$2 Billion Lost in Mt. Gox Bitcoin Hack Can Be Recovered

We are sending a clear message of integrity and justice, louder than the slander our oppressors can push into the news.

We are almost there.
In less than thirty days I will be drafting an unprecedented announcement that your resilience made possible: the announcement that Silk Road has repaid all victims of our February hack.
As of today, May 27th 2014, 82.09% of all victims of the Feburary hack have been fully repaid.
In June the world will be reminded that when faced with adversity, Silk Road's community doesn't run. We unite.
Our enemies may seize our servers, impound our coins, and arrest our friends, but they cannot stop you: our people.
You write history with every coin transacted here.
It is unprecedented for any entity, darknet or clearnet, to completely repay the victims of a Bitcoin hack.
We are sending a clear message of integrity and justice, louder than the slander our oppressors can push into the news. History will prove that we are not criminals, we are revolutionaries.
We are slaving to transform a notoriously-violent industry into a safe online marketplace, removing the risk of face-to-face transactions.
We do not steal the People's money like Goldman Sachs, Citigroup, and Morgan Stanley. We bail each other out with our own sweat. We are not puppets of fear or greed. We do not run like the cowards at MtGox, TorMarket, or Sheep. Silk Road is not here to scam, we are here to end economic oppression. Silk Road is not here to promote violence, we are here to end the unjust War on Drugs. Silk Road is not here to submit to authority, we are here to defend a foundational human right: freedom of choice. Silk Road is not a marketplace, Silk Road is a global revolt.
When the news hits that everyone has been repaid, do your part to help tear down the world's misimpressions about what our movement stands for.
Four months of everyone's hard work has almost generated one spark. Throw it into the petrol. Be prepared with your throwaway accounts. Tweet. Upvote. Blog. Email editors.
It is an honor to serve you. Defcon
From the front page of the Silk Road six years ago....
submitted by MemoryDealers to btc [link] [comments]

The biggest cryptocurrency thefts in the last 10 years

In this article, we will try to remember all the major theft of cryptocurrencies over the past 10 years.
1. Bitstamp $5.3 mln (BTC), January 4th, 2015
On January 4, 2015, the operational hot wallet of Bitstamp announced that it was hacked by an anonymous hacker and 19,000 Bitcoins (worth of $5 million) were lost.
The initiation of the attack fell on November 4, 2014. Then Damian Merlak, the CTO of the exchange, was offered free tickets to punk rock festival Punk Rock Holiday 2015 via Skype, knowing that Merlak is interested in such music and he plays in the band. To receive the tickets, he was asked to fill out a participant questionnaire by sending a file named “Punk Rock Holiday 2015 TICKET Form1.doc”. This file contained the VBA script. By opening the file, he downloaded the malware on his computer. Although Merlak did not suspect wrong and has opened the "application form", to any critical consequences, this did not open access to the funds of exchange.
The attackers, however, did not give up. The attack continued for five weeks, during which hackers presented themselves as journalists, then headhunters.
Finally, the attackers were lucky. On December 11, 2014, the infected word document was opened on his machine by Bitstamp system administrator Luka Kodric, who had access to the exchange wallet. The file came to the victim by email, allegedly on behalf of an employee of the Association for computer science, although in fact, as the investigation showed, the traces of the file lead deep into Tor. Hackers were not limited to just one letter. Skype attacker pretending to be an employee of the Association for computing machinery, convinced that his Frame though to make international honor society, which required some paperwork. Kodric believed.
By installing a Trojan on Kodriс's computer hackers were able to obtain direct access to the hot wallet of the exchange. The logs show that the attacker, under the account of Kodric, gained access to the server LNXSRVBTC, where he kept the wallet file.dat, and the DORNATA server where the password was stored. Then the servers were redirected to a certain IP address that belongs to one of the providers of Germany.
There are still no official reports of arrests in this case. Obviously, the case is complicated by the fact that the hackers are outside the UK, and the investigation has to cooperate with law enforcement agencies in other countries.
2. GateHub $9.5 mln (XRP), June 1th, 2019
Hackers have compromised nearly 100 XRP Ledger wallets on cryptocurrency wallet service GateHub. The incident was reported by GateHub in a preliminary statement on June 6.
XRP enthusiast Thomas Silkjær, who first noticed the suspicious activity, estimates that the hackers have stolen nearly $10 million worth of cryptocurrency (23,200,000 XRP), $5.5 million (13,100,000 XRP) of which has already been laundered through exchanges and mixer services.
GateHub notes that it is still conducting an investigation and therefore cannot publish any official findings. Also, GateHub advises victims to make complaints to the relevant authorities of their jurisdiction.
3. Tether, $30.9 mln (USDT), November 19th, 2017
Tether created a digital currency called "US tokens" (USDT) — they could be used to trade real goods using Bitcoin, Litecoin and Ether. By depositing $1 in Tether, the user received 1 USD, which can be converted back into fiat. On November 19, 2017, the attacker gained access to the main Tether wallet and withdrew $ 30.9 million in tokens. For the transaction, he used a Bitcoin address, which means that it was irreversible.
To fix the situation, Tether took action by which the hacker was unable to withdraw the stolen money to fiat or Bitcoin, but the panic led to a decrease in the value of Bitcoin.
4. Ethereum, $31 mln (ETH), July 20th, 2017
On July 20, 2017, the hacker transferred 153,037 Ethers to $31 million from three very large wallets owned by SwarmCity, Edgeless Casino and Eternity. Unknown fraudster managed to change the ownership of wallets, taking advantage of the vulnerability with multiple signatures.
First, the theft was noticed by the developers of SwarmCity.
Further events deserve a place in history: "white hackers" returned the stolen funds, and then protected other compromised accounts. They acted in the same way as criminals, who stole funds from vulnerable wallets — just not for themselves. And it all happened in less than a day.
5. Dao (Decentralized Autonomous Organization) $70 mln (ETH), June 18th, 2016
On June 18, 2016, members of the Ethereum community noticed that funds were being drained from the DAO and the overall ETH balance of the smart contract was going down. A total of 3.6 million Ether (worth around $70 million at the time) was drained by the hacker in the first few hours. The attack was possible because of an exploit found in the splitting function. The attackes withdrew Ether from the DAO smart contract multiple times using the same DAO Tokens. This was possible due to what is known as a recursive call exploit.
In this exploit, the attacker was able to "ask" the smart contract (DAO) to give the Ether back multiple times before the smart contract could update its own balance. There were two main faults that made this possible: the fact that when the DAO smart contract was created the coders did not take into account the possibility of a recursive call, and the fact that the smart contract first sent the ETH funds and then updated the internal token balance.
It's important to understand that this bug did not come from Ethereum itself, but from this one application that was built on Ethereum. The code written for the DAO had multiple bugs, and the recursive call exploit was one of them. Another way to look at this situation is to compare Ethereum to the Internet and any application based on Ethereum to a website: if a website is not working, it doesn't mean that the Internet is not working, it simply means that one website has a problem.
The hacker stopped draining the DAO for unknown reasons, even though they could have continued to do so.
The Ethereum community and team quickly took control of the situation and presented multiple proposals to deal with the exploit. In order to prevent the hacker from cashing in the Ether from his child DAO after the standard 28 days, a soft-fork was voted on and came very close to being introduced. A few hours before it was set to be released, a few members of the community found a bug with the implementation that opened a denial-of-service attack vector. This soft fork was designed to blacklist all the transactions made from the DAO.
6. NiceHash, 4736.42 (BTC), December 6th, 2017
NiceHash is a Slovenian cryptocurrency hash power broker with integrated marketplace that connects sellers of hashing power (miners) with buyers of hashing power using the sharing economy approach.
On December 6, 2017, the company's servers became the target of attack. At first, Reddit users reported that they could not access their funds and make transactions — when they tried to log in, they were shown a message about a service interruption. In the end, it became known that the service had undergone a major cyberattack and 4736,42 Bitcoins disappeared without a trace.
Despite heavy losses, NiceHash was able to continue working, but CEO and founder Marco Koval resigned, giving way to a new team. The company managed to maintain the trust of investors and began to strengthen the protection of its systems.
7. Mt.Gox, 850000 (BTC), June 19th, 2011
The Hacking Of Mt.Gox was one of the biggest Bitcoin thefts in history. It was the work of highly professional hackers using complex vulnerabilities.
A hacker (or a group of hackers) allegedly gained access to a computer owned by one of the auditors and used a security vulnerability to access Mt.Gox servers, then changed the nominal value of Bitcoin to 1 cent per coin.
Then they brought out about 2000 BTC. Some customers, without knowing it, conducted transactions at this low price, a total of 650 BTC, and despite the fact that the hacking hit the headlines around the world, no Bitcoin could be returned.
To increase investor confidence, the company has compensated all of the stolen coins, placed most of the remaining funds in offline storage, and the next couple of years was considered the most reliable Bitcoin exchanger in the world.
However, it was only an illusion of reliability.
The problems of the organization were much more serious, and the management probably did not even know about them.
CEO of Mt.Gox, Mark Karpeles, was originally a developer, but over time he stopped delving into technical details, basking in the rays of glory — because he created the world's largest platform for cryptocurrency exchange. At that time Mt.Gox handled over 70% of all Bitcoin transactions.
And, of course, there were those who wanted to take advantage of the technological weakness of the service. At some point, hackers made it so that Bitcoins could be bought at any price, and within minutes millions of dollars worth of coins were sold — mostly for pennies. World prices for Bitcoin stabilized in a few minutes, but it was too late.
As a result, Mt.Gox lost about 850,000 Bitcoins. The exchange had to declare bankruptcy, hundreds of thousands of people lost money, and the Japanese authorities arrested CEO Mark Karpeles for fraud. He pleaded not guilty and was subsequently released. In 2014, the authorities restored some of the Bitcoins remaining at the old addresses, but did not transfer them to the exchange, and created a trust to compensate for the losses of creditors.
8. Coincheck, $530 mln, January 26th, 2018
The sum was astonishing, and even surpassed the infamous Mt.Gox hack.
While Mt.Gox shortly filed for bankruptcy following the hack, Coincheck has surprisingly remained in business and was even recently approved as a licensed exchange by Japan’s Financial Services (FSA).
Coincheck was founded in 2014 in Japan and was one of the most popular cryptocurrency exchanges in the country. Offering a wide variety of digital assets including Bitcoin, Ether, LISK, and NEM, Coincheck was an emerging exchange that joined the Japan Blockchain Association.
Since Coincheck was founded it 2014, it was incidentally not subject to new exchange registration requirements with Japan’s FSA — who rolled out a framework after Mt. Gox –, and eventually was a contributing factor to its poor security standards that led to the hack.
On January 26th, 2018, Coincheck posted on their blog detailing that they were restricting NEM deposits and withdrawals, along with most other methods for buying or selling cryptocurrencies on the platform. Speculation arose that the exchange had been hacked, and the NEM developers issued a statement saying they were unaware of any technical glitches in the NEM protocol and any issues were a result of the exchange’s security.
Coincheck subsequently held a high-profile conference where they confirmed that hackers had absconded with 500 million NEM tokens that were then distributed to 19 different addresses on the network. Totaling roughly $530 million at the time — NEM was hovering around $1 then — the Coincheck hack was considered the largest theft in the industry’s history.
Coincheck was compelled to reveal some embarrassing details about their exchange’s security, mentioning how they stored all of the NEM in a single hot wallet and did not use the NEM multisignature contract security recommended by the developers.
Simultaneously, the NEM developers team had tagged all of the NEM stolen in the hack with a message identifying the funds as stolen so that other exchanges would not accept them. However, NEM announced they were ending their hunt for the stolen NEM for unspecified reasons several months later, and speculation persisted that hackers were close to cashing out the stolen funds on the dark web.
Mainstream media covered the hack extensively and compared it to similar failures by cryptocurrency exchanges in the past to meet adequate security standards. At the time, most media coverage of cryptocurrencies was centered on their obscure nature, dramatic volatility, and lack of security. Coincheck’s hack fueled that narrative considerably as the stolen sum was eye-popping and the cryptocurrency used — NEM — was unknown to most in the mainstream.
NEM depreciated rapidly following the hack, and the price fell even more throughout 2018, in line with the extended bear market in the broader industry. Currently, NEM is trading at approximately $0.07, a precipitous fall from ATH over $1.60 in early January.
The extent of the Coincheck hack was rivaled by only a few other hacks, notably the Mt.Gox hack. While nominally Coincheck is the largest hack in the industry’s history, the effects of Mt.Gox were significantly more impactful since the stolen funds consisted only of Bitcoin and caused a sustained market correction as well as an ongoing controversy with the stolen funds and founder. Moreover, Mt.Gox squandered 6% of the overall Bitcoin circulation at the time in a market that was much less mature than it is today.
Despite the fallout, Coincheck is now fully operational and registered with Japan’s FSA.
As practice shows, people make mistakes and these mistakes can cost a lot. Especially, when we talk about mad cryptoworld. Be careful and keep your private keys in a safe place.
submitted by SwapSpace_co to BitcoinMarkets [link] [comments]

Plan To Recover Our Losses


Background on the Initiative

My name is Matt. I’ve lived in Calgary my whole life, and been running businesses and programming since I was 10 years old. I’m a recent graduate of the University of Calgary in a business and computer science double major, and I currently manage the software team (6 students) at a small Calgary IoT startup. My past business experiences include running a window cleaning franchise across 6 communities, a popular concession stand, and a free web hosting service with over 10,000 clients.
I first got involved with cryptocurrency in 2017, when we had the big run up. Prior to that, I’d done a ton of research but never actually invested. While my losses in Quadriga are significant, they’re nowhere near some of the losses I’ve been hearing about. I’m fortunate to be in a “walk away” position if I so choose and I more or less did for the first week. But I couldn’t stay away. It isn’t right. Especially not now when the solution is so close and the potential impact is so significant.
Quadriga Initiative is the result of 6-7 months of on and off brainstorming, collaboration, and iteration around the central goal of recovering what's been lost.
The money is almost certainly not accessible. (I'm pretty sure it would have been found already.) We'll all get something from the bankruptcy, and I appreciate the legal team and official committee working hard on our behalf, but I fear it won't even come close to making up for what was lost. For many people - their whole life savings. It's not a very satisfying recovery. It doesn't leave anyone whole. It leaves a lot of people behind.
Without funds to pull from, any full recovery solution has to center around creating new value. Entrepreneurs and business leaders are creating value every day, and this is where the idea comes from.
We take advantage of the fact we have a large affected user community, tons of economic bargaining power, and a vast network. Many in the business community were affected, know someone who was affected, or feel horrible about what happened. My discussions with business leaders have shown that they generally desire to make this right, and businesses regularly do "goodwill" donations or gestures for marketing. The Quadriga Initiative provides a way businesses can help easily and in a "win win" way by running token-accepting promotions. We then provide a competitive framework that helps to promote businesses which make the biggest impact, highly incentivizing a faster recovery.
At this stage, everything is more or less ready. We have a primary exchange partner, a growing team of affected users, and multiple business connections. What remains is the incredibly tough challenge of creating trust and understanding among a community that's been completely devastated in the worst way. This is no easy task.
We need your help! If things don't make sense, or you still have questions, or you don't understand something, please take the time to ask and reach out! In addition to commenting here, please feel free to chat with us on Telegram: https://t.me/QuadrigaInitiative



Where Does the Money Come From?

