Crypto Holders to Fall Victims of Outlook Flaw

Attackers gained access to users' emails using the support service employee account login data, set up email forwarding and stole crypto
30 April 2019   645

Several cryptocurrency holders reported to Motherboard about the about hacker attack on theeir Microsoft Outlook service mailboxes.

According to the publication, the attackers gained access to users' emails using the support service employee account login data. This supposedly allowed them to view the contents of any unincorporated Outlook, Hotmail and MSN accounts.

The hackers also had access to my inbox allowing them to password reset my Kraken.com account and withdrawal my Bitcoin.
 

Jevon Ritmeester

User, Microsoft

According to Jevon, after hacking, the attackers didn't show themselfs, but they set up the mailbox to forward messages with "Kraken" world to their address, including requests for changing the password.

Ritmeester discovered that the attack, only when he decided to check the folder with the deleted letters. In this case, the user has lost one Bitcoin, however, there is evidence that there are other victims.

“My account was hacked as a direct result of this,” Reddit user shinratechlabs wrote earlier this month, adding that he lost “25,000 in crypto".

“Same exact for me only a lot less funds stolen, sucks,” another Reddit user, mickey_ficke, added.

Ritmeester explained that he did not use two-factor authentication, which could protect his account in this case.

Customers who believe they have been impacted beyond what was outlined in the company’s notification should contact the Microsoft support team for assistance.
 

Microsoft

Previously, Microsoft stated that the vulnerability affects only the mailbox details.

I feel Microsoft is trying to cover up and is not taking this seriously. I think Microsoft talks about this way to lightly [sic] about this leak and I think there are a lot of users who have suffered damage in one way or another as there is a lot of sensitive information in an inbox.I am planning to at least file a police report and thinking about holding Microsoft liable for the financial damage and the fact that a lot of my personal information may get leaked in the near future.
 

Jevon Ritmeester

User, Microsoft

In March, Kraken announced that it would implement two-factor authentication as a must option for all its users.

US Crypto Companies to Support TON in Case With SEC

The Blockchain Association said Telegram taken sufficient measures to ensure that the Gram token offer met SEC requirements
23 January 2020   133

The Blockchain Association, which combines companies such as Coinbase, Circle, 0x and Ripple, issued an expert opinion as part of the ongoing proceedings of the US Securities and Exchange Commission (SEC) with Telegram.

Previously, the Digital Commerce Chamber launched a similar initiative. The blockchain association, however, was more straightforward and stated that Telegram had taken sufficient measures to ensure that the Gram token offer met SEC requirements. According to members of the organization, the actions of the SEC can damage not only Telegram, but the market as a whole.

The Court should not block a long-planned, highly anticipated product launch by interfering with a contract between sophisticated private parties. Doing so would needlessly harm the investors that securities laws were designed to protect.

 

The Blockchain Association

The Blockchain Association notes that for many years it has not been possible for SEC to obtain clear and unambiguous guidance for conducting activities in the cryptocurrency space, while the claims of the regulator make the current situation even more ambiguous. 

The SEC’s lawsuit also raises novel questions regarding whether companies are forbidden from raising funds from sophisticated U.S. investors, under well-established regulatory provisions, to build blockchain networks.

 

The Blockchain Association

They cite examples of startups TurnKey Jet and Pocketful of Quarters, in respect of which the regulator recommended not to apply legal measures, adding that such litigations inevitably involve high costs and do not guarantee industry participants that they will not be prosecuted in the future.

Telegram discussed its plans with SEC staff for a year and a half, provided copious information and responded to limited feedback by adjusting the design of its transaction. Yet, at the end, the SEC has sued, and the SEC’s briefs thus far say nothing about the substance of those discussions. 

 

The Blockchain Association

In conclusion, the group asks the court to “reject the SEC’s arguments that the not-yet-in-existence Grams were securities at the time of the Purchase Agreements.”