Author: Robert Drage

Robert is a freelance researcher, with a background in information science currently interested in blockchain technology and technical developments in the field.

Categories
Australia Crypto News Gaming Immutable X NFTs

Australia’s Immutable X Partners with GameStop in $100 Million NFT Platform Deal 

One of the leading non-fungible token (NFT) scaling platforms, Australian blockchain startup Immutable X, has partnered with retail game giant GameStop to create its new NFT marketplace, as well as a US$100 million fund to support innovation in the NFT space and its creators.

GameStop will be using the Immutable X Layer 2 solution for its speed, zero gas fees, and 100 percent carbon neutral technology to move the company into the nascent NFT sector.

Pursuant to the February 2 announcement, the two companies will also be launching a US$100 million joint fund to empower game developers in the creation of their latest NFT projects. The fund will be used for grants to help creators of NFT content and technology. But individuals who want to build or are building an NFT game project can submit proposals here for a chance to be among the first to build on the new platform.

Gaming Industry Slowly Adopting NFTs

Co-founder of Immutable Robbie Ferguson stated that it wants to change the gaming landscape by “bringing the age of digital ownership to billions of players worldwide […] one that rewards players rather than extract value from them”. GameStop plans to be a catalyst for this by having its marketplace bring “billions of low-cost, in-game assets that can easily be bought and sold” to its 50 million+ users.

Some in the gaming space are of the opinion that the evolution of the industry will be toward players owning their in-game assets. Avid gamers will be able to monetise their time in-game and have more to show than just hundreds of hours and cosmetics that gather virtual dust. On the other side of the coin, many gamers are pushing back against integrating NFTs with games, seeing it as just another cash grab from corporates.

In correspondence with tech website VentureBeat, Ferguson stated that “the best thing to do is to create truly player-first gaming experiences that embrace the benefits, rather than the hype, of NFTs. Most importantly, the games have to be good – it’s play-and-earn, not play-to-earn.”

Immutable X has been busy carving out a name for itself in the gaming industry, having recently signed a deal with ESL Gaming to provide NFTs of its Counter-Strike global tour as well as raising US$60 million in its series B funding round.

NFTs Starting the Year With a Bang

NFTs have performed considerably better than cryptocurrencies this past month, with transaction volume gaining a steady increase.

Weekly NFT transaction count. Source: Dune Analytics

As more major names start joining the NFT space, it looks quite promising that NFTs will soon become part of gaming culture.

Categories
Crime Crypto News Crypto Wallets Google Hackers

Alert: New Malware ‘Mars Stealer’ Targets 2FAs and Crypto Hot Wallets   

A new information-stealing malware has been spotted in the wild targeting over 40 crypto hot wallets, browsers, and 2-factor authentication (2FA) plug-ins. Named ‘Mars Stealer’, it is an improved version of the older Oski malware that shut down in 2020 after customer support and the Telegram went dark.

The new malware has recently been spotted circulating on Russian-speaking hacking forums where people can purchase it for between US$140 and $160.

Screenshot of the forum. Source: 3xp0rt.com

How ‘Mars Stealer’ Malware Works

According to @3xp0rt, the security researcher who got his/her hands on the malware to conduct technical analysis on it, the Mars Stealer collects information in the memory of a device. With the ability to target 37 browsers and various crypto wallets, including Bitcoin core wallets and all their derivatives as well as Ethereum, Exodus, Binance and more, the threat is widespread:

Wallets targeted by Mars Stealer. Source: 3xp0rt.com

When targeting wallets it stores sensitive data found in wallet.dat which contains the wallet address, the private key to access the address, and other sensitive data. Mars Stealer also targets 2FA apps and more than 40 crypto extensions on Chromium-based browsers, including Google Chrome, Firefox and Brave, but not Opera.

Malware That ‘Speaks’ Only Russian

The malware also contains a function that allows it to remove itself after it has successfully executed or when the operator decides it is time. One of the quirky aspects, though, is that after infecting a system it will check the device language. If the device’s language ID matches that of Russia, Belarus, Kazakhstan, Azerbaijan, Uzbekistan or Kazakhstan, the program will exit without performing any malicious acts, which is apparently common in many Russian-based malware.

