Jump to content

Search the Community

Showing results for tags 'crypto'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 8 results

  1. Crypto researchers are preparing to scatter the ashes of a class of Discrete Logarithm Problems (DLPs) as the future of security, following a claim by Swiss researchers to have cracked a 128-bit crypto scheme in two hours. So as not to frighten the horses, The Register will start by pointing out that our understanding of this paper at Arxiv doesn't mean the schemes you're now using have been broken. Rather, the work by researchers at EPFL in Switzerland excludes crypto based on “supersingular curves” from future consideration. As the Lausanne-based polytechnic states in its media release, “Whereas it was believed that it would take 40,000 times the age of the universe for all computers on the planet to do it”, the supersingular curve DLP algorithm only lasted two hours on the 24-core cluster used to crack it. Authored by Robert Granger and Thorsten Kleinjung of EPFL's LACAL (Laboratory for Cryptologic Algorithms) and Jens Zumbrägel of TU Dresden, the paper says this about the cracking of supersingular curves: “When initially proposed, these fields were believed to be 128-bit secure, and even in light of the recent algorithmic advances, were believed to be 128-bit and 94.6-bit secure. On the contrary, we have shown that the former field has only59 bits of security and we have implemented a total break of the latter. Since asymptotically more efficient techniques can be brought to bear as bit lengths increase, we conclude that small characteristic pairings at all security levels should now be regarded as completely insecure.” Their results are to be presented at IACR Crypto 2014 conference. Source
  2. Cryptocurrency has been in the public eye for a few years now with the increasing popularity of Bitcoin and its massive valuation. Celebrities and influencers have jumped on the bandwagon, coming out with their own coins in ICOs (initial coin offerings) that can raise vast amounts of money for the coin creators. Cryptocurrency is also considered anonymous, private and secure by the general population. For these reasons, cryptocurrency marketplaces are being opened all over the world to meet the demand. In fact, there are an estimated 18,988 markets for trading cryptocurrencies, but they are trading only about 1,700 cryptocurrencies. The reason for this is that marketplaces make a percentage on every transaction, allowing for major profits. According to Bloomberg, exchanges can make up to $3 million per day, or nearly $1 billion in one year. So, in that mad rush to make money, the smaller or newer exchanges may leave security behind as a second thought. And that’s exactly what we found. Our research shows that many crypto marketplaces are dangerously unsafe. In these unsecured databases, we were able to see the customers’ account balances and private information. This lack of security could allow their customers’ money to easily be stolen by anyone, as well as have their private details leaked or sold on the black market. Main takeaways One main exchange has around $16.5 million in “hot” wallets, with almost 80,000 private keys exposed. Its mainnet RPC keys are also exposed with a $25,000 balance One Chinese exchange, Hubdex, has users with high balances ($52,000, $40,000, $8,000, etc.) and unencrypted KYC data – ID cards and driver’s licenses that are easily downloadable Another smaller exchange, Swiss-based Lykke, also has unencrypted KYC data and other exchanges’ API keys that can allow for easy money withdrawal from those exchanges. Balances are as high as $10,000 The crypto marketplaces or platforms are unprotected, allowing anyone to easily steal or manipulate balances Unprotected data includes private keys, multisig wallet keys, API keys, full user and KYC data, mainnet RPC keys, and more The total balance in these unprotected marketplaces comes to at least $18 million About this research In order to carry out this research, our analysts scanned the entire internet for open MongoDB databases and matched them against our crypto keywords. After this filtering by keywords, we manually checked each database for sensitive data. Lykke One of the databases we discovered belongs to a Swiss-based cryptocurrency marketplace called Lykke. According to Lykke’s 2018 Coinholder meeting file (dated June 28, 2018), their average monthly trading volume was $106 million. They also claim to have nearly 100,000 clients with “substantial growth potential” with about $12 million in revenues for fiscal year 2017. This appears to be a serious company in the cryptocurrency market, which makes it quite disappointing that they aren’t providing adequate security for their growing customer base. Here’s what we found when we accessed their unsecured database. What data we found in the database The first thing we found was what appeared to be Lykke’s API keys. Having access to these keys would allow us to have pretty much direct access to the exchange. With this, we can perform trades, exchanges, deposits and withdrawals. Next, we found the private keys for their customers. These private keys would give us direct access to the customer’s