Monero to Preserve Its ASIC Resistance

On Sunday,  Monero developers published a development update on PoW change and key reuse  
14 February 2018   1217

The development update addressed a recurring question among altcoins that can currently be mined profitably with GPU hardware and how to respond to the threat that a mining rig manufacturer will develop an ASIC miner built to mine Cryptonight.

The Monero developers are going to protect the network’s ASIC resistance by modifying its PoW algorithm at a scheduled hard fork. The hard fork occurs two times per year. The XMR users will not notice these changes. The changes will alter the network’s hashing algorithm that Cryptonight ASIC miners will have to follow every fork.

However, if these scheduled PoW forks will not be enough to disincentivize the development of ASIC miners for Cryptonight, Monero will modify PoW algorithm at a nonscheduled fork in order to prevent any potential threat from ASICs.

According to the development update, this stance will ensure that Monero mining remains relatively democratic and decentralized at least until such time the same can be said of the ASIC mining industry. The developers believe that any transition to an ASIC-dominated network needs to be as egalitarian as possible in order to foster decentralization.

Currently, the ASIC market is dominated by Chinese manufacturer Bitmain. It means that it would be simple for governments to force companies like this to build “kill switches” into the miners or sell rigs to customers who obtain special government licenses. By contrast, GPU miners rely on general-purpose computer chips. It makes regulator’s attempt to force miners to acquire government-issued licenses impossible.

The first PoW adjustment will be implemented at the network’s next hard fork, which is currently scheduled for March.

Scammers to Replace MEGA Extension to Steal Crypto

MEGA is a popular file exchange service; scammers were able to replace its official Google Chrom extension
05 September 2018   444

The popular file-sharing service MEGA reported a hacker attack. Attackers managed to replace the official Chromme extension of the service and to collect data on users' crypto-currency wallets.

On 4 September 2018 at 14:30 UTC, an unknown attacker uploaded a trojaned version of MEGA's Chrome extension, version 3.39.4, to the Google Chrome webstore. Upon installation or autoupdate, it would ask for elevated permissions (Read and change all your data on the websites you visit) that MEGA's real extension does not require and would (if permissions were granted) exfiltrate credentials for sites including amazon.com, live.com, github.com, google.com (for webstore login), myetherwallet.com, mymonero.com, idex.market and HTTP POST requests to other sites, to a server located in Ukraine. Note that mega.nz credentials were not being exfiltrated.

MEGA Blog

Thus, attackers could get access to the popular cryptocurrency wallets MyEtherWallet and MyMonero. Also, users' funds on the decentralized IDEX exchange are under the thread too.

Representatives of the file sharing company stressed that the fake extension was replaced by a genuine one four hours after the substitution. And an hour later, Google reacted and removed the extension from the Chrome store. Note that at the time of publication, the MEGA extension for Chrome in the official store is still not available.

Earlier it was reported that users of MyEtherWallet, using the free VPN-plugin Hola, could become victims of a hacker attack.