Posted on

Tesla Billionaire Elon Musk Says He Owns $2.5K In BTC, Or ‘Literally Zero Cryptocurrency’

Elon Musk, the tech billionaire and entrepreneur known for founding and leading Tesla Motors and SpaceX, revealed on Twitter Thursday Feb. 22, how much Bitcoin (BTC) he owns — 0.25 BTC or about $2,478 as of press time, or 0.000012% of his total net worth.

Musk’s cryptocurrency holdings reveal comes after a number of fake accounts posing to be various well-known figures, including Musk, cropped up on Twitter promising crypto donations to those who send them crypto.

On Feb. 22 a Twitter user concerned about the scam accounts asked Musk in a tweet “why is all the spam popping up lately?”

Musk responded that he had already reported the issue to Twitter CEO Jack Dorsey to no avail. Evidently as a way of explaining his surprise at the multiple scams, Musk noted in the same tweet that apart from the 0.25 BTC a friend had given to him “many years ago”, he “literally own[s] zero cryptocurrency.”

The Bitcoin sum he reports to own is indeed an extremely small fraction of Musk’s total net worth, which stands at $21.4 billion as of Feb. 24.

In November 2017, Musk denied rumors suggested by former SpaceX intern Sahil Gupta that Musk was probably Satoshi Nakamoto, the legendary anonymous creator of Bitcoin.

As Cointelegraph reported Feb. 21, a cloud security firm recently reported that Tesla’s non-password protected Amazon Web Service’s (AWS) software container had been hacked to mine cryptocurrency over an as yet unknown period of time.

Posted on

Tesla Cryptojacked, Hackers Use Passwordless System To Mine Crypto

Cloud security intelligence (CSI) firm RedLock has exposed a new case of cryptojacking targeting Tesla’s Amazon Web Service’s (AWS) software container, the RedLock blog reported yesterday, Feb. 20.

Hackers accessed Tesla’s AWS access credentials by penetrating a non-password protected Kubernetes software container. The hackers then used the Kubernetes container to mine for cryptocurrencies, for an as of yet unknown amount of time.

RedLock’s CSI team exposed a similar hack of AWS for Bitcoin (BTC) mining purposes at companies Aviva and Gemaltо in October of last year. These companies, like Tesla, did not have passwords for their admin consoles.

The Tesla hack was well disguised–the hackers didn’t use an already-known mining pool, but instead put in their own mining pool software than connected the malicious script to an “unlisted” endpoint, complicating the ability to detect any suspicious activity.

The hackers also kept their CPU usage low to prevent being spotted, and hid the mining pool’s IP address behind free content delivery network CloudFlare, RedLock reports.

Tesla had already made the news last year for an innovative way to use their technologies to mine Bitcoin in a way completely unintended by the company. In December 2017, the owner of a Tesla S electric car reported that he had been mining Bitcoin with his car’s supercharger, placing a mining rig in the trunk.

RedLock’s blog post detailing the hack, titled, “Lessons from the Cryptojacking Attack at Tesla,” ends with suggestions to companies to prevent similar cryptojacking incidents in the future, namely monitoring configurations, network traffic, and suspicious user behavior.

And, as TechCruch adds, “at least [using] a password.”

Posted on

Don’t believe the hype. The five largest “ICO exit scams”: Expert Take

In our Expert Takes, opinion leaders from inside and outside the crypto industry express their views, share their experience and give professional advice. Expert Takes cover everything from Blockchain technology and ICO funding to taxation, regulation, and cryptocurrency adoption by different sectors of the economy.

If you would like to contribute an Expert Take, please email your ideas and CV to [email protected]

The majority of the world’s financial markets are now tightly regulated, and for that reason, fraud is becoming increasingly rare. Enterprising scammers are turning to fintech innovation which is currently unregulated – cryptocurrency.

Essentially, a crypto scammer aims to persuade ‘unwitting investors’ to buy fake coins by transferring either fiat currencies or cryptocurrencies. In this column we will only focus on the so-called ‘ICO exit’ scam, not thefts, hacks or Ponzi schemes.

We define a project as a scam only when it is proven that the money collected during a pre-ICO or ICO was stolen and the team has disappeared. This means the fraud was preplanned and the theft of investor funds deliberate.

PlexCoin ($15 million)

The PlexCoin ICO was halted in December 2017 by the US Securities and Exchange Commission (SEC) in response to an official complaint that founder Dominic Lacroix was defrauding American and Canadian investors. The complaint alleged that Lacroix was advertising an astronomically high return of 1,354% (that the SEC determined was unable to be delivered), pushing forward a group of fake experts to bring legitimacy to his project, and trying to obscure his past financial crimes, which included defrauding investors in a micro-loan venture.

The SEC has frozen all of the $15 million gathered by the ICO from its launch in August 2017. Lacroix was jailed, and the PlexCoin parent company fined $100,000. About $810,000 was still being held by payment processing company Stripe while the rest of the funds were located in various cryptocurrency wallets belonging to the Lacroix. It’s unclear exactly what charges will be brought against Lacroix and what will happen to the money deposited in his wallets. However, PlexCoin was one of the largest attempted ICO exit scams in history, which thankfully was nipped in the bud.

