Category: Ethereum

Categories
Crypto Wallets Ethereum MetaMask Scams

MetaMask Users Warned of New Phishing Campaign Targeting Users

Crypto security firm Halborn has warned of a new email phishing campaign targeting MetaMask users. 

In a blog post published July 28, Halborn’s technical education specialist Luis Lubeck analysed the phishing email and highlighted red flags users should look out for to keep their digital assets safe from these types of scams.

How the Scam Works

This latest scam involves an email, ostensibly from MetaMask, asking the recipient to verify their MetaMask wallet’s seed phrase. The recipient is told the seed phrase is needed by MetaMask in order to comply with regulations and that failure to comply will result in their wallet being “restricted”:

Screenshot of the phishing scam email received by MetaMask users.

Clicking on the button to verify the seed phrase takes recipients to a fraudulent imitation of the MetaMask website where they are prompted to input their seed phrase. If the user complies, the scammers gain full access to the wallet, allowing them to steal the user’s assets.

Red Flags and Warning Signs

Lubeck cautioned that to an inexperienced, casual crypto user not paying close attention, the email could appear legitimate. However, he highlighted some important red flags, including:

  • the sending address not being from a legitimate MetaMask domain, but rather from ‘metamaks.auction’;
  • the lack of personalisation, such as the recipient’s real name or other identifying information; and
  • the call to action button linking not to MetaMask’s website, but to a fraudulent URL.

Lubeck stressed that the best defence against phishing attacks is to be extra careful when receiving email requests related to crypto accounts or wallets:

The best defence against phishing attacks like these is to stay vigilant when receiving emails and think twice before doing anything that seems a bit unusual or potentially suspicious. 

Luis Lubeck, technical education specialist, Halborn

MetaMask Frequent Target of Scammers

Due to its status as the most popular wallet for Ethereum, MetaMask is often targeted by scammers. 

In April, MetaMask warned Apple users to disable iCloud backups after it was revealed their MetaMask seed phrases were being automatically backed up to the cloud storage service and then targeted in phishing attacks. In one case, a user lost over US$600,000 worth of assets to this scam.

In November 2021, a Reddit user reported his friend had lost 38 ETH to another MetaMask scam in which a paid Google ad directed users to a fake MetaMask website to install a fraudulent version of the browser extension, allowing scammers to steal users’ assets.

Categories
Bitcoin Crypto News Ethereum Filecoin Investing

Australian Asset Manager ‘Holon’ Launches Multiple Low-Cost Crypto Funds

Following recently approved Australian crypto exchange-traded funds (ETFs), Sydney-based Holon Global Investments (Holon) has just launched three crypto funds of its own, partnering with Gemini as its custodian:

Low-Cost Alternative for Retail Investors

Holon, an asset manager which identifies itself as a Web3 investor, has launched three unlisted funds that provide access to bitcoin, ethereum and filecoin respectively.

According to the investment firm, the funds are currently the only managed investment schemes for digital assets available to retail investors that are registered with the Australian Securities and Investments Commission (ASIC).

We are huge believers in the potential for blockchain and cryptocurrency to revolutionise key areas of the global and Australian economy, including finance and data storage. But Australian investors, financial investors, and financial advisers have struggled to find regulated ways to invest.

Heath Behncke, managing director, Holon

The funds have a A$5,000 minimum investment, or A$2,000 with a A$200 per month savings plan. Furthermore, Holon has suggested that all three funds hold long positions only, as there is no gearing or trading.

Notably, the funds will incur a management fee of 0.4 percent, significantly less than the 1.25 percent fee charges by the initial group of approved Australian crypto ETFs.

Holon’s head of asset management highlighted the thought process behind this decision in a recent interview with the Australian Financial Review:

We don’t think we’re adding an enormous amount of value here, and so we shouldn’t be charging an enormous fee.

Rory Scott, head of asset management, Holon

Holon Strengthens Ties with Gemini

According to a statement by Gemini, it will act as custodian for all three funds, given its credentials and experience in operating within challenging regulatory environments. But this isn’t the first time Holon has teamed up with Gemini. Last year, it partnered with the Winklevoss-led outfit after launching its Filecoin wholesale fund.

Holon’s managing director Heath Behncke was excited about the launch, commenting:

The Holon funds have been carefully structured to include Gemini’s institutional grade custody to provide investors and financial advisors with attractive exposure to some of the most credible and exciting cryptocurrencies – Bitcoin, Ethereum and Filecoin.

