Ledger, a crypto company providing a number of hardware wallet solutions, has obtained a successful System and Organization Controls, or SOC, Type 1 test. Friedman LLP, a New York-based accounting firm, ran the SOC 2 Type 1 test on Ledger, according to a statement provided to Cointelegraph: "By obtaining the SOC 2 Type 1 report, we are now able to provide an additional layer of verified security to our clients, assuring that the Vault solution is secured at all times and that we have the processes in place to ensure availability." A crypto storage solution for larger players and companies, …

As the fallout from the hack on its platform continues, KuCoin said it has identified suspects and have now officially involved law enforcement in the investigation. KuCoin CEO Johnny Lyu tweeted on Oct. 3 that the exchange now has substantial proof that identifies who hacked the service on Sept. 26. A quick update since my last livestream on Sep 30. After a thorough investigation, we have found the suspects of the 9.26 #KuCoin Security Incident with substantial proof at hand. Law enforcement officials and police are officially involved to take action. — lyu_johnny (@lyu_johnny) October 3, 2020 Lyu added that …

A newly discovered trojan, known as Alien, is attacking crypto apps on Android phones, including Coinbase, Blockchain.com, and Luno. This new malware strain is based on the notorious Cerberus trojan, which wreaked havoc in the Google Play store until the team responsible became complacent. Lack of continued distribution allowed Google Play Protect to almost completely eradicate Cerberus by August 2020. Alien targets 226 Android apps, mostly geared toward the banking industry. In addition to stealing user credentials, the malware can install and remove applications from the infected device, and even intercept notifications: “Most importantly, it offers a notifications sniffer, allowing …

A database issue has led to prolonged downtime for the Crypto .com exchange. According to a series of tweets published by platform’s CEO, Kris Marszalek, the exact cause of these issues remains unknown. Marszalek did confirm, however, that some users had taken advantage of the situation by manipulating the ETH/USDT price prior to the outage. These users locked in gains by selling other crypto “en masse”, allowing them to conduct what the CEO referred to as “illegitimate trades.” After discovering the situation, the company placed its services into offline mode. Attempts to withdraw these ill-gotten funds were luckily prevented by …

As it grapples with multiple security breaches, Ethereum Classic Labs has partnered with ChainSafe and OpenRelay in hopes of increasing its defenses against 51% attacks. In a post, Ethereum Classic and its Core Dev Team will work with both ChainSafe and OpenRelay to develop and test security responses. James Wo, founder and chairman of Ethereum Classic Labs, said the partnership makes sense: “OpenRelay and ChainSafe are both well acquainted with Ethereum Classic, through working together, will have some of the most brilliant minds in blockchain tackling the 51% problem in tandem. The team-up will bring additional expertise in Proof-of-Work security …

According to a study published by cybersecurity firm, Aqua Security, cloud servers remain a major target for cryptojacking — a type of attack whose main motivation is to mine cryptocurrencies. The “2020 Cloud Native Threat Report” states that between the second half of 2019 and the first half of 2020, attacks of this nature surged by 250%. In total, 95% of the 16,371 attacks registered during this period were related to cryptojacking. The perpetrators of this type of exploit rely heavily on the use of XMRig, a well-known Monero (XMR) mining app, to deploy the attacks. Aqua Security explained: “Although …

Eterbase, a Slovakia-based crypto exchange, was recently the victim of a $5M hack. According to an update from Eterbase, some of these funds appear to have ended up on a number of popular exchanges, including Binance, Huobi Global, and HitBTC. Binance CEO's Changpeng Zhao, or CZ, seemed to support efforts to stop the circulation of these stolen funds, replying: “Our security team was on this quite early. Will do what we can to assist.” Through Telegram, Eterbase also published a list of the hot wallets compromised by the hack. These included Bitcoin (BTC), Ehereum (ETH), Tron (TRX), Tezos (XTZ), Algorand …

Crypto exchange Eterbase recently fell victim to a hack of its hot wallets. According to a statement issued by the Slovak Republic-based exchange, hackers extracted approximately $5.4 million from the exchange’s accounts on August 8. Shortly thereafter, Eterbase assured users that law enforcement had already been informed about the incident. The company also said that they’ve contacted all major exchanges that may receive these coins at some point, likely in the hope of recovering some of the missing funds. The exchange did not specifically disclose which firms had been contacted, nor how the attack was accomplished due to “ongoing investigations” …

Banco Estado, the only public bank in Chile and one of the three largest in the country, had to shut down its nationwide operations on Monday due to a cyberattack that turned out to be a ransomware launched by REvil. According to a public statement, the branches will remain closed for at least one day, but clarified that customers’ funds have not been affected by the incident. Citing sources close to the investigation, ZDNet reported that the REvil ransomware gang is behind the attack. It reportedly originated from an Office document infected with the malware that an employee received and …

British multinational security company BAE Systems and the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, have published a report revealing how cybercriminals launder cryptocurrency. According to the study Follow the Money money laundering cases via crypto are still relatively small compared to the huge volumes of cash laundered through traditional methods like wire transfers. But there are some notable examples and the report goes in-depth into the money laundering methods employed by Lazarus Group, a well-known hacking gang sponsored by the North Korean regime. Lazarus typically steals the crypto funds from an exchange and then starts to pass transactions …

Responding to numerous 51% attacks on the Ethereum Classic blockchain, ETC Labs said that it's time to bring regulation to hashpower rental marketplaces, citing the fact that at least two of the attacks were perpetrated by renting hash power through NiceHash — a claim that has been confirmed by both NiceHash and ETC Labs. ETC Labs CEO Terry Culver also shared with Cointelegraph that according to the information that was provided by CipherTrace, which was hired to investigate the attacks, the attackers used proceeds from the first attack to rent hashpower for the second attack. The latter cost crypto exchange …

Cybersecurity experts at ESET published an in-depth study about a new malware named “KryptoCibule.” This exploit specifically targets Windows users with three methods of attack, including by installing a crypto mining app, directly stealing crypto wallet files, and replacing copy/pasted wallet addresses as a means to hijack individual transactions. According to the cybersecurity firm, KryptoCibule’s developers rely on the Tor network and BitTorrent protocol to coordinate the attacks. The malware’s original incarnation first appeared in December 2018. At that time, it was merely a Monero mining utility that quietly harvested user’s system resources to generate the currency. By February 2019, …