Poloniex customer sold the exchange's vulnerability

Poloniex customer sold the information about the exchange's bug for support's ignoring
17 August 2017   2678

The Poloniex crypto-exchange trader under the nickname Poloniex2FASucks detected a bug in the platform security system and then sold the information about it, as he was ignored by the support's team. He shares his history on Reddit.

As the user reports, he managed to easily bypass the two-factor authentication when withdrawing funds from the exchange account:

I managed to withdraw cryptocurrencies from an account without having access to the 2FA device, both for login and for withdrawal confirmation. I withdrew from an account that I picked, having access to the password from a leaked database. ... You open your emails in a client that provides those "preview" images, you've confirmed your outgoing transaction by opening the email. 

Poloniex2FASucks on reddit.com

According to the post, the customer wrote a letter to the Poloniex support service about the vulnerability found, but even after 60 days he did not receive a response.

I'm guessing they have no interest in fixing it, and that it is intentional. 

Poloniex2FASucks on reddit.com

A bit later, it has been reported that the information about the vulnerability was sold.

Finally, Poloniex2FASucks notes that other customers should not trust the company their funds as it can not even implement two-factor authentication on the platform and correctly configure the robots.txt file. He also advises all Poloniex users to withdraw their funds from the stock exchange as soon as possible.

Australian Company to Issues Crypto Backed Loans

In case of default, financial company named Helio may sell cryptocurrency to cover losses
10 December 2018   89

Helio from Melbourne began issuing loans secured by cryptocurrencies, Bitcoin.com reports.

The service allows Helio clients to borrow from 1000 Australian dollars ($ 720) on the security of cryptocurrency assets. At the moment, the company accepts Bitcoin, Ether, Litecoin and Ripple.

Helio client crypto assets are stored in a secure wallet, company representatives say. In case of default, the company may sell cryptocurrency to cover losses.

Helio has a credit license (ACL) issued by the Australian Securities and Investments Commission (ASIC). As stated by the company's founder, John O’Shy, Helio was the first licensed organization in Australia to launch this service. According to him, the country has a developed cryptocurrency market, however, suppliers who want to provide loans secured by digital assets are not enough.

In June, the Japanese corporation Abic Corporation began to issue loans secured with Bitcoin