Benebit ($2.7 – $4 million)

Benebit claimed to use a Blockchain token system to unify customer loyalty programs, like frequent flyer miles. This ICO had all the trappings of legitimacy, including a moderated Telegram channel with over 9,000 members, a marketing budget of over $500,000, and promotions for the token pre-sale. With a novel concept, a serious-sounding white paper, and some well-spent marketing dollars, the Benebit team were able to generate a good deal of hype, and investors began to buy in.

However, things started to go south when someone noticed that photos of the team appeared to have been stolen from a UK school for boys. Passport details provided by the ‘founders,’ were all fake. After this revelation, the team behind the scam began pulling down anything related to Benebit, including the website, white paper, and social media accounts. Estimates vary, but the scammers are believed to have walked away with at least $2.7 million and as much as $4 million.

Opair and Ebitz ($2.9 million)

A motivated community of small-time investors who put money into Opair and Ebitz are trying to track down a mysterious developer known only as Wasserman, the apparent mastermind behind two ICO scams which netted a combined total of 388 BTC.

Opair promoted a decentralized debit card system using its own token, XPO. Users discovered that the LinkedIn profiles of some of the team were fake and Opair rapidly vanished, but not before generating just under 190 BTC in its ICO in the summer of 2016.

Amateur investigations carried out by duped investors revealed that the mail servers for Ebitz were rerouting to the domain of Opair, which billed itself as a clone of ZCash with some small changes. The team, a self-described “group of ethical hackers,” were hoping to raise 500 BTC through their ICO, which started on November 28 2016. In two days users of BitcoinTalk spotted the shady connection of Ebitz’ MX records to Opair.

The Ebitz website was taken down soon afterwards, but the ICO did manage to gather about 200 BTC before disappearing; although many users speculate that the BTC mostly came from the developers to provide ‘fake volume,’ or the impression that many people had already invested in the project in order to boost trust and lure other investors to buy their token.

REcoin and DRC ($300,000)

On the face of it, REcoin (Real Estate coin) and DRC (Diamond Reserve Club) tried to do something ambitious and daring – create a cryptocurrency that was backed up with real-world assets – real estate and diamonds. Their founder Maksim Zaslavskiy claimed that both startups were fully staffed, lawyered up, and had already formed relationships with retailers and investors – none of which was true.

The SEC alleges that neither REcoin nor DRC had any “real operations”, that both startups had misrepresented their total level of investment, and that neither of the proposed projects had any tokens or anything to do with Blockchain whatsoever. SEC decided that REcoin and DRC weren’t ICOs at all and were actually securities, which led to Zaslavskiy’s arrest on September 29 2017. According to the SEC, Zaslavskiy did manage to rake in about $300,000 before being caught, despite he initially saying that funds raised from both ICOs amounted to over $2 million.

PonziCoin ($250,000)

Yes, PonziCoin is a real cryptocurrency, and yes, some very gullible people were separated from their money after investing in it. Even more surprising, the most recent PonziCoin, which bills itself as “the world’s first legitimate Ponzi scheme,” is actually the second PonziCoin to exist. The first one came out in 2014 and made off with about $7,000 in cryptocurrency, which by some estimates could have been worth over $2 million today.

Another PonziCoin project appeared in 2017 using the same web address.

Initially intended as a gag, it featured a public and open admission on its website that it was a scam. However, that didn’t stop some investors from pouring money into the ‘product.’ In total, a project, which openly admitted to being a scam, raised over $250,000, and, surprise, surprise, the ‘founder’ ran away with the cash (after being baffled that anyone would invest at all given their openness and honesty).

Six questions to ask

ICO exit scams thrive in the current environment of unbelievable profits, overwhelming hype, and the time-constrained nature of ICOs, which make investors feel like they need to invest quickly or risk losing out on a good deal. No matter if you are just starting out or are a seasoned investor, every single decision needs to be analyzed thoroughly – there is no substitute for due diligence. If you are considering investing in an ICO, we highly recommend taking the following steps:

  1. Read the ICO white paper thoroughly. Does the concept make sense to you?
  2. What problem is the product solving? Does it make business sense?
  3. Study the team and their experience. Get in contact with representatives and ask difficult questions. Dig into their history, LinkedIn profiles, and previous jobs. Helpful hint: scammers will sometimes use fake pictures. Google’s reverse image search will work wonders.
  4. Check forums to gain insight into what the cryptocurrency community is saying about the project. Many people there have been victims of ICO scams, so they will have a sharper eye for red flags.
  5. Make sure that the ICO is planning on using a trusted escrow company to handle funds for their ICO. Escrow gives you an additional layer of protection, ensuring that you will at least receive the promised tokens from the ICO before parting with your hard-earned capital.
  6. Take a look at what rating companies are saying about the ICO. If the new project isn’t rated, there’s a high chance that it’s a scam. Also be sure to check and compare risk scores.

We believe that cryptocurrency is the future and that this current period of uncertainty is temporary, it is still wise to be cautious and prudent before investing your hard earned fiat or cryptocurrency in new ventures.

The views and interpretations in this article are those of the author and do not necessarily represent the views of Cointelegraph.

Brian Kean is the Chief Business Development Office at the investment evalutation agency, ICORating. He has extensive experience in investment funding and communications in retail businesses worldwide.

Posted on

Crypto ‘Scams’ Have Affected Over 1.2k Australian Investors In 2017

Cryptocurrency “scams” generated over 1200 complaints to Australia’s consumer watchdog in 2017, according to new figures it released this month.

Local news media outlet ABC reports data it obtained from the Australian Competition & Consumer Commission (ACCC) reveals 1289 complaints, some of which appear to relate to token offerings.

