{"id":577,"date":"2021-11-15T12:35:47","date_gmt":"2021-11-15T12:35:47","guid":{"rendered":"https:\/\/digitalcoinprice.com\/blog\/?p=577"},"modified":"2023-03-29T06:44:53","modified_gmt":"2023-03-29T06:44:53","slug":"war-against-cryptohacking","status":"publish","type":"post","link":"https:\/\/digitalcoinprice.com\/blog\/war-against-cryptohacking","title":{"rendered":"War Against CryptoHacking"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Content<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #223c50;color:#223c50\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #223c50;color:#223c50\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/digitalcoinprice.com\/blog\/war-against-cryptohacking\/#DeFi_Sites\" title=\"DeFi Sites\">DeFi Sites<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/digitalcoinprice.com\/blog\/war-against-cryptohacking\/#Exploiting_Bugs\" title=\"Exploiting Bugs\">Exploiting Bugs<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/digitalcoinprice.com\/blog\/war-against-cryptohacking\/#Government_Oversight\" title=\"Government Oversight\">Government Oversight<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/digitalcoinprice.com\/blog\/war-against-cryptohacking\/#North_Korea\" title=\"North Korea\">North Korea<\/a><\/li><\/ul><\/nav><\/div>\n<p><span style=\"font-weight: 400;\">When the first cryptocurrency was created in 2009, one of its selling points involved its heightened security protocols. Some supporters were even saying that crypto\u2019s protocol could not be hacked and it would be impossible to breach its safeguards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">12 years later, it\u2019s clear that crypto, like everything else online, is susceptible to hacking.\u00a0<\/span><a href=\"https:\/\/casino.intertops.eu\/en\/online-casino\" target=\"_blank\" rel=\"noopener\"><b>Intertops online Games<\/b><\/a><span style=\"font-weight: 400;\"> users and other observers have been tracking the exchanges as the crypto\u2019s vulnerable points but recently it\u2019s become clear that the\u00a0<\/span>p<span style=\"font-weight: 400;\">eer-to-peer crypto platforms are the weak link.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In August Poly Network, a DeFi site, saw $610 million disappear through DeFi, the decentralized finance platform said that all of the funds had been returned \u2013 Poly Network subsequently offered the hacker, \u201cMr. White Hat,\u201d a job as \u201cchief security advisor.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">But the success of Mr. White Hat pointed out some of crypto\u2019s vulnerabilities, especially pertaining to DeFi sites where users borrow, lend, and save while taking advantage of DeFi technology which offers cheaper and more efficient access to financial services.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"DeFi_Sites\"><\/span><strong>DeFi Sites<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">DeFi sites are decentralized blockchain-based forms of finance. Instead of relying on brokerages, exchanges, and banks to offer traditional financial services, they utilize smart contracts on blockchains.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There have been concerns about the security of Defi sites for years. Critics say that there are exploited flaws in DeFi contracts that occur when the value of tokens within the pool is calculated. Private keys are frequently leaked or stolen and access controls are often missing or implemented in a way that gives an attacker the means by which to bypass them.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DeFi sites are vulnerable to front-running attacks in which the attacker finds transactions that are open to exploitation. \u00a0Defi sites have proven open to an attack vector known as the \u201c51% attack\u201d in which the hacker acquires the majority of the blockchain\u2019s computational power, makes their own version of the blockchain that grows faster than the legitimate one, replaces it under the longest chain rule and rewrites the contents of the distributed ledger as they wish.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DeFi users can also be victimized by the owners and developers of the protocol itself. These \u201crug pull\u201d schemes involve someone from inside the company draining value from the protocol and then disappearing, leaving the victims with no recourse.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Exploiting_Bugs\"><\/span><b>Exploiting Bugs<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">The Poly Network heist has heightened awareness of how DeFi sites are to attackers. While centralized exchanges \u2013 the exchange center that facilitates crypto transfers &#8212; were once the main targets of cyber currency attacks \u2013 their ability to bolster security has made DeFi the new frontier for cyberhackers. \u00a0The attacks come as funds pour into DeFi.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">According to analysts, the new DeFi sites are most at risk of such hacking attacks. Their code isn\u2019t always as secure as that of older sites and, said Rune Christensen, former head of DeFi application Maker, \u201cThere is a widening security and risk gap between old, battle-tested DeFi protocols and new, untested DeFi protocols.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Government_Oversight\"><\/span><b>Government Oversight<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Governments and financial watchdogs that are looking for ways to regulate the currently-unregulated crypto sector are getting ready to step in as it seems increasingly clear that DeFi cannot police itself.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Gary Gensler, chair of the\u00a0<\/span><a href=\"https:\/\/www.sec.gov\/\" rel=\"no-follow noopener\" target=\"_blank\"><b>U.S. Securities and Exchange Commission<\/b><\/a><span style=\"font-weight: 400;\">\u00a0(SEC), wants to start taking a tough stand on DeFi.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In an August 3<\/span><span style=\"font-weight: 400;\">rd<\/span><span style=\"font-weight: 400;\">\u00a0speech at a national security conference hosted by the Aspen Institute Gensler served notice that he will use every type of authority available to him \u2013 including requesting additional authority through Congress \u2013 to prevent transactions, products, and platforms from falling between regulatory cracks.