Heath Behncke, managing director, Holon

It’s interesting to note that when Commonwealth Bank of Australia announced its foray into crypto, which has since been postponed, it too leaned on Gemini for custodial services. At present, it isn’t clear whether there is simply a lack of credible local institutional-grade custodians, or whether other factors, such as regulations, are at play.

Categories
Crypto News Ethereum

Ethereum Tests $1500 Amid Successful Deployment of 10th ‘Shadow Fork’

Ethereum’s 10th ‘shadow fork’ came into effect this week as the network continues to run tests ahead of the much-anticipated shift from the energy-intensive proof-of-work consensus mechanism to proof-of-stake.

As part of the preparation for the third and final testnet merge, Goerli, now expected to take place on August 10, Ethereum has been undergoing a series of shadow forks that copy data from the mainnet to a testnet:

ETH Price Volatility Since Merge Announcement

After shifting the timeline for the merge numerous times over the past two years, Ethereum’s core developers announced earlier this month that the merge was set to take place on September 19. As a direct result, the price of ETH surged almost 50 percent.

The merge, since brought forward to next month, will usher in a process in which holders of a minimum of 32 ETH can pledge their existing ETH in order to create more. The Ethereum Foundation predicts the proof-of-stake model will make the network up to 99 percent more environmentally friendly.

Since shadow fork #10 was deployed on July 26, no significant glitches have been reported. At the time of writing, the price of ETH had experienced significant volatility over the previous 24 hours, ranging from US$1,362.95 to US$1,602.61. 

Categories
Ethereum Polygon Tether

Polygon (MATIC) Surges 70% Amid Announcement of New ETH Scaling Solution

Polygon (MATIC) has been one of the rare altcoins to experience recent exponential growth, now spurred on by the announcement of an Ethereum scaling and zero-knowledge (ZK) innovation – Polygon zkEVM, the first Ethereum Virtual Machine (EVM) zero knowledge layer 2 scaling solution:

Polygon to the Rescue

The team behind MATIC says it has made a major breakthrough in zero-knowledge proof technology that is fully compatible with the EVM. In the case of a zero-knowledge proof, one party is able to prove the veracity of a piece of information to another party without having to reveal the information itself.

This will allow developers to employ the ZK method for increased levels of security and data privacy:

According to Polygon, its new zkEVM will enhance the Ethereum experience for users and developers alike by adding efficiency and reducing costs while at the same time taking advantage of the leading smart contract platform’s existing secure and trusted framework.

The blog post said: “Polygon zkEVM is for everyone who wants a cheaper, faster way to use Ethereum without sacrificing security or decentralisation. It is permissionless – anyone can use it. It’s also open-source, meaning you can trust the code, rather than trusting us.”

MATIC Soars on Other Fronts

The Polygon network has been busy of late, which has contributed to its recent massive uptick in price. In May, Tether announced that USDT had been integrated into Polygon, meaning that more than 19,000 decentralised applications on the Polygon ecosystem would be able to use USDT.

MATIC’s price also skyrocketed as Disney picked Polygon for its Accelerator Program last month. The program will focus on augmented reality, artificial intelligence characters, and NFTs.

The implosion of Terra has also meant big things for MATIC after more than 48 projects originally built on the Terra blockchain began to migrate to Polygon in the wake of Terra’s sudden collapse in May.

Categories
Crypto News Ethereum Ethereum Name Service

Amazon.eth Domain Owner Ignores $1 Million Bid

The Ethereum Name Service (ENS) domain Amazon.eth received an offer this week to purchase for one million $1 million in USDC, a stablecoin pegged to the US dollar. The offer went unanswered, and no transaction took place.

Should it have gone through, the owner stood to make a 1,000 percent profit on the sale after having purchased the domain name for 33 ETH (worth about US$50,000 today) five months ago:

Interest in ENS Domain Names Soars

Despite the bear market, ENS domain names have been rather bullish. Some attribute the growing interest to their inherent utility, which makes crypto transactions easier. Earlier this month, someone paid 300 ETH for “000.eth”, and other bids for “Samsung.eth” and “Starbucks.eth” worth US$90,000 have come in.

In the first week of July, ENS registrations surged 216 percent. It is unclear whether the owner of the Amazon.eth domain was informed of the offers or did not consider them to be fair:

According to data from OpenSea, other bids for the domain average a modest US$6,200 in USDC. The domain is verified as official by ENS and is owned by an anonymous OpenSea user, 4761BF. The individual making the offer owns about 20 ENS names, with many of them relating to Amazon, including one called “jefferyjefferybazos.eth”.