Australia has remained quiet against the recent backdrop of pledges by international regulators to keep a close eye on cryptocurrency token sales and related activities.

As Cointelegraph reported on various occasions since the World Economic Forum 2018 late January, the US Securities and Exchange Commission (SEC) has led plans for continued scrutiny on financial products subsequently repeated by entities including the European Union.

While ABC does not state which specific operators the complaints refer to, one investor relates losses he suffered through use of controversial Australian exchange Igot, responsibility for which has since been transferred to Bitlio since an insolvency scam in 2016.

These are quite speculative products and they can be quite high-risk,” John Price, commissioner for financial regulator the Australian Securities and Investments Commission (ASIC) meanwhile told the publication in broader comments.

“It’s been quite well documented that some of these products are scams, so please don’t invest unless you’re prepared to lose some or all of your money.”

Scams even affect cryptocurrency’s best-known names, with Ethereum co-founder Vitalik Buterin warning investors about a Twitter impersonator purporting to offer free money on his behalf.

The fake giveaway even made the headlines in cryptocurrency news media, which erroneously reported it as legitimate.

 

Posted on

Don’t Believe the Hype. Five Largest ICO “Exit Scams”: Expert Take

In our Expert Takes, opinion leaders from inside and outside the crypto industry express their views, share their experience and give professional advice. Expert Takes cover everything from Blockchain technology and ICO funding to taxation, regulation, and cryptocurrency adoption by different sectors of the economy.

If you would like to contribute an Expert Take, please email your ideas and CV to [email protected]

The majority of the world’s financial markets are now tightly regulated, and for that reason, fraud is becoming increasingly rare. Enterprising scammers are turning to fintech innovation which is currently unregulated – cryptocurrency.

Essentially, a crypto scammer aims to persuade ‘unwitting investors’ to buy fake coins by transferring either fiat currencies or cryptocurrencies. In this column we will only focus on the so-called ‘ICO exit’ scam, not thefts, hacks or Ponzi schemes.

We define a project as a scam only when it is proven that the money collected during a pre-ICO or ICO was stolen and the team has disappeared. This means the fraud was preplanned and the theft of investor funds deliberate.

PlexCoin ($15 million)

The PlexCoin ICO was halted in December 2017 by the US Securities and Exchange Commission (SEC) in response to an official complaint that founder Dominic Lacroix was defrauding American and Canadian investors. The complaint alleged that Lacroix was advertising an astronomically high return of 1,354% (that the SEC determined was unable to be delivered), pushing forward a group of fake experts to bring legitimacy to his project, and trying to obscure his past financial crimes, which included defrauding investors in a micro-loan venture.

The SEC has frozen all of the $15 million gathered by the ICO from its launch in August 2017. Lacroix was jailed, and the PlexCoin parent company fined $100,000. About $810,000 was still being held by payment processing company Stripe while the rest of the funds were located in various cryptocurrency wallets belonging to the Lacroix. It’s unclear exactly what charges will be brought against Lacroix and what will happen to the money deposited in his wallets. However, PlexCoin was one of the largest attempted ICO exit scams in history, which thankfully was nipped in the bud.

Benebit ($2.7 – $4 million)

Benebit claimed to use a Blockchain token system to unify customer loyalty programs, like frequent flyer miles. This ICO had all the trappings of legitimacy, including a moderated Telegram channel with over 9,000 members, a marketing budget of over $500,000, and promotions for the token pre-sale. With a novel concept, a serious-sounding white paper, and some well-spent marketing dollars, the Benebit team were able to generate a good deal of hype, and investors began to buy in.

However, things started to go south when someone noticed that photos of the team appeared to have been stolen from a UK school for boys. Passport details provided by the ‘founders,’ were all fake. After this revelation, the team behind the scam began pulling down anything related to Benebit, including the website, white paper, and social media accounts. Estimates vary, but the scammers are believed to have walked away with at least $2.7 million and as much as $4 million.

Opair and Ebitz ($2.9 million)

A motivated community of small-time investors who put money into Opair and Ebitz are trying to track down a mysterious developer known only as Wasserman, the apparent mastermind behind two ICO scams which netted a combined total of 388 BTC.

Opair promoted a decentralized debit card system using its own token, XPO. Users discovered that the LinkedIn profiles of some of the team were fake and Opair rapidly vanished, but not before generating just under 190 BTC in its ICO in the summer of 2016.

Amateur investigations carried out by duped investors revealed that the mail servers for Ebitz were rerouting to the domain of Opair, which billed itself as a clone of ZCash with some small changes. The team, a self-described “group of ethical hackers,” were hoping to raise 500 BTC through their ICO, which started on November 28 2016. In two days users of BitcoinTalk spotted the shady connection of Ebitz’ MX records to Opair.

The Ebitz website was taken down soon afterwards, but the ICO did manage to gather about 200 BTC before disappearing; although many users speculate that the BTC mostly came from the developers to provide ‘fake volume,’ or the impression that many people had already invested in the project in order to boost trust and lure other investors to buy their token.

REcoin and DRC ($300,000)

On the face of it, REcoin (Real Estate coin) and DRC (Diamond Reserve Club) tried to do something ambitious and daring – create a cryptocurrency that was backed up with real-world assets – real estate and diamonds. Their founder Maksim Zaslavskiy claimed that both startups were fully staffed, lawyered up, and had already formed relationships with retailers and investors – none of which was true.

