Connect with us

Bitcoin News

Three ways to prevent exchange hacks—how 3FA can foil cryptocurrency exchange robberies

Published

on

Guest post by Dave Jevans from CipherTrace

Dave is the CEO of CipherTrace.

The recent hack of the world’s biggest cryptocurrency exchange, Binance, highlights the need for heightened security in the crypto space.

In what Wired reported as “a ‘large-scale security breach,’ hackers stole not only 7,000 bitcoin—equivalent to over $40 million ($56 million at the time of this writing, just one week later)—but also some user two-factor authentication codes and API tokens.”

This is just one of the many cryptocurrency heists totaling 100s of millions of dollars that CipherTrace has reported on in the last year.

Why are sophisticated hackers targeting the crypto space? Because, obviously, that’s where the money is. The huge hot wallet stash looted from Binance represented only about 2 percent of the exchange’s reserves. And, if this is the rumored ‘Crypto Spring’ to the recent winter, then as valuations begin to rise dramatically expect things to get worse.

The good thing for the industry is that Binance did the right thing—they were transparent and didn’t delay in reporting the theft, announcing it the same day it was discovered. “The hackers used a variety of techniques, including phishing, viruses and other attacks,” according to Binance CEO Changpeng Zhao in a May 7 blog post.

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks.”

Moreover, Zhao announced that no customer funds would be used to cover losses, as Binance had set up a self-insurance fund in 2018 that accrues 10 percent of all trading fees in a separate cold wallet.

How did the theft occur? We are currently researching the attack, but from what we know Binance had the current state of the cybersecurity art in place. The attacker(s) probably used a password stolen in a phishing attack, or they exploited a combination of vulnerabilities.

As Chairman of the Anti-Phishing Working Group, an organization that has been fighting eCrime and phishing for more than 16 years, I can tell you it’s highly likely that phishing was an attack vector.

Spear phishing (targeted attacks on high-value individuals) and business email compromise (BEC) are getting a lot worse. And phishers are casting their nets—and spears—at crypto companies in particular. The Binance hack could have been an employee being duped into giving a password by a clever email ruse. It could have been phishing plus fileless malware or an APT. It could have stemmed from any number of vulnerabilities typically present in the attack surface of such a large, global IT network.

Time to triple-down on security

Two-factor authentication (2FA) is no longer strong enough, and SMS is a weak second factor. As was detailed in the CipherTrace Q4 2018 Crypto AML report, attackers often “port” phone numbers in order to receive SMS text messages that are used in a number of 2FA systems. Which obviously means this approach is not secure. But, by having an authentication app on the phone, instead of relying on SMS text message codes, companies are protected even if an employee’s phone is hijacked or SIM-swapped.

So what can and should exchanges do to prevent thefts? In our opinion, given the ever-increasing sophistication and persistence of the bad guys, there’s only one viable solution at the moment. Well, there’s three, actually.

The answer is three-factor authentication (3FA)—two things they have, and one thing they know. To access the network, exchange employees should be required to use an authentication app on their phone, a certificate on their computer to access the corporate VPN, and a password. That way, if criminals phish an exchange worker’s password or break it with brute force they’re still not getting in. Plus, unlike passwords, certificates can be revoked.

The attacker can gain the password and even compromise one of the user’s devices but that won’t get all three factors. And without compromising all three factors, they’re not getting in. Three-factor is the new strong auth. It may sound like this proposal puts an onerous burden on employees, but having a certificate on the computer takes no day-to-day effort.

Guest post by Dave Jevans from CipherTrace

Founded by experienced Silicon Valley entrepreneurs, CipherTrace was created to develop cryptocurrency and blockchain tracing and security capabilities.

Learn more

Filed Under: Crypto Exchanges, Guest Post, Hacks

Dave Jevans

Dave Jevans is a founder and CEO of CipherTrace. Mr. Jevans has 20 years of experience in the security and payments markets. He is the holder of 17 US patents in cybersecurity, and has founded and sold three cybersecurity startups. In 2015, Mr. Jevans sold mobile security pioneer Marble Security to Proofpoint (NASDAQ: PFPT). Before Marble, he founded IronKey, which was acquired by iMation (NASDAQ: IMN).