The money (value) comes out of the profit margin of businesses. Businesses normally sell a product or service at a profit over the cost of production. Instead, a business would sell the product or service at a discount (less profit), accepting tokens in place of the difference.
While this may seem generous, like the business is giving something away, it also benefits the business as well:
Once a successful marketplace is established, affected users will have a multitude of businesses where they can spend tokens and get good deals. As well, other consumers can buy the tokens at a discount (supporting affected users), then use them to save money.
The leaderboard and large affected user community give a strong advantage to businesses to participate and offer the best deals. Businesses that have recovered the most are rewarded with more people seeing their promotion (free advertising).



The Various Uses For Tokens

Our Partner Exchange: Tokens will be tradable and accepted at face value towards the trading fees on the partner exchange. A trader who wants to save money on trades can stock up on the tokens to gain a discount over other customers who don't bother. The tokens can be used towards 50%-100% of the trading fees depending on the calendar date. This means a heavy discount for affected users and is essentially a price segment for the exchange.
In addition, the primary exchange partner we have is looking into giving back a small portion (15%) of gross trading revenue towards cashing tokens. This is done to incentivize the affected user community to spread the word about the exchange.
Participating Businesses: Businesses in the community accept the tokens towards purchases to promote to Quadriga victims, supporters, and deal seekers. It functions similar to a discount, where the tokens are applied as a portion of the sale price, with a few additional advantages for the business:
Businesses sell promotions for tokens, and send the tokens to a burn address that encodes the business website URL. To further encourage business participation, a leaderboard is set up to promote those businesses which have burned the most tokens. The leaderboard is a useful place to go shopping if you have tokens. You can find businesses who take them and get the best deals. All information is on the blockchain, enabling anyone to set up a leaderboard or start accepting tokens.



Token Flow Diagram

The linked diagram is a handy visualization of the initiative and how the various parties interact:
https://www.quadrigainitiative.com/Quadriga%20Initiative%20Diagram.pdf
The complete initiative is a full marketplace, enabling the beneficial (win win) interaction of all parties and the gradual recovery of losses over time. The token supply is finite, limited by the amount of losses we can verify, and all tokens eventually get cashed for $1 worth of products/services (or primary exchange gross trading revenue) as the program runs.


Our Primary Exchange Partner

Since the primary exchange is handling validation and distributing the tokens, it's important they be trustworthy. Given the history with Quadriga, most affected users (including every member of our team) are legitimately concerned about anyone losing their funds again. This is the primary reason we've selected to work with TxQuick.


Proof of Reserves and Why It Matters

In case you missed them, so far this year we've seen 3 large scale exchange collapses:
Each one represents massive losses for those involved - hundreds and thousands of affected lives. These are real people and families at the other ends, with hopes and dreams, who worked hard for their money.
In the case of QuadrigaCX, it took the freezing of the bank accounts, the death/disappearance of the CEO, and concerted legal action to even realize it was insolvent.
Exchanges can easily continue to operate for years with whatever level of reserves they like. Third party audits are riddled with holes like:
On top of that - most exchange platforms still don't even bother to audit. Despite the warnings about storing funds on exchanges, people still do. And remember that many affected users weren't storing funds on Quadriga - they simply got stuck with no way to withdraw.
Proof of Reserves asks exchanges to:
What it doesn't prevent:
What it does prevent:
Check this link for more details on Proof of Reserves, including the full hash tree algorithm.
Despite the relative simplicity of publishing wallet keys, the vast selection of exchanges we have in Canada, and the many millions of dollars stored, not a single exchange has done so. The hash tree algorithm has existed since 2014. It's presently on one exchange (last audited in 2014).
We feel that Proof of Reserves is key to preventing future exchange collapses, which is why we are so pleased to have a primary exchange partner which will be implementing the full algorithm. While we can't control other exchanges, traders now have an option to use an exchange which proves full backing of all deposits and we hope this will encourage wider adoption and greater industry transparency.


Timeline for the Initiative

The initiative process breaks down into roughly 3 stages:
Pre-Claim Stage - We are working to save affected user balances for later validation, as well as determine if there is sufficient interest in the project. This is ongoing.
Exchange Stage - We bring the primary exchange online, and process claims. Recovery starts through exchange trading fee discounts and eventually gross trading revenue. The exchange platform is expected to launch within a few months.
Marketplace Stage - Once we have enough individuals with tokens, we bring in the first businesses from the wider community. After we have several initial businesses, the marketplace grows organically as more businesses sign up over time. This is approximately a year after launching the exchange.
Full recovery (all losses) is likely to take multiple years, anywhere from 2 to 25 years. There are a lot of factors to consider.


Verification of Claims

Accurately capturing losses is key. Businesses are interested in helping honest victims of a crime who had their money stolen from them, and not too interested in supporting any fraud. We've been working hard to make our process as easy as possible for affected users, while being as hard as possible for false claims (claiming wrong amounts, losses of others, or fake claims).


How To Sign Up

If you wish to participate, please sign up at https://www.quadrigainitiative.com/.
You can do a pre-claim to save your balance, or an email only sign up just to show interest and get the launch email.



How You Can Help

We are stronger together!


Thanks so much!
submitted by azoundria2 to QuadrigaCX [link] [comments]

I Got Scammed by the Cryptocurrency Exchange EZBTC.CA

I wanted to make this post of my experience as a warning to others, especially Canadians as they have limited buying options when investing (speculating) into cryptocurrencies. I understand the subject of cryptocurrencies are polarizing to many, but nonetheless, it's an emerging asset class that deserves discussion because there are many ways to lose your funds. This isn't the fault of cryptocurrencies themselves, but the result of user error, outright scams, social engineering, hacks, or in my case not being up-to-date on current events.

There are many scams in cryptocurrencies, but shady exchanges are a classic dating back to the legendary Mt. Gox hack where 850,000 Bitcoins were stolen (worth approximately $4.6 billion at the time of this writing). Or the most recent Canadian QuadrigaCX exchange hack where the CEO allegedly died in India carrying the only private key to 200 million worth of customer funds.

It seems that exchange hacks keep propping up in the news, so why then do they keep happening even in 2019? Because users are left with limited choices if they want to acquire cryptocurrency in the safest (ironic) and most convenient manner. In order to buy cryptocurrency, you first have to exchange it for fiat currency (USD, CAD, EUR). You could buy cryptocurrency from one of those Bitcoin ATMs you see at the mall but the fees are exorbitant and quite a few require ID as it is, so why not just sign up for an exchange instead? The next option is to buy them peer-to-peer in person for cash, but people feel unsafe dealing with strangers and large amounts of money. Further, liquidity would be an issue. This led to a boom of many cryptocurrency exchanges offering customers a place to buy and sell with the exchanges acting as the middle-man between users.

I've been away from cryptocurrency for a while and only came back recently. I've used the EZBTC exchange in the past without issues and decided I would use them again. What I didn't do upon my return was my homework on any updates/news regarding this exchange which resulted in my ordeal now. I noticed the website had an overhaul that now includes an express option for you to receive faster withdrawals if you deposited larger amounts (first red flag). I opted for the regular option I always used in the past and sent a small amount via eTransfer that was deposited in my account almost immediately (second red flag). In the past, my eTransfers regardless of amount took some time and up to many hours. Nonetheless, I made a purchase and initiated a withdrawal request that still hasn't been sent out to this day, and I am not the only one.

A condensed version of my story is that I got worried about my pending withdrawal with EZBTC and my emails/calls went unanswered. The live chat on their website was also disabled. I decided to tweet my situation to @ezBtcCanada and immediately got an email from the owner David Smillie himself urgently telling me to call him on a personal number. He deverified and suspended my account as a result of my tweets @tokenflair for "security reasons". After some talk (me saying I'll delete the tweets) he immediately reactivated and reverified my account again and said that my withdrawal will be taken care of the next day.

Fast forward to the next day and my withdrawal is still pending. Calls/texts/email go unanswered again. Live chat is still disabled. I proceed to send another tweet instead. Like clockwork, I get a response from David shortly after and he was livid. He threatened to sue me for defamation if I continued posting about my situation on public forums. I told him I'll be waiting for his letter. He stated that my account would be receiving a lifetime ban and I will not be receiving my withdrawal but I would get an eTransfer refund in 30 days, and all this information would be included in an email I was supposed to receive on Monday April 22, 2019. I still have not received any such email, and my emails/call/texts to him are again being ignored. The saga continues.

The most important piece of advice I can give when it comes to cryptocurrency is that what's true today, is not true tomorrow. You must stay up-to-date on current events in cryptocurrency because your investment could be at stake. In my case, EZBTC was exhibiting red flags and had many user complaints that I would have seen had I just done some research prior to sending my money. I was not up-to-date regarding the status of this "exchange".

David Smillie (owner of ezbtc.ca) operating under business # 1081627 B.C LTD. currently has 5 ongoing lawsuits against his company for unpaid funds:

  1. File number: 1812420 - GOLDLUST, Joseph v 1081627 B.C. LTD. - Supreme Civil (General)
  2. File number: 1963965 - ROBERTS, John v 1081627 B.C. LTD. - Provincial Small Claims
  3. File number: 172818 - GODWIN, Richard v 1081627 BC LTD - Supreme Civil (General)
  4. File number: 18104 - MCCALLUM, Evan v 1081627 BC LTD - Provincial Small Claims
  5. File number: 1862507 - WONG, Gary v 1081627 BC LTD. - Provincial Small Claims

You can get the latest information on all pending lawsuits against EZBTC here:
https://justice.gov.bc.ca/cso/esearch/civil/partySearch.do

List of numerous complaints against David Smillie and EZBTC:

https://files.fm/f/23ej52ff (David Smillie sued by Richard Godwin)

https://np.reddit.com/BitcoinCA/comments/bahzsm/another_bc_lawsuit_filed_against_ezbtc_1081627_bc/ (David Smillie sued by John Roberts)

https://np.reddit.com/BitcoinCA/comments/99fs6i/2_new_court_filings_against_ezbtc_in_the_past_week/ (More lawsuits)

https://np.reddit.com/BitcoinCA/comments/8mjtjb/amaa_exowner_of_ezbtc_resigned_when_i_realized_it/ (Ex-CTO of EZBTC blows whistle)

https://np.reddit.com/BitcoinCA/comments/b53zq3/please_sticky_this_post_im_a_developer_who_worked/ (EZBTC developer blows whistle)

https://np.reddit.com/BitcoinCA/comments/939ce2/40_days_and_counting_fiat_withdrawal_ezbtcca/

https://np.reddit.com/BitcoinCA/comments/926adi/ezbtcca_may_have_gone_bust_toronto_offices_have/

https://np.reddit.com/BitcoinCA/comments/973yrz/ezbtcca_is_likely_insolvent/

https://np.reddit.com/BitcoinCA/comments/98njea/worth_visiting_ezbtc_offices/

https://np.reddit.com/BitcoinCA/comments/901847/concern_regarding_ezbtc/

https://np.reddit.com/BitcoinCA/comments/9181nx/banned_from_ezbtcca_chatroomhave_not_rcvd/

https://np.reddit.com/BitcoinCA/comments/arnboh/ezbtc_will_my_girlfriend_ever_see_her_money/

https://coiniq.com/ezbtc-review/

https://np.reddit.com/BitcoinCA/comments/ao680q/what_are_customers_latest_experiences_with_ezbtc/

https://warosu.org/biz/thread/10773849

https://np.reddit.com/BitcoinCA/comments/bfqrv1/fortune_jack_here_regarding_david_smillie_and/

https://np.reddit.com/BitcoinCA/comments/b57fq9/ezbtc_terms_of_service_wayback_machine/

https://np.reddit.com/BitcoinCA/comments/arfa5x/ezbtc_is_so_fake_check_this_out/

https://np.reddit.com/BitcoinCA/comments/95rpl5/to_those_staying_silent_for_ezbtc_defamation/
submitted by TokenFlair to PersonalFinanceCanada [link] [comments]

Email from Gox saying I logged in from China?

Which I didn't?
I actually forgot I even had a Gox account, and I don't even remember what my password was, so I'm not even sure which of my accounts I'd have to change.
Is there any chance that my password was not compromised?
EDIT: I don't have a Kickstarter account, so that wasn't the vector.
submitted by mustyoshi to Bitcoin [link] [comments]

Quadriga Initiative - Additional Information and Clarifications

Quadriga Initiative - Additional Information and Clarifications

Introduction / Summary

The Quadriga Initiative is an independent process where affected users and businesses in the community work together to recover losses from QuadrigaCX. An exchange (the primary exchange) will verify claims and distribute free tokens representing losses. Tokens will be accepted at the primary exchange and by participating businesses at face value. There is a white paper here with more detail:
https://quadrigainitiative.com/Quadriga%20Initiative.pdf
If you wish to participate in the Quadriga Initiative and receive free tokens representing your loss, there is a pre-claim process now open. A pre-claim uses your QCX client ID, first name as registered on the QCX platform, and a valid email address to copy your balance information and associate it with your email address.
https://quadrigainitiative.com/
Although a personal email will work, it is recommended for privacy and security to set up a new "forwarder" email account that doesn't personally identify you, with a unique password. Make sure that whatever email process you set up is one which still works to reach you in a few months time.
  • We are a community initiative which is not connected with the bankruptcy process. Participation does not impact your bankruptcy claim. You can find the official bankruptcy information on the Miller Thompson website.
  • We have taken all reasonable measures to protect our website and stored data against SQL injection. The website back-end is simple, all input is sanitized, and all access passwords are 16+ character full random. (I have a background in web hosting.)
  • There is no cost to participate and the pre-claim process takes approximately 3 minutes.
  • Please be sure to keep a copy of your bankruptcy claim paperwork for later validation!


Background on the Initiative

My name is Matt. I’ve lived in Calgary my whole life, and been running businesses and programming since I was 10 years old. I’m a recent graduate of the University of Calgary in a business and computer science double major, and I currently manage the software team (6 students) at a small Calgary IoT startup. My past business experiences include running a window cleaning franchise across 6 communities, a popular concession stand, and a free web hosting service with over 10,000 clients.
I first got involved with cryptocurrency in 2017, when we had the big run up. Prior to that, I’d done a ton of research but never actually invested. While my losses in Quadriga are significant, they’re nowhere near some of the losses I’ve been hearing about. I’m fortunate to be in a “walk away” position if I so choose and I more or less did for the first week. But I couldn’t stay away. It isn’t right. Especially not now when the solution is so close and the potential impact is so significant.
Quadriga Initiative is the result of 6-7 months of intense brainstorming, collaboration, and perpetual iteration around the central problem of how to recover what's been lost.
The money is almost certainly not accessible. (I'm pretty sure it would have been found already.) We'll all get something from the bankruptcy, but for most of us I fear it won't really make up for what was lost. For many people - their whole life savings. It's not a very satisfying recovery. It doesn't leave anyone whole. It leaves a lot of people behind.
Without funds to pull from, any full recovery solution has to center around creating new value. Entrepreneurs and business leaders are creating value every day, and this is where the idea comes from.
We take advantage of the fact we have a large affected user community, tons of economic bargaining power, and a vast network. Many in the business community were affected, know someone who was affected, or feel horrible about what happened. My discussions with business leaders have shown that they generally desire to make this right, and businesses regularly do "goodwill" donations or gestures for marketing. The Quadriga Initiative provides a way businesses can help easily and in a "win win" way by running token-accepting promotions. We then provide a competitive framework that helps to promote businesses which make the biggest impact, highly incentivizing a faster recovery.
At this stage, everything is more or less ready to launch. We have a primary exchange partner, a small team of affected users, and multiple business connections. What remains is the incredibly tough challenge of creating trust and understanding among a community that's been completely devastated in the worst way. This is no easy task.
We need your help! If things don't make sense, or you still have questions, or you don't understand something, please take the time to ask and reach out! In addition to commenting here, please feel free to chat with us on Telegram: https://t.me/QuadrigaInitiative



Where Does the Money Come From?

