Wallet Creator Offers $250K to Anyone Who Can Crack the ‘Hack-Proof’

Published at: Jan. 28, 2020

Offline cold storage cryptocurrency wallet service provider GK8 is offering a bug bounty of up to $250,000 to the first person who can hack its product.

GK8 — which presents its solution as a “hack-proof digital vault” that needs no direct or indirect connection to the internet —  will place 14 Bitcoin (BTC) (over $125,000 at press time) in its wallet. Anyone who succeeds in breaking into the wallet will pocket its proceeds, plus an additional $125,000 prize.  

The bounty program will run from Feb. 3 (9:00 a.m EST) through February 4, 2020 (9:00 AM EST).

Mitigating state-sponsored attacks and APT threats

Israel-based GK8 claims its high-security custody solution for digital asset storage will allow banks and other institutions to fully access and manage their crypto holdings and related information without needing to connect to the net.

The firm’s site claims the product has been designed so as “to minimize the wallet’s attack surface and block attackers' influence on security-critical components.”

Among the list of risks it aims to mitigate, GK8 has pointed to state-sponsored attacks and stealth APT (advanced persistent threat) cyber threats.

Zcash (ZEC) founding scientist and cryptography researcher Professor Eran Tromer has endorsed the project, contending that the cold wallet solution developed by GK8 will set a new standard for high security cryptocurrency custody offerings. He explained the way in which the firm has designed the wallet with a minimized attack surface, noting that it works by:

“Having only outbound unidirectional communication and then building the rest of the cryptographic protocols around it using multi-party computation, validation protocols, the transmission of policies to the environment, all while preventing the injection of malicious inputs from the internet back into the cold wallet.” 

High stakes

In an industry that must always keep one step ahead of potential threat vectors, bug bounty programs serve as a useful “stress test” for cryptocurrency firms to probe the security of their solutions. 

In Dec. 2019, the AirSwap decentralized exchange protocol announced its launch of a  bug bounty program with rewards of up to 20,000 Dai (DAI), without setting a time limit for bug-finders.

Earlier, in October, MakerDAO had been prompted to fix a critical bug that could have resulted in a complete loss of funds for all platform users. HackerOne user lucash-dev had disclosed a report revealing a critical bug in MakerDAO’s planned upgrade, and was rewarded for the effort with a $50,000 bounty.

Tags
Related Posts
This platform turns data into cryptocurrency
Large-scale data breaches and the abuse of data by cybercriminals have become an everyday reality. Data is being utilized to drive massive profits in big tech and beyond. In 2018, a breach at Marriott Hotels resulted in 500 million records being stolen, and just earlier this year, Facebook had an enormous break where the details from 533 million users were taken. Cirus is offering individuals new financial opportunities through data monetization using the power of Web 3.0. With over 4,000 Cirus devices currently deployed in real households, the Cirus team is aiming to propel a new ownership economy. By harnessing …
Blockchain / Sept. 17, 2021
Trident Crypto Fund Data Breach: 266,000 Passwords Stolen
In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online. Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20. Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds. 10,000 Russians affected Oganesyan said that while attacks …
Blockchain / March 6, 2020
Algo Capital Ex-CTO Takes ‘Full Responsibility’ for Hot Wallet Breach
The now former chief technical officer (CTO) of Algo Capital, the investment arm of blockchain firm Algorand, has published a statement in the wake of a major security breach of an Algo hot wallet under his personal management. As Cointelegraph recently reported, Pablo Yabo’s cellphone was compromised by hackers — leading to the theft of roughly $1 million to $2 million in Tether (USDT) and Algorand (ALGO) tokens. Securing funds “in a versatile manner” remains difficult In his statement, Yabo wrote that the incident had provoked considerable reflection on his part, adding: “The state of the ecosystem and the difficulties …
Blockchain / Oct. 7, 2019
Binance Falls From Top 10 in CryptoCompare’s New Crypto Exchange Rankings
London-based crypto data provider CryptoCompare has updated its crypto Exchange Benchmark, removing Binance cryptocurrency exchange from the list of the top 10 exchanges. Binance, the second biggest crypto exchange by daily trade volume to date, is not included in the CryptoCompare’s list as the rankings do not rely on aggregate volume data in its analysis, the firm said in a press release to Cointelegraph on Nov. 19. In order, the top 10 crypto exchanges in CryptoCompare’s second Exchange Benchmark are: Gemini, Paxos’ itBit, Coinbase, Kraken, Bitstamp, Liquid, OKEx, Poloniex, bitFlyer and Bitfinex. Binance was ranked seventh in the first Exchange …
Blockchain / Nov. 20, 2019
Main hacker in Transit Swap exploit agrees to return remaining funds
On Monday, decentralized finance (DeFi) protocol Transit Swap announced that it had reached an agreement with its biggest hacker for the return of funds. Approximately one week prior, a hacker exploited an internal bug on a swap contract within the protocol and caused other individuals to imitate the security breach, leading to a loss of over $23 million in user funds. However, the main hacker has since returned approximately 70% of exploited funds thanks to the help of security companies such as Peckshield, SlowMist, Bitrace, and TokenPocket. They quickly tracked down the hacker by identifying their IP address, email address, …
Blockchain / Oct. 10, 2022