The “amazon.eth” name was created on August 2, 2017, and expires on October 16, 2036, and was first registered on February 7, 2020.

The expired bid for the “amazon.eth” ENS. Source: OpenSea

What is ENS?

An ENS provides human-readable names to different aspects of the Web3 world, which would commonly include blockchain addresses. Like NFTs, ENS names can be bought and sold on secondary markets such as OpenSea and are often used by crypto users as part of their social media profiles.

Famous brands such as Budweiser took a dive into the crypto market last year and bought an ENS called “Beer.eth” for 38 ETH. Puma, following other sports brands like Nike and Adidas into the metaverse, also bought a decentralised .eth URL from ENS and has signalled its intent by renaming itself “puma.eth” on Twitter.

Categories
Ethereum Investing Markets

ETH Surges Close to 50% in a Week Amid Bullish Merge Announcement

The price of Ethereum (ETH) has surged almost 50 percent in the past week on the back of an announcement that the long-awaited Merge is tentatively scheduled to take place in September.

According to data from CoinGecko, at the time of writing ETH was trading at US$1,535.71, up 49.5 percent from its recent low of US$1,027.42 on July 13.

Merge Hype Primary Driver of ETH Price Growth

On July 14, Ethereum Foundation member Tim Beiko tweeted a soft timeline for the much-anticipated Ethereum Merge, suggesting it could take place on September 19: 

Despite Beiko’s caveats that this timeline was tentative and subject to change, the market reacted very enthusiastically to the news, with the price of ETH jumping almost 25 percent in the two days following the tweet.

What is the Merge?

The Merge refers to Ethereum’s transition from a proof-of-work (PoW) consensus mechanism to a proof-of-stake (PoS) consensus mechanism. This transition will mean the end of mining on the Ethereum network, with miners replaced by validators. Validators will need to stake a minimum of 32 ETH on the network and will then have the chance to be randomly selected to add the next block to the chain, in the process earning ETH.

The primary benefit of switching to PoS is enormously improved energy efficiency. Some estimates put the reduction in energy use at around 99.95 percent. However, the Merge in itself is not expected to result in lower gas fees or increased transaction speeds.

Bullish Indicators for ETH

Beyond the spike in its price, several other indicators also suggest sentiment towards ETH is turning positive. The number of whales – accounts holding between 1000 and 100,000 ETH – has grown by 131 since early May, while the number of accounts holding over 100 ETH hit a 15-month high of 45,081 on July 13:

Additionally, the total value locked in the Ethereum 2.0 deposit contract hit a one-month high of US$17,957,275,144.37 on July 18, just days after the announcement of the Merge timeline:

Categories
Crypto News Ethereum Hackers NFTs

Hackers Make Off with $400K in ETH in PREMINT Hack

PREMINT, an NFT registration platform, has notified users via Twitter that an unknown party had stolen US$400,000 in ETH via a malicious wallet connection:

Hackers Secure Premint Bag

In this year’s most recent hack, 320 NFTs were stolen from the PREMINT site. CertiK, a blockchain security firm, analysed the situation and found that malicious JavaScript code had been utilised in the hack. This code created a pop-up within the site which prompted users to verify their wallet ownership. Despite many taking to Twitter to issue a warning, the hackers had already duped six PREMINT customers in mere minutes:

The stolen NFTs included Bored Apes, Moonbirds, and Goblintowns. Once they were obtained, the hacker sent the funds to Tornado Cash to wipe the digital trail left by blockchain transactions.

PREMINT has thanked those of its customers who have helped minimise the impact of the hack and are accumulating data on all NFTs stolen.

Other 2022 Phishing Attacks

Phishing attacks seem to be increasing in frequency this year, with multiple sizeable thefts across the end of the first quarter. A total of 35 NFTs were stolen in early April, including a Mutant and Bored Ape. The attack was carried out via several hacked verified Twitter accounts with the total stolen value exceeding US$900,000.

A month later, 29 Moonbird tokens were stolen when a malicious link wired a scammer US$1.5 million worth of Moonbird NFTs from a Proof Collective member. At the time, the Collective was working on a full report in collaboration with the FBI.

Categories
Blockchain Crypto News Ethereum

ETH Rallies on September ‘Soft’ Timeline for Upcoming Merge

Ethereum core developer Tim Beiko has said that Ethereum’s long-awaited upgrade, the Merge, may take place from September 19, pumping ETH’s price 8 percent since the announcement.

