Author: José Oramas

José is a journalist and translator with a keen interest in blockchain and cryptocurrencies.

Categories
Crypto Exchange Crypto News Institutions Russia

Coinbase Blocks 25,000 Russian Addresses Linked to ‘Illicit Activity’

Coinbase has blocked 25,000 addresses from Russian customers supposedly linked to “illicit activity”.

Not Your Keys, Not Your Coins

As per a March 6 blog post, Coinbase said it conducted its own investigations to identify and block 25,000 addresses believed to be linked to sanctioned actors and individuals that demonstrated “high-risk” behaviour.

Later, the exchange shared the addresses with the US government to “further support sanctions enforcement”.

Today, Coinbase blocks over 25,000 addresses related to Russian individuals or entities we believe to be engaging in illicit activity, many of which we have identified through our own proactive investigations.

Coinbase blog post

What turned up the heat for the crypto community is that five days ago, Coinbase claimed it would not sabotage Russian customers by freezing their accounts at the request of Ukraine’s vice prime minister as this would “harm economic freedom”.

Most people in crypto Twitter assumed that Coinbase had received pressure from the US Securities and Exchange Commission and the Biden administration to somehow take part in economic sanctions imposed on Russia.

The exchange, however, didn’t elaborate on what it meant by illicit activities:

It’s no surprise the announcement caused a lot of controversy, bringing back the old crypto saying – not your keys, not your coins:

The general reaction of politicians and most Western governments to the Russian invasion was to condemn it and impose severe economic sanctions on the federation’s economy.

A handful of online businesses suspended their services in Russia a few days after the invasion. These included some traditional finance companies, as well as some crypto platforms and products.

Categories
Crypto News DeFi Fantom yearn.finance

Dozens of Tokens Crumble as DeFi ‘Godfather’ Calls it Quits

Dozens of popular tokens have plunged after Andre Cronje, a prominent DeFi (decentralised finance) developer, decided to stop contributing to the sector, as per a March 6 announcement from his colleague Anton Nell.

Nell shared the news via his personal Twitter saying both he and Cronje were “closing the chapter” of contributing to the DeFi space:

Most of the tokens that crashed in price were associated with the collaboration of Nell and Cronje across DeFi protocols and DApps (decentralised applications).

Fantom (FTM) plunged 17.5 percent, while Yearn.finance (YFI) fell 13 percent and the tokens from Solidly (SOLID), an Automated Market Maker (AMM) that only launched a week ago, went down as much as 75 percent.

DeFi Godfather ‘Closes the Chapter’ in Crypto

Neither Nell nor Cronje gave a specific reason for their departure from the DeFi sector. Nell said only that: “This is not a knee-jerk reaction to the hate received from releasing a project, but a decision that has been coming for a while now.”

Cronje did provide some hints ahead of his departure. Last week he deleted his Twitter and updated his LinkedIn account to reflect he was longer working at Fantom.

Most users reacted in anger to the duo’s departure and some were pointing fingers at a possible rug. However, The DeFi Edge, a popular member within the crypto Twitter community, defended Cronje’s position by guessing he was “fed up” with the DeFi space – especially after the reception of the SOLID protocol, which he was reportedly left alone to work on, handling the PR, marketing, and the project’s community.

Hundreds of users were spreading FUD about the future of the projects related to Cronje, such as his brainchild Yearn.finance, claiming the project is now “dead”, but they failed to realise he hasn’t worked in the protocol for over a year now and that it has a large team of contributors and developers that backs it up.

The Fantom Foundation said on Twitter that Cronje’s departure doesn’t mean the end of the project, as it was never a one-man team – rather, it has hundreds of developers and contributors building on Fantom.

Categories
Blockchain CBDCs Crypto News Stablecoins

UK’s Cambridge University Launches Crypto Institutional Research Group

Cambridge, one of the UK’s most famous and prestigious universities, is launching a research initiative focusing on digital assets, dubbed the Cambridge Digital Assets Programme (CDAP).

IMF and Global Banks to Collaborate

The Cambridge Centre for Alternative Finance (CCAF) is backing the initiative and will collaborate with 16 companies, including financial organisations such as the International Monetary Fund (IMF), leading global banks, and private organisations.

The idea behind CDAP is to bring further insights into the growing cryptocurrency industry, and debate the risks and opportunities associated with the ongoing adoption of digital assets.

CDAP will focus on three main fields:

  • blockchain infrastructure;
  • the environmental implications of cryptocurrencies; and
  • the overall use of digital assets, stablecoins and CBDCs (Central Bank Digital Currencies).

[CDAP] aims to meet the need for greater clarity by providing data-driven insights through collaborative research involving public and private sector stakeholders.