View author profile

Disclaimer: Our writers’ opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.

Like what you read? Give us one like or share it to your friends
original post…

Bitcoin News

Here’s Why Bitcoin, Ethereum and Litecoin is undervalued at Spot Rates

Published

on

Heres-Why-Bitcoin-Ethereum-and-Litecoin-is-undervalued-at-Spot-Rates

Heres-Why-Bitcoin-Ethereum-and-Litecoin-is-undervalued-at-Spot-Rates

Bitcoin, Ethereum and Litecoin are still incredibly undervalued as present valuations stand. This is on account of the potential of these coins and planned upgrades to make them better according to a crypto trader and enthusiast.

Yes, Bitcoin may have rallied back to possible bull territory. However, it is still fair to say that the coin sits below its true and projected position as a currency and security. Bitcoin came about as an alternative currency with decentralization as a catch for investors and enthusiasts alike.

Bitcoin is resilient and has shrugged off legitimacy questions from naysayers time and time again. The price volatility is just a consequence of intense speculation and uncertainty common with new inventions. Nonetheless, Bitcoin’s transcendent ability to transform the financial world remains effectively eliminating borders and regulatory overreach.

Bitcoin as Digital Gold

Bitcoin is a finite currency. Notably, every fiat currency will return to its inherent value of zero at times of hyperinflation. This is clear from the Venezuelan Bolivar which is worth less than its printing paper at the moment. In this light Bitcoin can become an alternative to collapsed currencies especially in failed states.

It’s become a trusted alternative when fiat money’s value is corrupted by politics”

-John McGinnis and Kyle Roche of Wall Street Journal.

The limited availability means Bitcoin can efficiently store value at times of financial crises. This is eerily similar to gold which is also a great commodity to store value that rises in value in hard times for fiat. This has led to some proponents calling Bitcoin digital Gold and rightfully so. As such, the value of $8,000 is momentary as the developed world economy is still doing well.

Ethereum And Litecoin As Alternatives

Ethereum is a great alternative for Bitcoin. That said, the price of $270 is still on the low because of the incredible potential given the possibilities of Smart contracts. More significant is the upcoming Serenity or Ethereum 2.0 upgrade. This upgrade will significantly improve the coin by incorporating technical improvements that improve scalability and performance. At the premier Ethereum Supermeetup, hosted at Token2049, Vitalik Buterin explained the update as follows;

“(It is) a way to bring technical improvements, like PoS and sharding, together to improve the Virtual Machine, Merkle Trees, the efficiency of the protocol, and a whole bunch of small technical things that you have never heard of.”

Ethereum is in this regard still on the downside price-wise. The upgrades are necessary and timely to keep the protocol efficient.

Litecoin, on the other hand, is essentially a better version of Bitcoin. This is because the coin, while having essentially the same possibilities as Bitcoin, is more adaptable to change such as the introduction of smart contracts.

Charlie Lee, a former Google employee, who founded Litecoin, has also given financial support to the Lightning Network.  There are also possibilities of incorporating Mimble Wimble that will inherently scale the network while introducing better security and privacy for the end user. When we add the halving mix in the equation, investors and traders are convinced that we are in the early stages of a mega bull run that will propel asset prices, valuing them fairly.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Smart contract platform Fantom chooses Binance Chain for interoperability

Published

on

Binance Chain, the blockchain from cryptocurrency exchange company Binance, and DAG-based smart contract platform, Fantom, announced today they will be working together to create a multi-asset and cross chain ecosystem.

The Fantom team said it will be supporting a multitude of tokens including the ERC-20 standard, native Fantom token (FTM) standard, along with the BEP-2 token standard on Binance Chain.

