Connect with us

Crypto

$2 Million Worth of Cryptocurrency Lost in Dexible Hack

Published

on

EDE71B8B98CA31DC600C4B4AC55DCEA6DB4A7C3B469F6B460E7AA7429A9621DA.jpg


Advertisement
According to a post-mortem report published by the team on the official Discord channel of the project on February 17, the multichain exchange aggregator Dexible has been compromised by an exploit, and as a direct consequence, $2 million worth of bitcoin has been stolen.

As of 17 February, 6:35 pm UTC, the front end of Dexible displays a popup warning about the hack anytime users visit to it.

Advertisement

The team said at 6:17 am UTC that it had found “a possible hack on Dexible v2 contracts” and was looking into the matter at the time. A second statement was issued around nine hours later, in which it was said that the company now knew that “$2,047,635.17 was exploited from 17 trading addresses.” 4 on mainnet, 13 on arbitrum.”

A post-mortem report was provided as a PDF file at 4:00 pm UTC and made available on Discord. The team also said that it was “currently working on a repair plan.”

Advertisement

The organization stated in the report that it became aware that something was amiss when one of its founders had crypto assets worth $50,000 transferred out of his wallet for reasons that were unclear at the time. The reasons for this move were unknown at the time. Following their investigation, the team came to the conclusion that an adversary had utilized the selfSwap feature of the app to steal almost $2 million worth of cryptocurrency from users who had previously given permission for the program to transfer their tokens.

Users were able to make a trade of one token for another by using the selfSwap function, which required them to provide the address of a router and the calldata connected with it. However, the code did not include a list of routers that had already been reviewed and authorized. In order to move users’ tokens from their wallets into the attacker’s own smart contract, the attacker utilized this method to route a transaction from Dexible to each token contract. Token contracts did not put a stop to these potentially dangerous transactions since they originated from Dexible, which users had already given permission to use their tokens.

Advertisement

After receiving the tokens into their own smart contract, the attacker withdrew the coins using Tornado Cash and placed them in BNB (BNB) wallets that they did not aware about.

The execution of Dexible’s contracts has been halted, and the company has requested that users withdraw their token authorizations for such contracts.

Advertisement

The common practice of authorizing token approvals for large amounts can sometimes lead to losses for cryptocurrency users due to buggy or outright malicious contracts. As a result, some industry experts advise users to regularly revoke approvals in order to protect themselves from potential financial harm. Because the front ends of the majority of Web3 applications do not explicitly let users to alter the number of tokens granted, users often lose the whole of their token balance if it is discovered that an app has a security problem. Although MetaMask and other wallets have attempted to solve this issue by enabling users to alter token approvals during the wallet confirmation process, the majority of cryptocurrency users are still uninformed of the potential consequences of not taking use of this function.



Source link

Advertisement

Crypto

Coinbase Petitions SEC on Staking

Published

on

By

A82E8106DDAD6914BB84DC719892BAF10858DFD11967B70AD3CC0B8508879EF8.jpg


Advertisement
In response to the SEC’s February crackdown on Kraken’s staking program, Coinbase has submitted a “Petition for Rulemaking” arguing that staking should not be classified as securities. The 18-page document argues that staking is not a monolithic concept and that core staking services do not meet the criteria of the Howey test, which defines what constitutes a security.

Coinbase argues that staking is not an investment of money, as the opportunity cost of staking is not an investment. Users retain full authority over their assets, with the ability to unstake them, sell, hypothecate, vote, pledge, or otherwise dispose of them independently of the service provider. The rewards users receive are simply payments for services rendered, and core staking services entail ministerial maintenance and not managerial efforts in the sense of traditional investing.

Advertisement

The petition cites several historical precedents that can guide the SEC on the current regulatory work with crypto staking. These include the 1973 Committee on Special Investment Advisory Services, the SEC’s Regulation Fair Disclosure from 2000, and the Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO, from 2017. Coinbase urges regulators to consider the economic consequences of their actions on the digital asset ecosystem and take a different approach to the treatment of staking services.

Coinbase publicly distanced itself from Kraken’s staking program in February, with CEO Brian Armstrong expressing his readiness to defend the company’s position in court “if needed.” Despite the SEC’s actions, Coinbase has reiterated to customers that its staking services will continue and “may actually increase.”

Advertisement

Overall, Coinbase’s petition to the SEC on staking argues that the practice should not be universally labeled as securities. It provides a detailed argument based on historical precedents and highlights the economic consequences of regulatory actions on the digital asset ecosystem.



