Author: José Oramas

José is a journalist and translator with a keen interest in blockchain and cryptocurrencies.

Categories
Crypto News NFTs Scams

Hackers Take Over British Army’s YouTube, Twitter to Promote NFTs

The British Army is investigating a hack that occurred on its Twitter and YouTube accounts last week, the BBC has reported. It seems the hacker used the accounts to promote NFT collections.

After the attacker gained control of the British Army’s Twitter feed, he or she renamed it to “psssssd” and “Bapesclan”, changed the profile pic to an ape-like joker, and promoted several NFT collections to the Army’s 365,000 followers.

The Twitter feed can be found on web.archive:

On the other hand, the Army’s YouTube channel was plagued with edited videos of billionaires such as Elon Musk, creating a false impression that they were promoting the scam.

Trolling the British Government

The organisation managed to regain full control of both accounts by July 3. While there was no real damage done by the hack, one could see the incident as simply a move to troll people, specifically a UK government organisation.

An Army spokesperson told the BBC: “Whilst we have now resolved the issue an investigation is ongoing and it would be inappropriate to comment further.”

Intercepting YouTube accounts to promote NFT and crypto scams has become a common practice for hackers, according to Google’s Threat Analysis Group. Most recently, Beeple – a popular digital artist and NFT creator – had his Twitter account hacked, resulting in a US$438,000 loss to a phishing scam.

Categories
DeFi Hackers Solana

Solana-Based Protocol ‘Crema Finance’ Exploited for $8.7 Million, Services Suspended

Solana-based liquidity protocol Crema Finance has announced via Twitter that it suffered a US$8.7 million hack and has suspended its services to investigate the incident.

On July 2, Crema Finance announced the temporary halting of services and that it would update its users as soon as it had more information:

Flashloans Used to Drain Liquidity Pool

Crema is said to be working with blockchain audits platform OtterSec to investigate the hack. According to OtterSec, the hacker used Solend (a Solana-based lending platform) flashloans to drain the protocol’s pool.

Apparently, the hacker was able to circumvent Crema’s security procedures by implementing an “on-chain program” and subsequently deploying the flashloans.

The attacker stole over US$400,000 in USDH and US$5 million in USDT, later swapping the tokens for SOL and sending it to an address that currently holds around 69,442 SOL:

Crema Finance is not related to Cream Finance, another DeFi protocol that has suffered multiple exploits in the past.

A day after the incident, Crema claimed to have found the hacker’s Discord account and is now working with third parties to help detect the hacker’s identity:

The hacker allegedly used six flashloans to exploit the protocol. Flashloans are a common instrument in the DeFi ecosystem. Another recent victim of a flashloan exploit was Inverse Finance, an Ethereum-based protocol that lost US$1.2 million.

And about 10 weeks ago, Beanstalk, a credit-based stablecoin also on Ethereum, lost more than US$180 million in a flashloan exploit.

Categories
Crypto News DAO Maker Maker

MakerDAO Looks to De-Risk, Swapping $500 Million in DAI for US Treasuries

MakerDAO, the governing body of the Maker Protocol, has launched a proposal in which members are voting to determine how to allocate US$500 million in treasury funds.

According to DAO members, they are seeking to de-risk by choosing between going 100 percent in US short-term treasuries or splitting a percentage into treasuries and longer term government bonds. At the time of writing, 100 percent into treasuries was the most voted decision.

Another proposal within the DAO is the collateral class for DAI, and so far 57 percent of voters have chosen a core crypto collateral between Ethereum (ETH) and Bitcoin (BTC):

Maker will reportedly control the funds provided by Monetalis, a European wholesale lender.

A Small Investment of $500M DAI

Sebastien Derivaux, a member of MakerDAO’s strategic finance core unit, said the US$500 million DAI investment was “expected to remain liquid and low volatility, [so] it is therefore not a significant risk for the DAI peg nor the solvency of MakerDAO”.

The crypto market’s ongoing turmoil has prompted Maker to carefully decide on how it will protect its community. While MKR, Maker’s utility token, buffed 50 percent after the Terra collapse, crypto lender Celsius – which is now on the brink of bankruptcy – borrowed 100 million DAI using ETH as collateral.

Celsius’s inability to repay borrowers has caused wider pain across the crypto market, causing it to shed more blood than it already has.

Categories
CeFi Crypto News Crypto Wallets DeFi Ledger

Ledger Partners with Alkemi to Enable DeFi Lending to its 1.5 Million Users

Alkemi Network, a crypto lending platform that combines centralised finance (CeFi) with decentralised finance (DeFi), has announced a partnership with hardware wallet maker Ledger.

The integration with Alkemi Earn means that Ledger’s 1.5 million users will be able to earn yields with their ETH, wBTC (wrapped Bitcoin), or USDC directly on their wallets’ interfaces:

Bridging CeFi with DeFi

Since launching in April 2021, Alkemi Network claims it has received over US$50 million in gross deposits, and the integration with Ledger is expected to boost those numbers significantly.