“Our reason for choosing Binance Chain as our interoperability partner over any other blockchain is simple, we’re seeing an increasing trend of great projects moving towards Binance Chain, and we want to contribute to the Binance Chain ecosystem so that all these great projects may garner added value from our contributions. Binance and Binance Chain are in a rare position of having the strongest centralized exchange and liquidity on one end, and a very cohesive decentralized ecosystem on the other end, and we believe that there is no better partner for Fantom in its push for greater interoperability within the industry.”

The Fantom Foundation

The collaboration will offer Fantom users a chance to transact and trade FTM while being in custody of their own tokens on Binance DEX.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Robinhood Opens Trading for 7 Cryptocurrencies in New York

Published

on

Robinhood, the popular stock and crypto investing app, has officially launched bitcoin, ethereum, and other cryptocurrency trading in New York.

Silicon Valley-based Robinhood received a BitLicense from the New York Department of Financial Services (NYDFS) in January 2019 and on Thursday opened access to crypto trading in the Empire State.

From the press release:

Currently, you can invest in seven cryptocurrencies on Robinhood Crypto: Bitcoin, Bitcoin Cash, Bitcoin SV, Ethereum, Ethereum Classic, Litecoin, and Dogecoin. You can also track price movements and news for those and 10 additional cryptocurrencies.

New York is unique and problematic for crypto traders because all purveyors must apply for a BitLicense, most notably for companies that are “storing, holding, or maintaining custody or control of virtual currency on behalf of others,” according to NYDFS.

Many crypto startups have avoided the requirements entirely by becoming BitLicense refugees and refusing to do business in the state.

“Here we are two miles from the Statue of Liberty and you cannot sell CryptoKitties in the state without that license. That’s the absurdity of what’s happened here,” ShapeShift CEO Erik Voorhees complained in 2018 when asked about the controversial license at CoinDesk’s Consensus conference in New York.

Image courtesy of Robinhood

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Generation Bitcoin: 90% of Millennials Prefer Crypto to Gold: ETF Expert

Published

on

By

By CCN: The US investing industry stands on the precipice of a dramatic upheaval that could see bitcoin and other cryptocurrency assets replace gold in investor portfolios.

That’s according to Nate Geraci, president of the ETF Store, an independent investment advisor. He revealed in a Bloomberg TV interview that his millennial clients are clamoring to hold bitcoin in their portfolios – if only the SEC would let them.

Crypto in a Landslide: ETF Expert Says Millennials Plan to Kick Gold to the Curb

Responding to a question from Bloomberg analyst Eric Balchunas about whether he would ever invest client funds in a bitcoin ETF, Geraci stunned his fellow panel members when he said that millennial investors overwhelmingly desire to hold bitcoin instead of traditional hedge assets like gold.

How overwhelming? Ninety percent.

“When we talk to our younger clients – we have a core gold allocation in our portfolios, and they’ll ask about that and say, ‘What about crypto?’ And if you talk to, primarily millennials, and ask them which they prefer, bitcoin or gold, it’s a landslide. It’s not even close, it’s like 90% prefer bitcoin.”

Geraci’s bold claim was more anecdotal than scientific, but there’s plenty of hard data that demonstrates that younger investors are vastly more comfortable with holding cryptocurrency in their portfolios than investors who grew up in the pre-digital era.

In April, a Harris Poll survey found that 18 to 34-year-olds are “very” or “somewhat” likely to purchase bitcoin within the next five years. That might not seem overwhelming, but consider that only 37% of Americans in that demographic currently own stocks.

Similarly, a February eToro survey found that 43% of millennials trust crypto exchanges more than stock exchanges, even though crypto trading platform hacks dominate the mainstream news cycle.

ETF Would Reduce Crypto Investing Risks

bitcoin etf vaneck bitcoin price

ETF Store President Nate Geraci said that there is rabid demand for a bitcoin ETF, especially among millennials. | Source: Shutterstock

Nate Geraci further pointed to the success of the $1.5 billion Bitcoin Investment Trust (OTC: GBTC) as proof that there is sufficient market demand for a crypto ETF.