Bryan Zhang, CCAF executive director

Other notable research collaborators are British International Investment PLC, London Stock Exchange Group, Mastercard, Visa, World Bank, and the Dubai International Financial Centre.

Link to Australian Research Program

The CCAF’s initiative is similar to that of the DFCRC – Digital Finance Co-operative Research Centre, an Australian-based research program that focuses on the digital finance sector and the latest fianancial technologies. The project raised A$181 million through local industry leaders including the Reserve Bank of Australia, National Australia Bank, and the National Stock Exchange of Australia.

Categories
Crypto News E-commerce NFTs Payments

Ebay CEO: We May Accept Crypto Payment This Month

E-commerce giant eBay may start accepting cryptocurrencies soon, according to CEO Jamie Iannone, who says the company is considering adding cryptocurrencies as a medium of exchange and “other forms of payments” as soon as next week.

This comes a few months after eBay changed its policies allowing the trading of non-fungible tokens (NFTs), though it has yet to make an official announcement.

So even without announcing anything or doing anything, people started trading NFTs on a platform. It reminded me of many years ago when people just started selling cars when we didn’t even have a vehicle business at that point. So we’re seeing the same type of thing [with NFTs].

Jamie Iannone, CEO, eBay

eBay Targeting Younger Audiences

Iannone revealed that eBay is focusing on the younger generation who are actively selling sneakers on the platform. As cryptocurrencies and NFTs appeal to Gen Z, the multinational is considering expanding its list of available form of payments.

We’re appealing to the younger generation, where they’re coming in selling their sneakers, becoming collectors on the platform, and they’re building new marketing capabilities.

Jamie Iannone, CEO, eBay

There’s actually already a way to buy on eBay using crypto through a service called Bitrefill, where you can use your Bitcoin (BTC), Ether (ETH) and more to buy eBay gift cards, and then use them to purchase products from eBay directly.

NFTs and Crypto Now Part of Everyday Life

The rise of NFTs and decentralised finance (DeFi) is now seen everywhere, from retail traders and crypto-savvy people to real estate companies and fashion brands entering the metaverse and creating their own NFT collections.

This week, Crypto News Australia reported that Decentraland will host the first Crypto Fashion Week, gathering the elite of the fashion industry including Paco Rabanne, Dolce & Gabbana, Tommy Hilfiger and many more.

German manufacturer Puma also entered the metaverse last month in the wake of its sports apparel rivals Nike and Adidas, renaming itself Puma.eth on Twitter.

Categories
Crypto News Decentraland Fashion Metaverse NFTs

Decentraland to Host World’s First Metaverse Fashion Week

Fashionistas and crypto enthusiasts are coming together to celebrate Decentraland’s first World Metaverse Fashion Week, with the participation of elite brands in the industry including Paco Rabanne, Dolce & Gabbana, Tommy Hilfiger, and more.

The event takes place from March 24-27 on property owned by Tokens.com’s subsidiary, Metaverse Group, with Decentraland as host.

Fashion is a key driver of interest in the Metaverse and we are pleased to have such a high calibre of brands participating in the first-ever Metaverse Fashion Week. The event provides brands the opportunity to showcase NFTs and virtual products while expanding their consumer reach to a new demographic.

Andrew Kiguel, Tokens.com CEO and co-founder (Business Wire)

Crypto Fashion is Here to Stay

The rise of the Metaverse and non-fungible tokens (NFTs) has called the attention of not only hungry investors and financial institutions, but also several fashion brands.

A glimpse of how the future of style might unfold was provided almost exactly a year ago by Crypto Fashion Week, a celebration of on-chain digital fashion that brought together designers, artists and brands to showcase their products.

A number of brands have since committed to investing in the future of digital fashion. One of them is Ordre, a global online wholesale company based in Byron Bay, Australia, that raised US$9 million in Series B funding to expand its fashion services and accelerate the development of its blockchain-based platform and NFT technology.

Categories
Blockchain Gaming NFTs

Warner Music Partners with Splinterlands Team to Create Blockchain Games

Warner Music Group (WMG) has announced a partnership with blockchain gaming developer Splinterlands to allow WMG artists to create their own blockchain-based video games.

WMG Enters Web 3.0

The partnership will centre on creating P2E (Play-to-Earn) and “arcade-style” video games for mobile devices. Selected WMG artists will be allowed to launch their own blockchain-based games, thus creating another form of revenue and engagement with their fanbase.

