Connect with us

Cryptocurrency

Cryptocurrency Leading Exchange, Coinbase Pays Hacker $250,000 for Discovering Vulnerable Attack Point

Published

on

Coinbase - Investors King

Coinbase, one of the world’s leading cryptocurrency exchange platforms, has paid a hacker known on Twitter as Tree of Alpha for discovering a critically vulnerable point that could be exploited by criminals and potentially hurt the platform and the entire crypto space.

According to Tree of Alpha, users could easily sell 50 SHIB value at about $0.001 for 50 BTC without actually owing anything and it will be executed via Coinbase order books as an actual trade.

Luckily for Coinbase, Tree of Alpha contacted the company development team before any damage is done to the platform and asked that all Advanced Trading and, most importantly, order posting be immediately stopped.

On Saturday, Coinbase announced that the deficit had been closed without any damage to customers’ assets. The company lauded Tree of Alpha for his effort and as a result, the exchange paid him a bug bounty of $250,000 for his discovery. This could have also potentially helped crypto users with the security of their assets in various platforms including their bitcoin casino accounts, for instance.

Responding to questions on how he thinks the issue went on noticed, the White hat hacker said “This is a hard one: I do not know. When writing tests for an API that accepts a source account, a target account, and a product ID, the first thing I would make sure of is that the person indeed has more than “QTY” in the account. Coinbase had that part. 

“The second is making sure that, for a sale on “BTC-USD” product for example, “source account” is a “BTC” account and “target account” is a “USD” account. That part was missing, and any guess from me as to why would be speculation.

“While every developer knows best practices at least vaguely, the harsh truth is a lot of shortcuts are taken to save time. If Tesla, a $890 billion company, tests payment integrations on live environment, that should tell you enough about the others.”

Asked if he can quantify the potential damage if it was exploited, he said “no, that is up to very specific Coinbase internals.

“The highest reward with the least chance of being discovered would have been, in my opinion, putting up huge BTC sell walls very close to the last traded price in order to send the market in a panic. A very small fraction would have actually filled as the narrative would have spread, and a bad actor could have profited handsomely from the ensuing chaos by shorting on other exchanges. 

“All in all with this exploit, I believe most of the damage would have been on the market itself, and not as much on Coinbase customer holdings. The risk system would have kicked in, stopping all withdrawals and Coinbase could have done an internal rollback after the blow.”  

Is the CEO/Founder of Investors King Limited. A proven foreign exchange research analyst and a published author on Yahoo Finance, Nasdaq, Entrepreneur.com, Investorplace, and many more. He has over two decades of experience in global financial markets.

Continue Reading
Comments

Cryptocurrency

Cryptocurrency Presents a New Shift for Wealth Creation in Nigeria, Says Patricia CEO

Expert in the cryptocurrency industry has said it provides a new form of wealth creation that is bigger than what the country has ever experienced for Nigeria’s younger generation

Published

on

Visa CryptoSpend- Investors King

Expert in the cryptocurrency industry has said it provides a new form of wealth creation that is bigger than what the country has ever experienced for Nigeria’s younger generation, Hanu Fejiro, Chief Executive Officer (CEO) of Patricia, a cryptocurrency exchange company, stated.

He explained that with crypto trading, NFTs, and gaming guilds where people play games and earn money, there’s a major shift in wealth creation and huge opportunities for the younger generation.

Speaking at the 2022 Technext Conference titled “Blockchain and DeFi – Beyond the hype”, the CEO said the Federal Government needs to pay adequate attention to the blockchain industry and come up with acceptable policies to ensure its success for the nation’s benefits.

According to him, Nigeria is currently ranked fourth globally in terms of cryptocurrency transactions with over 22 million Nigerians effectively trading in the market despite the ban by the Central Bank of Nigeria 

He said “Today, Nigeria is the fourth country in the world with the most crypto transactions. And that’s not a joke.

“You know, America is leading, but America has regulation. America has had regulation for the past 2 to 3years now. Now, Nigeria with no regulation is 4th in the world with about 22 million crypto users.

“Crypto is too huge an industry not to pay attention to really, and I think that the government needs to get aligned. There needs to be a handshake.”

In addition, Fejiro said that the Federal Government needs to support this industry and allow it to grow, to enable them to access the potential opportunities it has to offer to not only the citizens but the economy of the country at large.