‘It’s All Coming Together’

According to recent tweets from the Ethereum community, Goerli will be the last testnet to go through the proof-of-stake transition around August 11. If everything goes according to plan, the Ethereum mainnet merge could take place in the week starting September 19:

However, Beiko repeatedly said on Discord and Twitter that the timeline might change again. According to Beacon Chain community manager superphiz.eth, this merge timeline “isn’t final, but it’s extremely exciting to see it coming together”:

If all goes well, the Ethereum blockchain could finally transit from its current energy-intensive proof-of-work (PoW) blockchain to a more environmentally friendly proof-of-stake (PoS), providing users with faster and cheaper transactions.

Success For All Testnets So Far

So far, all testnets moved into PoS have thrown successful results. Last week, the Ethereum Foundation moved the Sepolia testnet to PoS.

On June 10, the Ropsten testnet went live on Ethereum’s new PoS chain, which Beiko referred to as a “dress rehearsal for node operators”. Once the final testnet goes live on the PoS chain, it will be Ethereum’s turn after seven long years.

Categories
Ethereum NFTs OpenSea

Crypto Winter Bites as OpenSea Lays Off 20% of its Workforce

Leading NFT marketplace OpenSea has laid off approximately 20 percent of its workforce due to a confluence of factors, including the harsh crypto bear market and instability in the broader economy:

The layoffs at Open Sea follow a swathe of job losses throughout crypto in 2022 – in June, Coinbase slashed 1,100 jobs representing around 18 percent of its workforce, and BlockFi and Crypto.com have shed a combined total of more than 400 staff.

OpenSea Readies for Prolonged Downturn

OpenSea co-founder and CEO Devin Finzer took to Twitter on July 15 to share the message he sent to staff regarding the job losses in which he explained the NFT marketplace was preparing to endure a potentially “prolonged downturn”:

We need to prepare the company for the possibility of a prolonged downturn. The changes we’re making today put us in a position to maintain multiple years of runway under various crypto winter scenarios (five years at current volume), and give us high confidence that we will only have to go through this process once. 

Devin Finzer, co-founder and CEO, OpenSea

Opportunities Emerge From Bear Market

According to data from CoinGecko, since its peak in November last year the total cryptocurrency market cap has fallen by around 70 percent, from just under US$3 trillion to below US$1 trillion. 

This collapse in value has imperilled projects across all sectors of the crypto economy, including exchanges, lending platforms, DeFi apps and NFT marketplaces. The fact that OpenSea, the oldest and largest NFT marketplace, is now being hit is a measure of the depth and severity of the current crypto winter.

As hard as these conditions are for many projects and investors, Finzer says they can create opportunities to innovate, stating:

We have a huge opportunity in front of us. During this winter, I expect that we’ll see an explosion in innovation and utility across NFTs. With the hard (but important) changes we made today, we’re in an even better position to capture what will soon become the largest market on the planet. When the global economy is uncertain, our mission to build the foundation for new, peer-to-peer economies feels more urgent and important than ever.

Devin Finzer, co-founder and CEO, OpenSea
Categories
Ethereum Hackers Uniswap

Uniswap Users Lose $8 Million in ETH in Phishing Attack

A phishing scam offering a fraudulent airdrop has this week managed to rob Uniswap users of almost US$8 million in ETH. The scam, instigated on July 11, was promising a free airdrop of 400 UNI tokens (worth about US$2,200):

The scam involved asking users to connect their crypto wallets and make the transaction to claim the fraudulent airdrop. On connection, the hacker nabbed users’ funds via a malicious smart contract.

According to data from Etherscan, more than 74,000 wallets have interacted with the phishing scam’s smart contract. A notable aspect of the attack was that the code was not verified for the smart contract deployed on Etherscan, which is something most legitimate projects do.

How the Attack Unfolded

After deployment of the smart contract, in order to collect the airdropped tokens, the hacker tricked users into signing a transaction. The transaction instead served as an approval transaction, which granted the hacker access to all the Uniswap Liquidity Pool (LP) tokens held by the user.

Uniswap creator Hayden Adams took to Twitter to reassure the community that the hack was indeed a phishing attack and was totally separate from the protocol:

Bad Timing for Uniswap

News of the attack does not come at the best time for Uniswap. The decentralised exchanged (DEX) only recently announced the acquisition of the NFT marketplace aggregator Genie and plans to integrate NFTs into its products, starting with the Uniswap web application.

While the platform is making strides in terms of expanding its reach within the Web3 space, the DEX was hit by a class-action lawsuit in April for promoting “scam coins”. The plaintiff in the case claims to have purchased around US$10,000 worth of “fraudulent” ERC-20 tokens via Uniswap between May and June of 2021.