Kraken Security Labs, the cybersecurity division of US-based cryptocurrency exchange Kraken, has identified new potential attacks against popular hardware wallet Ledger. These attacks can affect Ledger Nano X wallets if they execute prior to the user receiving the wallet, if a wallet was intercepted during shipment or obtained from a malicious reseller, Kraken noted. This leaves the attackers theoretically capable of controlling computers connected to Ledger wallets and running malware on them. Thankfully it stayed theoretical — the issue was repaired. Had the matter gone unaddressed, then we’d start hearing about “Bad Ledger attacks” and “Blind Ledger attacks.” The first …

Bitcoin educator Andreas Antonopoulos says he would like to see more privacy features on Bitcoin, but they’re unlikely to happen anytime soon. In a livestream Q&A on Antonopoulos’ YouTube channel on July 7, he said Bitcoin (BTC) was unlikely to ever implement privacy features similar to those used by Monero (XMR). Antonopoulos said creating such features on a cryptocurrency like BTC “would create an enormous amount of controversy.” In addition, he said the structure of Bitcoin simply doesn’t allow ring signatures and stealth addresses. “I think what we’re going to see soon is Schnorr, Taproot, and Tapscript, which open the …

In a July 7 fireside chat courtesy of Unitize, Commissioner Hester Peirce of the Securities and Exchange Commission continued to advocate for regulatory clarity for crypto as a means of opening up capital markets to innovation. Innovation and regulation “I believe in the power of our capital markets to transform people’s lives,” said Peirce. “I wanted to make sure that our regulatory structure was flexible enough to accommodate innovation.” She noted that the the size of the U.S. economy makes its regulations critical to global fundraising: “The race to the bottom is something we should be concerned about. But that’s …

Leading crypto hardware wallet producer Ledger has denied that its product’s transaction management software featured a double-spend vulnerability. According to Ledger’s CTO Charles Guillemet, the vulnerability recently revealed by software wallet ZenGo is — in fact — nothing more than a user experience flaw. He illustrated the nature of its hardware wallet companion software Ledger Live to Cointelegraph: “It’s important to understand that rather than an attack, the actual flaw may be seen more as a clever piece of trickery. Trickery is not a vulnerability. However, we do want to prevent anyone from falling victim to these kinds of clever …

Every Friday, Law Decoded delivers analysis on the week’s critical stories in the realms of policy, regulation and law. Editor’s note The U.S. is preparing for its Independence Day tomorrow. New spikes in positive COVID-19 tests will put a damper on some but not all of the traditional fireworks, cookouts and Martina McBride. On the same day, new changes to the Russian Constitution, including those that may allow Putin to stay in power for another 16 years, take effect. In more light-hearted news, pubs will also reopen in the U.K. The COVID-19 lockdowns have added new immediacy to the eternal …

In recent months, a number of class-action lawsuits have been filed against Ripple for selling its XRP token in an unregistered securities offering. So far, the United States Securities and Exchange Commission has not published any official statement on this, which has kept everyone guessing. To help put an end to the uncertainty, Chris Giancarlo, former chairman of the Commodity Futures Trading Commission, published a paper last week arguing that Ripple’s XRP is not a security. Giancarlo is famous for helping establish the CFTC’s stance that Bitcoin (BTC) and Ether (ETH) are not securities. So, it would seem that he …

On July 2, crypto security firm ZenGo identified a double-spend exploit targeting several popular Bitcoin (BTC) wallets, dubbed ‘BigSpender’ Of nine cryptocurrency wallets tested by ZenGo, BRD, Ledger Live, and Edge were found to have been vulnerable to the attack. The three companies updated their products after ZenGo notified them of the threat, however the firm warned that “millions” of crypto users may have been exposed to the exploit prior to its identification. Despite the wallets’ move to protect against BigSpender, Bitcoin Cash (BCH) proponent Hayden Otto claims the vulnerability is inherent to Bitcoin “by design” and can still be …

A report released by major crypto exchange Binance illustrates how scams targeting cryptocurrency investors attempt to gain credibility. In the report published on June 30, the exchange explained that its Binance Sentry risk investigation service observed reports of fraudulent investment schemes promising quick or exponential returns on cryptocurrency investments. The frauds do not just concern crypto but also forex, binary options and contracts for difference (CFDs). Binance published the report after a Bitcoin (BTC) scam targeted the residents of Winnipeg, Canada, in late June. Scams are often well-organized, big operations Scam organizations are frequently the subject of regulatory warnings but …

One of the world’s top cryptographers believes that Satoshi Nakamoto chose Bitcoin’s (BTC) elliptic curve either for its efficiency or because it may offer a secret backdoor. Elliptic curve is worth billions A Bitcoin public key is created by applying elliptic-curve cryptography to the private key. One can easily create a public key from the private key, but it is impossible to go in the reverse direction. Unless, of course, Bitcoin’s elliptic curve is compromised. Many crypto experts have noticed that Bitcoin’s choice of secp256k1 elliptic curve was unusual for its time, as it was not yet well researched. Cointelegraph …

Cryptocurrency market data aggregator CoinGecko has updated its Trust Score algorithm to consider the cybersecurity standards of the more than 400 cryptocurrency exchanges listed on its platform. From July 1, 20% of CoinGecko’s Trust Score will be determined according to a cybersecurity rating provided by security technology company Hacken. According to an announcement, the algorithm update will provide “a more holistic overview of cryptocurrency exchanges.” Speaking to Cointelegraph, CoinGecko co-founder and COO Bobby Ong stated that the firm has “wanted to work closely with a cybersecurity company to incorporate exchanges' cybersecurity score since [introducing] Trust Score in May 2019,” but …

Scientists in China were able to exchange an encryption key at a distance of 1,120 kilometers, this exceeds the previous best attempt by 1,000 kilometers. Crypto experts discuss whether this could have practical implications for the industry. Hackerproof cryptography? Quantum computers are scarecrows for the crypto industry for years, with some speculating that the advances in this technology will make all existing cryptography obsolete. This time quantum entanglement was used to exchange a secret key that could be used to encrypt and decrypt messages. One could imagine if this technology becomes a commodity it could make crypto hacking obsolete as …

A mammoth global spying and data theft effort currently leaves web surfing citizens at risk, with several Bitcoin and crypto domains included in the mix, according to research from Awake Security. At the heart of the problem — a web domain registration company named CommuniGal Communication, or GalComm. "Of the 26,079 reachable domains registered through GalComm, 15,160 domains, or almost 60%, are malicious or suspicious," Awake wrote in a June 18 blog post. A list of sites at risk Although the nefarious movement uses several different methods, including malware, such activity has passed under the radar of popular security systems, …