Language checks for target exclusion
Source: 3xp0rt.com*

How to Protect Yourself 

Mars Stealer can be spread through many different channels such as file-hosting websites, torrent clients or any other shady downloaders. Users who hold their crypto assets on browser-based wallets or use browser extensions like Authy to utilise 2FA are warned to be cautious against clicking dubious links or downloads:

This comes after BHUNT malware also became more prominent during the past few weeks and Babadeda malware was spread in crypto discord channels last November.

Categories
Bitfinex Crypto News Hackers

Bitfinex Hackers of 2016 Move $3.5 Billion Worth of Bitcoin

Billions of dollars’ worth of bitcoin (BTC) stolen in the infamous Bitfinex hack of five years ago have been aggregated into a single wallet in 23 transactions from various addresses. Law enforcement and top analytics firms are still trying to recapture the spoils.

Stolen Bitfinex BTC Resurfaces

On February 1, an estimated US$3.5 billion in BTC was moved from wallets associated with the infamous Bitfinex hack into a single wallet. The Bitfinex hack was one of the worst in history with the perpetrators getting away with 119,756 BTC (now worth nearly US$5 billion).

According to blockchain analytics firm Elliptic, “so far this morning, 94,643.29 bitcoins [worth] US$3.55 billion have been moved in 23 transactions from a wallet associated with a theft from Bitfinex in 2016 to a new address”.

Flagged account sending 26 tx. Source: Blockstream

The number of BTC transferred amounts to only 79 percent of the total bitcoins drained from Bitfinex in 2016. According to Elliptic, the funds were laundered through darknet markets like Hydra and the privacy-focused Wasabi wallet, but the majority have now again seen the light of day.

Movement Detected Last April

The last time hackers moved some of the bitcoin was in April 2021, when they transferred over US$700 million worth to an unknown wallet during the same time Coinbase was being listed on Nasdaq.

Since the hack, Bitfinex has been trying to recover the stolen funds, stating that to this day that “Bitfinex continues to work globally with law enforcement agencies, digital token exchanges, and wallet providers to recover the Bitcoin stolen in the 2016 hack”. To date, it has recovered about 50 bitcoins (worth nearly US$2 million at current prices), a spokesperson told Decrypt.

Difficulty Trying to Sell Stolen BTC

If the thieves were ever able to onsell all those bitcoins, it has been suggested that it could have an impact on the market as more than 100,000 BTC would come on stream, potentially bringing down the price.

However, as storing and moving bitcoins between unknown wallets is considerably easier than actually selling them, these funds are being carefully monitored with many of the associated wallets blacklisted, making any sale extremely difficult.

Bitfinex itself has also offered a US$400 million bounty for the return of the stolen funds. The Bitfinex hack made the multimillion-dollar hacks of Bilaxy (August 2021) and Mitmart (December 2021) look like small fry in comparison.

Categories
Blockchain Crypto News Ethereum Mining

Ethereum Hashrate Reaches All-Time High as PoS Migration Commences 

The Ethereum network’s hashrate has been on a steady incline since its inception but has now reached a significant milestone of 1PH/s and went on to break its previous all-time high, reaching 1.11 PH/s nearing the move to Proof-of-Stake (PoS).

During the past year, usage of the Ethereum network has increased significantly with many projects opting to build on the largest smart contract-enabled blockchain. According to recent data from on-chain market analytics platform Glassnode, Ethereum has pushed a new peak for its hashrate:

The hashrate of any Proof-of-Work (PoW) consensus mechanism specifies an estimate of how many hashes are being generated by miners trying to solve blocks. The increase in hashrate shows more computers adding power to the network, thus increasing security and decentralisation of the network.

Due to the increase in value on Ethereum, it even flipped Bitcoin (BTC) at one stage in terms of returns, making it more profitable to mine. So much so that more potential miners jumped on the mining cart to urge the increase of the hashrate.

ETH Flips BTC Hashrate

As of late December, Ethereum overtook Bitcoin (BTC) with its improved hashrate. However, the network is scheduled to move to PoS, which will affect miners. Referred to as “the difficulty bomb”, it will essentially shut down ETH mining in the future.

ETH/BTC hashrate five-year chart. Source: Glassnode

In the meantime, Ethereum has released Arrow Glacier, which has slowed down the final upgrade to PoS and miners will continue as usual:

Move to PoS

As previously reported, the Ethereum Foundation has decided to change the name of ETH2 to ‘Consensus layer’ and adjust all associated terminology in order to improve clarity for new users and reduce scams.

There have also been pointers to what Ethereum plans to do with the miners, instead of just shutting them all down and asking them to go away. Ethereum has been achieving some major milestones, among them managing to capture US$10 billion in transaction fees in 2021.

