Crypto Holders to Fall Victims of Outlook Flaw

Attackers gained access to users' emails using the support service employee account login data, set up email forwarding and stole crypto
30 April 2019   662

Several cryptocurrency holders reported to Motherboard about the about hacker attack on theeir Microsoft Outlook service mailboxes.

According to the publication, the attackers gained access to users' emails using the support service employee account login data. This supposedly allowed them to view the contents of any unincorporated Outlook, Hotmail and MSN accounts.

The hackers also had access to my inbox allowing them to password reset my Kraken.com account and withdrawal my Bitcoin.
 

Jevon Ritmeester

User, Microsoft

According to Jevon, after hacking, the attackers didn't show themselfs, but they set up the mailbox to forward messages with "Kraken" world to their address, including requests for changing the password.

Ritmeester discovered that the attack, only when he decided to check the folder with the deleted letters. In this case, the user has lost one Bitcoin, however, there is evidence that there are other victims.

“My account was hacked as a direct result of this,” Reddit user shinratechlabs wrote earlier this month, adding that he lost “25,000 in crypto".

“Same exact for me only a lot less funds stolen, sucks,” another Reddit user, mickey_ficke, added.

Ritmeester explained that he did not use two-factor authentication, which could protect his account in this case.

Customers who believe they have been impacted beyond what was outlined in the company’s notification should contact the Microsoft support team for assistance.
 

Microsoft

Previously, Microsoft stated that the vulnerability affects only the mailbox details.

I feel Microsoft is trying to cover up and is not taking this seriously. I think Microsoft talks about this way to lightly [sic] about this leak and I think there are a lot of users who have suffered damage in one way or another as there is a lot of sensitive information in an inbox.I am planning to at least file a police report and thinking about holding Microsoft liable for the financial damage and the fact that a lot of my personal information may get leaked in the near future.
 

Jevon Ritmeester

User, Microsoft

In March, Kraken announced that it would implement two-factor authentication as a must option for all its users.

Binance Singapore Unit to Apply For License

Under the new law, aimed at regulating crypto paymetns and trading, firms must register with the Monetary Authority to receive a license
17 February 2020   260

Binance, a Singapore-based cryptocurrency exchange unit, has applied for a license under the new Payment Services Act, which entered into force on January 28.

We have already applied. We submitted the application pretty fast. Binance’s Singapore entity has been in close touch with the local regulators, and they have always been open-minded.

 

Changpeng Zhao

Founder and CEO, Binance

Under the new law, crypto companies in Singapore must register with the Monetary Authority and receive one of three licenses: an exchange of money, a standard or large payment institution. The measure is aimed at regulating payments and crypto trading using requirements for participants in the traditional finance industry. Zhao did not specify which of the licenses Binance Singapore chose.

Binance has been offering crypto-fiat trading services in Singapore since April 2019 and works with eight coins, including Bitcoin, Ethereum and XRP. The trading platform is supported by Vertex Venture Holdings, a venture division of Singapore's Temasek Holdings.