The SEC alleges that neither REcoin nor DRC had any “real operations”, that both startups had misrepresented their total level of investment, and that neither of the proposed projects had any tokens or anything to do with Blockchain whatsoever. SEC decided that REcoin and DRC weren’t ICOs at all and were actually securities, which led to Zaslavskiy’s arrest on September 29 2017. According to the SEC, Zaslavskiy did manage to rake in about $300,000 before being caught, despite he initially saying that funds raised from both ICOs amounted to over $2 million.

PonziCoin ($250,000)

Yes, PonziCoin is a real cryptocurrency, and yes, some very gullible people were separated from their money after investing in it. Even more surprising, the most recent PonziCoin, which bills itself as “the world’s first legitimate Ponzi scheme,” is actually the second PonziCoin to exist. The first one came out in 2014 and made off with about $7,000 in cryptocurrency, which by some estimates could have been worth over $2 million today.

Another PonziCoin project appeared in 2017 using the same web address.

Initially intended as a gag, it featured a public and open admission on its website that it was a scam. However, that didn’t stop some investors from pouring money into the ‘product.’ In total, a project, which openly admitted to being a scam, raised over $250,000, and, surprise, surprise, the ‘founder’ ran away with the cash (after being baffled that anyone would invest at all given their openness and honesty).

Six questions to ask

ICO exit scams thrive in the current environment of unbelievable profits, overwhelming hype, and the time-constrained nature of ICOs, which make investors feel like they need to invest quickly or risk losing out on a good deal. No matter if you are just starting out or are a seasoned investor, every single decision needs to be analyzed thoroughly – there is no substitute for due diligence. If you are considering investing in an ICO, we highly recommend taking the following steps:

  1. Read the ICO white paper thoroughly. Does the concept make sense to you?
  2. What problem is the product solving? Does it make business sense?
  3. Study the team and their experience. Get in contact with representatives and ask difficult questions. Dig into their history, LinkedIn profiles, and previous jobs. Helpful hint: scammers will sometimes use fake pictures. Google’s reverse image search will work wonders.
  4. Check forums to gain insight into what the cryptocurrency community is saying about the project. Many people there have been victims of ICO scams, so they will have a sharper eye for red flags.
  5. Make sure that the ICO is planning on using a trusted escrow company to handle funds for their ICO. Escrow gives you an additional layer of protection, ensuring that you will at least receive the promised tokens from the ICO before parting with your hard-earned capital.
  6. Take a look at what rating companies are saying about the ICO. If the new project isn’t rated, there’s a high chance that it’s a scam. Also be sure to check and compare risk scores.

We believe that cryptocurrency is the future and that this current period of uncertainty is temporary, it is still wise to be cautious and prudent before investing your hard earned fiat or cryptocurrency in new ventures.

The views and interpretations in this article are those of the author and do not necessarily represent the views of Cointelegraph.

Brian Kean is the Chief Business Development Office at the investment evalutation agency, ICORating. He has extensive experience in investment funding and communications in retail businesses worldwide.

Posted on

Cisco And Ukrainian Cyber Police Uncover $50 Mln Bitcoin Phishing Scam

Technology conglomerate Cisco and the Cyber Police of Ukraine have revealed a Ukrainian Bitcoin (BTC) phishing ring that has stole over $50 mln over a three year period, Cisco’s threat intelligence team Talos reports.

Talos was first alerted to the phishing threat on Feb. 24, 2017, when a Ukrainian-based phishing scheme, COINHOARDER, targeted the blockchain.info wallet service through Google Ads that contained “gateway phishing links” and generating over 200,000 client search queries.

The Google Ads would appear to represent the real blockchain.info Bitcoin wallet by using domain names that closely resembled that of the official wallet, like blockchein.info. The phishing sites themselves are also designed to match the real site in every way except for the domain name.

Blockchain

Talos reports that COINHOARDER began making their phishing site look more legitimate over time by using rogue SSL certificates in combination with their typosquatting,”brand spoofing,” and homograph attacks.”

Talos found that the phishing targeted geographic areas where local currencies were unstable and English was not the first language of the region, like Nigeria and Ghana, for victims were more likely to miss the slight differences in the domain and SSL names.

Cisco’s collaboration with the Cyber Police of Ukraine helped them identify the attackers’ BTC wallet address. Talos writes that “around $10 mln” alone was stolen while tracking the wallet’s activity from Sept. through Dec. 2017.

After the discovery of this large-scale phishing scheme, Cisco began flagging the associated domains as suspicious, and used DNS requests to find and block other domains opened by the same registrant of the initial site.

Talos ends their report with the list of the IP addresses associated with the phishing scam, as well as ways for Cisco customers to protect themselves against similar threats.

Crypto phishing scams on Twitter have recently become much more prevalent, with users creating fake accounts that closely mimic those of crypto elites like Charlie Lee or Vitalik Buterin and then promoting fake crypto giveaways.

Posted on

Mining Malware Tsunami Continues: ‘5000’ High-Profile UK Websites Hit By Tainted Plugin

New cryptocurrency mining malware exploiting software for blind and partially-sighted people has infected “thousands” of websites including the UK Government, the Guardian reports Sunday, Feb. 11.

As various media outlets report Monday, malicious script was injected into BrowseAloud, a plugin which assists those with reduced sight in accessing online content. Visitors to sites involved see their processing power used for mining – known colloquially as “cryptojacking.”