The money (value) comes out of the profit margin of businesses. Businesses normally sell a product or service at a profit over the cost of production. Instead, a business would sell the product or service at a discount (less profit), accepting tokens in place of the difference.
While this may seem generous, like the business is giving something away, it also benefits the business as well:
  • The business can get additional sales. Even though the profit per sale is less, the business still makes profit on those additional sales.
  • The business can find new customers. Even if a business sells a product or service "at cost" (meaning zero profit), they've established a relationship. The customer may buy other products or services in the future, or it could be part of a subscription.
  • The business is seen positively as "giving back", creating a better future, helping fraud victims, etc...
Once a successful marketplace is established, affected users will have a multitude of businesses where they can spend tokens and get good deals. As well, other consumers can buy the tokens at a discount (supporting affected users), then use them to save money.
The leaderboard and large affected user community give a strong advantage to businesses to participate and offer the best deals. Businesses that have recovered the most are rewarded with more people seeing their promotion (free advertising).



The Various Uses For Tokens

The Primary Exchange: Tokens will be tradable and accepted at face value towards the trading fees on the primary exchange. A trader who wants to save money on trades can stock up on the tokens to gain a discount over other customers who don't bother. The tokens can be used towards 50%-100% of the trading fees depending on the calendar date. This means a heavy discount for affected users and is more or less a price segment for the exchange.
In addition, the primary exchange partner we have at the moment is looking into giving back a small portion (15%) of gross trading revenue towards cashing tokens. This is done to incentivize the affected user community to spread the word about the exchange.
Participating Businesses: Businesses in the community accept the tokens towards purchases to promote to Quadriga victims, supporters, and deal seekers. It functions similar to a discount, where the tokens are applied as a portion of the sale price, with a few additional advantages for the business:
  • It price segments. The business doesn't lose revenue on customers who would have paid full price. With a 20% discount, the business loses revenue on some customers who would have bought anyway. Nobody likes to throw away free money.
  • It can run continuously. A 20% discount running continuously would mean the perceived value of the product would just be 20% less. A promotion accepting tokens can run long-term, enabling the business to attract more customers with less effort.
  • It's a give-back play, showing the business is caring about the wider community, and maybe has a larger agenda than pure profits. (ie Trying to create a better future.)
Businesses sell promotions for tokens, and send the tokens to a burn address that encodes the business website URL. To further encourage business participation, a leaderboard is set up to promote those businesses which have burned the most tokens. The leaderboard is a useful place to go shopping if you have tokens. You can find businesses who take them and get the best deals. All information is on the blockchain, enabling anyone to set up a leaderboard or start accepting tokens.



Token Flow Diagram

The following diagram is a handy visualization of the initiative and how the various parties interact:
Quadriga Initiative Diagram
The complete initiative is a full marketplace, enabling the beneficial (win win) interaction of all parties and the gradual recovery of losses over time. The token supply is finite, limited by the amount of losses we can verify, and all tokens eventually get cashed for $1 worth of products/services (or primary exchange gross trading revenue) as the program runs.


Our Primary Exchange Partner

Since the primary exchange is handling validation and distributing the tokens, it's important they be trustworthy. Given the history with Quadriga, most affected users (including every member of our team) are legitimately concerned about anyone losing their funds again. This is the primary reason we've selected to work with TxQuick.
  • TxQuick is being developed by Ethan Burnside, who has demonstrated his integrity in 2012-2013 when he ran BTC Trading Corp. When it was shut down, he spent significant personal funds to keep it running so everyone could get their money out - likely the only time in history that an exchange shut down and everyone got their funds. You can learn more about him from his post here.
  • We've had extensive discussions on Telegram about security. Ethan is open, transparent, and extremely knowledgeable. He has invested heavily in developing a system of secure multi-sig wallets. His previous exchange was never successfully hacked. If you have any questions, Ethan is happy to answer them!
  • Ethan is strongly in favour of publishing wallet public keys. The exchange will feature a full transparency page to allow anyone to see that all funds are fully backed. In the future, a full proof of reserves will be deployed to assure all customers that their balances are represented.
  • In addition to the token validation/verification function:
    • TxQuick will be the first platform to allow buying and selling of the tokens.
    • TxQuick proposes to accept the tokens at face value towards trading fees on the exchange. Affected users can use tokens to get free or discounted trading (50%+ off).
    • TxQuick will also handle a slow token payback, enabling tokens to be exchanged 1:1 for cash over time using 15% of gross trading revenue.
  • This proposal is subject to approval by the TxQuick board. It could be changed. There is a necessary interest level from the affected user community of at least 1,000 sign-ups.
  • While it might seem like Ethan is being super generous and giving a lot away for free, again this is mutually beneficial (win win). Here are some of the benefits to the primary exchange:
    • Lots of sign-ups from affected users and, later, interested consumers, many of whom will stay to use the platform. Ethan desires to achieve a dominant position in the Canadian marketplace.
    • The token program provides an effective price segment, increasing revenue over time. (Low prices = lost profit, high prices = less customers, price segment = more profit and customers.)
    • Customers with recovered funds are likely to be more loyal and prefer the platform, and the profit share incentivizes spreading the word about the platform. (Interests are aligned.)
  • It is not required to use the primary exchange platform for trading or deposit any money. You are free to sign up, receive your free tokens, and continue trading on any other platform or just use the marketplace.


Proof of Reserves and Why It Matters

In case you missed them, so far this year we've seen 3 large scale exchange collapses:
  • QuadrigaCX
  • EZ-BTC
  • Cryptopia
Each one represents massive losses for those involved - hundreds and thousands of affected lives. These are real people and families at the other ends, with hopes and dreams, who worked hard for their money.
In the case of QuadrigaCX, it took the freezing of the bank accounts, the death/disappearance of the CEO, and concerted legal action to even realize it was insolvent.
Exchanges can easily continue to operate for years with whatever level of reserves they like. Third party audits are riddled with holes like:
  • How can they possibly know the client list they're given is legitimate and fully inclusive?
  • How can you know the funds weren't borrowed for the audit purposes?
  • How old is the report? How can you trust the auditor?
On top of that - most exchange platforms still don't even bother to audit. Despite the warnings about storing funds on exchanges, people still do. And remember that many affected users weren't storing funds on Quadriga - they simply got stuck with no way to withdraw.
Proof of Reserves asks exchanges to:
  • Publish the wallet public keys so people can see that funds are fully backed. (A satoshi test can prove ownership of those wallets.)
  • Publish a hash tree to let each customer validate that their balance is included in the total.
What it doesn't prevent:
  • Same as presently, if funds are not secured in proper multi-sig wallets or multiple exchange operators are corrupt, the funds could still be taken, up to what's stored. However, this would be immediately known to everyone instead of revealed whenever admins felt like it (or never).
  • The balances of customers who never check the hash tree could be excluded by a dishonest exchange, which wouldn't be noticed until one of those customers decided to check.
  • A dishonest exchange could still dispute the balance of a customer or arbitrarily prevent withdrawals. In this case, the customer and exchange would have to sort that out.
  • A dishonest exchange could pretend to own wallets it doesn't. A satoshi test would help with this, where the exchange operators send a small amount at a specified time.
  • While it makes things safer, it's still not a good idea to store funds on the exchange.
What it does prevent:
  • The exchange owner can't spend funds of active customers, and still claim to hold them.
    • ie QuadrigaCX, EZ-BTC
  • The exchange owner can't conceal if funds are hacked or stolen. It becomes known immediately.
    • ie Mt. Gox, Cryptopia
  • Anyone can see if the exchange is solvent before trading.
    • ie Anyone with "bad timing" using an insolvent exchange.
Check this link for more details on Proof of Reserves, including the full hash tree algorithm.
Despite the relative simplicity of publishing wallet keys, the vast selection of exchanges we have in Canada, and the many millions of dollars stored, not a single exchange has done so. The hash tree algorithm has existed since 2014. It's presently on one exchange (last audited in 2014).
We feel that Proof of Reserves is the key to preventing future exchange collapses, which is why we are so pleased to have a primary exchange partner which will be implementing the full algorithm. While we can't control other exchanges, traders now have an option to use an exchange which proves full backing of all deposits and we hope this will encourage wider adoption and greater industry transparency.


Timeline for the Initiative

The initiative process breaks down into roughly 3 stages:
Pre-Claim Stage - We are working to save affected user balances for later validation, as well as determine if there is sufficient interest in the project. This is ongoing.
Exchange Stage - We bring the primary exchange online, and process claims. Recovery starts through exchange trading fee discounts and eventually gross trading revenue. The exchange platform is expected to launch within a few months.
Marketplace Stage - Once we have enough individuals with tokens, we bring in the first businesses from the wider community. After we have several initial businesses, the marketplace grows organically as more businesses sign up over time. This is approximately a year after launching the exchange.
Full recovery (all losses) is likely to take multiple years, anywhere from 3 to 25 years. My best estimate would be 10 years, although there are a lot of factors to consider.


Verification of Claims

Accurately capturing losses is key. Businesses are interested in helping honest victims of a crime who had their money stolen from them, and not that interested in supporting any fraud. We've been working hard to make our process as easy as possible for affected users, while being as hard as possible for false claims (claiming wrong amounts, losses of others, or fake claims).
  • Our ideal verification is based on:
  • If we don't have all the information, or there are problems, claims may be limited or rejected. This is at our full discretion, along with our primary exchange partner.
  • The user balance website is available to confirm balances for a limited time. It could go offline as early as August 31st. Once it goes offline, pre-claims will no longer be possible. As no list of claimants is being published through the bankruptcy, and paperwork can easily be manipulated, larger balances will then have to be validated through the courts.
  • Anyone with a balance on Quadriga can create a pre-claim by providing:
    • Client ID and first name for the purposes of saving the total which you had.
    • An email address for a future launch announcement (which can be a forwarder).


How To Sign Up

If you wish to participate, please sign up at https://www.quadrigainitiative.com/.
You can do a pre-claim to save your balance, or an email only sign up just to show interest and get the launch email.

  • We are a community initiative which is not connected with the bankruptcy process. Participation does not impact your bankruptcy claim. You can find the official bankruptcy information on the Miller Thompson website.
  • We have taken all reasonable measures to protect our website and stored data against SQL injection. The website back-end is simple, all input is sanitized, and all access passwords are 16+ character full random. (I have a background in web hosting.)
  • There is no cost to participate and the pre-claim process takes approximately 3 minutes.
  • Please be sure to keep a copy of your bankruptcy claim paperwork for later validation!


How You Can Help

We are stronger together!
  • Get yourself to a solid level of understanding of what we are doing by asking any questions or giving any feedback if anything doesn't make sense. This is the biggest thing!
  • Send in your pre-claim or do an email-only signup. (Every sign-up helps show interest.)
  • Upvote.
  • Share on social media.
  • Let us know your ideas/thoughts!
  • Join our Telegram group. Come meet our team!
  • Help us get the word out. Tell your friends.


Thanks so much!
submitted by azoundria2 to BitcoinCA [link] [comments]