He said, “They say the youths are the future. What are the youths doing today? Music, sports, and crypto. There needs to be government support for these industries to grow.

“There needs to be free trade zones made especially for crypto; there is need for public policies.

“We need to move away from the idea of fossil fuel in terms of crude oil and focus on human capital as our main resource right now.

Now, everybody wants to go to Canada, go to the UK, we are losing the most important thing that we have which is human capital. So the minute we can turn things around as a government, Nigeria will become the real giant of Africa.”

Continue Reading

Cryptocurrency

Binance to Pay White Hat Hackers $1 Million for Bug, Up to 10% for Catching Hackers

Following the breach in its security protocol and the eventual transfer of 2 million Binance coins estimated at about $570 million, the world’s largest cryptocurrency platform has announced plans to start paying white hat hackers.

Published

on

Binance - Investors King

Following the breach in its security protocol and the eventual transfer of 2 million Binance coins estimated at about $570 million, the world’s largest cryptocurrency platform has announced plans to start paying whitehat hackers who helped identify loopholes in its technology and those that help arrest criminal hackers that unlawfully breaks into its platform.

In a long blog post released sequel to the theft, Binance management explained that the hackers exploited the native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as “BSC Token Hub.”

Therefore, were able to move a total of 2 million BNB. The leading exchange platform claimed the exploit was carried out by a sophisticated forging of the low-level proof into one common library.

However, despite the fact that it runs a decentralised blockchain developed to run without external interference, it was able to contain the situation by contacting 26 BNB Smart Chain active validators out of the 44 spread in various time zones.

While this delayed the company’s efficiency in arresting the situation, it was able to minimize losses, Investors King understands. Binance reported that only BNB coins valued at $100 million were transferred to hackers’ wallets.

“Decentralized chains are not designed to be stopped, but by contacting community validators one by one, we were able to stop the incident from spreading. It was not that easy as BNB Smart Chain has 26 active validators at present and 44 in total in different time zones. This delayed closure, but we were able to minimize the loss,” Binance said.

Therefore, in an effort to avoid a similar situation going forward, Binance has announced two key changes; to start compensating white hat hackers that helped identified loopholes that can be exploited by criminals like other top exchange platforms like Coinbase.

It would be recalled that Investors King reported that the Aurora platform paid two white hat hackers $2 million for helping to identify what could have been a disaster for the organisation.

Binance will start paying $1 million per bug once its on-chain governance votes.

Also, the company plans to pay as much as 10% of the recovered funds as a bounty to those that helped in catching criminal hackers.

Moving forward Binance said “Looking at the broader picture, we have seen a series of attacks on targeting vulnerabilities in cross-chain bridges. We will openly share the details of the postmortem and all lessons on how to implement more advanced security measures to shore-up these vulnerabilities.

“A new on-chain governance mechanism will be introduced on the BNB Chain to fight and defend future possible attacks.”

Continue Reading

Cryptocurrency

Cryptocurrency: Hackers Steal $100 Million Worth of Binance Coins (BNB)

The world’s biggest cryptocurrency exchange by trading volume, Binance was hacked in the early hours of Friday.

Published

on

Binance CEO

The world’s biggest cryptocurrency exchange by trading volume, Binance was hacked in the early hours of Friday.

Investors King learnt that there was a cross-chain breach on the Binance protocol which led to a heist of about $100 million worth of Binance Coin (BNB). Subsequently, all operations on the Binance Exchange were suspended to contain the breach. 

The halt in operation, therefore, raised several concerns in the crypto community with many people being worried about what will happen to their funds.

A statement released by the management which confirmed the attack read “We want to confirm that we coordinated with validators to temporarily suspend BNB Smart Chain (BSC) after having determined an exploit on a cross-chain bridge”.

However, Binance CEO Changpeng Zhao ‘CZ’ later tweeted about eight hours after the halt in operation, saying “The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly”. 

Before the Binance validator was suspended, the hackers had already managed to move 2 million BNB, to their wallets but couldn’t get it all out by the time Binance suspended all deposits and withdrawals on its platform.

The company further stated that a team of developers is already investigating the breach.

This is a developing story. More details will be provided soon. 

Continue Reading
Advertisement
Advertisement




Advertisement
Advertisement
Advertisement

Trending