Global fintech and funding innovation ecosystem

Category Archives: Cyber Security, Hacks, Fraud Alerts

Caution: Binance Chain Red Alarm System Flags 50 New Projects as Potential Scams

Cointelegraph | Arijit Sarkar | Aug 15, 2022

Binance platform red flags list - Caution:  Binance Chain Red Alarm System Flags 50 New Projects as Potential Scams

BNB Chain’s Red Alert system flags projects based on obvious features that have been historically used in scams, rug pulls and phishing.

BNB Chain, a blockchain network created by crypto exchange Binance, has identified over 50 on-chain projects that pose a significant risk to users. A mix of crypto spin-offs resembling Dogecoin (DOGE) and Binance and others dedicated to pandas, cyborgs and koalas made the list as untrustworthy and high-risk projects.

See:  Binance CEO Raises Red Flag on Massive Chinese Data Leak

BNB Chain’s Red Alarm feature, implemented to protect investors from potential rug pulls and scams, flags projects based on two main criteria: if the contract performs differently from what the project owners advertised and if the contract shows risks that might influence users’ funds.

Speaking to Cointelegraph, Gwendolyn Regina, investment director at BNB Chain, said that the Red Alarm system analyzed 3,300 contracts in July alone, adding that the company continues to develop further measures for highlighting deceptive practices in the ecosystem.

New projects that have not been tested and lack genuine products are flagged by the system based on apparent features that have been historically used in scams, rug pulls and phishing. Regina added:

“We will tend to put them on the ‘Red Alarm’ list to effectively warn users to steer clear or participate with caution.”

As a result, the real-time identification of risky projects serves as a proactive measure in helping to protect investor funds. Red Alarm also allows users to assess project risks by entering the contract address to discover if it has logical flaws or fraud risks.

See:  Crypto scams, DeFi hacks, and rug pulls: Why the crypto industry needs insurtech

In addition to BNB Chain’s measures, Regina recommended investors “do their own research” while engaging with projects within the BNB Chain ecosystem.

Continue to the full article --> here


NCFA Jan 2018 resize - Caution:  Binance Chain Red Alarm System Flags 50 New Projects as Potential ScamsThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - Caution:  Binance Chain Red Alarm System Flags 50 New Projects as Potential ScamsFF Logo 400 v3 - Caution:  Binance Chain Red Alarm System Flags 50 New Projects as Potential Scamscommunity social impact - Caution:  Binance Chain Red Alarm System Flags 50 New Projects as Potential Scams

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - Caution:  Binance Chain Red Alarm System Flags 50 New Projects as Potential Scams




 

Everything You Should Know About Data Protection, And How To Do It

Aug 11, 2022

Pexels green and white line illustration - Everything You Should Know About Data Protection, And How To Do It

Image/pexels

There are numerous things to think about when you want to protect your data, but thankfully there are some easy steps you can take to help keep your information safe. It's important to remember that data protection is an ongoing process, not a one-time event. This means you must be constantly vigilant about how you store, access, and share your data. Here are some of the most important things to keep in mind when it comes to data protection:

1. Make sure your devices are password protected

This includes your computer, smartphone, and tablet. In addition to setting up a password, you should consider using a fingerprint or passcode to access your devices. Additionally, databases and other sensitive information should be encrypted to make it more difficult for hackers to access them. If you have sensitive data that you need to access regularly, consider using a password manager to help keep track of your login information. It's also a good idea to enable two-factor authentication whenever possible. This adds an extra layer of security by requiring you to enter a code that is sent to your phone in addition to your password.

2. Keep your software up to date

One of the best ways to protect your data is to make sure your software is always up to date. This includes your operating system, web browser, and any applications you use. Hackers are constantly finding new ways to exploit vulnerabilities, so it's important to patch these as soon as possible. You can usually set your devices and software to update automatically, or you can check for updates manually on a regular basis. Additionally, you should install security software such as antivirus and antispyware to help protect your devices from malware.