Alkemi Network’s co-founder, Brandon Mahoney, highlighted the importance of allowing users to keep full control of their assets, adding that this integration differed from other products in the market.

‘Not your keys, not your coins’, as the saying goes. With this native integration into Ledger Live, Alkemi Earn unlocks a protocol-powered cash management experience for Ledger’s community. This is what bridging CeFi to DeFi is all about.

Brandon Mahoney, co-founder, Alkemi Network

Ledger Holding Firm Despite Market Downturn

Despite a bleeding crypto market, Ledger continues to work on behalf of the community. Last month, it launched an NFT-focused wallet to allow users to securely store their NFTs and install up to 100 apps.

In December last year, Ledger launched the Crypto Life card, a debit card that allows users to spend crypto on goods and services or use it as collateral for cash purposes.

Categories
Axie Infinity Ethereum Hackers

Axie Infinity’s Ronin Bridge Re-Opens, Set to Compensate Victims of $625 Million Hack

Axie Infinity’s Ronin bridge has re-opened and the company will reimburse all affected victims of the US$625 million hack on March 30, according to a tweet from officials.

The Ronin bridge is a sidechain to the Ethereum network that allowed users to transfer assets between both chains. The re-opening will take place this week, but it will require a hard fork and all validators to update their software and upgrade their nodes:

The company also shared that blockchain security company Certik had audited the Ronin bridge multiple times and came back with minor suggestions.

Important News for the Axie Community

The Axie Infinity community bled after the company’s Ronin bridge suffered the biggest DeFi hack in history, with over US$600 million stolen in just a few hours.

It was later reported that a South Korean hacking group, Lazarus, was behind the hack, according to US authorities, who found out that a sanctioned Ethereum wallet was the same wallet used to receive the stolen funds. The hackers used TornadoCash to launder over 20 percent of the funds.

Categories
Crypto News Stablecoins Tether

Tether to Launch Stablecoin Pegged to British Pound Sterling

Stablecoin issuer Tether is set to launch a stablecoin pegged to the British Pound Sterling in early July, using Ethereum as the first support blockchain.

According to a June 22 blog post from Tether, the GBPT will have a 1:1 ratio to the Pound Sterling and will provide a faster and less costly way of transferring assets:

UK ‘Next Frontier’ for Blockchain Innovation

Tether executives are reportedly working with UK regulators to prepare the next steps for rolling out the GBPT. Paolo Ardoino, CTO of Tether, cites the UK as the “next frontier” for blockchain innovation.

We believe that the UK is the next frontier for blockchain innovation and the wider implementation of cryptocurrency for financial markets. We hope to help lead this innovation by providing cryptocurrency users worldwide with access to a GBP-denominated stablecoin issued by the largest stablecoin issuer,

Paolo Ardoino, CTO, Tether

Welcome to the Family

The GBPT joins the family of fiat currency-pegged stablecoins from the company, which also includes the recently launched MXNT, the Mexican Peso-pegged stablecoin.

On May 31, Tether announced that USDT had been integrated into Polygon, one of the largest Ethereum sidechains, providing more than 19,000 applications on the Polygon ecosystem with the ability to use USDT.

Tether is expanding its family of stablecoins at the same time that the company is denying claims that its commercial paper portfolio is mostly backed by Chinese commercial paper, the reason why a US$4 billion hedge fund has placed a short bet against Tether.

Categories
Cardano Crypto News

Cardano ‘Vasil’ Hardfork Delayed Pending Bug Fixes

Input Output Global (IOG, formerly IOHK), the development lab of Cardano (ADA), has postponed for one month the Vasil upgrade for the Cardano blockchain, citing multiple bugs that need to be eliminated and giving it more time for testing.

As per a blog post from Nigel Hemsley, head of delivery and projects at IOG, the Vasil hardfork was “very close” to being complete and deployed on June 20, but it was decided to halt it as there are still at least seven non-severe bugs to be fixed:

Most Important Upgrade Since Alonzo

Vasil is one of the most important upgrades for the Cardano blockchain since the Alonzo hardfork, as it will introduce several improvements on the network that will scale throughput and reduce transaction fees.

The IOG engineering team is extremely close to finalising the core work, with just seven bugs still outstanding to complete the hard fork work, with none currently ranked as ‘severe’. After some consideration, we have agreed NOT to send the hard fork update proposal to the testnet today to allow more time for testing.

IOHK blog post

Once the testnet undergoes the hardfork, developers must meet with Cardano’s decentralised application development community to “carry out any required integration and testing work” before the launch date in late July.

Institutional demand for Cardano has doubled in 2022, according to intelligence firm IntoTheBlock, and the number of on-chain transactions has increased remarkably.

Categories
Crypto News Stablecoins

UST Contagion Continues as ‘Magic Internet Money’ Stablecoin Depegs

Last month’s Terra’s UST collapse has caused a domino effect on several stablecoins in the market. This time, Abracadabra’s Magic Internet Money (MIM), another US dollar-pegged stablecoin, started de-pegging on June 18, falling to US$0.92 per token in nearly three hours.

