Electrum critical vulnerability fixed

Vulnerability allowed attackers to get access to the resources of users through Javascript
09 January 2018   666

Electrum's bitcoin wallet team confirmed the existence of a critical vulnerability that allowed hackers to access the resources of users through Javascript. Urgently released updates are said to have solved this problem.

Malicious sites could steal the bitcoins when they visited, if the Electrum was launched at that time. Access to the tools was possible through the default JSON RPC interface, through which arbitrary console commands were transferred to hackers, including exporting keys.

Google researcher Tavis Ormandy drew attention to the bug on January 6, but there is evidence that he was aware of it, at least last year. Soon after the publication of Ormandy's message, the Electrum team began preparing the patch.

The most dangerous in this case were wallets without a password. A fairly complex password is supposed to guarantee relative security if the wallet owner did not make transactions at that time.

The vulnerability was partially corrected in version 3.0.4, and on Monday night, January 8, Electrum team posted version 3.05 of the purse, which is supposed to close the vulnerability more reliably.

In particular, the JSON RPC interface is disabled when the wallet graphical interface is running, and by default the password protection of the wallet is enabled.

OKEx to Launch OKChain Based Decetralized Exchange

Great role in the upcoming exchange will be played by OKB coin, which will be trasfered to OKChain as soon as its development finished
22 March 2019   79

OKEx cryptocurrency exchange will launch a decentralized trading platform on its own blockchain.

Currently, the OKChain blockchain is in the final stages of development, and its test network may be launched as early as June 2019. When the OKEx blockchain becomes stable enough, it will transfer OKB to it, which will then perform the function of the native OKChain token and be used to pay commissions, as well as in its own decentralized network applications.

The primary purpose of OKChain is to launch the OKDEx decentralized exchange, where the OKB token will be used to participate in presales. In addition, project teams will use OKB tokens to pay the service fee to the super nodes of the network.

While the total volume of OKB emissions is 1 billion, 300 million tokens are in circulation today, and 700 million remain blocked. Of this number, 300 million OKB will be distributed to users through the loyalty program, and 400 million belong to the OK Blockchain Foundation and the exchange team. However, for a more efficient formation of the OKB ecosystem, the blocking period of these 700 million tokens will be extended from 2020 to 2022, writes OKEx.

In addition, OKB will be the only token to be accepted during the initial exchange offerings (IEO) on the OK Jumpstart platform, announced earlier this month. According to the company, it is currently negotiating with various projects and will soon announce the launch of the first IEO on OK Jumpstart, for which investors will be admitted who have passed personal verification and have OKB tokens in their accounts.