3. Be careful what you click on

When you're browsing the web, it's important to be cautious about what you click on. Hackers can use malicious links and attachments to infect your device with malware or steal your personal information. Only click on links from websites that you trust, and be sure to scan any downloads for viruses before opening them. It's also a good idea to avoid public Wi-Fi networks whenever possible, as they can be easy targets for hackers. This is especially true if you're using a laptop or other device that stores sensitive data.

4. Be aware of phishing scams

Phishing scams are another common way that hackers try to steal personal information. These usually come in the form of emails or text messages that appear to be from a legitimate source, but are actually fake. The goal is to trick you into clicking on a link or attachment that will install malware or direct you to a fraudulent website. To avoid falling victim to a phishing scam, be suspicious of any unsolicited messages that you receive. Don't click on any links or attachments unless you're sure they're safe, and never enter your personal information on a website that you're not familiar with.

5. Know how to back up your data

Backing up your data is one of the most important things you can do to protect it. If your device is lost, stolen, or damaged, you'll be able to restore your files from a backup. There are several different ways to back up your data, such as using an external hard drive or cloud storage service. It's important to choose a method that is reliable and easy to use so that you can be sure your data is safe. Additionally, you should create backups on a regular basis to ensure that your most recent files are included.

6. Keep your personal information private

When you're sharing information online, it's important to be aware of who you're sharing it with. Hackers can easily obtain personal information such as your name, address, and date of birth from social media and other websites. Be careful about what you post online, and only share your personal information with people that you trust. Additionally, you should never click on links or attachments from unknown sources. It's also a good idea to use a unique password for each of your online accounts.

Pexels software engineer beside server racks - Everything You Should Know About Data Protection, And How To Do It

Image/Pexels

See:  Crypto.com $34 million stolen in user account hack | Data Breach Lessons

Data protection is essential in today's digital world. By following the tips above, you can help keep your data safe from hackers and other threats. Additionally, you should always be aware of new scams and security risks so that you can protect your data against them. It's also a good idea to regularly back up your data in case of an emergency. By taking these precautions, you can help ensure that your personal information is safe and secure.


NCFA Jan 2018 resize - Everything You Should Know About Data Protection, And How To Do ItThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - Everything You Should Know About Data Protection, And How To Do ItFF Logo 400 v3 - Everything You Should Know About Data Protection, And How To Do Itcommunity social impact - Everything You Should Know About Data Protection, And How To Do It

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - Everything You Should Know About Data Protection, And How To Do It




 

Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.

Reuters | Christopher Bing and Daphne Psaledakis | Aug 8, 2022

Tornado cash - Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.WASHINGTON, Aug 8 (Reuters) - The United States on Monday imposed sanctions on virtual currency mixer Tornado Cash, accusing it of helping hackers, including from North Korea, to launder proceeds from their cyber crimes.

  • A senior Treasury Department official said Tornado Cash, one of the largest mixers identified as problematic by the Treasury, has reportedly laundered more than $7 billion worth of virtual currency since it was created in 2019.
  • Monday's move freezes any U.S. assets of the mixer and generally bars Americans from dealing with it.

See:  Lex Fridman Podcast with Brett Johnson: US Most Wanted Cybercriminal

  • The Lazarus Group, a well-known North Korean government-backed hacking group that has conducted numerous data breaches, both politically and sometimes financially motivated, has laundered at least $455 million through Tornado Cash, the Treasury said.
    • U.S. and South Korean officials say North Korea controls thousands of hackers that steal funds, including cryptocurrencies, to finance its weapons programs.  Pyongyang has denied the accusations.
  • In May, the U.S. Treasury also targeted virtual currency mixer Blender, imposing sanctions for the first time on a mixer - a software tool that pools and scrambles cryptocurrencies from thousands of addresses. read more

Continue to the full article --> here


NCFA Jan 2018 resize - Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.The National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.FF Logo 400 v3 - Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.community social impact - Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - Tornado Cash Virtual Currency Mixer Sanctioned by the U.S.