wallet, allowing us to do whatever we want with the funds, including spending it, transferring it, trading it, etc. The unsecured database also included multisig wallets. Multisig wallets require two or more signatures before any funds can be spent. However, the database also includes the redeem scripts, which would give us access to their wallets. Beyond that, we also have each customer’s private keys, so even without the redeem script we could still access these multisig wallets. Lastly, Lykke’s unsecured database allowed us to see each customer’s transactions and balance. While Lykke claims that this data is read-only, we still have access to these APIs, which means that we can access and manipulate these accounts without needing any “write” permissions. Having any of this information allows us direct access to these users’ funds, meaning the full ability to steal those funds or manipulate any data we choose. This is a serious breach of users’ privacy and security. Hubdex Another database we were able to match to a Chinese-based marketplace called Hubdex. It positions itself as “the first decentralized exchange in the world that is built on a dedicated public chain of decentralized community autonomy” (translated from Chinese) and claims to have served more than 160,000 users worldwide. There isn’t a lot of information available about this company, including how many users it has or how much it has in its accounts in total, although we estimate it to be in the $1 million-$2 million range. Most interestingly, Hubdex’s only YouTube video promises the following three basic principles: User assets cannot be manipulated Trading orders cannot be altered All trading assets are genuine and cannot be forged Unfortunately, our research proves that none of those promises were kept. What data we found in research In this unsecured database, we found similar data to Lykke’s database. However, we also discovered customers’ KYC documents. Here’s one example of what looks to be an ID card for a Chinese customer: This database also held extensive user data, which allows us to see their private keys, as well as the ability to change the password hash to our own (after we sign up to the service ourselves) and thereby allow us to log into any account. Hubdex’s unsecured database also contains the all-important private keys – 1.1 million private keys to be exact. This allows us direct, unfettered access to any of their customers’ accounts – and of course the ability to spend, exchange, or simply steal that money. What did we discover? The amount of data we stumbled across is quite staggering and significant. Instead of providing users with security and anonymity, these unsecured platforms have exposed their users, not only to getting their data stolen, but also their investments. Here’s a quick overview of the data we discovered in our research. KYC KYC (Know Your Customer) data is a requirement for most businesses involved in cryptocurrencies, including exchanges, ATMs, and even ICOs. KYC data is made up of identifying documents, such as passports, driver’s licenses, ID cards, bank statements or utility bills, and basic data, such as names, addresses, social security number, and the like. This requirement is to help prevent money laundering, terrorism and other corrupt acts. API keys API keys allow users to give access to their accounts to third-party software. This can help them by, for example, letting the third-party tool buy and sell various coins for them automatically, based on rules that the user defines. Generally, depending on the marketplace, with API keys, a tool (or malicious actor) can view, trade and even transfer funds (bypassing any two-factor authentication the user has set up). Private Keys and multisig wallet keys When users create their crypto accounts, they are warned not to let anyone see their private keys. That’s because the private keys act like authentication (or more simply, a password), allowing a user to withdraw money from their account. Multisig wallet keys require that users have access to multiple private keys in order to make a single transaction. In this way, it offers more protection and is normally employed by more advanced users. Mainnet RPC keys Some cryptocurrencies allow users to “stake” coins, which means holding the coins in a “node” that acts as a type of wallet. The mainnet RPC keys will allow us to access those staked coins (think of this as access to a “remote wallet”), and sell, exchange, or withdraw those funds as we please. Disclosure We attempted to contact the two marketplaces that we could identify from our analysis. Our attempts were unsuccessful for Hubdex, whose listed email address did not work: Other attempts to contact them were also fruitless. Lykke We were much more successful with the Swiss-based Lykke. Not only did they immediately respond to our emails, but we were also able to set up a secure communication via Telegram. They confirmed that the IP belonged to them, and they were able to close it after we informed them: We also asked about whether they notified their customers, as well as the significance of the breach. Oleg from Lykke assured us that all affected clients had been notified. About the size of the breach, they