Over 5000 websites are now infected, including the UK’s National Health Service (NHS), Student Loans Company and local authority sites.

Commenting on the events, UK watchdog the National Cyber Security Centre (NCSC) said there was “nothing to suggest” consumers were at risk after damage control measures were implemented.

“NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,” a statement read Feb. 11.

“The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”

The news comes amid multiple warnings of similar malware propagation throughout the world, including Monero mining malware infecting Android devices this month.

In January meanwhile, Cointelegraph reported on how third parties had managed to use YouTube to mine cryptocurrency by hijacking Google’s DoubleClick advertising platform.

The NHS was one of the first and hardest-hit victims of 2017’s infamous WannaCry malware attack, which saw hackers demand $300 in bitcoin to unlock computers.

Posted on

‘Fraudulent’ Bitstrade Platform Gets Cease And Desist Order From New Jersey Regulators

Local US regulators of the state of New Jersey announced they had sent a cease and desist order to cryptocurrency investment platform Bitstrade Feb. 9, describing the business as “fraudulent.”

A press release accompanying the “emergency order” warns that Bitstrade was not licensed to offer securities in the state of New Jersey, and that it was “violating the law” by not disclosing key information about its operations.

The enforcement came courtesy of New Jersey Attorney General Gurbir S. Grewal, as well as its Division of Consumer Affairs, Bureau of Securities and Division of Law.

The release states:

“…[T]he Bureau found that Bitstrade is violating the State’s Uniform Securities Law by offering investors an unregistered security in the form of an investment pool that purportedly guarantees up to 10 percent returns which accrue daily on investor funds. Bitstrade is not registered to sell securities in New Jersey,”

Regarding withholding information, the order makes specific reference to “failing to disclose key material facts to prospective investors, including the names of its executive officers, the address of its principal office, information about Bitstrade’s financial condition, the risks of the Bitstrade Investment, and how Bitstrade invests investors’ money, the Bureau found.”

The move comes just weeks after self-proclaimed “cryptocurrency bank” AriseBank was ordered to halt operations in the state of Texas and stop serving its residents.

At the same time, US regulators at national level in the form of the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) continue to urge caution on ICOs and similar offerings in the cryptocurrency industry.

In a dedicated hearing on associated regulation Feb. 6, the chairmen of both agencies committed to “collaborating on… approaches to policing [cryptocurrency] markets for fraud and abuse.”

What makes Bitstrade’s fraudulent offer potentially more harmful for unsophisticated investors is that cryptocurrency is virtually anonymous, so there is no recourse for investors to recoup their losses,” Division of Consumer Affairs acting director Sharon Joyce meanwhile said about the New Jersey move.

Posted on

Binance Vs. McAfee: Hack Rumors Controversy

For more than 24 hours, Binance, the world’s largest cryptocurrency exchange, was down due to a server issue on Feb. 7. On Feb. 9, Binance resumed trading after successfully rebooting its server.

Binance hack rumors refuted

John McAfee, a security expert and a well-known public figure in the cryptocurrency space, continued to fuel controversy around Binance and rumors of hacking attacks, showing screenshots that circulated on various social media platforms.

“I received dozens similar from a variety of sources. I’m not saying there was a hack. I’m merely asking for clarification. If a hack did happen and we are not immediately pursuing it, then the chances of recovery go to zero within 24 hours,” McAfee stated.

In response to McAfee’s statement, which referenced a photoshopped image of the Binance website, the company’s CEO Changpeng Zhao stated:

Immediately after McAfee released several statements on the issue, the Binance team along with its CEO Changpeng Zhao refuted the rumors, stating that Binance was not hacked. Binance went as far as to transfer funds from its cold wallet to hot wallet to show that the exchange was not hacked.

The Binance team also encouraged McAfee not to spread false information and provided evidence that funds on the exchange are safe by publicly showing the cryptocurrency wallet addresses of the exchange.

Zhao added that the exchange did not experience a hack, but an issue with its server and the team focused on recovering its data to enable trading.

Difference between hack and minor server issues

Recently, many cryptocurrency exchanges and trading platforms were hacked. Coincheck experienced a $530 mln hacking attack as reported by Cointelegraph and yesterday, the largest Nano (RaiBlocks) exchange BitGrail experienced a security breach.

The difference between a hacking attack and a minor server issue is that with security breaches, anyone can verify the movement of absurdly large amounts of cryptocurrencies from the cryptocurrency exchange’s wallets to external wallets, as seen in the case of Coincheck.

Hours before the Coincheck team admitted to a hacking attack, many members of the cryptocurrency community released evidence that hundreds of millions of dollars worth of NEM were moved from the wallet of Coincheck to external wallets.

Thus, if there is no evidence that large sums of funds in cryptocurrencies are transferred from the wallets of a cryptocurrency exchange to external wallets, it is irresponsible to suggest the possibility of a hacking attack.

On Feb. 11, Binance CEO Changpeng Zhao released a personal statement on the recent Binance server issue and the actions of McAfee.

“The real helper was Mr. Mcafee, posting an obviously fake image about us being hacked. Everyone pitched in to help defend us. He united the community for us, and rallied such support, during a time when we needed it the most. Sometimes, things that look negative are actually positive.”

