HTX Hacker Returns Stolen Ether, Rewarded with Bounty

Huobi Global’s cryptocurrency exchange HTX encountered a significant security breach on September 25, when one of its hot wallets was compromised and drained of 5,000 Ether (ETH), which was valued at approximately $8 million at the time. This incident was part of a broader trend of increasing security breaches within the cryptocurrency and Web3 spaces during the third quarter of 2023. However, the narrative took a positive turn on October 7, when the hacker returned the stolen funds. Following this action, HTX issued a 250 ETH whitehat bounty to the individual, which, with an exchange rate of $1,621 per ETH, is valued at around $410,000.

The Bounty Offer

In the aftermath of the hack, HTX promptly initiated communication with the hacker. The exchange claimed to be aware of the individual’s identity and proceeded to offer a 5% bounty of the stolen funds, which equates to around $400,000, under the condition that 95% of the stolen funds were returned before a set deadline of October 2. Additionally, it was agreed that HTX would abstain from pursuing any legal action against the hacker if the stipulated conditions were met, thus providing an incentive for the hacker to return the stolen assets.

The return of the stolen funds and the subsequent bounty reward were publicly acknowledged by Justin Sun, Huobi Global owner, on October 7 through a post on X (formerly Twitter). Sun expressed that “The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!” He also underlined the persistent endeavor to bolster blockchain security and ensure the protection of user assets, a task that he described as never easy but crucial for the industry. His acknowledgment was echoed across the community, emphasizing the collaborative nature of blockchain security endeavors and the importance of community support in overcoming such security challenges.

The incident with HTX is a part of a larger hacking landscape that has seen a significant uptick in the third quarter of 2023. A recent report from blockchain security platform Immunefi highlighted a sharp rise in the number of hacking incidents, with 76 reported hacks in Q3 2023 as compared to 30 in Q3 2022. The same week HTX was targeted, another notable project, the decentralized cross-chain protocol Mixin Network, also suffered a security breach. Attackers exploited a vulnerability associated with a third-party cloud service provider and managed to siphon off around $200 million. These incidents underscore the pressing need for enhanced security measures within the rapidly evolving crypto and Web3 spaces, and the HTX incident serves as a unique case of community and hacker collaboration towards a resolution.

DWF Labs Co-founder Andrei Grachev Announces Financial Partnership with DMCC

On October 8, 2023, Andrei Grachev, the co-founder of DWF Labs, divulged a significant partnership between his firm and the Dubai Multi Commodities Centre (DMCC) via Twitter. This alliance is poised to enhance the financial ecosystem within DMCC, as DWF Labs commits to aiding entities keen on transitioning their operations to Dubai. Nonetheless, this positive development unfolds amidst recent controversies surrounding Grachev and other market players, which have ignited discussions within the crypto community.

Grachev’s tweet stated, “We are licensed by @DMCCAuthority and we are proud to be a financial partner of its ecosystem! If you build and want to move to Dubai DMCC > just reach @DWFLabs, we support our portfolio without any charges. Just build ✊.” This message, attracting over 13,000 views, distinctly signals the financial backing DWF Labs is offering to firms aspiring to establish or migrate their operations to Dubai DMCC.

Prior to this announcement, on September 21, 2023, a Twitter altercation broke out between Grachev and Cristian Gil of GSR.io. The discord centered on a panel discussion featuring representatives from GSR.io, OKX, and Wintermute, with Grachev countering Gil’s critique by affirming DWF Labs’ superiority in tech, trading, and business development. This exchange underscored the prevailing competitive dynamics and potential latent tensions within the crypto market.

The feud captured the attention of other Twitter users, inciting discussions about the current state of the crypto market and the pivotal role of market makers. A whimsical suggestion of a “Crypto Fight Night” between Grachev and Gil by a user named Mohammad (@Abu9ala7) further accentuated the community’s engagement and the competitive ethos within the crypto sphere.

The contrasting scenes of a significant financial partnership announcement and a public disagreement with a market peer exhibit the multifaceted dynamics DWF Labs navigates in the crypto market. The amalgam of cooperation, competition, and community engagement mirrors the complex terrain that market players like DWF Labs traverse as they endeavor to fortify their positions in the swiftly evolving crypto industry.

Though DWF is broadening its presence and influence in the crypto realm, its role remains quite controversial.