 

8000 Solana Wallets Drained in Latest Attack

TechCrunch | Rita Liao, Carly Page | Aug 3, 2022

technology workers - 8000 Solana Wallets Drained in Latest AttackAn unknown actor drained funds from approximately 8,000 wallets on the Solana network, Solana’s Status Twitter account said. It’s estimated the loss so far is around $8 million.

The attack — which has only affected only “hot” wallets or wallets that are always connected to the internet, allowing people to store and send tokens easily — does not appear to be limited to Solana. Justin Barlow, an investor at Solana Ventures, reported that his USDC balance was drained as well. Crypto analyst @0xfoobar confirmed that:

“the attacker is stealing both native tokens (SOL) and SPL tokens (USDC)… affecting wallets that have been inactive for less than 6 months.”

See:  First Crypto Store of Its Kind: Solana Opens in New York City

The attack has compromised other wallets including Phantom, Slope and TrustWallet. Initial reports suggested Solflare users were also impacted, but the company tells TechCrunch it has not been affected by this exploit. Wallets drained should be treated as compromised and abandoned, Solana warned as it encouraged users to switch to hardware or “cold” wallets.

The cause of the attack remains unclear, but industry leaders including Emin Gün Sirer, founder of another popular blockchain Avalanche, pointed out that the transactions were properly signed, which means the vulnerability could be a “supply chain attack” that manages to steal users’ private keys. @0xfoobar added that “it’s likely something has caused widespread private key compromise”, and warned that revoking wallet approvals will probably not help.

See:  Code is Law Case: A Hamilton teen ‘hacked’ US$16 million in crypto (while he may not be in the wrong)

The Solana attack comes just hours after malicious actors abused a “chaotic” security exploit to steal almost $200 million in digital assets from cross-chain messaging protocol Nomad. The “free-for-all” attack, which saw more than 41 addresses drain $152 million — 80% of the stolen funds — was made possible by a recent update to one of Nomad’s smart contracts that made it easy for users to spoof transactions.

Continue to the full article --> here


NCFA Jan 2018 resize - 8000 Solana Wallets Drained in Latest AttackThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - 8000 Solana Wallets Drained in Latest AttackFF Logo 400 v3 - 8000 Solana Wallets Drained in Latest Attackcommunity social impact - 8000 Solana Wallets Drained in Latest Attack

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - 8000 Solana Wallets Drained in Latest Attack




 

SEC Charges 3 In Crypto Insider Trading Scheme

Protocol | Tomio Geron and Fintech team | Jul 22, 2022

DOJ charges 3 in insider trading tipping scheme - SEC Charges 3 In Crypto Insider Trading SchemeFor years, the crypto industry has been in a state of confusion about which tokens are in fact securities and which are not. A case filed by the SEC alleging insider trading by a former Coinbase employee and two accomplices could provide some clarity — but it also threatens to roil the industry and Washington as the march to regulate digital assets continues.

SEC Power Play

In the complaint, the SEC argues that nine of the 25 tokens that the three individuals traded in are securities under the Howey Test, a longstanding judicial standard that would mean they should be regulated by the SEC.

The insider-trading complaint makes a direct case that nine tokens are securities: AMP, RLY, DDX, XYO, RGT, LCX, POWR, DFX and KROM. If a judge agrees, that would create a precedent to bring those nine tokens under SEC regulation, and would possibly apply to similar tokens.

See:  Coinbase is Bleeding Customers Pushing the Exchange Out of Top 10

Aside from the ongoing Ripple case, which was filed under a prior SEC chief, it’s the biggest move yet by Gensler’s SEC to regulate crypto through an enforcement action.

Behind-the-scenes struggle in Washington

More than one federal agency is seeking to regulate crypto: the CFTC, SEC, FinCEN, IRS, OCC and FDIC, among others.