Source link

Advertisement
Continue Reading

Crypto

Arbitrum’s ARB Token Airdrop Triggers OTC Trading

Published

on

By

7E81BDE2C308A8D43F1B38932F10D04FF8442F0BC4A94834C355715261341484.jpg


Advertisement
The Arbitrum community is abuzz with anticipation following the announcement of the ARB token airdrop by Arbitrum Foundation. The new token will be airdropped to eligible community members on Thursday, March 23, and marks Arbitrum’s official transition into a decentralized autonomous organization (DAO).

Arbitrum One and Arbitrum Nova are networks that allow users to transact on the Ethereum blockchain with better speeds and lower fees. With 55% of the Ethereum layer 2 market share, according to layer-2 analytics site L2Beat, anticipation for an Arbitrum token has been at a fever pitch since the network went live in 2021.

Advertisement

The airdrop will grant 11.5% of the total supply to eligible Arbitrum users and 1.1% to DAOs operating in the Arbitrum ecosystem. With ARB’s total circulation of 10 billion, the Arbitrum community will control 56% of the tokens.

The announcement of the airdrop has triggered a surge in over-the-counter (OTC) trading of unreleased ARB tokens. OTC trading allows easy buying and selling of cryptocurrencies directly between sellers and buyers. The process is usually very fast, with funds being transferred directly from a bank account to the seller. In this case, when a price is agreed on by the buyer and seller, the seller receives payment from the buyer and then gives up the seed phrase linked to the eligible wallet.

Advertisement

However, the Arbitrum community has also warned others to stay vigilant after reports of phishing websites and scams offering Arbitrum airdrop tokens. As one of the most significant crypto projects without a token, the anticipation for an Arbitrum token has been high since the network went live in 2021.

Arbitrum’s main competitor in the Ethereum scaling space, Optimism, launched its OP token nearly a year ago when it transitioned to DAO governance. However, the launch of the ARB token puts Arbitrum in direct competition with Optimism and could lead to further developments in the Ethereum scaling space.

Advertisement

In summary, the announcement of the ARB token airdrop by Arbitrum Foundation has triggered over-the-counter (OTC) trading of unreleased tokens, with 11.5% of the total supply being granted to eligible Arbitrum users and 1.1% to DAOs in the Arbitrum ecosystem. However, the community has also warned others to be cautious of phishing websites and scams offering Arbitrum airdrop tokens. With the launch of the ARB token, Arbitrum is now in direct competition with Optimism in the Ethereum scaling space.



Source link

Advertisement
Continue Reading

Crypto

SpankChain Shuts Down SpankPay Crypto Payment Processor

Published

on

By

9C2F62507C0B1E56D1B794145100C5D2D3E784ACECB85BA26F7D59DA2982962D.jpg


Advertisement
SpankChain, an Ethereum-based blockchain platform designed to help adult content creators cut out traditional banks and intermediaries, has closed its crypto payment processor, SpankPay. The closure comes after the company lost its payment service provider, Wyre, in February due to “violations of any third-party payment processor or network rules.” SpankPay attempted to find another service provider, but all attempts were rejected due to the adult industry nature of their business.

In a Twitter thread, SpankPay announced that the decision to close the payment processor was due to the escalating hostility of the banking environment towards adult industry payment processors, which had made it untenable for the small team and niche market it served. Despite the shutdown, the company reassured users that their money was safe and would be returned as soon as possible.

Advertisement

SpankPay was launched in July 2019 as an adult-industry-friendly payment solution that enabled adult entertainers and merchants to accept cryptocurrency for their services. The closure of SpankPay is a significant blow to SpankChain, as the platform was a key part of its blockchain ecosystem.

The adult entertainment industry has always faced challenges with traditional banking systems, as banks have been reluctant to work with the industry due to its controversial nature. SpankChain sought to change this by providing a blockchain-based platform that allowed adult content creators to transact directly with their customers, cutting out traditional intermediaries.

Advertisement

The closure of SpankPay highlights the ongoing challenges faced by the adult entertainment industry in accessing traditional banking services. The industry has been forced to rely on alternative payment methods, such as cryptocurrencies, to transact with customers. The use of cryptocurrencies has enabled adult content creators to access a global market and avoid the restrictions imposed by traditional banks.

Despite the challenges, SpankChain remains committed to advancing the adult industry and has promised to continue developing and investing in products that serve the niche market it serves. The closure of SpankPay is a significant setback for the company, but it is determined to continue to innovate and find new ways to help adult content creators succeed in the digital age.



Source link

Advertisement

Advertisement
Continue Reading

Trending