The biggest cryptocurrency thefts in the last 10 years

In this article, we will try to remember all the major theft of cryptocurrencies over the past 10 years.
1. Bitstamp $5.3 mln (BTC), January 4th, 2015
On January 4, 2015, the operational hot wallet of Bitstamp announced that it was hacked by an anonymous hacker and 19,000 Bitcoins (worth of $5 million) were lost.
The initiation of the attack fell on November 4, 2014. Then Damian Merlak, the CTO of the exchange, was offered free tickets to punk rock festival Punk Rock Holiday 2015 via Skype, knowing that Merlak is interested in such music and he plays in the band. To receive the tickets, he was asked to fill out a participant questionnaire by sending a file named “Punk Rock Holiday 2015 TICKET Form1.doc”. This file contained the VBA script. By opening the file, he downloaded the malware on his computer. Although Merlak did not suspect wrong and has opened the "application form", to any critical consequences, this did not open access to the funds of exchange.
The attackers, however, did not give up. The attack continued for five weeks, during which hackers presented themselves as journalists, then headhunters.
Finally, the attackers were lucky. On December 11, 2014, the infected word document was opened on his machine by Bitstamp system administrator Luka Kodric, who had access to the exchange wallet. The file came to the victim by email, allegedly on behalf of an employee of the Association for computer science, although in fact, as the investigation showed, the traces of the file lead deep into Tor. Hackers were not limited to just one letter. Skype attacker pretending to be an employee of the Association for computing machinery, convinced that his Frame though to make international honor society, which required some paperwork. Kodric believed.
By installing a Trojan on Kodriс's computer hackers were able to obtain direct access to the hot wallet of the exchange. The logs show that the attacker, under the account of Kodric, gained access to the server LNXSRVBTC, where he kept the wallet file.dat, and the DORNATA server where the password was stored. Then the servers were redirected to a certain IP address that belongs to one of the providers of Germany.
There are still no official reports of arrests in this case. Obviously, the case is complicated by the fact that the hackers are outside the UK, and the investigation has to cooperate with law enforcement agencies in other countries.
2. GateHub $9.5 mln (XRP), June 1th, 2019
Hackers have compromised nearly 100 XRP Ledger wallets on cryptocurrency wallet service GateHub. The incident was reported by GateHub in a preliminary statement on June 6.
XRP enthusiast Thomas Silkjær, who first noticed the suspicious activity, estimates that the hackers have stolen nearly $10 million worth of cryptocurrency (23,200,000 XRP), $5.5 million (13,100,000 XRP) of which has already been laundered through exchanges and mixer services.
GateHub notes that it is still conducting an investigation and therefore cannot publish any official findings. Also, GateHub advises victims to make complaints to the relevant authorities of their jurisdiction.
3. Tether, $30.9 mln (USDT), November 19th, 2017
Tether created a digital currency called "US tokens" (USDT) — they could be used to trade real goods using Bitcoin, Litecoin and Ether. By depositing $1 in Tether, the user received 1 USD, which can be converted back into fiat. On November 19, 2017, the attacker gained access to the main Tether wallet and withdrew $ 30.9 million in tokens. For the transaction, he used a Bitcoin address, which means that it was irreversible.
To fix the situation, Tether took action by which the hacker was unable to withdraw the stolen money to fiat or Bitcoin, but the panic led to a decrease in the value of Bitcoin.
4. Ethereum, $31 mln (ETH), July 20th, 2017
On July 20, 2017, the hacker transferred 153,037 Ethers to $31 million from three very large wallets owned by SwarmCity, Edgeless Casino and Eternity. Unknown fraudster managed to change the ownership of wallets, taking advantage of the vulnerability with multiple signatures.
First, the theft was noticed by the developers of SwarmCity.
Further events deserve a place in history: "white hackers" returned the stolen funds, and then protected other compromised accounts. They acted in the same way as criminals, who stole funds from vulnerable wallets — just not for themselves. And it all happened in less than a day.
5. Dao (Decentralized Autonomous Organization) $70 mln (ETH), June 18th, 2016
On June 18, 2016, members of the Ethereum community noticed that funds were being drained from the DAO and the overall ETH balance of the smart contract was going down. A total of 3.6 million Ether (worth around $70 million at the time) was drained by the hacker in the first few hours. The attack was possible because of an exploit found in the splitting function. The attackes withdrew Ether from the DAO smart contract multiple times using the same DAO Tokens. This was possible due to what is known as a recursive call exploit.
In this exploit, the attacker was able to "ask" the smart contract (DAO) to give the Ether back multiple times before the smart contract could update its own balance. There were two main faults that made this possible: the fact that when the DAO smart contract was created the coders did not take into account the possibility of a recursive call, and the fact that the smart contract first sent the ETH funds and then updated the internal token balance.
It's important to understand that this bug did not come from Ethereum itself, but from this one application that was built on Ethereum. The code written for the DAO had multiple bugs, and the recursive call exploit was one of them. Another way to look at this situation is to compare Ethereum to the Internet and any application based on Ethereum to a website: if a website is not working, it doesn't mean that the Internet is not working, it simply means that one website has a problem.
The hacker stopped draining the DAO for unknown reasons, even though they could have continued to do so.
The Ethereum community and team quickly took control of the situation and presented multiple proposals to deal with the exploit. In order to prevent the hacker from cashing in the Ether from his child DAO after the standard 28 days, a soft-fork was voted on and came very close to being introduced. A few hours before it was set to be released, a few members of the community found a bug with the implementation that opened a denial-of-service attack vector. This soft fork was designed to blacklist all the transactions made from the DAO.
6. NiceHash, 4736.42 (BTC), December 6th, 2017
NiceHash is a Slovenian cryptocurrency hash power broker with integrated marketplace that connects sellers of hashing power (miners) with buyers of hashing power using the sharing economy approach.
On December 6, 2017, the company's servers became the target of attack. At first, Reddit users reported that they could not access their funds and make transactions — when they tried to log in, they were shown a message about a service interruption. In the end, it became known that the service had undergone a major cyberattack and 4736,42 Bitcoins disappeared without a trace.
Despite heavy losses, NiceHash was able to continue working, but CEO and founder Marco Koval resigned, giving way to a new team. The company managed to maintain the trust of investors and began to strengthen the protection of its systems.
7. Mt.Gox, 850000 (BTC), June 19th, 2011
The Hacking Of Mt.Gox was one of the biggest Bitcoin thefts in history. It was the work of highly professional hackers using complex vulnerabilities.
A hacker (or a group of hackers) allegedly gained access to a computer owned by one of the auditors and used a security vulnerability to access Mt.Gox servers, then changed the nominal value of Bitcoin to 1 cent per coin.
Then they brought out about 2000 BTC. Some customers, without knowing it, conducted transactions at this low price, a total of 650 BTC, and despite the fact that the hacking hit the headlines around the world, no Bitcoin could be returned.
To increase investor confidence, the company has compensated all of the stolen coins, placed most of the remaining funds in offline storage, and the next couple of years was considered the most reliable Bitcoin exchanger in the world.
However, it was only an illusion of reliability.
The problems of the organization were much more serious, and the management probably did not even know about them.
CEO of Mt.Gox, Mark Karpeles, was originally a developer, but over time he stopped delving into technical details, basking in the rays of glory — because he created the world's largest platform for cryptocurrency exchange. At that time Mt.Gox handled over 70% of all Bitcoin transactions.
And, of course, there were those who wanted to take advantage of the technological weakness of the service. At some point, hackers made it so that Bitcoins could be bought at any price, and within minutes millions of dollars worth of coins were sold — mostly for pennies. World prices for Bitcoin stabilized in a few minutes, but it was too late.
As a result, Mt.Gox lost about 850,000 Bitcoins. The exchange had to declare bankruptcy, hundreds of thousands of people lost money, and the Japanese authorities arrested CEO Mark Karpeles for fraud. He pleaded not guilty and was subsequently released. In 2014, the authorities restored some of the Bitcoins remaining at the old addresses, but did not transfer them to the exchange, and created a trust to compensate for the losses of creditors.
8. Coincheck, $530 mln, January 26th, 2018
The sum was astonishing, and even surpassed the infamous Mt.Gox hack.
While Mt.Gox shortly filed for bankruptcy following the hack, Coincheck has surprisingly remained in business and was even recently approved as a licensed exchange by Japan’s Financial Services (FSA).
Coincheck was founded in 2014 in Japan and was one of the most popular cryptocurrency exchanges in the country. Offering a wide variety of digital assets including Bitcoin, Ether, LISK, and NEM, Coincheck was an emerging exchange that joined the Japan Blockchain Association.
Since Coincheck was founded it 2014, it was incidentally not subject to new exchange registration requirements with Japan’s FSA — who rolled out a framework after Mt. Gox –, and eventually was a contributing factor to its poor security standards that led to the hack.
On January 26th, 2018, Coincheck posted on their blog detailing that they were restricting NEM deposits and withdrawals, along with most other methods for buying or selling cryptocurrencies on the platform. Speculation arose that the exchange had been hacked, and the NEM developers issued a statement saying they were unaware of any technical glitches in the NEM protocol and any issues were a result of the exchange’s security.
Coincheck subsequently held a high-profile conference where they confirmed that hackers had absconded with 500 million NEM tokens that were then distributed to 19 different addresses on the network. Totaling roughly $530 million at the time — NEM was hovering around $1 then — the Coincheck hack was considered the largest theft in the industry’s history.
Coincheck was compelled to reveal some embarrassing details about their exchange’s security, mentioning how they stored all of the NEM in a single hot wallet and did not use the NEM multisignature contract security recommended by the developers.
Simultaneously, the NEM developers team had tagged all of the NEM stolen in the hack with a message identifying the funds as stolen so that other exchanges would not accept them. However, NEM announced they were ending their hunt for the stolen NEM for unspecified reasons several months later, and speculation persisted that hackers were close to cashing out the stolen funds on the dark web.
Mainstream media covered the hack extensively and compared it to similar failures by cryptocurrency exchanges in the past to meet adequate security standards. At the time, most media coverage of cryptocurrencies was centered on their obscure nature, dramatic volatility, and lack of security. Coincheck’s hack fueled that narrative considerably as the stolen sum was eye-popping and the cryptocurrency used — NEM — was unknown to most in the mainstream.
NEM depreciated rapidly following the hack, and the price fell even more throughout 2018, in line with the extended bear market in the broader industry. Currently, NEM is trading at approximately $0.07, a precipitous fall from ATH over $1.60 in early January.
The extent of the Coincheck hack was rivaled by only a few other hacks, notably the Mt.Gox hack. While nominally Coincheck is the largest hack in the industry’s history, the effects of Mt.Gox were significantly more impactful since the stolen funds consisted only of Bitcoin and caused a sustained market correction as well as an ongoing controversy with the stolen funds and founder. Moreover, Mt.Gox squandered 6% of the overall Bitcoin circulation at the time in a market that was much less mature than it is today.
Despite the fallout, Coincheck is now fully operational and registered with Japan’s FSA.
As practice shows, people make mistakes and these mistakes can cost a lot. Especially, when we talk about mad cryptoworld. Be careful and keep your private keys in a safe place.
submitted by SwapSpace_co to ethtrader [link] [comments]

Cryptopia exchange questions?

Hi,
Isn't cryptopia based in Australia or New Zealand where the exchange must follow strict rules and regulations from the government and isn't there should be a compensation scheme for customers if the exchange gets hacked?
Which coins got hacked in the 1st hack and 2nd hack?
Isn't this the 2nd time the exchange got hacked within a year? I remember the exchange was compensating stolen bitcoins in new zealand dollars in the 1st hack.
I remember bitfinex and mt.gox exchanges got hacked but they were in countries where that was little or no regulations so surely cryptopia cant easily just run off with our coins without the feds chasing them down right? If so surely there will be arrests made correct? I hear mt.gox is compensating customers now after all these years from 2013 so how long do you think cryptopia will take or is it a scam where we will never see our coins again?
If a customer lives outside new zealand or australia then how will a customer file a lawsuit against cryptopia if the exchange keeps neglecting the customer?
What percentage ratio did cryptopia kept the coins in cold storage in compared to hot storage? I understand hackers can steal from hot storage meaning cold coins are still there.
Whos is the ceo of cryptopia and how do we make contact otherwise is there like a dedicated contact email for customers in regards to the hack?
How many customers did cryptopia had in total?
Finally is there a chance to see the exchange going back online soon to allow customers to withdraw their coins that were not hacked?
submitted by very_452001 to Cryptopia [link] [comments]

Hàng triệu người mất tích sau sự sụp đổ của sàn giao dịch Wex

Một lập trình viên người Nga – người có liên quan đến sự sụp đổ của một sàn giao dịch lớn – cho biết mình đã bị lừa mất toàn bộ tài sản bởi những kẻ tự nhận là đặc vụ FSB.
📷
Alexei Bilyuchenko là nhân vật chủ chốt của Wex, đã ngừng giao dịch vào năm 2018, khiến khách hàng không thể tiếp cận các khoản đầu tư với tổng trị giá gần nửa tỷ đô la Mỹ.
Nhiều người đã cố gắng hiểu về những mặt trái của giao dịch tiền điện tử Nga, đồng thời tìm ra dấu vết của số tiền đó.
Câu chuyện đó rất giống với drama McMafia, bao gồm một loạt các nhân vật đáng gờm như các chuyên viên máy tính, đặc vụ FBI, một nhà tài phiệt liên quan đến cuộc chiến ở Ukraine.Xem thêm: ltc là gì
Hai người bạn bị dồn vào chân tường
Câu chuyện bắt đầu tại thành phố Novosibirsk của Nga vào tháng 8 năm 2017, nơi Alexei Bilyuchenko, cựu giám đốc IT của một chuỗi cửa hàng nội thất, bị bắt trong kỳ nghỉ ở Hy Lạp.
6 năm trước, ông và đối tác kinh doanh Alexander Vinnik, một chuyên gia chuyển tiền điện tử, đã gặp nhau và quyết định tham gia trade coin.
Alexander Vinnik và Alexei Bilyuchenko đều rất nhút nhát nhưng lại có niềm đam mê đặc biệt với máy tính, vì vậy, cả 2 đã quyết định thiết lập một sàn giao dịch khét tiếng có tên BTC-e.
Cũng giống với các sàn giao dịch khác, BTC-e mang đến cho các nhà đầu tư cơ hội sử dụng tiền thật để mua tiền ảo.
Điểm khác biệt giữa sàn giao dịch BTC-e và các sàn giao dịch khác ở châu Âu, Mỹ là BTC-e không yêu cầu ID khách hàng, không lôi kéo các nhà đầu tư hợp pháp, cung cấp cho mạng lưới tội phạm cách rửa tiền.
Khách hàng đổ xô đầu tư vào BTC-e. Theo Global Witness, vào năm 2016, nó đã trở thành sàn giao dịch lớn thứ ba trên thế giới.
Hai đối tác luôn liên lạc online và họ chỉ gặp nhau vào năm 2014 khi giao dịch bitcoin hàng ngày đạt 2 triệu đô la. Năm 2016, con số này là 10 triệu đô la. Để ăn mừng, họ đã cùng nhau tổ chức một bữa tiệc tại Moscow.
Vào tháng 7 năm 2017, họ cùng nhau đi nghỉ ở Hy Lạp mà không hề biết rằng các đặc vụ liên bang Hoa Kỳ cũng có mặt trong chuyến đi đó để điều tra về hoạt động rửa tiền của họ.
FBI nghi ngờ BTC-e đã nhúng tay vào vụ hack sàn giao dịch Mt Gox. Các chuyên gia về tội phạm mạng cũng cho rằng vụ việc này có liên quan đến nhóm hacker bí ẩn người Nga, Fancy Bears.
Alexander Vinnik bị bắt và cảnh sát Hy Lạp đã giam giữ ông ngay trên bãi biển, trước sự chứng kiến của vợ con ông.
Mẹ Vinnik đã gọi cho Alexei Bilyuchenko đang ở một khu nghỉ mát khác. Trong cơn hoảng loạn, Bilyuchenko đã đập vỡ máy tính xách tay của mình, ném xuống biển và nhảy lên chuyến bay tới Moscow.Xem thêm: binance là gì
Nhà tỷ phú có quan hệ với Kremlin
Trở về nhà ở thành phố Novosibirsk, Bilyuchenko quyết định phải lấy lại khoản lỗ bằng cách thiết lập một sàn giao dịch Wex.
FBI đã niêm phong trang web của BTC-e nhưng Bilyuchenko vẫn có nhiều server dự phòng và thông qua Wex, ông có thể trả lại các khoản đầu tư cho một số khách hàng BTC-e.
Ở giai đoạn này, theo những gì đã nói với cảnh sát, Alexei Bilyuchenko cần một người chống lưng, ủng hộ Wex. Và dường như, Konstantin Malofeyev chính là sự lựa chọn tốt nhất. Ông là một tỷ phú tại Moscow, có mối quan hệ chặt chẽ với cả Kremlin lẫn Chính thống giáo Nga.
Malofeyev hiện đang chịu lệnh trừng phạt của Mỹ và EU vì cáo buộc liên kết với các chiến binh nổi loạn ở Đông Ukraine.
Trong các tuyên bố của cảnh sát, Alexei Bilyuchenko cho biết ông được mời đến Moscow nhiều lần để gặp Malofeyev trong các văn phòng tại một khu mua sắm cao cấp.
Cuộc trò chuyện của họ đều xoay quanh vấn đề Wex đã tạo ra bao nhiêu tiền, điều gì xảy ra với số tiền đó khi FBI bắt đầu vào cuộc.
“Trong vài tháng qua, Malofeyev yêu cầu tôi nói cho anh ta biết số dư tiền điện tử Wex”, Bilyuchencko nói với cảnh sát.
Ông Malofeyev phủ nhận mọi mối quan hệ với Bilyuchenko hoặc Wex.
Những người đàn ông “từ dịch vụ bảo mật” là ai?
Vào mùa hè 2018, giao dịch trên Wex đã chậm lại và đến cuối năm, nó đã dừng hoàn toàn. Tiền kỹ thuật số trị giá 450 triệu đô la không cánh mà bay. Nhiều khách hàng đã rất tức giận, yêu cầu hoàn tiền ngay lập tức. Một người đã đệ đơn khiếu nại lên cảnh sát ở khu vực Chuvashiya của Nga.
Alexei Bilyuchenko được triệu tập và yêu cầu làm nhân chứng, kể chi tiết về vụ việc.
Ông cho biết mình đã thực sự mất quyền kiểm soát ở Wex vào mùa xuân năm 2018, vài tháng trước khi nó chính thức sụp đổ. Trong một cuộc họp tại văn phòng Moscow của Konstantin Malofeyev, ông được giới thiệu tới một số người tự nhận mình là đặc vụ FSB. Họ đưa ông đến một tòa nhà được sử dụng bởi FSB, cách Nhà hát Bolshoi không xa. Họ hỏi ông về Wex và sau đó đưa ông đến khách sạn Lotte sang trọng gần Bộ ngoại giao Nga, dưới sự giám sát nghiêm ngặt. Sáng hôm sau, ông được đưa về văn phòng của Malofeyev, họ đề nghị ông chuyển tiền từ các quỹ do Wex hold sang “quỹ FSB” và ông đã đồng ý. Trong chuyến đi tới Moscow, ông đã chuyển mọi thứ theo yêu cầu. Bilyuchenko trở về nhà ở thành phố Novosibirsk khi trời đã sáng. Ông tuyên bố mình là nạn nhân của một vụ scam và thay vì chuyển tiền vào kho bạc nhà nước, ông đã giao nó cho cộng sự của Malofeyev.
Sau khi kể câu chuyện đó với cảnh sát, người ta không còn thấy bóng dáng của Bilyuchenko nữa. Nhân viên bảo vệ tư nhân hiện đang bảo vệ nhà của ông và ông không muốn nói bất cứ chuyện gì về Wex.
Vụ đánh bom lừa đảo và hàng triệu người mất tích
Vậy những lời nói của Alexei Bilyuchenko là thật hay giả? Alexander Terentiev, người đứng đầu nhóm chiến dịch các nhà đầu tư lừa đảo, nói rằng ông không tin câu chuyện đó, nhưng những người khác dường như vẫn tin.
Kể từ cuối tháng 11, các tòa án, tòa nhà công cộng, ga tàu điện ngầm và trung tâm mua sắm ở Moscow và St Petersburg bị chi phối bởi các vụ đánh bom gần như hàng ngày. Theo các báo cáo trên phương tiện truyền thông Nga, có một số cảnh báo được gửi qua email bao gồm các tài liệu liên quan đến hàng triệu người mất tích của Wex và liên quan đến Malofeyev.
Một tuyên bố được đưa ra qua kênh truyền hình Tsargrad của Malofeyev cho rằng các vụ đánh bom là một phần của “chiến dịch làm mất uy tín” chống lại ông.
“Cả Konstantin Malofeyev và các công ty của ông đều không liên quan gì đến việc đánh cắp Bitcoin, sàn giao dịch Wex hoặc việc quản lý của nó,” họ nói.
Trong khi đó, tại Hy Lạp, 2 năm sau khi bị bắt giữ trên bãi biển, đối tác kinh doanh cũ của Alexei Bilyuchenko, Alexander Vinnik vẫn đang ngồi tù.
Hoa Kỳ, Nga và Pháp đều đang tìm cách dẫn độ ông. Trong 2 năm nay, ông không được gặp vợ mình và giờ đây còn gặp phải vấn đề về sức khỏe: khối u não.
Luật sư của ông, Timofei Musatov nói rằng cựu triệu phú bitcoin đã tuyệt thực từ lâu, tình trạng hiện tại của Vinnik rất giống với mình trước đây.
Nguồn: Tapchibitcoin.vn
submitted by NguyenHuy89 to u/NguyenHuy89 [link] [comments]

AVOID SHADY CRYPTOCURRENCY EXCHANGE EZBTC.CA

I wanted to make this post of my experience as a warning to others, especially Canadians as they have limited buying options when investing (speculating) into cryptocurrencies. I understand the subject of cryptocurrencies are polarizing to many, but nonetheless, it's an emerging asset class that deserves discussion because there are many ways to lose your funds. This isn't the fault of cryptocurrencies themselves, but the result of user error, outright scams, social engineering, hacks, or in my case not being up-to-date on current events.

