Scammers to Create Fake Bloomberg Reporters Accounts

Scammers created fake Twitter accounts of blockchain journalists Lily Katz and Olga Harif
24 May 2018   859

Twitter accounts Lily Katz and Olga Harif - employees Bloomberg and Businessweek - were simulated by scammers who on behalf of journalists asked the audience to send them some sums in crypto-currencies. This is reported by the Forbes.

Scammers created fake accounts in Twitter @ LilyKatz5, @ subidetu4692 and @ o1gakharif - using the same names and photos as on the original pages of their victims. In an attempt to avoid detection, scammers blocked true journalist accounts, and then started sending spam to their followers with offers to send them a little cryptocurrency in exchange for a small number of ETH coins.

Despite the fact that the accounts of Katz and Harif are verified (such accounts have a small blue tick next to the owner's name), fake accounts have existed for quite a long time - a whole week.

Twitter has long been criticized for its inability to cope with the huge number of bots that hit its platform. Some believe that the social network does not want to do this, because their removal will mean a significant drop in the number of monthly active users on the site, as well as a sharp reduction in the number of followers of many of its users.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   142

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.