The crypto custody arm of major United States-based cryptocurrency exchange Coinbase, Coinbase Custody, obtained two new security evaluations. According to a press release published on Feb. 12, Coinbase Custody was granted a Service Organization Control (SOC) 1 Type 2 and a SOC 2 Type 2 report by major accounting firm Grant Thornton. System Organization Control reports In obtaining the reports, Coinbase Custody is able to prove to clients that they are compliant with a variety of security and reporting standards. According to Grant Thornton’s website, SOC reports are meant to provide information on “the existence and strength of financial, operational …

Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1. The hackers published the data on two websites that were shared with the author of this article, …

A Chainalysis report has found an increase in number of exchange hacks in 2019, though less crypto was actually stolen than in previous years. The findings In the report, Chainalysis includes only exchange attacks (excluding wallet providers, payment processors, etc.). The firm includes hacks against technical vulnerabilities, deceptive attacks, like social engineering, and attacks that they confirmed and measured in value. It also includes hacks from private sources, so long as they didn’t skew the data. Of the 11 hacks, the $105 million lifted from Coinbene was the most lucrative. The average value per attack ($26 million) shows a precipitous …

Changpeng Zhao, the co-founder and CEO of cryptocurrency exchange Binance, suggested that for most, keeping crypto assets on an exchange is safer than keeping the keys themselves. Zhao gave his comments in a tweet on Jan. 19 after famous crypto skeptic and gold bug Peter Schiff complained that he lost access to his Bitcoin (BTC). Invoking the phrase “SAFU” — a slanger term in the crypto community for “safe,” Zhao said: “Many hardcore crypto [organizations] advocate storing your own keys. But the truth is, today most people are not able to secure a key even from themselves (losing it). A …

Smart contract auditing team ChainSecurity partnered with the Swiss branch of Big Four auditing firm PwC to enhance the services the global auditor provides. In an email sent to Cointelegraph, a PwC spokesperson explained that no acquisition took place and multiple ChainSecurity teams joined the firm. Hand in hand According to a press release published by the firm on Jan. 5, PwC hopes that, with ChainSecurity’s team, the firm will become “the world’s leader in smart contract auditing.” PwC Switzerland and Europe head and partner of risk auditing Andreas Eschbach said in an email to Cointelegraph: “As an integral part …

A team of researchers claims that the prototype silicon chip that they developed enables encryption that is impossible to break. According to an article published on Dec. 20 by scientific paper publication outlet Nature, the system uses chaotic wavepackets in conventional Silicon-based semiconductors. The chip was developed by scientists from the U.K.-based School of Physics and Astronomy at the University of St. Andrews, King Abdullah University of Science and Technology in Saudi Arabia, and the Center for Unconventional Processes of Sciences in California. The paper explains that conventional encryption standards — that cryptocurrencies rely on — could soon become obsolete …

DXM, a financial services subsidiary of South Korean fintech firm Dunamu, has worked with crypto cybersecurity firm Ledger to launch an institutional crypto asset custody service. The partnership and the new custodian Industry news outlet TheBlock reported on Dec. 4 that DXM plans to launch the custodian under the name Upbit Safe and that Ledger Vault, Ledger’s custody arm, will support the initiative with its technology. Upbit safe will reportedly use Ledger’s hardware security technology to make trading more efficient and safer for its institutional clients. Ledger’s Head of Asia-Pacific region Glenn Woo explained that Ledger Vault offers solutions that …

The software available for download on Monero’s (XMR) official website was compromised to steal cryptocurrency, according to a Nov. 19 Reddit post published by the coin’s core development team. The command-line interface (CLI) tools available at getmonero.org may have been compromised over the last 24 hours. In the announcement, the team notes that the hash of the binaries available for download did not match the expected hashes. The software was malicious On GitHub, a professional investigator going by the name of Serhack said that the software distributed after the server was compromised is indeed malicious, stating: “I can confirm that …

California resident Seth Shapiro has filed a lawsuit against wireless service giant AT&T alleging that its employees helped to perpetrate a SIM-swap which resulted in the theft of over $1.8 million in total, including cryptocurrencies. The complaint filed on Oct. 17 claims that Shapiro is “a two-time Emmy Award-winning media and technology expert, author, and adjunct professor at the University of Southern California School of Cinematic Arts.” The lawsuit alleges that between May 16 and May 18 AT&T employees transferred access to Shapiro’s mobile phone to outside hackers: “AT&T employees obtained unauthorized access to Mr. Shapiro’s AT&T wireless account, viewed …

Nir Kshetri, a professor of management at the University of North Carolina, has suggested that before blockchain-based voting can be considered safe and trustworthy, some major issues must be resolved. In an article published on Oct. 18, Kshetri claims that “small-scale tests run so far have identified problems and vulnerabilities in the digital systems and government administrative procedures” that must be solved before adopting the technology. Hard to audit Per the report, such systems need to verify voters’ identities — often by analyzing a portrait photo or video with facial recognition software. According to Kshetri, contemporary voting tokens are anonymous …

Litecoin (LTC) and other alts are becoming increasingly prevalent among crypto “sextortionists” since they allow to avoid detection more easily, a new research says. According to cybersecurity firm Cofense’s new report published on Oct. 8, malicious actors are gradually starting to shift their focus from Bitcoin (BTC) to specifically avoid detection by specialized email filters. The report states: “As enterprises began writing detection rules to block those emails, threat actors modified the text by replacing it with an image, which prevented key words from being identified by Secure Email Gateways (SEGs). The bitcoin address was left as a plain text …

A bug in all Zcash (ZEC) implementations and most of its forks could leak metadata containing the full nodes’ with shielded addresses (zaddr) IPs. Komodo (KMD) developer Duke Leto disclosed the bug in a blog post published on his personal website. A Common Vulnerabilities and Exposures (CVE) code has already been assigned to track the issue on Sept. 27. Leto explained: “A bug has existed for all shielded addresses since the inception of Zcash and Zcash Protocol. It is present in all Zcash source code forks. It is possible to find the IP address of full nodes who own a …