There are many scams in cryptocurrencies, but shady exchanges are a classic dating back to the legendary Mt. Gox hack where 850,000 Bitcoins were stolen (worth approximately $4.6 billion at the time of this writing). Or the most recent Canadian QuadrigaCX exchange hack where the CEO allegedly died in India carrying the only private key to 200 million worth of customer funds.

It seems that exchange hacks keep propping up in the news, so why then do they keep happening even in 2019? Because users are left with limited choices if they want to acquire cryptocurrency in the safest (ironic) and most convenient manner. In order to buy cryptocurrency, you first have to exchange it for fiat currency (USD, CAD, EUR). You could buy cryptocurrency from one of those Bitcoin ATMs you see at the mall but the fees are exorbitant and quite a few require ID as it is, so why not just sign up for an exchange instead? The next option is to buy them peer-to-peer in person for cash, but people feel unsafe dealing with strangers and large amounts of money. Further, liquidity would be an issue. This led to a boom of many cryptocurrency exchanges offering customers a place to buy and sell with the exchanges acting as the middle-man between users.

I've been away from cryptocurrency for a while and only came back recently. I've used the EZBTC exchange in the past without issues and decided I would use them again. What I didn't do upon my return was my homework on any updates/news regarding this exchange which resulted in my ordeal now. I noticed the website had an overhaul that now includes an express option for you to receive faster withdrawals if you deposited larger amounts (first red flag). I opted for the regular option I always used in the past and sent a small amount via eTransfer that was deposited in my account almost immediately (second red flag). In the past, my eTransfers regardless of amount took some time and up to many hours. Nonetheless, I made a purchase and initiated a withdrawal request that still hasn't been sent out to this day, and I am not the only one.

A condensed version of my story is that I got worried about my pending withdrawal with EZBTC and my emails/calls went unanswered. The live chat on their website was also disabled. I decided to tweet my situation to @ezBtcCanada and immediately got an email from the owner David Smillie himself urgently telling me to call him on a personal number. He deverified and suspended my account as a result of my tweets @tokenflair for "security reasons". After some talk (me saying I'll delete the tweets) he immediately reactivated and reverified my account again and said that my withdrawal will be taken care of the next day.

Fast forward to the next day and my withdrawal is still pending. Calls/texts/email go unanswered again. Live chat is still disabled. I proceed to send another tweet instead. Like clockwork, I get a response from David shortly after and he was livid. He threatened to sue me for defamation if I continued posting about my situation on public forums. I told him I'll be waiting for his letter. He stated that my account would be receiving a lifetime ban and I will not be receiving my withdrawal but I would get an eTransfer refund in 30 days, and all this information would be included in an email I was supposed to receive on Monday April 22, 2019. I still have not received any such email, and my emails/call/texts to him are again being ignored. The saga continues.

The most important piece of advice I can give when it comes to cryptocurrency is that what's true today, is not true tomorrow. You must stay up-to-date on current events in cryptocurrency because your investment could be at stake. In my case, EZBTC was exhibiting red flags and had many user complaints that I would have seen had I just done some research prior to sending my money. I was not up-to-date regarding the status of this "exchange".

David Smillie (owner of ezbtc.ca) operating under business # 1081627 B.C LTD. currently has 5 ongoing lawsuits against his company for unpaid funds:

  1. File number: 1812420 - GOLDLUST, Joseph v 1081627 B.C. LTD. - Supreme Civil (General)
  2. File number: 1963965 - ROBERTS, John v 1081627 B.C. LTD. - Provincial Small Claims
  3. File number: 172818 - GODWIN, Richard v 1081627 BC LTD - Supreme Civil (General)
  4. File number: 18104 - MCCALLUM, Evan v 1081627 BC LTD - Provincial Small Claims
  5. File number: 1862507 - WONG, Gary v 1081627 BC LTD. - Provincial Small Claims

You can get the latest information on all pending lawsuits against EZBTC here:
https://justice.gov.bc.ca/cso/esearch/civil/partySearch.do

List of numerous complaints against David Smillie and EZBTC:

https://files.fm/f/23ej52ff (David Smillie sued by Richard Godwin)

https://np.reddit.com/BitcoinCA/comments/bahzsm/another_bc_lawsuit_filed_against_ezbtc_1081627_bc/ (David Smillie sued by John Roberts)

https://np.reddit.com/BitcoinCA/comments/99fs6i/2_new_court_filings_against_ezbtc_in_the_past_week/ (More lawsuits)

https://np.reddit.com/BitcoinCA/comments/8mjtjb/amaa_exowner_of_ezbtc_resigned_when_i_realized_it/ (Ex-CTO of EZBTC blows whistle)

https://np.reddit.com/BitcoinCA/comments/b53zq3/please_sticky_this_post_im_a_developer_who_worked/ (EZBTC developer blows whistle)

https://np.reddit.com/BitcoinCA/comments/939ce2/40_days_and_counting_fiat_withdrawal_ezbtcca/

https://np.reddit.com/BitcoinCA/comments/926adi/ezbtcca_may_have_gone_bust_toronto_offices_have/

https://np.reddit.com/BitcoinCA/comments/973yrz/ezbtcca_is_likely_insolvent/

https://np.reddit.com/BitcoinCA/comments/98njea/worth_visiting_ezbtc_offices/

https://np.reddit.com/BitcoinCA/comments/901847/concern_regarding_ezbtc/

https://np.reddit.com/BitcoinCA/comments/9181nx/banned_from_ezbtcca_chatroomhave_not_rcvd/

https://np.reddit.com/BitcoinCA/comments/arnboh/ezbtc_will_my_girlfriend_ever_see_her_money/

https://coiniq.com/ezbtc-review/

https://np.reddit.com/BitcoinCA/comments/ao680q/what_are_customers_latest_experiences_with_ezbtc/

https://warosu.org/biz/thread/10773849

https://np.reddit.com/BitcoinCA/comments/bfqrv1/fortune_jack_here_regarding_david_smillie_and/

https://np.reddit.com/BitcoinCA/comments/b57fq9/ezbtc_terms_of_service_wayback_machine/

https://np.reddit.com/BitcoinCA/comments/arfa5x/ezbtc_is_so_fake_check_this_out/

https://np.reddit.com/BitcoinCA/comments/95rpl5/to_those_staying_silent_for_ezbtc_defamation/
submitted by TokenFlair to CanadianInvestor [link] [comments]

The biggest cryptocurrency thefts in the last 10 years

In this article, we will try to remember all the major theft of cryptocurrencies over the past 10 years.
1. Bitstamp $5.3 mln (BTC), January 4th, 2015
On January 4, 2015, the operational hot wallet of Bitstamp announced that it was hacked by an anonymous hacker and 19,000 Bitcoins (worth of $5 million) were lost.
The initiation of the attack fell on November 4, 2014. Then Damian Merlak, the CTO of the exchange, was offered free tickets to punk rock festival Punk Rock Holiday 2015 via Skype, knowing that Merlak is interested in such music and he plays in the band. To receive the tickets, he was asked to fill out a participant questionnaire by sending a file named “Punk Rock Holiday 2015 TICKET Form1.doc”. This file contained the VBA script. By opening the file, he downloaded the malware on his computer. Although Merlak did not suspect wrong and has opened the "application form", to any critical consequences, this did not open access to the funds of exchange.
The attackers, however, did not give up. The attack continued for five weeks, during which hackers presented themselves as journalists, then headhunters.
Finally, the attackers were lucky. On December 11, 2014, the infected word document was opened on his machine by Bitstamp system administrator Luka Kodric, who had access to the exchange wallet. The file came to the victim by email, allegedly on behalf of an employee of the Association for computer science, although in fact, as the investigation showed, the traces of the file lead deep into Tor. Hackers were not limited to just one letter. Skype attacker pretending to be an employee of the Association for computing machinery, convinced that his Frame though to make international honor society, which required some paperwork. Kodric believed.
By installing a Trojan on Kodriс's computer hackers were able to obtain direct access to the hot wallet of the exchange. The logs show that the attacker, under the account of Kodric, gained access to the server LNXSRVBTC, where he kept the wallet file.dat, and the DORNATA server where the password was stored. Then the servers were redirected to a certain IP address that belongs to one of the providers of Germany.
There are still no official reports of arrests in this case. Obviously, the case is complicated by the fact that the hackers are outside the UK, and the investigation has to cooperate with law enforcement agencies in other countries.
2. GateHub $9.5 mln (XRP), June 1th, 2019
Hackers have compromised nearly 100 XRP Ledger wallets on cryptocurrency wallet service GateHub. The incident was reported by GateHub in a preliminary statement on June 6.
XRP enthusiast Thomas Silkjær, who first noticed the suspicious activity, estimates that the hackers have stolen nearly $10 million worth of cryptocurrency (23,200,000 XRP), $5.5 million (13,100,000 XRP) of which has already been laundered through exchanges and mixer services.
GateHub notes that it is still conducting an investigation and therefore cannot publish any official findings. Also, GateHub advises victims to make complaints to the relevant authorities of their jurisdiction.
3. Tether, $30.9 mln (USDT), November 19th, 2017
Tether created a digital currency called "US tokens" (USDT) — they could be used to trade real goods using Bitcoin, Litecoin and Ether. By depositing $1 in Tether, the user received 1 USD, which can be converted back into fiat. On November 19, 2017, the attacker gained access to the main Tether wallet and withdrew $ 30.9 million in tokens. For the transaction, he used a Bitcoin address, which means that it was irreversible.
To fix the situation, Tether took action by which the hacker was unable to withdraw the stolen money to fiat or Bitcoin, but the panic led to a decrease in the value of Bitcoin.
4. Ethereum, $31 mln (ETH), July 20th, 2017
On July 20, 2017, the hacker transferred 153,037 Ethers to $31 million from three very large wallets owned by SwarmCity, Edgeless Casino and Eternity. Unknown fraudster managed to change the ownership of wallets, taking advantage of the vulnerability with multiple signatures.
First, the theft was noticed by the developers of SwarmCity.
Further events deserve a place in history: "white hackers" returned the stolen funds, and then protected other compromised accounts. They acted in the same way as criminals, who stole funds from vulnerable wallets — just not for themselves. And it all happened in less than a day.
5. Dao (Decentralized Autonomous Organization) $70 mln (ETH), June 18th, 2016
On June 18, 2016, members of the Ethereum community noticed that funds were being drained from the DAO and the overall ETH balance of the smart contract was going down. A total of 3.6 million Ether (worth around $70 million at the time) was drained by the hacker in the first few hours. The attack was possible because of an exploit found in the splitting function. The attackes withdrew Ether from the DAO smart contract multiple times using the same DAO Tokens. This was possible due to what is known as a recursive call exploit.
In this exploit, the attacker was able to "ask" the smart contract (DAO) to give the Ether back multiple times before the smart contract could update its own balance. There were two main faults that made this possible: the fact that when the DAO smart contract was created the coders did not take into account the possibility of a recursive call, and the fact that the smart contract first sent the ETH funds and then updated the internal token balance.
It's important to understand that this bug did not come from Ethereum itself, but from this one application that was built on Ethereum. The code written for the DAO had multiple bugs, and the recursive call exploit was one of them. Another way to look at this situation is to compare Ethereum to the Internet and any application based on Ethereum to a website: if a website is not working, it doesn't mean that the Internet is not working, it simply means that one website has a problem.
The hacker stopped draining the DAO for unknown reasons, even though they could have continued to do so.
The Ethereum community and team quickly took control of the situation and presented multiple proposals to deal with the exploit. In order to prevent the hacker from cashing in the Ether from his child DAO after the standard 28 days, a soft-fork was voted on and came very close to being introduced. A few hours before it was set to be released, a few members of the community found a bug with the implementation that opened a denial-of-service attack vector. This soft fork was designed to blacklist all the transactions made from the DAO.
6. NiceHash, 4736.42 (BTC), December 6th, 2017
NiceHash is a Slovenian cryptocurrency hash power broker with integrated marketplace that connects sellers of hashing power (miners) with buyers of hashing power using the sharing economy approach.
On December 6, 2017, the company's servers became the target of attack. At first, Reddit users reported that they could not access their funds and make transactions — when they tried to log in, they were shown a message about a service interruption. In the end, it became known that the service had undergone a major cyberattack and 4736,42 Bitcoins disappeared without a trace.
Despite heavy losses, NiceHash was able to continue working, but CEO and founder Marco Koval resigned, giving way to a new team. The company managed to maintain the trust of investors and began to strengthen the protection of its systems.
7. Mt.Gox, 850000 (BTC), June 19th, 2011
The Hacking Of Mt.Gox was one of the biggest Bitcoin thefts in history. It was the work of highly professional hackers using complex vulnerabilities.
A hacker (or a group of hackers) allegedly gained access to a computer owned by one of the auditors and used a security vulnerability to access Mt.Gox servers, then changed the nominal value of Bitcoin to 1 cent per coin.
Then they brought out about 2000 BTC. Some customers, without knowing it, conducted transactions at this low price, a total of 650 BTC, and despite the fact that the hacking hit the headlines around the world, no Bitcoin could be returned.
To increase investor confidence, the company has compensated all of the stolen coins, placed most of the remaining funds in offline storage, and the next couple of years was considered the most reliable Bitcoin exchanger in the world.
However, it was only an illusion of reliability.
The problems of the organization were much more serious, and the management probably did not even know about them.
CEO of Mt.Gox, Mark Karpeles, was originally a developer, but over time he stopped delving into technical details, basking in the rays of glory — because he created the world's largest platform for cryptocurrency exchange. At that time Mt.Gox handled over 70% of all Bitcoin transactions.
And, of course, there were those who wanted to take advantage of the technological weakness of the service. At some point, hackers made it so that Bitcoins could be bought at any price, and within minutes millions of dollars worth of coins were sold — mostly for pennies. World prices for Bitcoin stabilized in a few minutes, but it was too late.
As a result, Mt.Gox lost about 850,000 Bitcoins. The exchange had to declare bankruptcy, hundreds of thousands of people lost money, and the Japanese authorities arrested CEO Mark Karpeles for fraud. He pleaded not guilty and was subsequently released. In 2014, the authorities restored some of the Bitcoins remaining at the old addresses, but did not transfer them to the exchange, and created a trust to compensate for the losses of creditors.
8. Coincheck, $530 mln, January 26th, 2018
The sum was astonishing, and even surpassed the infamous Mt.Gox hack.
While Mt.Gox shortly filed for bankruptcy following the hack, Coincheck has surprisingly remained in business and was even recently approved as a licensed exchange by Japan’s Financial Services (FSA).
Coincheck was founded in 2014 in Japan and was one of the most popular cryptocurrency exchanges in the country. Offering a wide variety of digital assets including Bitcoin, Ether, LISK, and NEM, Coincheck was an emerging exchange that joined the Japan Blockchain Association.
Since Coincheck was founded it 2014, it was incidentally not subject to new exchange registration requirements with Japan’s FSA — who rolled out a framework after Mt. Gox –, and eventually was a contributing factor to its poor security standards that led to the hack.
On January 26th, 2018, Coincheck posted on their blog detailing that they were restricting NEM deposits and withdrawals, along with most other methods for buying or selling cryptocurrencies on the platform. Speculation arose that the exchange had been hacked, and the NEM developers issued a statement saying they were unaware of any technical glitches in the NEM protocol and any issues were a result of the exchange’s security.
Coincheck subsequently held a high-profile conference where they confirmed that hackers had absconded with 500 million NEM tokens that were then distributed to 19 different addresses on the network. Totaling roughly $530 million at the time — NEM was hovering around $1 then — the Coincheck hack was considered the largest theft in the industry’s history.
Coincheck was compelled to reveal some embarrassing details about their exchange’s security, mentioning how they stored all of the NEM in a single hot wallet and did not use the NEM multisignature contract security recommended by the developers.
Simultaneously, the NEM developers team had tagged all of the NEM stolen in the hack with a message identifying the funds as stolen so that other exchanges would not accept them. However, NEM announced they were ending their hunt for the stolen NEM for unspecified reasons several months later, and speculation persisted that hackers were close to cashing out the stolen funds on the dark web.
Mainstream media covered the hack extensively and compared it to similar failures by cryptocurrency exchanges in the past to meet adequate security standards. At the time, most media coverage of cryptocurrencies was centered on their obscure nature, dramatic volatility, and lack of security. Coincheck’s hack fueled that narrative considerably as the stolen sum was eye-popping and the cryptocurrency used — NEM — was unknown to most in the mainstream.
NEM depreciated rapidly following the hack, and the price fell even more throughout 2018, in line with the extended bear market in the broader industry. Currently, NEM is trading at approximately $0.07, a precipitous fall from ATH over $1.60 in early January.
The extent of the Coincheck hack was rivaled by only a few other hacks, notably the Mt.Gox hack. While nominally Coincheck is the largest hack in the industry’s history, the effects of Mt.Gox were significantly more impactful since the stolen funds consisted only of Bitcoin and caused a sustained market correction as well as an ongoing controversy with the stolen funds and founder. Moreover, Mt.Gox squandered 6% of the overall Bitcoin circulation at the time in a market that was much less mature than it is today.
Despite the fallout, Coincheck is now fully operational and registered with Japan’s FSA.
As practice shows, people make mistakes and these mistakes can cost a lot. Especially, when we talk about mad cryptoworld. Be careful and keep your private keys in a safe place.
submitted by SwapSpace_co to bitcoin_uncensored [link] [comments]