claim that it was “a slave instance of a cluster” that was available as “read-only,” but that the most critical were the “API keys for HFT api.” (HFT here means high-frequency trading, which concerns the automation of a large number of orders in fractions of a second.) Overall, they state that this had no real impact in terms of third-party usage or access detected. The rest, according to Oleg, were a “few blockchain integrations operational data” that only “revealed some internals” but that “no personal data was exposed and no fund lost”. However, while it may have been “read-only” data, it doesn’t appear to be 100% true that the most critical were the API keys. The fact is that we were able to clearly view their customers’ private keys, which is most certainly a critical leak. Nonetheless, we appreciate their quick response and transparency. We are happy to report that both Hubdex’s and Lykke’s databases are now no longer accessible. Bottom line The significance of our initial findings is pretty severe. When people put money on cryptocurrency exchanges, hoping to buy and sell various cryptocurrencies, they are putting their faith into the exchanges to provide the utmost security and anonymity. After all, that’s what cryptocurrencies are known for. But the fact that the opposite is true is eye-opening. Not only are they not anonymous (by leaking KYC data), which means that their exchanges can be traced, but they also stand to lose all of their money. At this moment, with the data we have, we are able to steal or manipulate millions of dollars in these exchanges. That represents a deep betrayal of users’ security and privacy. Source: https://cybernews.com/security/cryptocurrency-marketplaces-leave-millions-in-the-open-leak-data/
  3. It's the return of the fifth European anti-money laundering directive The Dutch central bank has today announced it must begin supervising cryptocurrency companies (including wallet providers) under the fifth European anti-money laundering directive, which came into effect in July. Firms that offer services to exchange between cryptocurrency and “regular money” (fiat) are now forced to register with De Nederlandsche Bank (DNB) before 10 January 2020, and are advised to contact DNB as soon as possible. “Cryptos are vulnerable to financial crime, which is why it is important to set up integrity supervision now,” said a DNB statement published today. In addition to demanding such cryptocurrency companies to register, the DNB will “assess” their board members and some shareholders, who must show their processes are robust enough to prevent money laundering and terrorist financing. “Once a firm is registered and we have assessed board members and other policymakers, we will monitor that it complies with the rules on money laundering and terrorist financing. Firms that do not register will no longer be allowed to provide crypto exchange services and wallets,” said DNB. Last month, the New York Times reported that terrorist organization Hamas had been increasingly relying on Bitcoin to raise money to fund its operations. In addition, Washington-based Middle East Media Research Institutes warned that these sorts of groups have been leveraging messaging app Telegram to solicit cryptocurrency, and shared concerns that its upcoming token sale would only make things worse. With this news, Dutch cryptocurrency firms have found themselves in an unfortunately ironic situation. Sure, they might’ve joined the industry to support the decentralized money revolution, but continuing to operate will likely mean doxxing their own users to comply with rules enforced by a central bank — which certainly undermines their whole endeavour, don’t you think? Source
  4. It seems that cryptocurrency is the most overhyped trend for both founders and employees at startups. The information comes from First Round Capital’s annual State of Startups report. Also receiving a disproportionate amount of interest from both groups were artificial intelligence/machine learning and virtual/augmented reality. Optimism for Crypto Doesn’t Match Reality, According to Startup Founders and Employees First Round Capital has just published its annual look the attitudes and values of those starting or working for young companies. State of Startups, which originally started as an experiment in 2015, is now in its fifth year. The seed-stage venture firm behind it says that it has quickly become a “treasured tradition”. The company asked 950 founders and employees at different startups for their opinions on a series of topics important to those doing business over the course of 2019 and into 2020. Most interesting to us here at NewsBTC was the question relating to how hyped different trends are at the moment. Cryptocurrency emerged as a clear favourite amongst both founders and employees alike. However, founders were more likely to say that crypto was overhyped than workers. A total of 56.2 percent of those starting companies said that digital assets were talked about too much. This compares with 44.9 percent of employees. The 950 startup founders and employees surveyed by @firstround believe that cryptocurrency is the most overhyped startup trend [editorial note: they’re