Hackers made $32K in 7 weeks by fixing bugs in cryptocurrency projects

In the past seven weeks, white hat hackers earned at least $32,150 by fixing security flaws in popular cryptocurrency and blockchain platforms like TRON, Brave, EOS and Coinbase.

According to data reviewed by Hard Fork, 15 blockchain-related firms have paid rewards to security researchers between March 28 and May 16, split across 30 publicly-released bug reports.

Omise, the software firm behind cryptocurrency OmiseGo, fielded the most fixes (six). Blockchain-powered prediction market Augur disclosed three reports, as did Brave Software, makers of the Brave browser, which features its own native token.

Projects adjust their HackerOne rewards to the severity the discovered security flaws. Whilst the majority of Omise’s reports were only worth around $100 each, other payments in the past seven weeks were much higher.

Blockne, the firm behind the EOS “blockchain,” rewarded one hacker with $10,000 for a single fix, as did budding network Aeternity.

TRON also paid $3,100 to the researcher who realized the network was susceptible to being flooded with malicious smart contracts , which would have brought its blockchain to a screeching halt.

The amount of hackers who prefer to fix security issues seems to be remaining steady — but sometimes they can make off with much bigger amounts exploiting vulnerabilities themselves.

Indeed, cryptocurrency exchange Binance revealed attackers had successfully stolen 7,000 BTC (then $40 million, now $55 million) from its own wallets last week.

Coincidentally, Binance runs its own bug bounty program with a maximum reward of $100,000 for the most critical of vulnerabilities. The Binance hacker remains at large.

Telegram isn’t going to merge its cryptocurrency wallet and messenger app — for now

In a statement released yesterday , Telegram said it isn’t planning on integrating its messaging app with its cryptocurrency token wallet.

When the TON blockchain network launches, the associated wallet app won’t be part of its messaging app.

There’s been much speculation over Telegram‘s plans for its TON blockchain and cryptocurrency tokens called Grams.

In terms of service from October 2019 , Telegram had suggested that its messaging app and wallet would work together or would be a standalone app. With this news things look a little more certain, for now.

The company and three of its employees, including CEO Pavel Durov, are currently awaiting deposition regarding an ongoing case with the US Securities and Exchange Commission (SEC). The company is set to be questioned over whether its token sale constituted a securities offering.

Telegram has continually denied the SEC‘s claims, but did put the sale of its Gram tokens on hold late last October . It said it wanted to maintain the “status quo” until the case had been resolved.

Even so, the messaging app hasn’t exactly been totally helpful with the SEC. Over the past week, Telegram has been refusing the SEC’s requests for financial documents relating to its $1.7 billion token sale.

At this point, it’s difficult to understand why Telegram has taken the decision not to integrate its TON wallet and messaging app. Doing so would certainly coincide with its goal of creating a means of currency exchange that’s easy to use, particularly for those already on its popular messaging platform.

However, in yesterday’s statement, Telegram stressed that it won’t have control over TON.

Perhaps the intent to separate the apps at launch is to reinforce Telegrams claims that it doesn’t have control over its blockchain, but that remains to be seen, though.

With Telegram‘s face off with the SEC stepping up a gear this month, it’s going to be an interesting couple of weeks for the company.

HT – The Block

Binance hackers suddenly move $8 million worth of stolen Bitcoin

More than $8 million worth of Bitcoin stolen from cryptocurrency exchange Binance has suddenly moved.

Earlier today, a combined 707.1 BTC was sent from one of the hacker‘s Bitcoin wallets to a separate pair of addresses.

The two transfers, for 706.1 BTC ($8 million) and 1 BTC ($11,384) respectively, were detected by Twitter-based transaction monitor @whale_alert .

In May, Binance (one of the world’s most prominent cryptocurrency exchanges) suffered a sophisticated cyberattack that saw hackers make away with 7,000 BTC (then, $40M; now, $83.5M) in a single transaction.

In response, Binance CEO Changpeng Zhao publicly floated the idea of rolling back the Bitcoin blockchain to reverse the attack.

The plan, however ill-advised, would’ve consisted of recruiting a majority of the Bitcoin network to work in unison against the hackers, a plot similar (in effect) to a “ 51-percent attack .”

Zhao abandoned the idea shortly after announcing it.

In June, the hackers mysteriously moved portions of the stolen 7,000 BTC in a strange series of transactions, albeit after splitting their loot across seven separate Bitcoin addresses, as detected by blockchain analytics firm Chainalysis .

But with 10 percent of the stolen funds now shifted, all eyes are on the Bitcoin addresses of cryptocurrency exchanges across the internet — as the hackers are likely hunting an avenue to launder (and cash out) their digital loot.

Update 18:03 UTC, July 8: This article has been updated to correctly report that some of the stolen Bitcoin had indeed been moved since the attack. We apologize for the mistake.

Hunter Jones

Hunter Jones

Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *