polygon Discord breach […]

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

WazirX slams external forces for delaying restructuring efforts

August 25, 2024 Coin Telegraph

Coin Telegraph

This restructuring plan is expected to provide greater clarity on the steps WazirX will take to stabilize its operations and protect its users’ interests.

Indian crypto exchange WazirX has criticized external forces that it claims are deliberately hindering its recovery efforts.

The criticism came after the exchange announced a comprehensive restructuring plan designed to restore financial stability and enhance the security of its users’ assets.

In the public statement on X, WazirX criticized unnamed external parties for allegedly attempting to prolong the restructuring process. The exchange claimed that the entities are motivated by a desire to maintain uncertainty and complicate the resolution WazirX has been striving to achieve since it was hacked.

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Polygon’s Discord Channel Hacked; Admins Regain Control Amid Security Concerns

August 24, 2024 Bitcoin.com

bitcoin.com

Polygon’s community Discord channel was compromised in a recent cyberattack, raising security concerns among users. The platform’s administrators have regained control and are working to restore the channel to its original state. Polygon Discord Breached—Admins Regain Control Access Polygon‘s chief information security officer, Mudit Gupta, explained that the Discord channel was compromised, cautioning users to […]

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

WazirX restores balances post-hack, withdrawal timeline unclear

August 17, 2024 Coin Telegraph

$234 million

The delay in withdrawals has impacted individual investors and raised concerns about the overall security and reliability of cryptocurrency exchanges.

Nearly a month after a massive hack rocked the WazirX exchange, resulting in the loss of $234 million of investors’ funds in the Indian crypto exchange’s Safe Multisig wallet, the platform has restored investor balances.

Despite this progress, there is still no clarity on when users will be able to withdraw their funds, leaving many frustrated and anxious.

In an update on Aug. 16, WazirX stated they are working on two main issues: finding a solution for Indian Rupee (INR) balances and resolving issues related to cryptocurrency balances.

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Styx Stealer malware exploits Windows vulnerability to ‘clip’ crypto

August 16, 2024 Coin Telegraph

Check Point Research

Styx Stealer steals data and can reroute crypto transactions coming from an infected computer to the bad actor’s wallet.

New malware called Styx Stealer has been uncovered by cybersecurity solutions provider Check Point Research. The newly discovered malware can steal a vast array of material, including cryptocurrency, through a mechanism known as clipping. It is freely available on a rental basis on the developer’s website.

Windows users with an up-to-date operating system are safe from the malware, since Styx Stealer depends on a vulnerability in Microsoft Windows Defender that was patched last year.

Styx Stealer was discovered because the developer experienced a data leak during debugging. It is derived from an older malware called Phemedrone Stealer. It maintains the functions of Phemedrone Stealer, such as stealing saved passwords, cookies, auto-fill data, cryptocurrency wallet data and instant messenger sessions, while incorporating new detection evasion techniques and adding a crypto clipper function.

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Germany’s Information Security Office champions hardware wallets

August 16, 2024 Coin Telegraph

Bitcoin Wallet

According to a recent Chainalysis report, thefts resulting from crypto hacks and exploits have totaled $1.58 billion in 2024.

In an Aug. 16 LinkedIn post, Germany’s Federal Office for Information Security, also known as BSI, explained the best practices for crypto storage and ultimately told users that a crypto hardware wallet was the most secure way to store private keys.

The post began with exchange-linked wallets, also known as “hot” wallets, and explained that while keeping crypto in an exchange wallet may be convenient for the end-user, it is also the least secure way of storing keys. This is because these wallets are always connected to the internet, creating an attractive target for hackers.

Next were self-custodial wallets on a user’s computer or smartphone. While this colder storage method is safer than keeping crypto on exchanges and allows users to control their keys, self-custodial wallet applications still suffer from “security gaps,” according to the BSI.

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Chaos Labs Secures $55M Series A Funding to Bolster Defi Risk Management Solutions

August 16, 2024 Bitcoin.com

Chaos Labs Secures M Series A Funding to Bolster Defi Risk Management Solutions

bitcoin.com

Chaos Labs has raised $55 million in a Series A funding round, led by Haun Ventures, to advance its onchain risk management platform for decentralized finance (defi). The company plans to use the funds to further enhance its technology, which automates real-time protocol parameter recommendations to improve the security and efficiency of defi protocols. Chaos […]

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Chainalysis alerts rise in crypto hacks and ransom in 2024

August 15, 2024 Coin Telegraph

Analysis

Cryptocurrency hackers have been returning to their roots to targeting centralized exchanges amid a spike in the Bitcoin price in 2024.

A new report indicates that while overall illicit transactions in cryptocurrency markets declined in 2024, certain types of crypto-related criminal activity rose.

Aggregate illicit activity in crypto has dropped 19.6% year-to-date (YTD), falling from $20.9 billion to $16.7 billion by July 2024, according to the first part of the mid-year crypto crime update by Chainalysis released on Aug. 15.

Chainalysis found that legitimate crypto activity has been growing faster than illicit activity onchain in 2024, particularly due to positive industry events like the adoption of spot Bitcoin (BTC) and Ether (ETH) exchange-traded funds (ETFs) in the US.

Janet Yellen Warns ‘Extraordinary Measures’ Incoming As $36,288,567,567,400 National Debt Approaches Ceiling

Pan-African Tech Firm Cassava Technologies Launches AI Unit

August 5, 2024 Bitcoin.com

Artificial intelligence (AI)

Africa-focused technology and data services firm Cassava Technologies has created a separate business unit to oversee its artificial intelligence (AI) operations. The AI unit will offer data center, cloud, cybersecurity, fiber connectivity, and renewable energy services. Helping Clients Adopt Generative AI Pan-African technology firm Cassava Technologies is creating a separate business unit to focus on […]

Cybersecurity