&#8221; Gensler accused the crypto asset class of being \u201crife with fraud, scams, and abuse in certain applications&#8221; and continued \u201cright now, we just don&#8217;t have enough investor protection in crypto. Frankly, at this time, it&#8217;s more like the Wild West\u2026.if we don&#8217;t address these issues, I worry a lot of people will be hurt.&#8221;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The\u00a0<\/span><a href=\"https:\/\/www.cftc.gov\/\" rel=\"no-follow noopener\" target=\"_blank\"><b>U.S. Commodity Futures Trading Commission<\/b><\/a><span style=\"font-weight: 400;\">\u00a0is also signaling plans to increase oversight over crypto. Commissioner Dan Berkovitz has referred to DeFi as a \u201cHobbesian marketplace\u201d \u00a0and suggested that unlicensed DeFi platforms could be violating commodities trading laws.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Many analysts, including those who have been friendly to crypto and some who work within the industry itself, see oversight as inevitable. Tim Swanson of blockchain firm Clearmatics admitted, &#8220;The unfortunate situation is that (Poly Network) was seen as just an average Tuesday in the DeFi world\u2026..The industry likes to congratulate itself by claiming it resides on transparent systems, but it has repeatedly shown it is incapable of policing itself.&#8221;<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"North_Korea\"><\/span><b>North Korea<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">North Korea is widely believed to be the largest source of cryptocurrency theft and hacking and the efforts are, experts say, state-sponsored. The Democratic People\u2019s Republic of Korea has been escalating its operations which center on stealing and laundering cryptocurrencies. The efforts are allowing the North Korean government to bypass the economic sanctions that many countries have placed on them.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A United Nations 2019 report estimated that hacks, ransomware attacks, and outright theft netted Pyongyang up to $2 billion which they then convert into crypto and cash out through overseas operatives. Madeleine Kennedy, senior director of communications at crypto forensics firm Chainalysis believes that the lower estimate is likely understated. \u201cWe are confident they have stolen upwards of $1.5B in cryptocurrency. It seems likely that DPRK invests in this activity because these have been highly successful campaigns.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The U.S. Department of Homeland Security believes that a new DPRK-sponsored hacking group, BeagleBoyz, \u00a0has been behind several high-profile cyberattacks, stealing almost $2 billion since 2015 by targeting banking infrastructures such as the SWIFT system and ATMs. They use the DDoS botnet infrastructure \u2013 DeltaCharlie \u2013 to target DDoS botnets, remote access tools (RATs), keyloggers, and wiper malware via Adobe and Microsoft Windows software.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s believed that there are several hacking groups but the attack vectors are similar. \u201cInitial access to targeted financial organizations is gained using spear-phishing \u2014 either via emails with a malicious document masquerading as a job offer or via personal message on social media from a person pretending to be a recruiter,\u201d explained Anastasiya Tikhonova, head of APT Research at Group-IB, a cybersecurity company. \u201cOnce activated the malicious file downloads the NetLoader.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">An additional upcoming threat is JS-sniffers &#8212; a malicious code that steals payment data from small online stores and exposes the personal data of everyone engaged in the transaction.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">No one knows exactly how much has been stolen from crypto exchanges, it\u2019s not an exaggeration to say that it totals billions of dollars. Not all of these attacks have been traced back to the \u00a0DPRK but several have. The U.S. Department of Justice issued a statement in August 2020 that indicated that North Korean hackers had been using a Chinese money-laundering ring to launder $250 million via various digital wallets by converting traceable cryptocurrencies into privacy coins like Zcash or Monero.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There are many questions regarding the current hacking activities but one thing is clear \u2013 the hacking groups are expanding and their operations are branching out as their methods prove to be successful. It\u2019s to be expected that in the coming years, they will continue to expand their capabilities.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>When the first cryptocurrency was created in 2009, one of its selling points involved its heightened security protocols. Some supporters were even saying that crypto\u2019s protocol could not be hacked and it would be impossible to breach its safeguards. 12 years later, it\u2019s clear that crypto, like everything else online, is susceptible to hacking.\u00a0Intertops online [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":578,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-577","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest-news-updates"],"_links":{"self":[{"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/posts\/577","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/comments?post=577"}],"version-history":[{"count":3,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/posts\/577\/revisions"}],"predecessor-version":[{"id":2362,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/posts\/577\/revisions\/2362"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/media\/578"}],"wp:attachment":[{"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/media?parent=577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/categories?post=577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digitalcoinprice.com\/blog\/wp-json\/wp\/v2\/tags?post=577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}