1. Home
  2. Wallets

Wallets

Hong Kong to Connect Digital Yuan With Domestic Payments System in Cross-Border Trials

Bitcoin.com
Hong Kong to Connect Digital Yuan With Domestic Payments System in Cross-Border Trials
bitcoin.com
Hong Kong to Connect Digital Yuan With Domestic Payments System in Cross-Border TrialsFinancial authorities in Hong Kong have announced a second phase of trials for mainland China’s digital currency. As part of the upcoming tests, the city will link the Chinese digital yuan to its domestic payments system to evaluate the CBDC’s usability in cross-border scenarios. Hong Kong Residents to Load E-CNY Wallets via Mobile Phones China […]
Read more
Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Samsung Adds Support for Hardware Wallets on Galaxy Smartphones

Bitcoin.com
Samsung Adds Support for Hardware Wallets on Galaxy Smartphones
bitcoin.com
Samsung Adds Support for Hardware Wallets on Galaxy SmartphonesGalaxy owners will be able to connect hardware wallets to their smartphones and transfer coins to the built-in wallet that comes with most devices in the popular lineup. Samsung says that makes it easier for users to access their cryptocurrency and make transactions. Update Allows Galaxy Users to Link Their Crypto Wallets to Cold Storage […]
Read more
Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Avalanche Web Wallet Stalls For 6 Hours After Avalaunch Airdrop Snapshot

Bitcoin.com
Avalanche Web Wallet Stalls For 6 Hours After Avalaunch Airdrop Snapshot
Altcoins
Avalanche Web Wallet Stalls For 6 Hours After Avalaunch Airdrop SnapshotThe Avalanche cryptocurrency, the first cryptocurrency ever to implement the Avalanche consensus, experienced an outage of service yesterday when its web wallet presented an outage that lasted for six hours. This was the consequence of severe congestion due to an airdrop carried out by AvaLaunch, leaving users without control of their funds for this period. […]
Read more
Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Simple steps to safeguard your wallet from unlimited ERC-20 allowance risks

Coin Telegraph
Simple steps to safeguard your wallet from unlimited ERC-20 allowance risks
Coin Telegraph

The funds in your ERC-20 wallet could be at risk if you continue to grant unlimited approvals to decentralized applications.

Participating in the decentralized finance space often necessitates the need to grant projects certain permissions to spend tokens from one’s own wallet.

These permissions — called ERC-20 allowances — help to simplify the smart contract interaction processes that allow users to send funds to a contract while simultaneously calling a state change function.

However, malicious actors can utilize this allowance to drain funds from an unsuspecting trader. To understand this risk vector, it is perhaps important to explain how ERC-20 allowance permission works.

Upon first interacting with a new DeFi project, traders need to allow the decentralized application the access to spend funds — usually Ether (ETH) or a stablecoin like Tether (USDT) — from their wallets.

This allowance is often unlimited to eliminate the need for future approval steps by the trader when executing subsequent transactions. Under normal operating conditions, the DeFi project will only spend the specified amount set by the trader.

However, abnormal operating conditions can emerge as has been seen on numerous occasions in the DeFi space. Smart contract bugs like the kind suffered by Bancor back in June 2020 can expose this vulnerability and drain funds from user wallets.

During the 2020 DeFi mania, rogue actors also exploited this vulnerability to steal funds from unsuspecting traders. One such example was the UniCats where the project developers themselves stole Uniswap (UNI) tokens from their users.

One useful practice traders can adopt is to review their existing allowances on their wallets. Platforms like revoke.cash and approved.zone can be used to identify ERC allowances associated with an address as well as options to revoke or lower such allowances.

Another method that can be used is during the initial first interaction stage where instead of unlimited, traders can select custom spend limits on their MetaMask wallets when approving spend limits for new tokens.

With ERC-20 the de facto standard for the DeFi space, users will still have to contend with the unlimited allowance risk. However, traders can adopt these useful practices to minimize the dangers associated with this potential vulnerability.

Read more
Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Ledger and Shopify Face Class Action Over Data Breach

The Crypto Briefing

Hardware wallet firm Ledger and its e-commerce partner Shopify have been hit by a class-action lawsuit over a 2020 data breach that leaked the personal data of 270,000 customers.

Plaintiffs Lost Funds In Phishing Attacks

The legal complaint has been brought to a North California court by former Ledger customers John Chu and Edward Baton, who are seeking damages over the massive data breach.

The plaintiffs do not claim that the breach affected Ledger’s hardware wallets. Rather, they claim several users lost their crypto in phishing attacks between April and June 2020. During that time, rogue employees at Shopify exploited a database vulnerability that allowed them to gain illegitimate access to Ledger clients’ personal data.

The data was reportedly sold on the dark web and used for phishing campaigns against Ledger customers. Later, on Dec. 21, 2020, a hacker posted the data on a website called RaidForums for anyone to freely access. Personal information that was leaked included full names, email, phone numbers, and shipping addresses.

Due to the phishing attacks, Chu lost about 4.2 BTC and 11 ETH, worth about $267,000 at the time of the complaint. Baton, meanwhile, lost about 150,000 XLM.

Did Ledger Notify Clients In Time?

The lawsuit alleges that Ledger failed to notify affected customers and admit to the full scope of the breach in time. The plaintiffs now seek damages for their lost funds.

“Ledger’s efforts to cover up and downplay the actual and potential scale of the breach in the months leading up to its widespread public disclosure caused disastrous harm to its customers,” the legal document reads. “During that time, many crypto-asset investors lost massive sums of money.”

“Had Ledger acted responsibly during this period, much of that loss could have been avoided,” the document continues.

It is not yet proven whether Ledger knew about the hack’s scope and willfully chose not to inform its users. Ledger released information about the breach initially in July 2020, which revealed that about 9500 users were affected.

In a January 2021 blog post from Ledger, the company admitted to underestimating the breach. If Ledger’s account is correct, it was not until hackers published all 270,000 entries that the company understood the true extent of the breach was larger than it believed.

Disclaimer: The author did not hold anu cryptocurrency mentioned in this article at the time of press.

Read more
Bitget Now Supports Bank Transfers in Vietnam via QR Codes

Bitget Now Supports Bank Transfers in Vietnam via QR Codes

WordPress Theme by cactus.com
Close

Share this video