Categories
Crypto News DeFi Hackers

Qubit Finance Suffers $80 Million Loss in Protocol Exploit

Decentralised lending platform Qubit Finance has suffered an exploit of its smart contract governing deposits on the Ethereum-Binance Smart Chain (BSC) bridge, losing 206,809 Binance Coin (BNB) in the biggest hack of the year so far.

Qubit’s losses were estimated at US$80 million on January 27, according to security firm PeckShield. According to Qubit’s own exploit report, the hacker(s) took advantage of a logical error in the code which allowed them to maliciously withdraw tokens from the Binance Smart Chain bridge without depositing Ethereum (ETH).

Even though the contract had zero ETH deposited into it, the attacker’s address had access to 77,162 qXETH (worth US$185 million) to use as collateral against loans on Qubit.

Funds Still Sitting in Hacker’s Wallet

According to the breakdown posted by CertiK, the funds were then used to borrow “15,688 wETH ($US37.6 million), 767 BTC-B ($US28.5 million), approximately $US9.5 million in various stablecoins, and $US5 million in CAKE, BUNNY, and MDX”. Thereafter, the funds were converted to just over 200,000 BNB, which is still sitting in the hacker’s wallet.

In summary, the deposit function was a function that should not [have been] used after depositETH was newly developed, but it remained in the contract. The team is cooperating with security and network partners, including Binance. Supply, Redeem, Borrow, Repay, Bridge, and Bridge redemption functions are disabled until further notice. Claiming is available. We are continuing to investigate and are in communications with Binance.

Qubit Finance report

Qubit Negotiates for Stolen Funds

Following the incident, the Qubit team tried to contact the hackers to offer a bug bounty of $US250,000 on ImmuniFi, but are also still prepared to negotiate:

As chains and protocols utilise the multi-chain environment, bridges will only become more important. People need to move funds from one blockchain to another, but they need to do so in ways that are not susceptible to hackers. In December, MonoX was also hacked for an estimated US$31 million.

Categories
Crime Crypto News Cryptocurrencies Hackers Scams

Report Shows $33 Billion in Crypto ‘Money Laundering’ by Cybercriminals

New research by blockchain data firm Chainalysis shows there has been an estimated US$33 billion laundered through crypto in the past five years, mainly through centralised exchanges, but as of 2021 there has been a major increase in money laundered through DeFi.

Chainalysis has released a preview of its 2022 Crypto Crime Report detailing how illicit funds have been moved over the blockchain and its various services. The total value of cryptocurrencies laundered by services in 2021 was estimated at US$8.6 billion.

Total crypto laundered. Source: Chainalysis

That figure was up 30 percent on the previous year, which was expected, given the boom in both legal and illegal activities in the crypto space. However, the figure is down 23 percent from 2019, which was the most significant year for laundered crypto.

These numbers only account for funds obtained from “cryptocurrency-native” crime, meaning activities such as darknet market or ransomware attacks in which profits are virtually always denominated in cryptocurrency. In spite of the billions of laundered dollars, money laundering accounted for only 0.05 percent of all cryptocurrency transaction volume in 2021.

Destination of funds leaving illicit addresses by crime type. Source: Chainalysis

One thing that stands out is the difference in laundering strategies between the two highest-grossing forms of cryptocurrency-based crime in 2021: theft and scamming. Researchers think this might be because more cryptocurrency was stolen from DeFi protocols than any other type of platform last year, as well as the technical skills required to launder money. For example, a DeFi hacker would have better technical skills and use different means to launder money than a scammer using a centralised exchange.

Easier to Track Laundering on the Blockchain

It’s considerably more difficult to track illicit funds when they are first converted to crypto from fiat. But due to the inherent transparency of blockchains, analysts can more easily trace how criminals move cryptocurrency between wallets and services in their efforts to convert funds into cash.

Destination of funds leaving illicit addresses between 2016 – 2021. Source: Chainalysis

Since 2018, centralised exchanges have been the main conduit for money laundering, with 58 percent of laundered crypto funnelled into just five trading platforms.

Increase in Laundering Through DeFi

Last year, for the first time since 2018, centralised exchanges did not receive the majority of funds sent by illicit addresses. Instead, DeFi protocols are making up much of the difference. The report states that DeFi protocols received 17 percent of all funds sent from illicit wallets in 2021, up from 2 percent the previous year. 