The altercation with Cristian Gil, along with the ensuing discussions around market makers and a playful proposal for a “Crypto Fight Night,” emphasizes the fervent engagement and the spirited competition within the crypto domain, reflecting the ever-vibrant and dynamic nature of this burgeoning industry.

Ripple CTO Advocates for Community Consensus on XRP Ledger's AMM Feature Integration

David “JoelKatz” Schwartz, the Chief Technology Officer at Ripple, has been actively engaging with the community regarding the integration of an Automated Market Maker (AMM) feature on the XRP Ledger (XRPL). Through a series of posts on the social media platform X (formerly known as Twitter), Schwartz highlighted the importance of community consensus before moving forward with this significant feature addition.

On 6th October 2023, Schwartz voiced his plan to review performance testing results and conduct code checks based on recent comments and concerns raised by the community. Through his post, he displayed a methodical approach, ensuring that all uncertainties are addressed before urging the validators to consider supporting the amendment. When probed by a community member about the communication channel with validators, Schwartz humorously mentioned that most of his arguments take place on Twitter.

The discussion primarily revolves around the integration of AMMs, which Schwartz describes as an intriguing part of decentralized finance (DeFi). The XRP Ledger, known for its speed, scalability, and suitability for various financial applications including cross-border payments, stands to benefit from this integration. AMMs are not merely about introducing a new trading engine; they also promise enhanced interaction with XRPL’s decentralized exchange.

The new feature, introduced in the rippled version 1.12.0, also carries the potential clawback feature. The clawback feature, as explained by Schwartz in previous discussions, aims to protect developers from potential legal liabilities within the XRPL ecosystem.

Schwartz emphasizes the need for a majority consensus within the community before implementing the AMM feature. Responding to a question about the timeline for AMMs going live post-governance voting, he mentioned that with majority support, the changes could be seen in as little as two weeks. However, no validators have endorsed the vote to the best of his knowledge, underscoring the importance of community agreement before proceeding with such amendments.

He advised against validators voting independently to promote these modifications, stressing that the community should reach consensus first. Only then should validators overwhelmingly vote YES, when a substantial number of nodes endorse the adjustment, reflecting a broad agreement within the XRPL community.

David Schwartz continues to play a crucial role in fostering a dialogue between the Ripple team, XRPL validators, and the broader community. His meticulous approach towards integrating new features like AMM, while ensuring community consensus, reflects a balanced stance towards evolving the XRPL while maintaining its decentralized ethos.

Ethereum Foundation's 1.7K ETH Sale Signals Potential Price Downturn

Ethereum Foundation’s Sale Raises Red Flags

On October 9, 2023, blockchain analytics platform Scopescan reported that the Ethereum Foundation sold 1,700 ETH, equivalent to approximately $2.76 million, for USDC. The transaction was confirmed by the Ethereum Foundation’s address 0x9ee457023bb3de16d51a003a247baead7fce313d. This sale has raised concerns about the financial outlook for Ethereum, as it may be interpreted as a lack of confidence in the asset’s future performance.

Community Speculation and Crypto KOL’s Pessimism

The sale has led to heightened speculation within the crypto community. Twitter user BignoseGosu.eth questioned the Ethereum Foundation’s motives, receiving a tongue-in-cheek reply from Scopescan: “Cause they gotta eat?” Adding to the negative sentiment, a Twitter crypto trading Key Opinion Leader (KOL) expressed pessimistic views about Ethereum, further signaling potential price downturns.

Mike Alfred, a crypto KOL, also contributed to the growing skepticism. On the same day as the Ethereum Foundation’s sale, he tweeted that the “world computer and ultrasound money narratives have failed,” accusing insiders like Vitalik Buterin of “looting the protocol.” His tweet garnered 176.9K views as of October 9, 2023, amplifying the negative sentiment surrounding Ethereum.

The Ethereum Foundation’s sale of 1,700 ETH, coupled with pessimistic views from crypto trading KOLs like Mike Alfred, has fueled concerns about Ethereum’s financial outlook. These developments may signal a potential downturn in ETH prices.

SlowMist Report: 10 Crypto Incidents Unveiled

The blockchain and cryptocurrency domain continues to battle against a variety of security threats, as elucidated in the SlowMist Weekly Security Report for the period October 1 – October 7, 2023. The report sheds light on ten distinct security incidents impacting entities across the spectrum, from individual token ventures to large-scale platforms, underlining the financial toll exerted by these attacks.