Cryptocurrency exchanges have similar daily trading volumes as stock markets in regions like South Korea. Trading platforms process billions of dollars on a daily basis. As such, upon the occurrence of a hacking attack or a security breach, cryptocurrency exchanges often contact the authorities and cooperate with law enforcement to investigate the attack, as Coincheck did last month. Also, given the size of most major cryptocurrency exchanges, it is irresponsible to suggest the possibility of hacking attacks or security breaches without hard evidence.

Posted on

BitGrail Exchange Asks Devs of ‘Stolen’ Coin To Alter Ledger To ‘Cover Losses’

Suspicion is growing around Italian cryptocurrency exchange BitGrail after its owner seemingly asked for a coin’s ledger to be changed after the exchange reported funds were missing Thursday, Feb 8.

BitGrail, a lesser-known exchange in the cryptocurrency space, reportedly suffered losses of one of its hosted tokens, Nano (formerly known as Raiblocks), subsequently freezing trading. In a note on their website posted Feb. 9, the exchange stated that 17 million Nano had been stolen in the hack, an amount worth about $187 million at the time the losses were discovered.

Feb. 9, a day after they were informed of the hack, Nano developers provided an official comment showing that BitGrail’s owner and operator Francesco “The Bomber” Firano had asked for the altcoin’s ledger to be altered.

…Firano informed us of missing funds from BitGrail’s wallet. An option suggested by Firano was to modify the ledger in order to cover his losses — which is not possible, nor is it a direction we would ever pursue,” Nano wrote in a Medium post.

Nano promptly dropped almost 20% across exchanges in the past two days, while updates from BitGrail on social media have yet to appear, except for a tweet Feb. 8 saying Nano (XRB) markets were “currently unavailable”.

However, a Twitter user named Francesco the Bomber, allegedly Firano, posted a string of tweets about the hack, the most recent of which referenced “unfounded accusations…by the dev team”, likely a response to Nano’s post on Medium.

The reputation of both Firano and BitGrail currently appears shaky, Nano continuing it considered his behavior “misleading.”

We now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time,” the  Nano post continues.

The BitGrail debacle comes as dust continues to settle on Japanese exchange Coincheck’s giant $530mln hack late last month. Although accusations of foul play have been few, questions remain about security practices as state regulators conduct an ongoing major investigation.

On Twitter, cryptocurrency industry commentators reacted cautiously, one likening Firano’s request to what happened in the DAO hack in June, 2016, after which Ethereum was hard-forked to refund users.

Nano noted that even if Firano’s request were accepted, changing transaction history was “not possible”.

Posted on

Wolf Of Wall Street Says Bitcoin Could Hit $50K Before Crashing

Jordan Belfort, known colloquially as the “Wolf of Wall Street”, has yet again cast doubt on Bitcoin, this time in a video interview with entrepreneur Patrick Bet-David, posted on Bet-David’s Facebook Jan. 31.

Belfort told Bet-David that he doesn’t believe Bitcoin (BTC) itself is a scam, referring to it as the creation of “financial anarchists”. He does think, however, that the way the cryptocurrency was built is a “perfect storm for manipulation”.

Belfort believes that the rising price of BTC can be attributed to wild speculation because of what he sees as improper use of the cryptocurrency:

“Something [BTC] was designed to be used as a currency, and it’s being used as an investment vehicle […] As a currency, Bitcoin is no more useful at $20,000 or $100.”

Belfort spoke negatively about the potential for manipulating crypto markets due to the thinness of the market, specifically referencing the case of Olaf Carlson-Wee, an early adopter of BTC who was paid in crypto when working at Coinbase in 2013.

According to Belfort, Carlson-Wee sold all of his Bitcoin, bought Bitcoin Cash (BCH) and then gave a televised interview saying that BTC was dead and that Bitcoin Cash was the future, causing its price to skyrocket.

CT could not confirm that Carlson-Wee ever mentioned dumping all of his BTC for BCH, although he did give an interview to CNBC about Ethereum that some Reddit users misconstrued as Carlson-Wee moving all his holdings to Ether.

Belfort predicts that while Bitcoin is, in his words, a “wolf in sheep’s clothing,”  it also “might go to $50,000” before what he is certain will be its eventual fall to zero.

In September 2017, Belfort had said that Bitcoin was problematic because of the potential ease for hackers to steal virtual currency. In October, he commented that ICOs were the “biggest scams ever”.

Belfort told Bet-David he had invested “not a penny” in cryptocurrency.

Posted on

Multiple ‘Charlie Lee’ Imposter Twitter Accounts Promise Fake LTC Giveaway

Twitter has seen an influx of “Charlie Lee” this week, with not just one, but multiple imposters posing as the Litecoin (LTC) creator and promoting a fake LTC giveaway.

Most of the imposters are using Twitter accounts with names very similar to the real Charlie Lee, @SatoshiLite, such as @SatoshiLitez and @SatoshiLitee_, whose Twitter profiles exactly match those on the real Charlie Lee’s page.

The only thing that differs between these scammers is the amount of LTC being given away, ranging from 50 to 500 LTC.

There are also the more lazy scammers with similar fake giveaway posts, like @LiteSatoshi, whose relatively blank Twitter page says he is Roger Ver, or @kevinco68774468, whose page matches Lee’s in part but whose name appears as “your mom.”

Cointelegraph’s coverage of the Blockchain Connect conference, which took place in San Francisco on Jan. 26, was subject to one of “your mom”’s scam attempts:

The real Lee tweeted a warning about the scammers, who he also said were blocking him so that he couldn’t see any new scam posts:

The scammers may be taking advantage of Lee’s December 2017 announcement that he had sold and donated all of his LTC, perhaps hoping that Lee’s past donation would make the scam more believable. However, since Lee no longer holds any Litecoin, any LTC giveaway purportedly coming from Lee is unlikely to be true.