wrong] https://t.co/1NLuJ7snRO pic.twitter.com/LEPBwAPnqy — Mike Dudas (@mdudas) December 18, 2019 Also making the top three overhyped trends for startups this year were artificial intelligence/machine learning and virtual/augmented reality. Around 40 percent of founders and 19.8 percent of employees said AI was given too much attention. Meanwhile, 26.6 percent of founders and 19.4 percent of employees said that virtual or augmented reality was an overhyped trend. This is the fifth year that First Round has produced its State of Startups report. In previous editions, crypto assets were not included under the section about overhyped trends. This makes it difficult to judge whether the hype amongst startups surrounding them is growing or not. The wording of the question itself is also somewhat problematic. Rather than give respondents free reign over their answers, they were instructed to select three trends from a list of ten. Naturally, certain trends that people might think overhyped will not have been included and the results would probably be different if the multiple choice format was avoided. That said, a previous edition of the survey did include blockchain in the possible answers to the same question. In 2017, a total of 48.5 percent of the 860 startup founders asked said they thought the technology behind crypto assets received too much attention. Interestingly, the following year did not include crypto, blockchain, or Bitcoin as a possible answer. Source
  5. Crypto - The unique cryptography app with numerous & useful features Suitable for learning, testing & applying. Features • Encryption • Hashing • Encoding/Decoding • Mathematical functions • Secure Communication Tools (Certificates & Key Exchange) • Analysis • Tools This makes Crypto unique: • Beautiful & modern Material Design • Useful implemented features • Info pages for a lot of functions (implementation details etc.) • Sharing/Copy-pasting your texts & content made very easy & powerful • Save frequently used functions as favorites • Powerful Secure Communication Tools as an approach to provide secure encryption as a security add-on for every untrusted messaging or email service Cryptographic functions Encryption • Caesar • Vigenère • Skytale • DES • AES • Blowfish • Twofish • RC4 • Salsa20 • ChaCha Analysis Functions • Frequency Analysis • Caesar Brute Force • Factorization • Prime Search • Find Divisors • Convert RSA modulus • Decode PEM certificate Asymmetric Methods • Diffie Hellman • RSA • DSA • El Gamal Mathematics • Prime test (Fermat, Miller Rabin) • Euler toitent function • GCD (Euklid) & Multiplicative Inverse in a Field Hash • MD2 • MD4 • MD5 • RIPEMD • SHA-1 • SHA-2 • SHA-3 • Tiger • Whirlpool • Gost3411 HMAC - Keyed-Hash Message Authentication Code • MD2 • MD4 • MD5 • SHA1 • SHA2 • Tiger • Whirlpool • Gost3411 MAC - Message Authentication Code • Skein • Poly1305 • CMAC KDF - Key Derivation Function • HKDF • Scrypt Encoding • Base64 • Hexadecimal • Binary • URL Decoding • Base64 • Hexadecimal • URL Tools • Export your PEM certificate(.pem .crt .cert .cer) • QR code generator • QR code decoder • Advanced Base64 Encoding/Decoding Secure Communication Tools • Authentication (RSA certificates) • Key Exchange (RSA Public Key Block Cipher Encryption) • Encryption (AES-256) What can you do with Crypto? • Encrypt your messages for WhatsApp, Facebook, Telegram and other messengers • Encrypt your texts to securely store or send them • Save your passwords as hash • Learning support with mathematical DH and RSA implementations • Mathematical functions also suitable as everyday helpers Some special use cases for Secure Communication Tools: RSA Certificates • Share your certificate to prove your identity • You can securely & easily exchange secrets, passwords or session keys with RSA public keys included in the certificates RSA Key Exchange • Transfer your bank account number securely • Share access codes (e.g. PDF passwords, Cloud access passwords) securely • Exchange a session key for AES Encryption AES Encryption • Encrypt your text messages securely and share them (AES recommended instead of RSA because of performance) What's New: v4.3 • Storing of Enigma configurations and parameter sets for asymmetric methods • Data Store – manage IVs, Enigma configurations and parameter sets • Export of result text as .txt file • Minor tweaks • Bug fixes Mod Info; Pro Features Unlocked This app has NO advertisements Google play Info: https://play.google.com/store/apps/details?id=com.kokoschka.michael.crypto Download; Site: https://www.mirrored.to Sharecode: /files/9HBQR8ME/Crypto_4.3.apk_links
  6. LONDON (Reuters) - Bitcoin fell 8% on Tuesday, breaching $10,000 for the first time in two weeks after U.S. lawmakers grilled Facebook on its cryptocurrency plans, as political and regulatory scrutiny of digital coins intensifies. The biggest cryptocurrency fell to $9828.89 by around 1630 GMT after David Marcus, the company’s top executive overseeing the planned Libra project, answered questions from the Senate Banking Committee. Earlier in the day, bitcoin had lost around 3%. Traders said the trigger for the selling was not immediately clear. During the testimony, a U.S. senator said Facebook was “delusional” to believe people will trust it with their money as the social media giant fights to get Washington onside for its planned Libra project, aimed for launch in 2020. Source
