Trezor to Undergo Fishing Attack

Trezor wallet team asks users to be exteme caution
02 July 2018   713

According to the blog of developers of the hardware wllet Trezor, their service has recently undergone a phishing attack. The project team stated that it received many complaints about the incorrect Secure Sockets Layer (SSL) certificate.

The number of warnings about the incorrect certificate has increased due to the increasing number of phishing attacks on the site. The vectors of the attack are reportedly the so-called "poisoning of the DNS server" and "BGP-interception".

Poisoning a DNS server is an attack that uses some DNS vulnerabilities. It allows the attacker to redirect traffic from legitimate servers to fake ones. This exploit was used, for example, to attack the "Great Chinese Firewall" in 2010.

BGP interception (also known as "prefix intercept") is an attack that consumes IP address groups and is performed by corrupting the routing Internet tables that the BGP protocol operates on.

As a result of the attack, the fake Trezor wallet site showed a warning message asking the user to restore the seed-phrase (an access key consisting of 12-24 "simple and memorable" words). According to Trezor, this was already the "second alarm bell", because the warning message was written with errors.

The third red flag was the method of recovery (seed check) — the fake site forced users to enter both the order number as well as the seed word into the computer.
 

Trezor's Blog

Next, the team warned users about the security measures that must be taken to protect themselves from this attack. It stressed that users should never enter their seed-phrases into the computer - this should be done only in the Trezor device. In addition, according to Trezor, the user should make sure that there is a "Protected" in the address bar of his browser.

They also noted that the fake wallet had already been blocked by the hosting provider, but they asked users to remain vigilant and inform the Trezor team about suspicious sites.

Tether to Launch USDT in Blockstream's Liquid Network

Thanks to this, ecosystem participants will be able to make fast and secure payments using Confidential Transactions technology
30 July 2019   328

A leading supplier of Bitcoin and Blockchain solutions, the company Blockstream and Tether have launched USDT in the Liquid Network.

The Blockstream blog says that thanks to this step, ecosystem participants will be able to make fast and secure payments using Confidential Transactions technology, which is oriented towards increased privacy, as well as multi-signature functions. In addition, investors and traders will be able to carry out atomic swaps between Liquid BTC and Stablecoin, and will also be able to replenish their exchange USDT wallets more quickly.

The input and output of Liquid USDt is already available on the Bitfinex exchange. Support for other trading platforms, including BTSE, BTCTrader / BtcTurk, OKEx, OKCoin, RenrenBit and Sideshift AI, will appear soon.

According to the developers, Blockstream Green wallet is suitable for storing Liquid USDt. They also promise to soon add support for the new asset to Trezor hardware wallets.

Tether’s launch on Liquid coincides nicely with the recent surge of interest in the Liquid Swap Tool. The Liquid Swap Tool is an open source application that allows traders to execute atomic swaps with their counterparties, exchanging any Liquid-based asset for another.
 

Samson Mow

Blockstream team

In the future, Blockstream and Tether plan to launch USDT tokens on the second-tier Lightning Network.

Liquid is a federated sidecoin of Bitcoin, functioning as a settlement and payment network for cryptocurrency exchanges, market makers, brokers and other financial institutions.

Atomic swaps are the operations of exchanging one cryptocurrency for another, which can be implemented instantly without having to rely on a trustworthy third party represented by the exchange or exchange platform. As a result, control over the transaction is carried out exclusively by the parties involved in it.