The biggest cryptocurrency thefts in the last 10 years

In this article, we will try to remember all the major theft of cryptocurrencies over the past 10 years.
1. Bitstamp $5.3 mln (BTC), January 4th, 2015
On January 4, 2015, the operational hot wallet of Bitstamp announced that it was hacked by an anonymous hacker and 19,000 Bitcoins (worth of $5 million) were lost.
The initiation of the attack fell on November 4, 2014. Then Damian Merlak, the CTO of the exchange, was offered free tickets to punk rock festival Punk Rock Holiday 2015 via Skype, knowing that Merlak is interested in such music and he plays in the band. To receive the tickets, he was asked to fill out a participant questionnaire by sending a file named “Punk Rock Holiday 2015 TICKET Form1.doc”. This file contained the VBA script. By opening the file, he downloaded the malware on his computer. Although Merlak did not suspect wrong and has opened the "application form", to any critical consequences, this did not open access to the funds of exchange.
The attackers, however, did not give up. The attack continued for five weeks, during which hackers presented themselves as journalists, then headhunters.
Finally, the attackers were lucky. On December 11, 2014, the infected word document was opened on his machine by Bitstamp system administrator Luka Kodric, who had access to the exchange wallet. The file came to the victim by email, allegedly on behalf of an employee of the Association for computer science, although in fact, as the investigation showed, the traces of the file lead deep into Tor. Hackers were not limited to just one letter. Skype attacker pretending to be an employee of the Association for computing machinery, convinced that his Frame though to make international honor society, which required some paperwork. Kodric believed.
By installing a Trojan on Kodriс's computer hackers were able to obtain direct access to the hot wallet of the exchange. The logs show that the attacker, under the account of Kodric, gained access to the server LNXSRVBTC, where he kept the wallet file.dat, and the DORNATA server where the password was stored. Then the servers were redirected to a certain IP address that belongs to one of the providers of Germany.
There are still no official reports of arrests in this case. Obviously, the case is complicated by the fact that the hackers are outside the UK, and the investigation has to cooperate with law enforcement agencies in other countries.
2. GateHub $9.5 mln (XRP), June 1th, 2019
Hackers have compromised nearly 100 XRP Ledger wallets on cryptocurrency wallet service GateHub. The incident was reported by GateHub in a preliminary statement on June 6.
XRP enthusiast Thomas Silkjær, who first noticed the suspicious activity, estimates that the hackers have stolen nearly $10 million worth of cryptocurrency (23,200,000 XRP), $5.5 million (13,100,000 XRP) of which has already been laundered through exchanges and mixer services.
GateHub notes that it is still conducting an investigation and therefore cannot publish any official findings. Also, GateHub advises victims to make complaints to the relevant authorities of their jurisdiction.
3. Tether, $30.9 mln (USDT), November 19th, 2017
Tether created a digital currency called "US tokens" (USDT) — they could be used to trade real goods using Bitcoin, Litecoin and Ether. By depositing $1 in Tether, the user received 1 USD, which can be converted back into fiat. On November 19, 2017, the attacker gained access to the main Tether wallet and withdrew $ 30.9 million in tokens. For the transaction, he used a Bitcoin address, which means that it was irreversible.
To fix the situation, Tether took action by which the hacker was unable to withdraw the stolen money to fiat or Bitcoin, but the panic led to a decrease in the value of Bitcoin.
4. Ethereum, $31 mln (ETH), July 20th, 2017
On July 20, 2017, the hacker transferred 153,037 Ethers to $31 million from three very large wallets owned by SwarmCity, Edgeless Casino and Eternity. Unknown fraudster managed to change the ownership of wallets, taking advantage of the vulnerability with multiple signatures.
First, the theft was noticed by the developers of SwarmCity.
Further events deserve a place in history: "white hackers" returned the stolen funds, and then protected other compromised accounts. They acted in the same way as criminals, who stole funds from vulnerable wallets — just not for themselves. And it all happened in less than a day.
5. Dao (Decentralized Autonomous Organization) $70 mln (ETH), June 18th, 2016
On June 18, 2016, members of the Ethereum community noticed that funds were being drained from the DAO and the overall ETH balance of the smart contract was going down. A total of 3.6 million Ether (worth around $70 million at the time) was drained by the hacker in the first few hours. The attack was possible because of an exploit found in the splitting function. The attackes withdrew Ether from the DAO smart contract multiple times using the same DAO Tokens. This was possible due to what is known as a recursive call exploit.
In this exploit, the attacker was able to "ask" the smart contract (DAO) to give the Ether back multiple times before the smart contract could update its own balance. There were two main faults that made this possible: the fact that when the DAO smart contract was created the coders did not take into account the possibility of a recursive call, and the fact that the smart contract first sent the ETH funds and then updated the internal token balance.
It's important to understand that this bug did not come from Ethereum itself, but from this one application that was built on Ethereum. The code written for the DAO had multiple bugs, and the recursive call exploit was one of them. Another way to look at this situation is to compare Ethereum to the Internet and any application based on Ethereum to a website: if a website is not working, it doesn't mean that the Internet is not working, it simply means that one website has a problem.
The hacker stopped draining the DAO for unknown reasons, even though they could have continued to do so.
The Ethereum community and team quickly took control of the situation and presented multiple proposals to deal with the exploit. In order to prevent the hacker from cashing in the Ether from his child DAO after the standard 28 days, a soft-fork was voted on and came very close to being introduced. A few hours before it was set to be released, a few members of the community found a bug with the implementation that opened a denial-of-service attack vector. This soft fork was designed to blacklist all the transactions made from the DAO.
6. NiceHash, 4736.42 (BTC), December 6th, 2017
NiceHash is a Slovenian cryptocurrency hash power broker with integrated marketplace that connects sellers of hashing power (miners) with buyers of hashing power using the sharing economy approach.
On December 6, 2017, the company's servers became the target of attack. At first, Reddit users reported that they could not access their funds and make transactions — when they tried to log in, they were shown a message about a service interruption. In the end, it became known that the service had undergone a major cyberattack and 4736,42 Bitcoins disappeared without a trace.
Despite heavy losses, NiceHash was able to continue working, but CEO and founder Marco Koval resigned, giving way to a new team. The company managed to maintain the trust of investors and began to strengthen the protection of its systems.
7. Mt.Gox, 850000 (BTC), June 19th, 2011
The Hacking Of Mt.Gox was one of the biggest Bitcoin thefts in history. It was the work of highly professional hackers using complex vulnerabilities.
A hacker (or a group of hackers) allegedly gained access to a computer owned by one of the auditors and used a security vulnerability to access Mt.Gox servers, then changed the nominal value of Bitcoin to 1 cent per coin.
Then they brought out about 2000 BTC. Some customers, without knowing it, conducted transactions at this low price, a total of 650 BTC, and despite the fact that the hacking hit the headlines around the world, no Bitcoin could be returned.
To increase investor confidence, the company has compensated all of the stolen coins, placed most of the remaining funds in offline storage, and the next couple of years was considered the most reliable Bitcoin exchanger in the world.
However, it was only an illusion of reliability.
The problems of the organization were much more serious, and the management probably did not even know about them.
CEO of Mt.Gox, Mark Karpeles, was originally a developer, but over time he stopped delving into technical details, basking in the rays of glory — because he created the world's largest platform for cryptocurrency exchange. At that time Mt.Gox handled over 70% of all Bitcoin transactions.
And, of course, there were those who wanted to take advantage of the technological weakness of the service. At some point, hackers made it so that Bitcoins could be bought at any price, and within minutes millions of dollars worth of coins were sold — mostly for pennies. World prices for Bitcoin stabilized in a few minutes, but it was too late.
As a result, Mt.Gox lost about 850,000 Bitcoins. The exchange had to declare bankruptcy, hundreds of thousands of people lost money, and the Japanese authorities arrested CEO Mark Karpeles for fraud. He pleaded not guilty and was subsequently released. In 2014, the authorities restored some of the Bitcoins remaining at the old addresses, but did not transfer them to the exchange, and created a trust to compensate for the losses of creditors.
8. Coincheck, $530 mln, January 26th, 2018
The sum was astonishing, and even surpassed the infamous Mt.Gox hack.
While Mt.Gox shortly filed for bankruptcy following the hack, Coincheck has surprisingly remained in business and was even recently approved as a licensed exchange by Japan’s Financial Services (FSA).
Coincheck was founded in 2014 in Japan and was one of the most popular cryptocurrency exchanges in the country. Offering a wide variety of digital assets including Bitcoin, Ether, LISK, and NEM, Coincheck was an emerging exchange that joined the Japan Blockchain Association.
Since Coincheck was founded it 2014, it was incidentally not subject to new exchange registration requirements with Japan’s FSA — who rolled out a framework after Mt. Gox –, and eventually was a contributing factor to its poor security standards that led to the hack.
On January 26th, 2018, Coincheck posted on their blog detailing that they were restricting NEM deposits and withdrawals, along with most other methods for buying or selling cryptocurrencies on the platform. Speculation arose that the exchange had been hacked, and the NEM developers issued a statement saying they were unaware of any technical glitches in the NEM protocol and any issues were a result of the exchange’s security.
Coincheck subsequently held a high-profile conference where they confirmed that hackers had absconded with 500 million NEM tokens that were then distributed to 19 different addresses on the network. Totaling roughly $530 million at the time — NEM was hovering around $1 then — the Coincheck hack was considered the largest theft in the industry’s history.
Coincheck was compelled to reveal some embarrassing details about their exchange’s security, mentioning how they stored all of the NEM in a single hot wallet and did not use the NEM multisignature contract security recommended by the developers.
Simultaneously, the NEM developers team had tagged all of the NEM stolen in the hack with a message identifying the funds as stolen so that other exchanges would not accept them. However, NEM announced they were ending their hunt for the stolen NEM for unspecified reasons several months later, and speculation persisted that hackers were close to cashing out the stolen funds on the dark web.
Mainstream media covered the hack extensively and compared it to similar failures by cryptocurrency exchanges in the past to meet adequate security standards. At the time, most media coverage of cryptocurrencies was centered on their obscure nature, dramatic volatility, and lack of security. Coincheck’s hack fueled that narrative considerably as the stolen sum was eye-popping and the cryptocurrency used — NEM — was unknown to most in the mainstream.
NEM depreciated rapidly following the hack, and the price fell even more throughout 2018, in line with the extended bear market in the broader industry. Currently, NEM is trading at approximately $0.07, a precipitous fall from ATH over $1.60 in early January.
The extent of the Coincheck hack was rivaled by only a few other hacks, notably the Mt.Gox hack. While nominally Coincheck is the largest hack in the industry’s history, the effects of Mt.Gox were significantly more impactful since the stolen funds consisted only of Bitcoin and caused a sustained market correction as well as an ongoing controversy with the stolen funds and founder. Moreover, Mt.Gox squandered 6% of the overall Bitcoin circulation at the time in a market that was much less mature than it is today.
Despite the fallout, Coincheck is now fully operational and registered with Japan’s FSA.
As practice shows, people make mistakes and these mistakes can cost a lot. Especially, when we talk about mad cryptoworld. Be careful and keep your private keys in a safe place.
submitted by SwapSpace_co to Bitcoin [link] [comments]

Best Cryptocurrency Exchanges for Beginners

Best Cryptocurrency Exchanges for Beginners
Best Cryptocurrency Exchanges for Beginners
Before we get into exchanges, let’s refresh our minds about what cryptocurrency is. The concept behind cryptocurrencies is relatively simple, while the math and technology are not. Essentially, a cryptocurrency is a virtual or digital currency that utilizes cryptography as a means for protection and security.
Cryptography is also used to regulate the creation of additional units, so as to not drive the overall digital currency market wild. One of the greatest appeals of cryptocurrencies is that they are not regulated by any government agencies. The most popular digital asset is the bitcoin, followed by ethereum.