The de-pegging started on June 17, around 7:00 am UTC. According to Twitter handle Autism Capital, an insider revealed that Abracadabra had accrued US$412 million in bad debt as a result of Terra’s UST meltdown “because liquidations couldn’t happen fast enough to cover the protocol’s MIM liabilities”:

Ripple Effect in MIM Curve Pool

Autism Capital shed some light on the founder of MIM, Daniele Sestagalli, who allegedly created more “bad debt” by letting his SPELL position get liquidated. SPELL is an Ethereum-based token that governs Abracadabra.

Accordingly, Wonderland, a crypto venture firm that shared team members with Abracadabra, withdrew US$50 million in USDC from the MIM Curve pool on June 17, causing considerable pain to the pool’s balance:

The thread further explains that Abracadabra decided to buy CRV instead of using funds from the MIM treasury to pay the debt. But Abracadabra took down its analytics dashboard to “upgrade it” and the timing of its dashboard shutting down was a mere coincidence.

Sestagalli refuted the allegations, stating that the MIM treasury has more funds to pay off debt. For proof he shared the treasury’s address, which currently holds over US$13 million.

Terra Domino Effect Persists

The collapse of Terra’s UST stablecoin not only affected investors worldwide but has also caused a domino effect on stablecoin projects. Soon after Terra’s meltdown, TRON’s algorithmic stablecoin USDD started losing its peg with the US dollar on June 7. To prevent a Terra-type fiasco, TRON announced that USDD would be overcollateralised by a ratio of at least 130 percent.

Before TRON and Terra, the Waves Protocol-backed Neutrino Dollar (USDN) also lost its peg to the US dollar, dropping more than 15 percent amid speculation of market manipulation.

Categories
Crypto Wallets MetaMask

Security Flaw Dubbed ‘Demonic’ Discovered in MetaMask and Phantom Wallets

In a classic case of “the devil is in the detail”, security researchers from Halborn have discovered a security flaw dubbed ‘Demonic’ in MetaMask and Phantom wallets.

Do Not Import Wallets Using Unencrypted Computers

According to researchers, when users imported a web extension wallet using their seed phrases via an unencrypted computer, their assets could be at risk if a hacker manages to get access to their hard drives:

These attacks are known as ‘key-finding’ or ‘key-search’, and consist of attackers using cryptography to decrypt messages on computer systems and gain access to them, leaving users’ systems exposed to the hands of the attackers:

Vulnerability Patched Up

The Demonic vulnerability only affects users with web extension wallets including MetaMask, Phantom, Brave, and XDefi wallets, while mobile users and anyone with fully-encrypted hard drives remain unaffected.

According to researchers, all wallets have now patched the security flaw. MetaMask updated its wallet with version 10.11.3, while Phantom is rolling out a new update for its wallet next week.

After the security flaw was discovered, MetaMask awarded Halborn US$50,000, while Phantom hired Oussami Amri, the employee who found the vulnerability.

MetaMask Can’t Catch a Break

MetaMask seems to be constantly in the headlines when it comes to security protocols and users’ safety. A month ago, Crypto News Australia reported that the Ethereum-based wallet had issued a phishing attack security alert for iPhone users, warning that their assets could be at risk from an iCloud-related phishing scam.

After all, the number one rule in crypto is to never give your private key or seed phrase to anyone, and never connect it to a website or app you don’t recognise, or you could end up like Dallas2626, a MetaMask user who lost US$10,000 from a scammer in Discord using a fake WalletConnect app.

Categories
Bored Ape Yacht Club Ethereum NFTs

Bored Ape NFT Floor Price Plunges Below $100k Amid Crypto Collapse

As the cryptocurrency market experiences one of the biggest downturns in its history, NFTs are feeling the heat as much as crypto coins, if not more so.

The standout red flag is that floor prices of Bored Ape Yacht Club (BAYC) NFTs, at one time the market’s most valuable, have plunged below US$100,000, down 80 percent from their all-time high (ATH).

Crypto Winter Chills Demand for NFTs

BAYC NFTs reached a floor price of almost US$450,000 on April 29, the collection’s ATH. Floor price refers to the average cost of a product. According to data from NFT Price Floor, the current floor price of Bored Apes is 76 ETH, or US$88,000:

BAYC floor price. Source: NFT Price Floor

Throughout 2021 and early 2022, Bored Apes enjoyed great success in the NFT market, becoming one of the top-selling collections with sales north of US$1.5 million for a single Bored Ape NFT. Last month, an Australian investor managed to turn US$300 into a whopping US$5 million after buying a particularly rare Ape for what amounted to 0.01 percent of its value at the time.

Other NFT Projects Fall Hard

Due to the market sell-off that started a few months ago, NFTs in general have seen a steady decline in sales volume. The sales volume of CryptoPunks, another popular collection, has dropped nearly 70 percent in the past 30 days, according to data from OKX. Other popular collections such as Azuki and Moonbirds are doing it harder, down 86.40 percent and 91.65 percent respectively.

A few months before the massive market sell-off, Bored Apes creators Yuga Labs acquired the commercial rights to two of the most popular collections on the market, CryptoPunks and Meebits.