Security and Risk

23 Nov - Multichain Bridge exploited

Multichain users lost $1.4M due to its cross-chains bridge bug. [more][more-multichain-update][more-numberprotocol-update][more-securityanalysis]

• A security analyst pointed out that the smart contract used by Multichain had several vulnerabilities, including failure to check validity of tokens owner, validity of the transaction signers, and excessive approval from the users.

23 Nov - Fenbushi Partner’s wallet compromised

General partner at Fenbushi capital Bo Shen tweeted on Nov. 23 that $42 million worth of tokens were stolen from his personal software wallet on Nov. 10. [more][more-BoShen][more-securityanalysis]

• Security company Slowmist noted that the attack was not due to fake wallet and unlikely due to the weakness of the software wallet (Trust wallet was used). It was likely due to the leak of mnemonic seed.

21 Nov - Phishing campaign on users of crypto exchanges

A crypto-stealing phishing campaign is underway to bypass multi-factor authentication and gain access to accounts on Coinbase, MetaMask, Crypto.com, and KuCoin and steal cryptocurrency. The threat actors lured victims to them via phishing messages impersonating bogus transaction confirmation requests or suspicious activity detection. [more]

Other Crypto Picks

1. Singapore -

   • Singapore regulators say FTX never directly solicited local crypto investors, but the exchange was widely popular in the city-state. Singapore-based users could’ve made up to 5% of web traffic to FTX before its collapse, averaging more than 240,000 users per month, per The Straits Times.[more]

   • Crypto lender Hodlnaut reportedly faces police investigation in Singapore

     Hodlnaut reportedly lied about its exposure to the now-defunct Terra algorithmic stablecoin and lost nearly $190 million. It was noted that the crypto lender deleted thousands of documents related to their investments in order to hide their exposure.[more]

2. United States -

   • Three US Senators Elizabeth Warren, Dick Durbin and Tina Smithhave urged Fidelity to stop its 401(k) sponsor partners from offering bitcoin exposure — likening crypto investing to “catching lightning in a bottle” in a letter penned to Fidelity CEO Abigail Johnson. [more]

   • Serveral state regulators are turning their attention to troubled crypto firm Genesis Global Capital for potential securities violations. [more]

3. Japan - The Japanese central bank could begin piloting the digital yen as early as spring 2023 and will reportedly start a trial involving “consumers and private sector companies.” [more]

4. Belgium - Belgium’s Financial Services and Markets Authority indicated that cryptocurrencies without an issuer such as bitcoin (BTC) and ether (ETH) are not securities. [more]

5. Crypto exchange Binance has allocated another $1 billion for its industry recovery fund, effectively increasing the size of the fund to over $2 billion. [more]

   1. The size increase comes a day after CZ said that Binance is targeting $1 billion for its crypto recovery fund. Aptos Labs and Jump Crypto, along with other prominent crypto companies joined Binance's initiative and will contribute $50 million to the fund.

6. Ethereum - Ethereum developers decided to consider eight Ethereum Improvement Proposals (EIPs) for inclusion in the network’s upcoming hard fork, called “Shanghai.” The hard fork upgrade will unlock Beacon Chain staked ETH withdrawals, and might include proposals that address issues of scalability and others designed to improve the Ethereum Virtual Machine.

   But there is no consensus yet on when that will happen. [more]

7. FTX saga -

   1. Last 10 days of FTX saga. [more]

   2. 'FTX Accounts Drainer' put Ethereum under pressure as its wallet swapped ETH for bitcoin. [more]

8. FTX founder Sam Bankman-Fried will speak during the New York Times' annual DealBook Summit alongside Ukraine President Volodymyr Zelensky,  US Treasury Secretary Janet Yellen, and Meta founder Mark Zuckerberg despite the ongoing investigation against his failed venture FTX. [more]

9. Crypto wallet maker Ledger is rolling out its crypto debit card across the UK and Europe, as a string of scandals in the ecosystem spurs interest in self-custody solutions. [more]