What Are Cryptocurrency Exchanges?

Cryptocurrencies can be traded through cryptocurrency exchanges. These cryptocurrency exchanges are platforms through which you can purchase or sell digital currencies for dollars, euros, and pounds, as well as other digital assets. For example, you can sell bitcoins and purchase dollars with the sold bitcoins, or you could exchange bitcoins for ether. These exchanges are a vital part of the virtual currency expansion rate.
There are private exchanges, which are exclusive and operate by invite only, as well as those available for the public. Local exchanges also exist. Some are easier to use than others are; certain exchanges are so flexible that digital assets can be traded directly through the built-in chat features of specific popular messengers, like Telegram.

What to Consider When Picking the Best Cryptocurrency Exchanges

Here are a few things you will want to consider before picking the best cryptocurrency exchange suited for your trading and speculative needs.
Fees – Almost all exchanges charge fees for you to do business on their platforms. Make sure that when you are signing up or committing yourself to a specific exchange that you know everything about its fees.
Verification Requirements and Security – These are vital to understand before starting out on an exchange. Most exchanges require some sort of identity verification in the form of a passport, driver’s license, proof of residence, or other similar document before joining. The more complex the verification process, the safer the exchange platform.
Exchange Rates – Exchange rates are also important, as you don’t want to join a cryptocurrency exchange that charges draconian fees for transactions and exchanges. That just wouldn’t be fair to you or financially savvy.
Reputation – The best cryptocurrency exchanges always have ups and downs. However, the general opinion of the top ones is positive. The best exchanges have a solid reputation and are well trusted by traders.
Region – It’s also important to find an exchange that supports your geographic region. Some exchanges may support all of the countries in South America, while not supporting any of the countries in Asia, and vice versa. If you are living in Russia, for example, make sure you pick the best exchange platform that supports your region.
Now, let’s take a look at some of the best cryptocurrency exchanges out there.

Security

Something which is important to bare in mind when choosing a cryptocurrency exchange to make your trades and purchases on is their security measures. It is well-known that many exchanges have been hacked in the past, most notably the Mt Gox exchange, which people are still feeling the fall-out from ever since.
You should know that the your funds or coins on an exchange or not really yours, unless you own the private keys to the wallet of your coins you are relying on someone else to be custodian of your funds.
Luckily there are some basic measures you can take when using an exchange. The most important is to never store more there than you are willing to lose, if you have a significant balance, you should withdraw it back to your own wallet and for extra security, use a Hardware wallet to secure these funds.
Exchanges should be used for quick purchases of your desired cryptocurrency or for trading an amount you are happy with. They should never be used as your primary wallet, that is not their intended function.
Another important step to take is to use all the security options available on the site, make sure that two-factor authentication (2FA) is setup correctly and you use an app like Authy or Google authenticator. Do not use the mobile phone option which texts you a code, this is not safe as their have been a number of high-profile hacks involving sim-swaps which allow a would-be hacker to take over your phone number and then gain access to your account.

Coinbase

Coinbase is one of the, if not the, most trusted cryptocurrency exchange platforms in the world. It is also the largest digital asset exchange platform in the world. The platform supports more than 32 countries and has more than 4 million active users. Traders are allowed to acquire and sell bitcoins using their bank account, credit card, PayPal, and other payment methods, as well. In order to begin trading on Coinbase, you will have to set up an e-wallet for buying and selling cryptocurrencies. Furthermore, users have to be able to link a valid bank account in order to purchase bitcoins.

https://preview.redd.it/dauw912k1ze31.jpg?width=808&format=pjpg&auto=webp&s=25f1df9624cea90cc1359160ac7fd8b133eba1e7
Currently, fully verified U.S. residents are only allowed to hold up to 50,000 bitcoins per day. Overall, Coinbase has a great reputation and is highly respected in the trader community. Most transactions through Coinbase only have a 1 percent transaction fee in addition to any fees that your selected payment method may carry.
As with CEX, you can only purchase a few currencies: Bitcoin, Ethereum and Litecoin. You would then need to use Changelly to convert these to other crypto currencies.
Another benefit of registering with Coinbase is the fact you are then able to use the Coinbase Pro exchange which is owed by the same company. Coinbase Pro allows to more advanced trading features such as margin trading and Market, Limit, & Stop Orders. Coinbase Pro also has lower fees than Coinbase.
Read our full Coinbase Review here to learn more. We have also conducted a thourough look at Coinbase’s security measures here.
Visit Coinbase

Binance

Binance is a newer exchange but one we have grown to love, it has a wide range of cryptocurrencies available to purchase and trade and has a basic and advanced view which you can switch between easily. Their fees are very reasonable and they allow you to register and trade immediately without having to verify your account. You will then be able to make withdrawals of up to 2 BTC per day, if you want to withdraw higher amounts you will then need to upload your photo ID and a “selfie” photo.

https://preview.redd.it/01yawgfl1ze31.jpg?width=808&format=pjpg&auto=webp&s=28c23efac9899a48ce174693ed30a6dba08d94db
The public opinion of Binance at this time is very high with people praising the speed of the site, ease of use and cheap fees.
For more details you can read our complete review of Binance here.
Visit Binance

KuCoin

KuCoin is a new but very exciting exchange based in South Korea. They operate similarly to Binance in the fact that they list new altcoins much quicker than other exchanges so it’s a good place to purchase cryptocurrencies shortly after their ICO meaning there is a greater opportunity to profit by getting in early.
The interface is very clean and modern and much easier to operate than other older and more clunky exchanges.
They also offer their own token KCS which allows all holders to receive a daily share of profits of the platform, this is a great token to hold as you are paid in the many different currencies that the site allows people to trade in.

https://preview.redd.it/qav0qx9m1ze31.jpg?width=808&format=pjpg&auto=webp&s=2635f1242f7474a56f21fe123c0ad1c7718a8ee8
Visit Kucoin

LocalBitcoins

LocalBitcoins is a peer-to-peer cryptocurrency exchange used in most big cities around the world. The general principle behind this exchange is that you can find people who live in your area or city and meet with them in person to conduct an exchange. The platform also offers options for purchasing digital currencies via PayPal, Square, direct-to-bank transfers, and many other payment-processing methods. The platform charges a small fee of 1 percent per transaction in cases where sellers apply their own exchange rate.

https://preview.redd.it/p3igqf3n1ze31.jpg?width=808&format=pjpg&auto=webp&s=2eae56e0e8dbe452e1d327f24ecc96642de2bc70
Similar to the way Uber passengers and drivers are rated, LocalBitcoins applies a rating to each trader that uses the platform, and this rating is publicly displayed. Trades first have to undergo an escrow process to ensure that nobody will be scammed by using the platform. Once everything is verified, the funds and cryptocurrencies transfer between traders. LocalBitcoins takes a commission of 1 percent from sellers. W
Take a look at our LocalBitcoins Review to find out more.
Visit LocalBitcoins

CoinMama

CoinMama is a large bitcoin brokerage that allows users to acquire coins with their debit or credit cards. The platform issues small fees for transactions. To make up for this, however, the limits for how many bitcoins a user can buy are much higher in comparison to Coinbase. Users can acquire up to $5,000 of coins per day or up to $20,000 per month. All users need to do to use CoinMama is to set up an account, log in, and navigate to the profile page section to fill in personal information.

https://preview.redd.it/rafwelwn1ze31.jpg?width=808&format=pjpg&auto=webp&s=e1ee6986f8f04ebfb40f0110fabab246203c2c66
Following this, users will be introduced to a page that allows them to select how many bitcoins they would like to purchase, and once a fitting amount has been selected, users will be allowed to add their preferred payment methods and bitcoin addresses. Users will also be required to verify their phone number and email address. CoinMama does not require most users to upload their government-issued ID. After completing the aforementioned steps and passing the verification process, users will be able to acquire bitcoins through CoinMama.
Read our complete CoinMama Review here.
Visit CoinMama

CEX.IO

CEX.IO is one of the oldest cryptocurrency exchanges in the world. However, despite being referred to as a cryptocurrency exchange, CEX.IO can only be used with bitcoins and ethereum which are the main two trading pairs for alt-coins. If you want to purchase other currencies, you can use CEX and then a service named Changelly to convert them to many other cryptos.
The platform is registered with the FINCEN and applies KYC and AML principles. In other words, users have to completely verify their identity before they can get involved in any trades with this platform. Currently, the platform supports purchases with credit cards, wire transfers, or SEPA transfers for European residents.

https://preview.redd.it/dvrr5yto1ze31.jpg?width=808&format=pjpg&auto=webp&s=46fa36889957b7742bf1eb1f682c6c8c31c1f164
Once you enter a trade, the platform automatically calculates the price of the transaction and freezes the exchange rate for 120 seconds, which is quite convenient. However, many users note that there are occasional hidden fees. CEX.IO has a flat fee of 7 percent for anything involving fiat currencies. For example, if you acquire $100 in bitcoins, you will only receive $93 in coins.
Read our indepth CEX Review here to learn more.
Visit CEX

Bittrex

Bittrex is well established and highly regarded crypto trading platform, with many coins and tokens to choose from. The interface is not for complete beginner’s but you should be able to find your way around after a little while.

https://preview.redd.it/xa00ycmp1ze31.jpg?width=808&format=pjpg&auto=webp&s=e42aedf2b51ff01005847ec0867c69ba94e8a7dd
Read our full review of Bittrex here.
Unsurprisingly, Bittrex’s most popular trading pairs are BTC and ETH. It must be noted that the exchange currently does not offer any kind of fiat-to-crypto pairs, e.g. with U.S. dollars, euros, or British pounds). One thing investors can do is buy USDT (Tether tokens) via wired bank transfers in order to use USDT for crypto-to-crypto exchanges.
However, you’ll need to be fully verified and willing to slap down at least $10,000 USD for Bittrex to even consider the transfer. And we here at Blockonomi don’t remind this approach anyways; there’s been a lot of controversy surrounding Tether lately, and it’s best just to stay away for now until further developments actualize.
Visit Bittrex

Conclusion

Picking the ideal cryptocurrency exchange platform for your specific needs may be a difficult and time-consuming process. Remember to pay attention to the fees, reputation, security, verification processes, and geographical services an exchange platform has to offer. Remember that you are not limited to using only one cryptocurrency exchange. Hopefully, the information provided will assist you in deciding which exchange platform to use.
We have selected 6 Cryptocurrency exchanges here which are trustworthy and easy to use for beginners to get started building their investment portfolios.
Original article link: https://blockonomi.com/cryptocurrency-exchanges/
submitted by Tokenberry to NewbieZone [link] [comments]