By press time, all of the fake Lee accounts mentioned in this article are still active on Twitter.

Posted on

Fork Fail: US Government Institute Claims Bitcoin Cash Is ‘Original’ Bitcoin

A US government institute has claimed Bitcoin Cash (BCH) is the “original” Bitcoin while Bitcoin itself (BTC) is a “fork” in a surprising official research into cryptocurrency.

In a document titled “Blockchain Technology Overview” from the National Institute of Standards and Technology under the US Department of Commerce, authors Dylan Yaga, Peter Mell, Nik Roby and Karen Scarfone claim that “technically,” the perception that BTC is the genuine version of Bitcoin is incorrect.

“When SegWit was activated, it caused a hard fork, and all the mining nodes and users who did not want to change started calling the original Bitcoin blockchain Bitcoin Cash (BCC),” they write.

“Technically, Bitcoin is a fork and Bitcoin Cash is the original blockchain. When the hard fork occurred, people had access to the same amount of coins on Bitcoin and Bitcoin Cash.”

The document makes for curious reading at a time when the cryptocurrency industry remains awash with propaganda and marketing activities from BCH and BTC representatives alike.

Confusion for new users in Bitcoin has increased following July’s hard fork due to some major resources in the industry, notably Roger Ver’s Bitcoin.com, controversially allying with BCH.

More recently, two scandals involving BCH, mainstream news outlet CNBC and major US exchange Coinbase further dented BCH’s reputation.

The US government document nonetheless appears unfazed by both the events and the nature of Bitcoin’s hard fork itself, continuing on to provide descriptions of other cryptocurrencies.

Litecoin, authors say, is a “complement to Bitcoin,” while Ethereum Classic is underlined as the original version of “more popular” Ethereum.

Last Week, ratings agency Weiss also caused a stir when it delivered its first cryptocurrency ratings, giving Bitcoin a ‘C+’ and Ethereum a ‘B.’

Posted on

UK: Cryptocurrency Trader Robbed ‘At Gunpoint’, Amount Stolen Unknown

Four masked robbers have broken into the house of a cryptocurrency trader in Moulsford, Oxfordshire and forced him to transfer all of his bitcoins to them “at gunpoint”, The Telegraph reports Sunday, Jan. 28.

According to The Telegraph, this is the first case of cryptocurrency robbery in the UK.

The criminals entered the house of a crypto trader and forced him to transfer his entire Bitcoin stash. The exact amount of bitcoins stolen has not yet been specified.

Fortunately, the incident did not cause any serious injuries to anyone. The police immediately launched an investigation into the case, however, no arrests were made as of press time.

The police have also asked for help from local citizens:

“Officers are particularly interested in speaking to anyone travelling through [Moulsford] on the A329 Reading Road between 7.30am and 10.30am on Monday who has Dashcam footage or anyone with mobile phone footage.”

Due to their relatively anonymous nature, cryptocurrencies are becoming an increasingly popular target for robberies.

Back in December 2017, Cointelegraph covered another case: the managing director of the cryptocurrency exchange EXMO Pavel Lerner was kidnapped in Kiev by an group of unidentified people. Fortunately, Lerner got out safely just two days later, albeit having to pay a ransom of $1 mln in bitcoins.

Another robbery has taken place in neighboring Russia in mid-January, in which a locally famous cryptocurrency blogger was deprived of $425,000 worth of bitcoins. The latest news shows that cases of Bitcoin robbery aren’t limited to Russia and surrounding countries, as even the citizens of UK can be targeted by the criminals.

Posted on

Texas Orders Suspected ‘Cryptocurrency Bank’ Scam To Leave State

Texas regulators have issued an unconditional cease and desist order to the self-described ‘cryptocurrency bank’ AriseBank on Friday, Jan. 26, ordering it to halt any services to the state’s residents.

In a formal press release Friday, the Texas Banking Commissioner Charles G. Cooper implied the business, which has generated considerable controversy with its alleged offerings, does not in fact offer “banking services.”

The release explains:

“The Cease & Desist Order was based on the Commissioner’s finding that AriseBank violated Texas Finance Code Chapter 31 by using the term “bank” in its name and marketing materials to imply that it is in the business of banking in this state”

“The order requires AriseBank to cease and desist from implying that they engage in the business of banking in Texas. AriseBank is further required to clearly disclose that they do not offer their services to consumers in Texas,” it continues.

Arise came to prominence late last year when an alleged partnership with BitShares and a launch of an ICO were decried as a scam in cryptocurrency circles.

Describing itself as “the first ever decentralized banking platform,” the project was led by Jared Rice, a figure who himself has attracted negative publicity for defrauding business partners according to complaints portal Ripoff Report.

Arise’s ICO and partnership sparked a dedicated review of the website’s activities, researchers similarly concluding the business was a “total scam.”

Earlier, Cointelegraph reported that the state of Texas had similarly ordered the now-defunct platform Bitconnect to cease and desist in the selling of unlicensed securities.

According to the Texas order, Arise must now comply with the terms and adopt a 100% hands-off approach to Texas consumers by January 26, after failing to reply to the original order issued January 5.

Cointelegraph was unable to verify the situation with AriseBank due to its website no longer functioning as of press time Monday.