  7. A Quarter of US Investors Own Crypto: Survey A new study has found that a majority of American believe cryptocurrency is a safe investment. Further, 25% already own crypto with another 27% saying they plan to invest this year. That’s according to a February survey of 30,000 people over the age of 18 conducted by Piplsay, a global consumer research platform. The findings fall roughly in line with other recent surveys. In October, Grayscale found that 55% of U.S. investors were interested in buying crypto. While Bitwise found 24% of financial advisers already owned bitcoin or some other crypto in a survey published in January. (Grayscale is owned by CoinDesk’s parent company Digital Currency Group.) Bitcoin’s meteoric rise has put it among the top-performing assets of the last year and the past decade. This strong performance has attracted institutional players from MassMutual to BlackRock, and MicroStrategy to Tesla, though some argue that retail interest has not kept pace. Google searches for “bitcoin,” an adequate proxy for public interest, have yet to reach levels seen in 2017, the previous crypto market bullrun. Piplsay found that 41% of respondents think the stock market and cryptocurrencies are equally risky investments. Of those that believe cryptocurrency is not a safe investment, 27% were concerned about hacking or fraud, 22% about a lack of regulations and 20% crypto’s volatility. A separate question found that 30% of those surveyed said they do not understand crypto, while 13% said they never heard of cryptocurrency. The words “we’re still early” did not appear anywhere in the survey. Source: A Quarter of US Investors Own Crypto: Survey
  8. Mastercard Will Let Merchants Accept Payments in Crypto This Year The payments giant plans to support digital currency transactions directly on network. Mastercard is planning to give merchants the option to receive payments in cryptocurrency later this year. According to a source familiar with the matter, the functionality will see Mastercard customers’ digital currency payments settled in crypto at participating merchants, a first for the financial giant. The company has not yet disclosed which digital currencies it intends to support, or where. The details shed new light on CEO Michael Miebach’s Q4 pledge to integrate digital currency payments “directly on our network” in a move the new chief, helming his first earnings call on Jan. 28, said will provide maximal flexibility to customers and merchants alike. Previously, Mastercard supported limited cryptocurrency transactions through its cryptocard partners Wirex and Uphold. But those programs only cover payment, not settlement; the coins are converted to fiat currency well before reaching the merchant. The new initiative promises to upend that dynamic among the store owners and businesses who opt in. They will be able to conduct their business beyond the bounds of the fiat ecosystem, assuming, of course, their customers have crypto they’re willing to spend. That’s hardly a safe bet given the buy-and-hold mantra pervading the world’s largest cryptocurrency. The source pointed out most bitcoin (BTC, +7.39%) buyers primarily treat their coins as investment vehicles, not payment tools. And the source underscored there’s no guarantee Mastercard’s crypto settlement initiative will support bitcoin. Instead, cryptos will be evaluated against Mastercard’s 2019 “Principles for Blockchain Partnerships” framework, the source said. Released in the wake of Mastercard’s Libra exit, the document placed emphasis on stability, consumer protection and regulatory compliance in vetting potential partners. “Many of today’s 2,600 digital currencies today fail to do this,” Mastercard said at the time. Relatively few merchants currently accept crypto, bitcoin or no. Tesla’s stated plans to sell cars for bitcoin remains a hypothetical. A widespread crypto economy is still far from reality. But Mastercard has been laying the groundwork for that future through years of patents around the digital currency space. The company said it holds 89 blockchain patents and is waiting for approval on an additional 285 around the world. In the U.S. those filings have included: methods to keep crypto transactions private, on-chain credit card payment verification, instant blockchain payment processing and how to handle crypto refunds, among others. Mastercard first filed a patent for handling bitcoin payments in 2013 but abandoned that effort in 2015. It began hiring a team of wallet developers and crypto veterans in 2019. The company now hosts a platform through which central banks can test digital currencies. The payments space is rushing to support blockchain-based currencies at a pace not seen since Bitcoin pioneered the concept of stateless, peer-to-peer immutable transactions in 2009. PayPal intends to roll out bitcoin payment functionality later this year. Visa’s CEO said the rival company may add crypto payments in the future. Source: Mastercard Will Let Merchants Accept Payments in Crypto This Year
×
×
  • Create New...