He noted that the over-the-counter product regularly trades at a staggering premium to the underlying value of its BTC assets. That’s because GBTC shares fluctuate based on supply and demand, not just the price of bitcoin. An ETF, he said, would flatten that premium and thus reduce investor risk.

“It seems a bit incongruent to me that we have that product out there trading, where investors really could get hurt if they don’t understand that premium, but we don’t have a bitcoin ETF.”

“The demand is there,” he concluded.

SEC Kicks the Bitcoin ETF Can Down the Road

Unfortunately for crypto bulls, millennials aren’t the ones manipulating the levers of the Securities and Exchange Commission (SEC), which holds unilateral authority to approve or deny bitcoin ETF applications.

The SEC, as CCN reported, continues to punt on the issue. Last week, the regulatory agency extended its long trend of delaying ruling on cryptocurrency products when it postponed its decision on the VanEck/SolidX Bitcoin ETF to August 19. Most industry insiders expect the SEC to delay the VanEck/SolidX product again, pushing its final ruling until October 18.

Dave Nadig, the managing director of ETF.com, said that he believes the SEC is still in “information gathering mode” but that there is a “reasonable chance” regulators approve the first bitcoin ETF before the end of 2019.

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading

Bitcoin News

Ripple Price Analysis: XRP Lost Critical 5000 SAT Support Area – What’s Next?

Published

on

Ripple’s XRP has seen a price decline totaling 6% over the past 24 hours of trading, bringing the current price for the coin down to around $0.3754 at press time. The cryptocurrency has lost a further 16% over the past 7 trading days.

This price drop largely is due to the retracement seen in Bitcoin, although XRP also has seen difficulty when priced against Bitcoin.

XRP currently is ranked in 3d place amongst the top cryptocurrency projects by market cap value, holding a $15.89 billion market cap, according to CoinMarketCap at time of publication. 

Looking at the XRP/USD 1-Day Chart:

  • Since our previous XRP/USD analysis, we can see that XRP/USD has fallen further from the $0.39 level, to where it currently is trading at around $0.375. XRP has strong resistance beneath it provided by the 200-day moving average around the $0.3615 level.
  • From above: The nearest levels of resistance lie at $0.3790 and $0.3943. If the bulls can continue further above $0.40, higher resistance can be located at $0.4235, $0.4376 and $0.4617. Above this, further resistance lies at $0.48 and $0.50.
  • From below: The nearest level of support now sits between $0.36 and $0.35. Beneath $0.35, further support is located at $0.34, $0.32 and $0.30.
  • Trading volume has dropped significantly from the average level seen during May 2019.
  • The RSI is in a precarious position as it hovers around the 50 level which indicates indecision within the market. If the RSI drops beneath 50, we can expect XRP/USD to head lower.

xrpusd_may23-min

Looking at the XRP/BTC 1-Day Chart:

  • Against Bitcoin, we can see XRP/BTC has now dropped further beneath the support at 5000 SAT to where it currently trades at press time, around 4850 SAT.
  • From above: The nearest level of resistance now sits at 4910 SAT, 5000 SAT and 5090 SAT. Above 5100 SAT, further resistance exists at 5571 SAT, 5962 SAT and 6000 SAT.
  • From below: The nearest level of support lies at 4731 SAT. Beneath this, further support is expected at 4500 SAT, 4323 SAT and 4000 SAT.
  • Trading volume has also significantly declined toward the second half of May 2019.
  • The Stochastic RSI suggests that price action will head further lower due to a bearish crossover in overbought conditions.

xrpbtc_may23-min

Be the first to know about our price analysis, crypto news and trading tips: Follow us on Telegram or subscribe to our weekly newsletter.


CryptoPotato Video Channel



More news for you:

Like what you read? Give us one like or share it to your friends
original post…

Continue Reading
Advertisement

Recent Posts

Copyright © 2019 The Crypto Report