Oana Ruxandra, executive vice-president of business development and chief digital officer at WMG, said the partnership represents a “massive opportunity” for the P2E industry:

I don’t think we can underestimate how massive the opportunity around P2E gaming is. Our partnership with Splinterlands pulls focus to our artists and their music as we all work together to develop and maintain tokenised games. As we build, we will be unlocking new revenue streams for our artists while further solidifying fans’ participation in the value created.

Oana Ruxandra, chief digital officer, Warner Music Group

P2E Industry on the Rise

Founded in 2018 by Jesse Reich, Splinterlands is the originator of a blockchain video game of the same name where users battle 1:1 and buy, sell, and trade cards, in similar fashion to Sorare.

Warner Music Group is a leader in the music industry. They are innovating the music industry to meet the standards set by Web 3.0 community members. We’re thrilled to be working with them and I look forward to new collaborations at the intersection of gaming, music, crypto, NFTs, DeFi, and blockchain.

Jesse Reich, founder, Splinterlands

The P2E industry is booming as more video game developers integrate blockchain to power innovative features such as in-game cryptocurrency, native tokens, NFTs (non-fungible tokens) and much more.

Categories
Crypto News Cryptocurrency Law NFTs

Former Bored Ape Owner Sues OpenSea for $1 Million in Damages

Timothy McKimmy, a Texas-based NFT (non-fungible token) collector, is suing OpenSea for US$1 million in damages after his Bored Ape #3475 was stolen from his crypto wallet.

McKimmy filed a lawsuit last week in the US District Court demanding OpenSea return his Bored Ape or pay US$1 million in damages.

On January 26, a bug found on the OpenSea platform allowed attackers to snap up NFTs at previously listed prices – well below current market prices. This was due to the sellers not delisting the item correctly by paying a gas fee.

McKimmy says he’s the owner of Bored Ape #3475, which was stolen during the attack and later listed for 225 ETH – or approximately US$592,000 at the time of writing.

Flaws in the Legal Glass

The lawsuit, however, has a couple of flaws. For starters, the plaintiff listed the defendant as OpenSea instead of the company’s legal identity, Ozone Networks. Ozone Networks is also based in Delaware – not in New York, as listed on the lawsuit.

These defects were pointed out by Twitter user exlawyernft:

OpenSea was ‘Aware of the Vulnerabilities’, Says McKimmy

As per the filing, McKimmy stated that OpenSea was fully aware of the vulnerabilities on its platform. If the case makes it to court, he’ll have to prove this in order to win.

As per the lawsuit:

Defendant’s security vulnerability allowed an outside party to illegally enter through OpenSea’s code and access Plaintiff’s NFT wallet, in order to list and sell Plaintiff’s Bored Ape at a literal fraction of the value (at .01 ETH). Essentially, OpenSea’s vulnerabilities allowed others to enter through its code and force the listing of an NFT.

McKimmy vs OpenSea, US District Court for the Southern District of Texas

Exlawyernft pointed out that “the negligence cause is a pretty good argument” – adding, however, that it will be interesting to see how “the jury interprets the blockchain”:

Categories
DeFi Hackers

Avalanche-Based DeFi Protocol ‘Polite’ Rugpulls Hours After Launch

Atom Protocol (not to be confused with the Atom token from Cosmos Protocol) has rugpulled investors in the most polite way possible …

‘We Have to Close the Project, Sorry’

Atom Protocol is an Avalanche-based DeFi (decentralised finance) protocol that was shut down this week within a day of launch. At first, the protocol was receiving a lot of hype from the Avalanche community as more participants joined the network and created new nodes:

But all turned out for the worst. Within a day of launch, the developers of the Atom Protocol had left a message on Twitter saying: “There’s a problem/mistake in contracts, we can’t do anything. We have to close the project, sorry.

Avalanche Community Blames Assure

The Atom Protocol went through a KYC (Know Your Customer) process, which basically verifies the identification of the responsible party behind a financial entity, such as banks. But a KYC is just a way to verify that the entity isn’t managed by malicious actors – it doesn’t prevent them from scamming investors.

The Avalanche community is blaming Assure DeFi, the protocol responsible for Atom Protocol’s KYC process. Assure responded by stating the community was “misunderstanding the role of KYC/verification”:

Assure went on to encourage affected users to complete a scam report, which will help it to further investigate the matter.

‘Just Be Polite About It’

This is probably the most blatant rugpull in DeFi history. So much so that some people decided to just laugh at the absurdity of the event:

Always Do Your Own Research

Neither KYC nor audits guarantee that a DeFi project is 100 percent legitimate, so the best way to proceed is to always DYOR (Do Your Own Research), and always invest only what you can afford to lose.

An audit is, however, much more reliable than a mere KYC process. On January 7, blockchain security firm CertiK identified Arbix Finance as a potential rugpull, warning users to stay away from it and its ARBX token.