YoY % growth in value by category. Source: Chainalysis

This phenomenon translates to a 1,964 percent year-on-year increase in total value received by DeFi protocols from illicit addresses, reaching a total of US$900 million in 2021.

North Korea at the Forefront of Money Laundering

Kim Grauer, Chainalysis’ director of research, says that “there are certain types of criminals in particular that lean into technological advancements more quickly”, adding that “North Korea is always the first to use a new kind of tech solution for laundering money. We follow them each year, and this year they’ve used a lot of mixers. Last year, they were using DeFi.”

This year “is already off to a big start for NFT crime”, Grauer says, pointing to the rise in wash trading on NFT platforms. “This is definitely going to continue.”

Categories
Blockchain Crypto News Ethereum

Ethereum Foundation Rebrands ETH 2.0 to ‘Consensus Layer’

Ethereum developers have moved away from old terminology and opted to phase out the terms ‘ETH1’ and ‘ETH2’ and pretty much everything related to them in what the foundation calls “the Great ETH2 Renaming“.

Ethereum.org is shifting much of its fundamental terminology to reflect the integration of ETH1 – the existing Proof-of-Work (PoW) chain – which will now be called the “Execution layer”, to ETH2 – the new Proof-of-Stake (PoS) chain – now known as the “Consensus layer”, making the chain greener and faster.

In late 2020, Ethereum Foundation developer and researcher Danny Ryan showed how ETH1 and ETH2 are layers in the Ethereum stack, and how they can work together to make the migration to PoS faster.

The bottom line is that the execution layer will act as an engine where all the smart contracts and network rules reside, driving user interaction, while the consensus layer ensures all the devices contributing to the network are acting in line with the rules. This means that Ethereum can move to PoS without having to abandon the current network. In essence, ETH1 (Execution layer) + ETH2 (Consensus layer) = Ethereum.

However, no changes will be made to the roadmap, with Proof-of-Stake and sharding still in the pipeline for 2022/2023.

Ethereum upgrade path. Source: Ethereum Foundation

Reasons for the Rebranding

According to the announcement, in late 2021 developers stopped using the ETH1 and ETH2 terms to address possible confusion for users. One of the major problems was that the previous terminology showed a continuum of iterations rather than stacks working together. Thus the foundation has decided it wants to “be understood by the broadest audience possible”:

By removing ETH2 terminology, we save all future users from navigating this confusing mental model.

Ethereum.org

Additionally, this also helps in scam prevention since some swindlers would try to use the ETH2 misnomer to scam users by having them swap their ETH for ‘ETH2’ tokens.

ETH layer bears: Ethereum.org
Categories
Crypto News Markets Solana

Solana Slides 42% in a Week Amid More Outages

Solana (SOL) has been hit extra hard during the new year’s crypto sell-off with the chain also experiencing downtime and duplicate transactions, resulting in an outcry from the community.

Solana Down With the Rest of the Market

Solana (SOL), one of the top 10 crypto projects by market cap, has seen a 42 per cent drop in price during the past week, and is now nearly 70 per cent down from its all-time high of US$260, set on November 6.

Since the beginning of the year, the market has been in a downward spiral with most coins shaving off a good 30/40 percent, and Bitcoin (BTC) down nearly 50 percent from its own all-time high, also in November.

Solana/USDT price chart. Source: CoinMarketCap

Solana’s Chain Congestion

During this time, many people have been trading, using DeFi, and looking for liquidation bounties, causing a considerable increase in transaction volume. Because of this, Solana has experienced some performance problems on the chain caused by “excessive duplicate transactions” and “high levels of congestion”:

Users looking for bounties have been racing to close eligible positions, some even using bots to look for them. With the market in its current state, the liquidation bounty race has caused a flood of duplicate transactions that need to be corrected by validators while still processing the increased load.

During January, the network has experienced a few days when there have been “partial outage(s)”, one lasting up to 17 hours, leaving users up in arms. The chain also went through a distributed denial-of-service (DDoS) attack, which also caused downtime and a major slowdown of the network:

From Solana’s side, it has sent out update 1.8.14 to deal with the worst of the problem, with more improvements expected to roll out in the next eight to 12 weeks.

Complex Transactions Slowing Down Networks

According to Solana Status, “The last 24 hours have shown these systems need to be improved to meet the demands of users, and support the more complex transactions now common on the network”. With the increase of complex transactions in the mix, Solana validators are struggling to keep on top of the constant flow of user demands.

