Critical vulnerability was spotted in Augur tokens

Hackers were able to create a "time paradox" in order to make token transfer impossible
29 July 2017   2056

The team of the Augur together with Zeppelin Solutions reported that the Serpent programming language, that was used to create the project revealed a critical vulnerability. This is reported by Forbes.

At this point, a vulnerability that threatened REP tokens has already been eliminated.

From a technical point of view, using the detected vulnerability, hackers could change the time stamp of tokens creating to a date in the future and thereby make it impossible to transfer tokens.

To solve the problem, the vulnerability was deliberately activated. Timestamp of creation was increased on approximately 31 billion years. The old REP contract was frozen at the same time.

At the same time, representatives of Augur assure that REP owners do not threaten the owners of tokens.

As Zeppelin Solutions notes, Serpent can not be considered safe for use until many problems are solved. The company's specialists also recommended that all projects using Serpent smart contracts, migrate to Solidity, using contracts for tokens ERC20 standards that have been developed by the OpenZeppelin.

The migration will be a simple translation from one language to another. This is a straightforward process, similar to translating a document written in English into another language you’re fluent in, then running your translated text through a series of tests to ensure nothing was lost in translation.

Augur Blog

Poloniex, Kraken, Bittrex, Liqui, Bity, Gatecoin, BTER, Mr.Ripple, GateHub, HitBTC, ShapeShift, Changelly, Jaxx, Parity, MyEtherWallet, MetaMask , OASIS and EtherDelta are the products, which confirmed that they will have to update their software.

The vulnerability has been discovered in the course of the audit, which is conducted Zeppelin Solutions for Augur.

Augur is an open-source, decentralized, peer-to-peer prediction market platform built on Ethereum. As developers assure, "Augur combines the magic of prediction markets with the power of a decentralized network to create a stunningly accurate forecasting tool - and the chance for real money trading profits".

Vulnerability in Ethereum-purse Parity led to the theft of more than $ 30 million last week.

Crypto Investor to File Lawsuit Against AT&T

Michael Terpin believes that AT&T helped scammers to still his $24M worth crypto
16 August 2018   120

In the Los Angeles District Court, a 69-page lawsuit was filed by BitAngels founder Michael Terpin against the American telecom giant AT&T. Terpin claims that the operator assisted fraudsters in "stealing digital personal data" from the account on his smartphone, which is why he lost $ 24 million in cryptocurrency, according to an official release.

According to Terpin, for seven months, there were two hacks. Initially, an attacker got access to his phone number without providing a password or correct identification data. Later, the phone number was used to steal crypto.

AT&T’s studied indifference to protecting its customers’ privacy and financial assets is a metastasizing cancer, threatening hundreds of millions of unsuspecting AT&T’s customers. Our client had no idea when he initially signed up, nor when later he was promised the highest level of security for his account, that low-level retail employees with access to AT&T records, or people posing as them, can be bribed by criminals to override every system that AT&T advertises as unassailable.

Pierce O’Donnell
Lead counsel for Terpin in this complaint

Michael Terpin requires AT & T to pay him $ 224 million - $ 200 million for moral damages and $ 24 million for actual theft.