Categories
Crypto News Hackers NFTs

OpenSea Phishing Attack Sees at Least $3 Million Worth of NFTs Stolen

At least US$3 million worth of non-fungible tokens (NFTs) have been stolen in a phishing attack targeted to dozens of users in the decentralised marketplace OpenSea.

Attack Unrelated to OpenSea Platform, Says Co-Founder

In a tweet, OpenSea’s CEO Devin Finzer said that the attack wasn’t related in any way to the OpenSea website – it was rather a phishing attack where at least 32 users were tricked into signing a migration authorisation of their NFTs to the hacker’s wallet.

As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.

On February 19, OpenSea announced a smart-contract upgrade that requires users to migrate their NFTs from the Ethereum blockchain to the new set of smart contracts. Failing to do so leaves their old NFT listings inactive.

But four weeks ago, the hackers deployed a smart contract on Etherscan with the goal of collecting as many signatures as possible from OpenSea users. The OpenSea smart-contract update came at perfect timing for hackers, as the short deadline of the upgrade gave them a small window of opportunity to deceive users.

The hackers started sending phishing emails to trick users into signing a message to migrate their NFTs to the new OpenSea smart contract, but it was instead someone else’s wallet:

Always Double-Check What You’re Signing

After the attack, Finzer warned OpenSea users to always double-check what they’re signing. Affected users are currently dealing with OpenSea Support to investigate the attack:

OpenSea has been in hot water recently due to continuous attacks and bugs found on the platform. On January 4, the platform had to freeze 16 Bored Apes worth US$2.2 million that had been stolen in a phishing attack.

Just a few weeks later, hackers found a bug on the OpenSea platform that allowed them to purchase NFTs at well below market value.

Categories
Coinbase Crypto News Hackers Scams Social media

Scam Alert: Beware of Telegram Bots Stealing Your Crypto with One-Time Passwords

Hackers are using Telegram bots to trick users into handing them access to their cryptocurrency accounts. One US citizen lost US$106,000 after a fake phone call from a bot pretending to be from crypto exchange Coinbase.

One-time password (OTP) bots are specifically made for hackers. The customer only needs to enter the victim’s phone number and name, and the bot uses these credentials to stage a phone call posing as a crypto exchange or bank.

Customers pay a monthly fee to use the authentication code to operate the bot. Some services cost US$300 per month and provide additional tools at fees ranging from $20 to $100 for more live phishing panels.

Screenshot of bot. Source: Intel471

The image above is an example of an OTP bot in action, named SMS Buster. According to intelligence firm Intel471, these bots are “remarkably easy to use” and relatively cheap considering the amount of money hackers can pull out:

SMS Buster requires a bit more effort from an actor in order to obtain account information. The bot provides options to disguise a call to make it appear as a legitimate contact from a specific bank while letting the attackers choose to dial from any phone number. From there, an attacker could follow a script to track a victim into providing sensitive details such as an ATM personal identification number (PIN), card verification value (CVV) and OTP, which could then be sent to an individual’s Telegram account. The bot, used by attackers targeting Canadian victims, gives users the chance to launch attacks in French and English.

Intel471 blog post

Obstetrician Loses $100k

As per a CNBC report, American obstetrician Dr Anders Apgar fell victim to one of these bots after receiving a phone call that seemed legitimate to him, along with a series of banner notifications on his phone informing him his Coinbase account was in jeopardy.

The bot tricked Apgar into thinking his account was in potential danger, prompting him to enter an OTP code generated by his phone’s mobile app. The code was then forwarded back to the bot’s customer, giving him access to Apgar’s funds, which contained US$106,000 in bitcoin.

A Coinbase representative told CNBC it would never make unsolicited calls to customers:

Coinbase will never make unsolicited calls to its customers, and we encourage everyone to be cautious when providing information over the phone. If you receive a call from someone claiming to be from a financial institution, do not disclose any of your account details or security codes. Instead, hang up and call them back at an official phone number listed on the organisation’s website.

Coinbase representative

Beware of OTP Bots

OTP bots have become popular among hackers as they’re easy to use and profitable. Profitable because most sites and online services use the 2FA (two-factor authentication) model, which requires the user to supply both a password and a verification code (the OTP).

The 2FA model was widely embraced by most websites to protect their users’ accounts. Even if hackers have a user’s password, they still need to enter the verification code sent to the mobile device in order to access the account.

We saw a similar threat two weeks ago, when Crypto News Australia reported about an information-stealing malware called “Mars Stealer”, targeting more than 40 crypto hot wallets, browsers and 2FA plug-ins. .