Statistical Overview

Total Security Incidents: 10

Noteworthy Trend: A surge in DNS Hijacking Attacks and Discord compromises.

Severe Impact: Stars Arena bearing the brunt with a loss approximating $3,000,000.

Incident Breakdown

1. Galxe (2023-10-06): A case of unauthorized access via DNS hijacking led to the misappropriation of visitors’ funds, affecting 1,120 users, with a financial fallout of around $270,000.

2. MCT (2023-10-06): DNS domain hijacking unfolded, enabling the potential upload of private keys to a fraudulent domain. Though the loss remains undisclosed, precautionary actions were advised.

3. Fake CommEx token (2023-10-06): An orchestrated liquidity withdrawal in a rug pull scenario saw the deployer walking away with approximately $154,000.

4. Friend.tech (2023-10-05): Four users were subjected to SIM card swap attacks, resulting in a collective loss nearing $385,000.

5. Stars Arena (2023-10-05): A glaring security breach within the platform’s smart contract framework led to a heist of about $3,000,000.

6. DePay (2023-10-05): The platform endured a flash loan attack, albeit with a relatively minor loss of $827.

7. Metropolis World (2023-10-05): The compromise of the platform’s Discord server was reported, though the loss hasn’t been quantified.

8. GEMIE (2023-10-02): A hack on the Discord server led to the distribution of phishing links. The users were cautioned against interaction, with the loss yet to be specified.

9. VendX (2023-10-02): Similar to Metropolis World and GEMIE, VendX’s Discord server fell prey to compromising activities.

10. Fake EigenLayer Token (2023-10-01): An exit scam on a counterfeit token resulted in a windfall for the deployer, with losses accumulating to around $300,000.

Recommendations

In light of the persistent menace of social engineering and phishing forays, coupled with smart contract vulnerabilities, the crypto community is urged to exercise vigilance. The diverse nature of the attacks spotlighted this week emphasizes the indispensability of robust, multi-faceted security strategies. While certain entities suffered crushing financial setbacks, others showcased prompt response mechanisms to curb potential damages. The report accentuates that regular testing and updates, alongside cautious interaction with digital platforms, are cardinal in diluting security risks.

Stars Arena Tightens Security Following $3M Exploit

In the wake of a damaging security breach that saw a loss of nearly $3 million, Stars Arena, an Avalanche-based Web3 social media application, has taken significant steps to bolster its security infrastructure and restore users’ trust. Following the exploit on October 6, 2023, the company has moved its funds to a more secure multisig wallet, launched an extensive security audit, and employed a white hat team to assess and enhance the platform’s security measures.

On October 7, 2023, Stars Arena updated its followers on the remedial steps being taken post-exploit. The funds were transferred from the original fee wallet to a new Gnosis Safe multisig wallet, requiring three out of six signatures from the Stars Arena team members for transactions. This wallet, identified by the address 0xAc0388Fe24D65358f2fF063ebCbEfa321A2a091d, is part of the security infrastructure overhaul aimed at preventing future breaches.

Stars Arena has successfully secured resources to cover the financial void left by the exploit, which equated to a loss of 266,103 Avalanche (AVAX) tokens, translating to almost $3 million at the time. The disclosure about the financial cover-up and the introduction of a white hat team for a rapid security review were made on the social media platform X (formerly Twitter). The white hat team is expected to scrutinize the platform’s security before reopening the contract to the users.

Blockchain security firm SlowMist traced the hacker’s activities, establishing that the stolen AVAX tokens were transferred to the address (0xa2Eb…ad7A), and a portion of these tokens, 50.32 AVAX, was later moved to the Fixed Float crypto exchange on October 6. The tracking of the stolen funds and the hacker’s activities is ongoing as the community seeks to recover the lost funds and bring the perpetrator(s) to justice.

Amidst these developments, Stars Arena has advised users against depositing any new funds until the security audit is complete and the platform’s contract is reopened. The advisory underscores the platform’s commitment to securing users’ assets while the necessary security enhancements are being implemented.