According to Emin Gun Sirer, chief executive of Ava Labs, Avalanche (AVAX) has held up well, describing its chain performance as “solid” during the recent stress test:

Categories
Crime Crypto News Crypto Wallets Hackers

Warning: New ‘BHUNT’ Malware Targets Crypto Wallets and Passwords

Research done by cybersecurity company Bitdefender has found a new kind of “cryptocurrency stealer” called BHUNT, a form of malware that infiltrates wallet files and other sensitive information in the browser to access a personal wallet and transfer funds to the attackers’ wallet(s).

In a recent whitepaper, Bitdefender’s senior security researcher Janos Gergo Szeles details how BHUNT works. Similar to CryptBot, Redline Stealer and WeSteal, the malware slips in with downloads of cracked or unsecured software in order to gain access to a wallet’s seed or configuration file.

Seven Different Wallets Affected

The document states that BHUNT can exfiltrate contents from Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin and Litecoin wallets along with passwords stored in the browser and phrases used to recover accounts. With information such as this, a hacker can then easily access and transfer crypto straight out of a target’s wallet.

While the malware primarily focuses on stealing information related to cryptocurrency wallets, it can also harvest passwords and cookies stored in browser caches,

Janos Gergo Szeles,  senior software engineer, Bitdefender

Hackers and the like have even started targeting Discord servers of crypto and NFT communities to let loose ‘Babadeda’ malware disguised as a legitimate app.

Prevention Better Than Cure

At the moment countries with the highest infection rates include Australia, Egypt, Germany, India, Indonesia, Japan, Malaysia, Norway, Singapore, South Africa, Spain and the US.

As the virus spreads, users should be aware that they could compromise their private information as well as their crypto wallets. By downloading software from unknown vendors, people can potentially expose themselves to malware. This is why it’s important to keep security software up to date to block the installation of unwanted software.


The most effective way to defend against this threat is to avoid installing software from untrusted sources and to keep security solutions up to date.

Janos Gergo Szeles,  senior software engineer, Bitdefender
Categories
Crypto News NFTs Scams Solana

Developers Pull Off Third NFT Rug-Pull for $1.3 Million, ‘Verified’ Project ‘Big Daddy Ape Club’

The Big Daddy Ape Club, a non-fungible token (NFT) project on Solana (SOL), has pulled the rug on investors for 9,136 SOL (an estimated US$1.3 million), even though the project was verified.

One of the largest NFT rug-pulls in Solana’s history occurred on January 11, the scammer getting away with almost US$1.3 million in investor funds. Digital artist and NFT blogger Faith Orr described it as an especially harsh incident since “most rugs do the basic courtesy of leaving their victims with NFTs even if they don’t ever get listed on secondary markets”.

According to some, it might even be the same individual or group of people responsible for multiple rug-pulls that have happened in the past. Shortly after the incident, the project’s Twitter, Discord and website went offline, followed by Solanart verifying there had indeed been a rug-pull:

Verified Project Disappoints

Even though the project had been verified by Civic, the developers were still able to run off with the funds. Does this mean the devs were just extra-shady, or did Civic drop the ball? In its defence, Civic stated that it designed the program as a free service for creators to verify their real-world identities and build trust within their communities:

We are aware of the reported Big Daddy Ape Club rug-pull and that there are victims involved. We take this attack on the NFT community seriously, and are taking steps to offer all the assistance we can.

Chris Hart, Civic CEO

Civic CEO Chris Hart conceded that its solution doesn’t perform due diligence other than identity verification, and that no verification process is 100 percent effective all of the time. Civic’s verification process is mainly designed to protect participants in the case of an incident where identity information can be shared with relevant authorities in the event something happens.

The Civic Pass program works by verifying control of the project’s Twitter handle, oversight of the project’s domain, and identity verification of the project founders through ID document capture. The verification process also includes a 3D face scan of the person.

Civic Takes Steps Toward Recourse

Civic is now taking the next steps in order to solve this case, and in a statement to Decrypt said that “the identity of the individual who held themselves out as the founder of the BDAC project was verified through our program”, adding that “we are cooperating with law enforcement to assist in their investigation, but do not know how long their investigation will take”.

At the start of January, a decentralised P2E game on Solana turned out to be a rug-pull. Hopefully, the BDAC community can pull together after this one, as was the case with the Frosties NFT rug-pull on January 15.