Posted on

Crypto Death Threat Scams More Frequent, FBI Warns Cases Are ‘Heavily Underreported’

The US Federal Bureau of Investigation (FBI) has warned Internet users about false death threats as a new method of cryptocurrency extortion, ABC California reported on Friday Jan. 26.

One of the victims, introducing themselves as Christiane, used FBI’s Internet Crime Complaint Center (IC3) to inform the agency that she received an email with a death threat. The email said: “I’ll be short. I’ve got an order to kill you,” and demanded Christiane to pay $2,800 in U.S. dollars or Bitcoin in order be spared by the would-be assassin.

Even though she realized that it was a scam, Christiane told ABC7 that she found the message distressing enough to make her look over her shoulder in fear of a potential threat on the way to work.

According to FBI agent Laura Eimiller, the case represents a new method of online extortion that is specifically increasing in frequency in California right now, ABC reports.

Eimiller also emphasizes the fact that the emails are structured and written in a way that is likely to make the target feel deeply affected, even if they are able to recognize them as a hoax.

Thus, FBI warns Internet users and encourages potential victims to provide information about any new cases, given that the number of reports is “about 15 percent of the scams that are actually taking place,” according to Eimiller. She added that the crimes like these are “heavily underreported.”

Posted on

Coincheck: Stolen $534 Mln NEM Were Stored On Low Security Hot Wallet

Japanese cryptocurrency exchange Coincheck, one of the largest in the country, was the victim of a massive hack resulting in a loss of 523 mln NEM coins, worth approximately $534 mln.

The coins were stolen via several unauthorized transactions from a hot wallet at 3:00 am local time on Friday, Jan. 26.

Following the hack, the Coincheck exchange has hosted a press conference to provide the details of what has happened and what’s coming next.

NEM stored on hot wallet, private key stolen

The hack only involved NEM. No other cryptocurrencies, including Ripple (XRP), were stolen, contrary to the early reports covered by Cointelegraph.

According to the exchange’s representatives, the hackers have managed to steal the private key for the hot wallet where NEM coins were stored, enabling them to drain the funds.

All the stolen money belonged to the customers of the exchange. The ‘inappropriate’ movement of the funds was reported by Coincheck to Japan’s Financial Services Agency, as well as the police later on the same day.

Shortly after the breach, the company halted all withdrawals from the site, hoping to stop any further damage to its funds. When asked whether they will begin allowing “at least” fiat currency withdrawals soon, Coincheck replied that that will be done after they have determined the best way to proceed.

It has come to light that the funds were being stored on a simple hot wallet rather than a much more secure multisig wallet.

Coincheck’s representatives have claimed that the security setup differs between various coins on the exchange.

Other cryptocurrencies on the site are currently stored in multisig wallets, but the NEM was not. When pressed by the media, the company insisted that “security standards were not low,” however the lack of multisig protection for NEM may indicate the opposite.

The company made clear that they use various wallet types for housing different assets. Specifically, Bitcoin and Ether are stored in cold storage wallets, with Bitcoin additionally having a multisig address. Ether, “given its nature,” is not stored on a multisig wallet.

According to their statement, more than half of Coincheck’s 80 permanent employees work on systems development, including security.

What comes next?

Going forward, Coincheck claimed that it knows the address where the stolen NEM is currently being stored by the hackers, and is hoping to be able to track the culprits.

While the company cannot currently disclose how many users were affected, they have expressed a desire to refund all the money that was lost.

When asked whether they are going to resume operations or will have to declare bankruptcy, Coincheck said that ‘in principle’ they plan to keep operating.

While the exchange has expressed a desire to refund all lost funds, they nevertheless are still considering how to approach the situation. Per the press conference, the “worst-case scenario” would be that the funds can never be returned.

When asked whether they have any words for the customers, Coincheck representatives have said that they “deeply regret” what happened.

Posted on

Steve Wozniak ‘Loses 7 BTC’ In Unlikely Credit Card Fraud

Apple co-founder Steve Wozniak allegedly lost seven bitcoins to fraudsters using a stolen credit card, the India Economic Times reported Monday, Feb. 26.

The tech veteran was speaking at the Global Business Summit 2018 in New Delhi when India Economic Times reported him admitting to the audience he had lost the funds – seven bitcoins to be exact – now worth about $75,000.

I had seven bitcoins stolen from me through fraud. Somebody bought them from me online through a credit card and they cancelled the credit card payment. It was that easy!” the publication quotes him as saying.

“And it was from a stolen credit card number so you can never get it back.”

Despite multiple publications subsequently picking up on the story, Wozniak has yet to confirm more information about the theft, and the unusual circumstances surrounding the loss.

The trade appeared to have closed with Wozniak sending the bitcoins before receiving the fiat funds – something p2p cryptocurrency trading platforms such as Localbitcoins firmly warn users against doing.

It remains unclear whether Localbitcoins or other major platform was used for the trade, and whether an escrow feature – that would have prevented the possibility of credit card fraud – was available.

Nonetheless, the weak link allowing the fraud to be successful appears to lie either in the susceptibility of credit card data to fraud or human error in sending bitcoins without confirmation of funds receipt.

Consumer complaints surrounding cryptocurrency “scams” have increased markedly over the past year, even involving Ethereum co-founder Vitalik Buterin, Cointelegraph reported this month, yet a lack of diligence on the consumers’ part remains palpable.