• chevron_right

      Cryptocurrency Startup Loses Encryption Key for Electronic Wallet / Schneier · Tuesday, 5 September - 18:59

    The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 million. It is now in bankruptcy.

    I can’t understand why anyone thinks these technologies are a good idea.

    • chevron_right

      Cryptographic Flaw in Libbitcoin Explorer Cryptocurrency Wallet / Schneier · Wednesday, 9 August, 2023 - 18:16

    Cryptographic flaws still matter. Here’s a flaw in the random-number generator used to create private keys. The seed has only 32 bits of entropy.

    Seems like this flaw is being exploited in the wild.

    • chevron_right

      Ready for your eye scan? Worldcoin launches—but not quite worldwide / ArsTechnica · Monday, 24 July, 2023 - 13:14

    A montage of the Worldcoin logo and Sam Altman

    Enlarge (credit: FT Montage/Bloomberg)

    Sam Altman’s cryptocurrency project, the Worldcoin Foundation, is rolling out its services globally even as the company cofounded by the OpenAI chief faces regulatory pushback in the US.

    The Berlin and San Francisco-based start-up announced on Monday that its technology, including its Worldcoin token—a cryptocurrency traceable on the blockchain that requires users to first prove their identity—will be available in 35 cities across 20 countries.

    Central to the effort is an eye-scanning physical “orb,” which Worldcoin’s founders say is necessary for a future in which distinguishing between humans and robots becomes increasingly challenging due to a surge in artificial intelligence technology. Once users have proved they are not robots, they can be issued one of the company’s tokens.

    Read 11 remaining paragraphs | Comments

    • chevron_right

      $1.5M crypto scheme leads to 2-year prison term for ex-Coinbase manager / ArsTechnica · Wednesday, 10 May, 2023 - 16:07

    $1.5M crypto scheme leads to 2-year prison term for ex-Coinbase manager

    Enlarge (credit: SOPA Images / Contributor | LightRocket )

    Yesterday, a former Coinbase product manager, Ishan Wahi, was sentenced to two years in prison for running the first cryptocurrency insider trading scheme investigated by the United States Department of Justice.

    Wahi had pleaded guilty after Coinbase and the FBI found that he provided confidential information on upcoming Coinbase crypto asset listings to his brother, Nikhil, and his friend Sameer Ramani. The multiple tipoffs led to profits of approximately $1.5 million as the men went undetected for 10 months, trading 55 digital assets ahead of Coinbase listing announcements that generally caused huge spikes in asset market valuation.

    The US attorney for the Southern District of New York, Damian Williams, condemned Wahi's actions, saying that he "violated the trust placed in him by his employer by tipping others with valuable confidential information regarding Coinbase’s planned token listings."

    Read 19 remaining paragraphs | Comments

    • chevron_right

      SBF says “dishonesty and unfair dealing” aren’t fraud, seeks to dismiss charges / ArsTechnica · Tuesday, 9 May, 2023 - 19:52 · 1 minute

    SBF says “dishonesty and unfair dealing” aren’t fraud, seeks to dismiss charges

    Enlarge (credit: Drew Angerer / Staff | Getty Images North America )

    Late Monday, legally embroiled FTX founder Sam Bankman-Fried moved to dismiss the majority of criminal charges lobbed against him by the United States government after his cryptocurrency exchange went bankrupt in 2022.

    In documents filed in a Manhattan federal court, the law firm Sullivan & Cromwell shared Bankman-Fried's first official legal defense. Lawyers accused the US of a "troubling" and "classic rush to judgment," claiming that the government didn't even wait to receive "millions of documents" and "other evidence" against Bankman-Fried before "improperly seeking" to turn "civil and regulatory issues into federal crimes."

    After FTX's collapse last year, federal prosecutors acted quickly to intervene, within a month alleging that Bankman-Fried was stealing billions in customer funds , defrauding investors, committing bank and wire fraud, providing improper loans, misleading lenders, transmitting money without a license, making illegal campaign contributions, bribing China officials , and other crimes. Through it all, Bankman-Fried has pleaded not guilty. Now, in his motion to dismiss, Bankman-Fried has requested an oral argument to "fight these baseless charges" and "clear his name." He's asking the court to dismiss 10 out of 13 charges, arguing that federal prosecutors have failed to substantiate most of their claims.

