Crypto-Related Theft & Scam to Reach $4.4B in 2019

Compared with 2018, cryptocurrency losses due to scam and other crime activities rose sharply - $ 4.4 billion against $ 1.7
28 November 2019   388

Cryptocurrency fraud and theft in 2019 reached $ 4.4 billion. This was reported in the report of the analytical firm CipherTrace for the third quarter.

The company's specialists noted a marked decrease in the total number of crimes related to cryptocurrencies. In the third quarter, hackers stole $ 6.5 million worth of cryptocurrencies from bitcoin exchanges, while fraudsters cost users of digital assets another $ 8 million.

This total of $15.5 million represents the smallest number of cryptocurrency crimes of any quarter in the past several years. Certainly, if the lower altitude of this trend line persists it should provide a confidence boost for users and investors in an industry rocked by one exchange heist, scam or Ponzi scheme after another.
 

CypherTrace Report

Nevertheless, compared with 2018, losses rose sharply - $ 4.4 billion against $ 1.7.

Two frauds were the most significant this year: the PlusToken cryptocurrency pyramid ($ 2.9 billion) and the collapse of the Canadian QuadrigaCX exchange ($ 195 million).

CipherTrace researchers also analyzed the KYC 120 standards of the most popular cryptocurrency exchanges. In 65% of the sites, they were rated as vulnerable and weak

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   913

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.