CFTC Commissioner Caroline Pham called the SEC’s Coinbase case “regulation by enforcement” Thursday in a statement shared on Twitter. She appeared to take issue with the SEC seeking to have a judge deem these nine tokens securities. In the process, she shed light on her thinking about which tokens the CFTC might categorize as commodities under its oversight.

Continue to the full article --> here

View the U.S. DOJs press release on the insider trading tipping scheme --> here


NCFA Jan 2018 resize - SEC Charges 3 In Crypto Insider Trading SchemeThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - SEC Charges 3 In Crypto Insider Trading SchemeFF Logo 400 v3 - SEC Charges 3 In Crypto Insider Trading Schemecommunity social impact - SEC Charges 3 In Crypto Insider Trading Scheme

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - SEC Charges 3 In Crypto Insider Trading Scheme




 

Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to Attack

Protocol | Tomio Geron | Jul 18, 2022

Blockchain bridges - Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to AttackLinking blockchains together is a key part of the industry. But bridges are vulnerable to hackers and confusing for consumers.

One of the challenges for the crypto industry is how many blockchains there are and how complex it is to move across them. This has led to the growth of bridges for people to send tokens across chains. But these bridging tools have come under attack by hackers, leading to major losses.

Many in the industry believe it’s inevitable that there will be multiple blockchains that develop, each emphasizing different strengths such as gaming, trading, NFTs, mobile or payments.

See:  Why Blockchain analytics are catching Washington’s attention

Because crypto has become a multichain industry, bridges have become a key part of the infrastructure. Attacks on them can have “cascading effects” across chains, as Chainalysis researchers recently put it. Some of the largest DeFi hacks to date have involved bridges.

Hacking bridges

  • There are two main kinds of hacks on bridges: code attacks, which exploit vulnerabilities in smart contracts, and attacks on the design of a network, often accomplished through social engineering.
  • In one smart-contract-related incident, hackers exploited a security problem in the Wormhole bridge’s code to make off with $325 million. Wormhole bridges blockchains like Ethereum, Solana and Polygon, enabling people to deposit tokens from one chain and get the equivalent on a different chain.
    • In the incident, a hacker minted 120,000 wrapped ether, or WETH, on the Solana blockchain without putting in the equivalent on the Ethereum side.
  • The recent $100 million hack of Harmony’s Horizon Bridge was apparently the result of social engineering to obtain the required electronic signatures to authorize a transaction.
  • In Axie Infinity’s Ronin bridge, a hacker took control of five of the nine validator nodes that handle transactions. Four of those five nodes were controlled by Axie developer Sky Mavis, a flaw in its design, Khurana said. Social engineering allowed hackers to take control of those four nodes: An Axie engineer applied for a fake job on LinkedIn and opened a fake job offer document that contained spyware. A fifth node was hacked through a third-party validator managed by the Axie DAO.

See:  Bain Capital Launches Dedicated Crypto Team – Sights on DAO Services

Until bridging across different chains becomes easier, widespread crypto adoption will be hindered.

Continue to the full article --> here


NCFA Jan 2018 resize - Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to AttackThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to AttackFF Logo 400 v3 - Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to Attackcommunity social impact - Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to Attack

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - Crypto Bridges are Integral to Blockchain Adoption but Vulnerable to Attack




 

Binance CEO Raises Red Flag on Massive Chinese Data Leak

BeINCrypto | David Thomas and Kyle Baird | Jul 4, 2022

 


NCFA Jan 2018 resize - Binance CEO Raises Red Flag on Massive Chinese Data LeakThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - Binance CEO Raises Red Flag on Massive Chinese Data LeakFF Logo 400 v3 - Binance CEO Raises Red Flag on Massive Chinese Data Leakcommunity social impact - Binance CEO Raises Red Flag on Massive Chinese Data Leak

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - Binance CEO Raises Red Flag on Massive Chinese Data Leak