Hacking Attempts on Upbit Surge to 159,061 in First Half of 2023

Hacking attempts on South Korea’s largest cryptocurrency exchange, Upbit, have surged to 159,061 in the first half of 2023, according to data submitted to the National Assembly. The figure represents a 2.17-fold increase compared to the same period last year. Lawmaker Park Sung-jung criticizes the ambiguous role of the Ministry of Science and Technology in regulating the exchange.

Surge in Hacking Attempts

Data submitted by Dunamu, the operator of Upbit, to the National Assembly’s Science, Technology, Information, Broadcasting, and Communications Committee revealed that hacking attempts on the exchange reached 159,061 in the first half of 2023. This marks a 2.17-fold increase from the 73,249 attempts recorded in the first half of 2022.

Escalating Concerns

The number of hacking attempts on Upbit has been on a steady rise. The figures for the second half of 2020, first half of 2021, second half of 2021, first half of 2022, and second half of 2022 were 8,356, 34,687, 63,912, 73,249, and 87,242, respectively. Upbit suffered a significant loss of approximately 58 billion KRW (~$49 million) due to a hacking attack in 2019.

Security Measures and Criticism

In response to the rising threats, Dunamu stated that they manage over 70% of their assets in cold wallets and operate hot wallets in a distributed structure. Cold wallets are offline cryptocurrency wallets, while hot wallets are online but less secure. Despite these measures, lawmaker Park Sung-jung criticized the unclear role of the Ministry of Science and Technology in managing and supervising the exchange.

Visa Announces $100 Million Fund for Generative AI in Commerce and Payments

On October 2, 2023, Visa Inc., a global leader in payment solutions, announced a $100 million fund dedicated to generative artificial intelligence (AI). The fund is designed to invest in startups and established businesses that are at the forefront of developing generative AI technologies and applications, particularly those that have potential applications in commerce and payments.

Visa Ventures, the corporate investment division of Visa, will be responsible for overseeing the fund’s investment activities. Established in 2007, Visa Ventures has a history of backing innovative projects in the payment and commerce sectors. David Rolf, Head of Visa Ventures, expressed enthusiasm about the initiative, stating, “Generative AI has the potential to be one of the most transformative technologies of our time. We are excited to expand our focus to invest in some of the most innovative and disruptive venture-backed startups in the fields of generative AI, commerce, and payments.”

The Capabilities of Generative AI

Generative AI is a type of artificial intelligence that can produce a wide array of content, from text and images to audio and synthetic data. The technology has already shown its capabilities through major AI chatbots like OpenAI’s ChatGPT and Google’s Bard, which can generate text that closely resembles human writing. This opens up new avenues for how AI can be utilized in various sectors, including commerce and payments.

Visa’s Long-standing Commitment to AI

Visa has been a pioneer in the adoption of artificial intelligence technologies. As early as 1993, the company implemented AI-based systems for risk and fraud management. In 2022, Visa Advanced Authorization, the company’s real-time fraud monitoring system, was credited with preventing approximately $27 billion in fraudulent activities. Last year, Visa also launched VisaNet +AI, a suite of AI-based services aimed at helping financial institutions tackle challenges related to daily settlement operations.

Beyond its investments in AI, Visa has also been exploring other technological frontiers. The company has shown a positive stance on the incorporation of blockchain technology, particularly Bitcoin, into payment systems. Jack Forestell, Chief Product and Strategy Officer at Visa, believes that generative AI holds significant promise in reshaping the financial landscape.

The $100 million fund is a significant step in Visa’s broader strategy to stay ahead in the rapidly evolving technological landscape. It not only reinforces the company’s leadership in AI but also signals its intent to be at the forefront of future innovations that could redefine commerce and payments.

Sygnum Singapore Secures MPI License from MAS

Sygnum Singapore’s announcement on 3rd October 2023 concerning its acquisition of a Major Payment Institution Licence (MPIL) from the Monetary Authority of Singapore (MAS) echoes a burgeoning narrative of regulatory evolution in the city-state’s digital asset sector. This development not only broadens Sygnum Singapore’s service suite but also augments the city-state’s stance as a burgeoning hub for digital asset enterprises.

The MPIL acquisition by Sygnum Singapore isn’t an isolated event, but part of a broader regulatory schema in Singapore aimed at nurturing a structured yet competitive digital asset environment. Recently, as reported by Blockchain.News, other notable entities such as Coinbase, GSR Markets, Blockchain.com, and Crypto.com have also navigated through Singapore’s regulatory milieu to secure MPI licenses. This wave of regulatory approvals highlights MAS’ progressive approach towards fostering a robust, regulated digital asset marketplace.