    Read 20 remaining paragraphs | Comments

    • chevron_right

      US agency sues top crypto exchange Binance and CEO, seeks permanent trading bans / ArsTechnica · Tuesday, 28 March, 2023 - 17:29

    Binance founder and CEO Changpeng Zhao sitting at a table and speaking into a microphone, wearing a shirt with a Binance logo.

    Enlarge / Binance founder and CEO Changpeng Zhao at the Web Summit 2022 conference in Lisbon, Portugal. (credit: Getty Images | Ben McShane )

    The US Commodity Futures Trading Commission (CFTC) yesterday sued Binance, the world's largest cryptocurrency exchange, saying the company and its founder, Changpeng Zhao, are charged with "willful evasion of federal law and operating an illegal digital asset derivatives exchange."

    Binance committed "numerous violations of the Commodity Exchange Act and CFTC regulations," the agency said. In a press release announcing the civil enforcement action, the agency said its litigation "seeks disgorgement, civil monetary penalties, permanent trading and registration bans, and a permanent injunction against further violations of the CEA and CFTC regulations."

    The CFTC alleges that the defendants operated the trading platform "through an intentionally opaque common enterprise, with Zhao at the helm as Binance's owner and chief executive officer." The agency said the defendants "chose to knowingly disregard applicable provisions of the CEA while engaging in a calculated strategy of regulatory arbitrage to their commercial benefit." Samuel Lim, Binance's former chief compliance officer, was charged with aiding and abetting the violations.

    Read 15 remaining paragraphs | Comments

    • chevron_right

      Hackers drain bitcoin ATMs of $1.5 million by exploiting 0-day bug / ArsTechnica · Tuesday, 21 March, 2023 - 20:03 · 1 minute

    A BATM sold by General Bytes.

    Enlarge / A BATM sold by General Bytes. (credit: General Bytes)

    Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can’t be reversed, the kiosk manufacturer has revealed.

    The heist targeted ATMs sold by General Bytes, a company with multiple locations throughout the world. These BATMs, short for bitcoin ATMs, can be set up in convenience stores and other businesses to allow people to exchange bitcoin for other currencies and vice versa. Customers connect the BATMs to a crypto application server (CAS) that they can manage or, until now, that General Bytes could manage for them. For reasons that aren’t entirely clear, the BATMs offer an option that allows customers to upload videos from the terminal to the CAS using a mechanism known as the master server interface.

    Going, going, gone

    Over the weekend, General Bytes revealed that more than $1.5 million worth of bitcoin had been drained from CASes operated by the company and by customers. To pull off the heist, an unknown threat actor exploited a previously unknown vulnerability that allowed it to use this interface to upload and execute a malicious Java application. The actor then drained various hot wallets of about 56 BTC, worth roughly $1.5 million. General Bytes patched the vulnerability 15 hours after learning of it, but due to the way cryptocurrencies work, the losses were unrecoverable.

    Read 7 remaining paragraphs | Comments

    • chevron_right

      Microsoft is testing a built-in cryptocurrency wallet for the Edge browser / ArsTechnica · Friday, 17 March, 2023 - 20:14 · 1 minute

    Microsoft appears to be testing a built-in cryptocurrency wallet for Edge, according to screenshots pulled from a beta build of the browser. The feature, which the screenshots say is strictly for internal testing, was unearthed by Twitter user @thebookisclosed , who has a history of digging up present-but-disabled features in everything from new Windows 11 builds to ancient Windows Vista betas .

    This is only one of many money and shopping-related features that Microsoft has bolted onto Edge since it was reborn as a Chromium-based browser a few years ago. In late 2021, the company faced backlash after adding a "buy now, pay later" short-term financing feature to Edge. And as an Edge user, the first thing I do in a new Windows install is disable the endless coupon code, price comparison, and cash-back pop-ups generated by Shopping in Microsoft Edge (many settings automatically sync between Edge browsers when you sign in with a Microsoft account; the default search engine and all of these shopping add-ons need to be changed manually every time).

    According to the screenshots, the crypto wallet is "embedded in Edge, making it easy to use without installing any extension," and it can handle multiple types of cryptocurrency. It will also record transactions and the value of your individual currencies as they fluctuate. An "explore" tab offers news stories relevant to cryptocurrency, and an "assets" tab will let you stare lovingly at your NFTs. The wallet is "non-custodial" (also called "self-custodial"), meaning that you have sole ownership of and responsibility for the passwords and recovery keys that allow access to your funds. Microsoft won't be able to let you back in if you lose your credentials.

    Read 3 remaining paragraphs | Comments