CRYPTOCURRENCY BITCOIN

CRYPTOCURRENCY BITCOIN
Bitcoin Table of contents expand: 1. What is Bitcoin? 2. Understanding Bitcoin 3. How Bitcoin Works 4. What's a Bitcoin Worth? 5. How Bitcoin Began 6. Who Invented Bitcoin? 7. Before Satoshi 8. Why Is Satoshi Anonymous? 9. The Suspects 10. Can Satoshi's Identity Be Proven? 11. Receiving Bitcoins As Payment 12. Working For Bitcoins 13. Bitcoin From Interest Payments 14. Bitcoins From Gambling 15. Investing in Bitcoins 16. Risks of Bitcoin Investing 17. Bitcoin Regulatory Risk 18. Security Risk of Bitcoins 19. Insurance Risk 20. Risk of Bitcoin Fraud 21. Market Risk 22. Bitcoin's Tax Risk What is Bitcoin?
Bitcoin is a digital currency created in January 2009. It follows the ideas set out in a white paper by the mysterious Satoshi Nakamoto, whose true identity is yet to be verified. Bitcoin offers the promise of lower transaction fees than traditional online payment mechanisms and is operated by a decentralized authority, unlike government-issued currencies.
There are no physical bitcoins, only balances kept on a public ledger in the cloud, that – along with all Bitcoin transactions – is verified by a massive amount of computing power. Bitcoins are not issued or backed by any banks or governments, nor are individual bitcoins valuable as a commodity. Despite it not being legal tender, Bitcoin charts high on popularity, and has triggered the launch of other virtual currencies collectively referred to as Altcoins.
Understanding Bitcoin Bitcoin is a type of cryptocurrency: Balances are kept using public and private "keys," which are long strings of numbers and letters linked through the mathematical encryption algorithm that was used to create them. The public key (comparable to a bank account number) serves as the address which is published to the world and to which others may send bitcoins. The private key (comparable to an ATM PIN) is meant to be a guarded secret and only used to authorize Bitcoin transmissions. Style notes: According to the official Bitcoin Foundation, the word "Bitcoin" is capitalized in the context of referring to the entity or concept, whereas "bitcoin" is written in the lower case when referring to a quantity of the currency (e.g. "I traded 20 bitcoin") or the units themselves. The plural form can be either "bitcoin" or "bitcoins."
How Bitcoin Works Bitcoin is one of the first digital currencies to use peer-to-peer technology to facilitate instant payments. The independent individuals and companies who own the governing computing power and participate in the Bitcoin network, also known as "miners," are motivated by rewards (the release of new bitcoin) and transaction fees paid in bitcoin. These miners can be thought of as the decentralized authority enforcing the credibility of the Bitcoin network. New bitcoin is being released to the miners at a fixed, but periodically declining rate, such that the total supply of bitcoins approaches 21 million. One bitcoin is divisible to eight decimal places (100 millionths of one bitcoin), and this smallest unit is referred to as a Satoshi. If necessary, and if the participating miners accept the change, Bitcoin could eventually be made divisible to even more decimal places. Bitcoin mining is the process through which bitcoins are released to come into circulation. Basically, it involves solving a computationally difficult puzzle to discover a new block, which is added to the blockchain and receiving a reward in the form of a few bitcoins. The block reward was 50 new bitcoins in 2009; it decreases every four years. As more and more bitcoins are created, the difficulty of the mining process – that is, the amount of computing power involved – increases. The mining difficulty began at 1.0 with Bitcoin's debut back in 2009; at the end of the year, it was only 1.18. As of February 2019, the mining difficulty is over 6.06 billion. Once, an ordinary desktop computer sufficed for the mining process; now, to combat the difficulty level, miners must use faster hardware like Application-Specific Integrated Circuits (ASIC), more advanced processing units like Graphic Processing Units (GPUs), etc.
What's a Bitcoin Worth? In 2017 alone, the price of Bitcoin rose from a little under $1,000 at the beginning of the year to close to $19,000, ending the year more than 1,400% higher. Bitcoin's price is also quite dependent on the size of its mining network since the larger the network is, the more difficult – and thus more costly – it is to produce new bitcoins. As a result, the price of bitcoin has to increase as its cost of production also rises. The Bitcoin mining network's aggregate power has more than tripled over the past twelve months.
How Bitcoin Began
Aug. 18, 2008: The domain name bitcoin.org is registered. Today, at least, this domain is "WhoisGuard Protected," meaning the identity of the person who registered it is not public information.
Oct. 31, 2008: Someone using the name Satoshi Nakamoto makes an announcement on The Cryptography Mailing list at metzdowd.com: "I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. The paper is available at http://www.bitcoin.org/bitcoin.pdf." This link leads to the now-famous white paper published on bitcoin.org entitled "Bitcoin: A Peer-to-Peer Electronic Cash System." This paper would become the Magna Carta for how Bitcoin operates today.
Jan. 3, 2009: The first Bitcoin block is mined, Block 0. This is also known as the "genesis block" and contains the text: "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks," perhaps as proof that the block was mined on or after that date, and perhaps also as relevant political commentary.
Jan. 8, 2009: The first version of the Bitcoin software is announced on The Cryptography Mailing list.
Jan. 9, 2009: Block 1 is mined, and Bitcoin mining commences in earnest.
Who Invented Bitcoin?
No one knows. Not conclusively, at any rate. Satoshi Nakamoto is the name associated with the person or group of people who released the original Bitcoin white paper in 2008 and worked on the original Bitcoin software that was released in 2009. The Bitcoin protocol requires users to enter a birthday upon signup, and we know that an individual named Satoshi Nakamoto registered and put down April 5 as a birth date. And that's about it.
Before Satoshi
Though it is tempting to believe the media's spin that Satoshi Nakamoto is a solitary, quixotic genius who created Bitcoin out of thin air, such innovations do not happen in a vacuum. All major scientific discoveries, no matter how original-seeming, were built on previously existing research. There are precursors to Bitcoin: Adam Back’s Hashcash, invented in 1997, and subsequently Wei Dai’s b-money, Nick Szabo’s bit gold and Hal Finney’s Reusable Proof of Work. The Bitcoin white paper itself cites Hashcash and b-money, as well as various other works spanning several research fields.
Why Is Satoshi Anonymous?
There are two primary motivations for keeping Bitcoin's inventor keeping his or her or their identity secret. One is privacy. As Bitcoin has gained in popularity – becoming something of a worldwide phenomenon – Satoshi Nakamoto would likely garner a lot of attention from the media and from governments.
The other reason is safety. Looking at 2009 alone, 32,489 blocks were mined; at the then-reward rate of 50 BTC per block, the total payout in 2009 was 1,624,500 BTC, which at today’s prices is over $900 million. One may conclude that only Satoshi and perhaps a few other people were mining through 2009 and that they possess a majority of that $900 million worth of BTC. Someone in possession of that much BTC could become a target of criminals, especially since bitcoins are less like stocks and more like cash, where the private keys needed to authorize spending could be printed out and literally kept under a mattress. While it's likely the inventor of Bitcoin would take precautions to make any extortion-induced transfers traceable, remaining anonymous is a good way for Satoshi to limit exposure.
The Suspects
Numerous people have been suggested as possible Satoshi Nakamoto by major media outlets. Oct. 10, 2011, The New Yorker published an article speculating that Nakamoto might be Irish cryptography student Michael Clear or economic sociologist Vili Lehdonvirta. A day later, Fast Company suggested that Nakamoto could be a group of three people – Neal King, Vladimir Oksman and Charles Bry – who together appear on a patent related to secure communications that were filed two months before bitcoin.org was registered. A Vice article published in May 2013 added more suspects to the list, including Gavin Andresen, the Bitcoin project’s lead developer; Jed McCaleb, co-founder of now-defunct Bitcoin exchange Mt. Gox; and famed Japanese mathematician Shinichi Mochizuki.
In December 2013, Techcrunch published an interview with researcher Skye Grey who claimed textual analysis of published writings shows a link between Satoshi and bit-gold creator Nick Szabo. And perhaps most famously, in March 2014, Newsweek ran a cover article claiming that Satoshi is actually an individual named Satoshi Nakamoto – a 64-year-old Japanese-American engineer living in California. The list of suspects is long, and all the individuals deny being Satoshi.
Can Satoshi's Identity Be Proven?
It would seem even early collaborators on the project don’t have verifiable proof of Satoshi’s identity. To reveal conclusively who Satoshi Nakamoto is, a definitive link would need to be made between his/her activity with Bitcoin and his/her identity. That could come in the form of linking the party behind the domain registration of bitcoin.org, email and forum accounts used by Satoshi Nakamoto, or ownership of some portion of the earliest mined bitcoins. Even though the bitcoins Satoshi likely possesses are traceable on the blockchain, it seems he/she has yet to cash them out in a way that reveals his/her identity. If Satoshi were to move his/her bitcoins to an exchange today, this might attract attention, but it seems unlikely that a well-funded and successful exchange would betray a customer's privacy.
Receiving Bitcoins As Payment
Bitcoins can be accepted as a means of payment for products sold or services provided. If you have a brick and mortar store, just display a sign saying “Bitcoin Accepted Here” and many of your customers may well take you up on it; the transactions can be handled with the requisite hardware terminal or wallet address through QR codes and touch screen apps. An online business can easily accept bitcoins by just adding this payment option to the others it offers, like credit cards, PayPal, etc. Online payments will require a Bitcoin merchant tool (an external processor like Coinbase or BitPay).
Working For Bitcoins
Those who are self-employed can get paid for a job in bitcoins. There are several websites/job boards which are dedicated to the digital currency:
Work For Bitcoin brings together work seekers and prospective employers through its websiteCoinality features jobs – freelance, part-time and full-time – that offer payment in bitcoins, as well as Dogecoin and LitecoinJobs4Bitcoins, part of reddit.comBitGigs
Bitcoin From Interest Payments
Another interesting way (literally) to earn bitcoins is by lending them out and being repaid in the currency. Lending can take three forms – direct lending to someone you know; through a website which facilitates peer-to-peer transactions, pairing borrowers and lenders; or depositing bitcoins in a virtual bank that offers a certain interest rate for Bitcoin accounts. Some such sites are Bitbond, BitLendingClub, and BTCjam. Obviously, you should do due diligence on any third-party site.
Bitcoins From Gambling
It’s possible to play at casinos that cater to Bitcoin aficionados, with options like online lotteries, jackpots, spread betting, and other games. Of course, the pros and cons and risks that apply to any sort of gambling and betting endeavors are in force here too.
Investing in Bitcoins
There are many Bitcoin supporters who believe that digital currency is the future. Those who endorse it are of the view that it facilitates a much faster, no-fee payment system for transactions across the globe. Although it is not itself any backed by any government or central bank, bitcoin can be exchanged for traditional currencies; in fact, its exchange rate against the dollar attracts potential investors and traders interested in currency plays. Indeed, one of the primary reasons for the growth of digital currencies like Bitcoin is that they can act as an alternative to national fiat money and traditional commodities like gold.
In March 2014, the IRS stated that all virtual currencies, including bitcoins, would be taxed as property rather than currency. Gains or losses from bitcoins held as capital will be realized as capital gains or losses, while bitcoins held as inventory will incur ordinary gains or losses.
Like any other asset, the principle of buying low and selling high applies to bitcoins. The most popular way of amassing the currency is through buying on a Bitcoin exchange, but there are many other ways to earn and own bitcoins. Here are a few options which Bitcoin enthusiasts can explore.
Risks of Bitcoin Investing
Though Bitcoin was not designed as a normal equity investment (no shares have been issued), some speculative investors were drawn to the digital money after it appreciated rapidly in May 2011 and again in November 2013. Thus, many people purchase bitcoin for its investment value rather than as a medium of exchange.
However, their lack of guaranteed value and digital nature means the purchase and use of bitcoins carries several inherent risks. Many investor alerts have been issued by the Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), the Consumer Financial Protection Bureau (CFPB), and other agencies.
The concept of a virtual currency is still novel and, compared to traditional investments, Bitcoin doesn't have much of a long-term track record or history of credibility to back it. With their increasing use, bitcoins are becoming less experimental every day, of course; still, after eight years, they (like all digital currencies) remain in a development phase, still evolving. "It is pretty much the highest-risk, highest-return investment that you can possibly make,” says Barry Silbert, CEO of Digital Currency Group, which builds and invests in Bitcoin and blockchain companies.
Bitcoin Regulatory Risk
Investing money into Bitcoin in any of its many guises is not for the risk-averse. Bitcoins are a rival to government currency and may be used for black market transactions, money laundering, illegal activities or tax evasion. As a result, governments may seek to regulate, restrict or ban the use and sale of bitcoins, and some already have. Others are coming up with various rules. For example, in 2015, the New York State Department of Financial Services finalized regulations that would require companies dealing with the buy, sell, transfer or storage of bitcoins to record the identity of customers, have a compliance officer and maintain capital reserves. The transactions worth $10,000 or more will have to be recorded and reported.
Although more agencies will follow suit, issuing rules and guidelines, the lack of uniform regulations about bitcoins (and other virtual currency) raises questions over their longevity, liquidity, and universality.
Security Risk of Bitcoins
Bitcoin exchanges are entirely digital and, as with any virtual system, are at risk from hackers, malware and operational glitches. If a thief gains access to a Bitcoin owner's computer hard drive and steals his private encryption key, he could transfer the stolen Bitcoins to another account. (Users can prevent this only if bitcoins are stored on a computer which is not connected to the internet, or else by choosing to use a paper wallet – printing out the Bitcoin private keys and addresses, and not keeping them on a computer at all.) Hackers can also target Bitcoin exchanges, gaining access to thousands of accounts and digital wallets where bitcoins are stored. One especially notorious hacking incident took place in 2014, when Mt. Gox, a Bitcoin exchange in Japan, was forced to close down after millions of dollars worth of bitcoins were stolen.
This is particularly problematic once you remember that all Bitcoin transactions are permanent and irreversible. It's like dealing with cash: Any transaction carried out with bitcoins can only be reversed if the person who has received them refunds them. There is no third party or a payment processor, as in the case of a debit or credit card – hence, no source of protection or appeal if there is a problem.
Insurance Risk
Some investments are insured through the Securities Investor Protection Corporation. Normal bank accounts are insured through the Federal Deposit Insurance Corporation (FDIC) up to a certain amount depending on the jurisdiction. Bitcoin exchanges and Bitcoin accounts are not insured by any type of federal or government program.
Risk of Bitcoin Fraud
While Bitcoin uses private key encryption to verify owners and register transactions, fraudsters and scammers may attempt to sell false bitcoins. For instance, in July 2013, the SEC brought legal action against an operator of a Bitcoin-related Ponzi scheme.
Market Risk
Like with any investment, Bitcoin values can fluctuate. Indeed, the value of the currency has seen wild swings in price over its short existence. Subject to high volume buying and selling on exchanges, it has a high sensitivity to “news." According to the CFPB, the price of bitcoins fell by 61% in a single day in 2013, while the one-day price drop in 2014 has been as big as 80%.
If fewer people begin to accept Bitcoin as a currency, these digital units may lose value and could become worthless. There is already plenty of competition, and though Bitcoin has a huge lead over the other 100-odd digital currencies that have sprung up, thanks to its brand recognition and venture capital money, a technological break-through in the form of a better virtual coin is always a threat.
Bitcoin's Tax Risk
As bitcoin is ineligible to be included in any tax-advantaged retirement accounts, there are no good, legal options to shield investments from taxation.
SPONSORED
Start with ¥3000 trading bonus
Trade forex and CFDs on stock indices, commodities, metals and energies with alicensed and regulated broker. For all clients who open their first real account, XM offers a¥3000 trading bonus to test the XM products and services without any initial deposit needed. Learn more about how you can trade from your PC and Mac, or from a variety of mobile devices.
Compare Investment Accounts
Advertiser Disclosure
Related Terms
Satoshi
The satoshi is the smallest unit of the bitcoin cryptocurrency. It is named after Satoshi Nakamoto, the creator of the protocol used in block chains and the bitcoin cryptocurrency.
Chartalism Chartalism is a non-mainstream theory of money that emphasizes the impact of government policies and activities on the value of money.
Satoshi Nakamoto The name used by the unknown creator of the protocol used in the bitcoin cryptocurrency. Satoshi Nakamoto is closely-associated with blockchain technology.
Bitcoin Mining, Explained Breaking down everything you need to know about Bitcoin Mining, from Blockchain and Block Rewards to Proof-of-Work and Mining Pools.
Understanding Bitcoin Unlimited Bitcoin Unlimited is a proposed upgrade to Bitcoin Core that allows larger block sizes. The upgrade is designed to improve transaction speed through scale.
Blockchain Explained
A guide to help you understand what blockchain is and how it can be used by industries. You've probably encountered a definition like this: “blockchain is a distributed, decentralized, public ledger." But blockchain is easier to understand than it sounds.
Top 6 Books to Learn About Bitcoin About UsAdvertiseContactPrivacy PolicyTerms of UseCareers Investopedia is part of the Dotdash publishing family.The Balance Lifewire TripSavvy The Spruceand more
By Satoshi Nakamoto
Read it once, go read other crypto stuff, read it again… keep doing this until the whole document makes sense. It’ll take a while, but you’ll get there. This is the original whitepaper introducing and explaining Bitcoin, and there’s really nothing better out there to understand on the subject.
“What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party

submitted by adrian_morrison to BlockchainNews [link] [comments]

Here’s How YOUR BITCOIN Will Be HACKED & STOLEN Bitcoin News and the MtGox Hack on BBC News Kim Nilsson - Cracking MtGox Craig Wright Claims To Own Stolen Mt Gox Bitcoin thebitcoingroup - YouTube

Japan-based Bitcoin exchange Mt. Gox had been operating since 2010 and was the biggest Bitcoin exchange at the time. But very few know that this big exchange was not hacked only once, but twice. The first one happened in June 2011 when the hacker was able to get ahold of Mt.Gox’s auditor’s credentials and transferred 2609 bitcoins to an At the beginning of 2014, Mt Gox, a bitcoin exchange based in Japan, was the largest bitcoin exchange in the world, handling over 70% of all bitcoin transactions worldwide. By the end of February of that year, it was bankrupt. Anyone who was using Mt. Gox lost access to their assets, and it has been a cautionary tale for crypto investors. About Mt. Gox. In February 2014 Mt. Gox suspended trading and filed for bankruptcy after approximately 850,000 Bitcoins were stolen, at the time, valued at more than $450m. This What Bitcoin Did series of interviews is with a number of the key people related to Mt. Gox. Mt Gox is hacked for $350 million in 2014 The granddaddy of all hacks, Mt. Gox, was a hard lesson that the crypto world needed to be taught. When Bitcoin first started becoming valuable, there were few places to trade it. Self-proclaimed Bitcoin inventor Craig Wright has appeared to claim that he was the hacker of Bitcoin exchange Mt. Gox in 2011, when 79,956 Bitcoin—worth $751 million today—was stolen. In a letter sent to Bitcoin services provider Blockstream, Wright’s law firm SCA Ontier alleges that he has control over two Bitcoin addresses.

[index] [25973] [17592] [30956] [11867] [21769] [25504] [50292] [40144] [36687] [4444]

Here’s How YOUR BITCOIN Will Be HACKED & STOLEN

Hello friends watch - - Who Owns The Most Bitcoins ?. Video Tags:- bitcoins, bitcoins telugu, bitcoins biscuits, bitcoins news today, bitcoins mining, bitcoins study iq, bitcoins 2020, bitcoins ... 00:29:25: When Jed became aware of the Mt. Gox hack 00:31:46: Discussing the WizSec report and bitcoins lost at Mt. Gox 00:39:42: Jed’s current relationship with Mark 00:41:39: Summary about Jed ... Cryptocurrency News - Mt. Gox Bitcoin Hack! Craig Wright has been in legal battles for a very long time now. Craig Wright also claims to be Satoshi and the creator of Bitcoin. The Bitcoin Group #19 (Live) - Mt. Gox (part IV) - Senator to Ban Bitcoins - Bitcoin Community - and - Duration: 2 hours, 6 minutes. thebitcoingroup Streamed 6 years ago Kim Nilsson - Cracking MtGox Information on how mtgox got hacked from the breaking bitcoin meet up 2017 subscribe to TheBitcoinArmy youtube channel.