In the wake of these regulatory advancements, a competitive landscape is emerging with various entities like Coinbase, Blockchain.com, and Crypto.com also securing MPI licenses. This regulatory nod allows Sygnum Singapore to navigate this competitive terrain with a fortified regulatory standing, potentially attracting a broader segment of accredited investors and institutional clientele keen on regulatory compliance.

Sygnum’s Service Expansion

The MPIL enables Sygnum Singapore to augment its service suite, providing a regulated brokerage platform for digital asset trading. The license facilitates the launch of Sygnum’s regulated Digital Payment Token (DPT) brokerage service, offering a streamlined fiat-digital asset gateway. This expanded service suite is set to provide accredited investors and institutions with competitive spreads, deep liquidity, and rapid trade settlements, fostering a more vibrant digital asset trading ecosystem in Singapore and potentially beyond.

Securing the MPIL not only broadens Sygnum Singapore’s regulatory framework but also propels its strategic growth initiatives. The license could act as a catalyst for Sygnum to introduce innovative digital asset products and services, deepen engagement with institutional clients, and expand its market reach. This strategic move by Sygnum Singapore is likely to reverberate through the digital asset market, enriching the crypto market’s liquidity and vibrancy.

The acquisition of the MPIL by Sygnum Singapore signifies a meaningful step in the firm’s growth trajectory and a notable development in Singapore’s evolving digital asset regulatory landscape. Amidst a competitive yet regulated market landscape, Sygnum Singapore’s fortified regulatory standing positions it favorably, potentially paving the way for further innovation and engagement in the digital asset sector.

Ripple Gains Major Payments Institution License from Singapore's Monetary Authority

Ripple’s Singapore subsidiary, Ripple Markets APAC Pte Ltd, has successfully secured its MPI license for digital payment tokens (DPTs) from the MAS. The license comes on the heels of the regulatory body’s in-principle approval of Ripple’s application in June 2023. Singapore has been a pioneer in establishing a robust regulatory framework for DPTs through its Payment Services Act. This license enables Ripple to continue offering regulated digital payment token services in Singapore, a market that has been pivotal for the company’s global operations.

Ripple’s license acquisition is part of a broader trend of regulatory approvals in Singapore. GSR Markets Pte. Ltd. received In-Principle Approval for an MPI license on October 2, 2023. Coinbase Singapore, Circle, Blockchain.com, and Crypto.com have also secured full MPI licenses this year. These approvals underscore the competitive yet regulated environment in Singapore, which is rapidly becoming a global hub for blockchain and crypto enterprises. The series of approvals from MAS highlights the city-state’s commitment to fostering a vibrant but well-regulated digital asset ecosystem.

Brad Garlinghouse, CEO of Ripple, highlighted the strategic significance of Singapore for the company. “Since establishing Singapore as our Asia Pacific headquarters in 2017, the country has been pivotal to Ripple’s global business,” he stated. Ripple has doubled its headcount in Singapore over the past year and plans to continue its regional expansion. Over 90% of Ripple’s business occurs outside the United States, with the Asia Pacific being one of its fastest-growing markets. The company aims to leverage Singapore’s regulatory clarity and burgeoning crypto ecosystem for its future growth.

Ripple maintains an active dialogue with policymakers and regulators to drive responsible innovation in the digital assets industry. The company will continue its engagement with the MAS, with key executives slated to speak at the Elevandi Insights Forum and the Singapore Fintech Festival from November 14-17, 2023. These speaking engagements are part of Ripple’s broader strategy to foster relationships with regulatory bodies and contribute to shaping the future of digital assets.

Ripple is a frontrunner in enterprise blockchain and crypto solutions, focusing on transforming global financial systems. The company aims to offer faster, more transparent, and cost-effective solutions, challenging existing inefficiencies in the financial sector. Singapore ranked fourth in the 2022 IMD World Digital Competitiveness Ranking. Regulatory clarity has been pivotal in attracting businesses and financial institutions to explore crypto solutions in the city-state. The country is home to over 700 Web3 companies and has a significant percentage of its population engaged in crypto activities, making it a pivotal market for the growth of the crypto and Web3 economy.

Exit mobile version