FORCE token sees volatile 24 hours following coordinated attack on ForceDAO

The DeFi platform was the victim of an attack shortly after launch, with 183 ETH compromised. After an initial selloff, FORCE tokens are in recovery mode Monday.

Hackers made off with 183 Ethereum (ETH), worth roughly $386,000 at the time of writing, following a coordinated attack on DeFi platform ForceDAO Sunday. Following an initial selloff, ForceDAO’s native FORCE token was in recovery mode on Monday, capping off a highly volatile 24 hours for the newly launched project. 

ForceDAO detailed the Sunday exploit in a series of tweets, taking ownership of the “engineering oversight” that resulted in the attack, which centered around the platform’s xFORCE contract. 

In a follow-up blog post, Alberto Cevallos explained:

“The exploiters were able to deposit FORCE tokens that would fail the transfer [f]rom call and receive xFORCE tokens, as the xFORCE contract expects a revert from the token but instead receives false.”

He continued:

“A user could then withdraw these newly minted xFORCE tokens for the remaining FORCE tokens in the vault, and liquidate them for ETH on exchanges.”

An additional 14.8 million FORCE tokens were compromised in the initial attack, though they’ve since been returned to the pool.

Often described as a quantitative hedge fund, Force is both a protocol and decentralized autonomous organization, or DAO, that’s designed to produce higher-yielding DeFi opportunities for its community.

The FORCE token collapsed more than 99% on Sunday, from $2.21 to a low of just 2 cents, according to CoinGecko. The token has since recovered 173% in the last 24 hours.

Continue reading

US Government Expands Charges Against North Korean Hackers- Authorities Describe Them as The ‘World’s Leading Bank Robbers’

US Government Expands Charges Against North Korean Hackers — Authorities Describe Them as The "World's Leading Bank Robbers"The U.S. Department of Justice (DOJ) unsealed new charges against the North Korean state-sponsored Lazarus Group. The hackers are allegedly responsible for stealing over $1.3 billion in cryptocurrencies and fiat during coordinated cyber-heists. North Korean Hackers Also Developed and Deployed Malicious Crypto Apps According to the announcement, law enforcement expanded charges to Park Jin Hyok, […]
Continue reading

‘Bitcoin never gets hacked’ — crypto players respond to US Treasury breach

“Bitcoin means trusting a SHA256 algorithm more than the U.S Treasury,” quipped Blockfolio.

Crypto players were quick to respond to the news that hackers breached the U.S. Treasury Department.

According to a report from Reuters, a “sophisticated hacking group” backed by a foreign government — reportedly Russia, according to three people familiar with the investigation — was able to breach the U.S. Treasury Department as well as the National Telecommunications and Information Administration, or NTIA, with the Department of Commerce.

The incident happened less than a month after Donald Trump fired Department of Homeland Security cybersecurity chief Chris Krebs. However, Reuters stated that the hackers had been monitoring NTIA staff emails run on Microsoft’s Office 365 “for months.” Other government agencies may also have been breached, but sources did not provide additional details.

In response to the attack on such a powerful government agency, crypto players pointed out the advantages of Bitcoin (BTC).

“Bitcoin never gets hacked,” said Kraken’s head of business Dan Held on Twitter. Bitcoin bull Anthony “Pomp” Pompliano echoed Held’s sentiment, saying “Bitcoin has never been hacked.”

Blockfolio took aim at the NTIA’s cybersecurity, implying the agency used dated algorithms for its cryptographic security:

It’s unclear whether any funds have been compromised as a result of the breach. At the time of publication, the hack seems to be limited to information potentially stolen from government agencies’ emails.

“Jokes on them,” said MyCrypto founder and CEO Taylor Monahan. “The treasury’s already been hacked by internal actors.” The statement may reflect the United States government printing more money in 2020 than for nearly entirety of the country’s existence.

Continue reading

Why traders are not worried that the KuCoin hack will drop Ethereum price

After the $150 million KuCoin hack, traders appear unworried that open market sales by the hacker will drop Ethereum price.

Analysts say that the unknown hacker behind the KuCoin breach is selling the stolen ERC-20 tokens on Uniswap. Although selling tokens on the Ethereum-based decentralized exchange allows the hacker to obtain Ether (ETH), it doesn’t mean it’s laundered.

All transactions made on the Ethereum blockchain network are traceable using blockchain explorers, meaning even if the tokens are converted to Ether, the stolen amounts would still leave traces. This means exchanges can (and probably will) suspend any exchange address that is associated with the tainted funds.

The 1-day chart of Ether

The 1-day chart of Ether. Source: TradingView.com

Attempting to sell tens of millions of dollars worth of traced funds immediately after a breach is risky. All major exchanges are on alert, and in this specific case, Tether (USDT) froze the funds linked to the KuCoin hack.

As Cointelegraph previously reported, Bitfinex and Tether chief technical officer Paolo Ardoino said Tether froze $33 million worth of USDT but Ardoino emphasized in a follow-up statement that there are stringent guidelines that must be followed to freeze funds. He explained:

“Tether can decide to freeze funds in 2 situations: – law enforcement / regulator request – funds are sent to unrecoverable addresses (completely at tether discretion) This ability does not entitle crypto users to participate to stupid scams or paying less attention.”

With Tether actively tracking the funds and major exchanges, like Binance and Bybit contacted by KuCoin, it has become increasingly difficult to sell the funds. KuCoin CEO Johnny Lyu said:

“We are in contact with many major crypto exchanges such as Huobi, Binance, OKEx, BitMax, and Bybit, as well as blockchain projects, security agencies, and law enforcement to work on this. Some effective measures have been taken, and we will update with more details soon.”

The hacker sold the ERC-20 tokens to obtain ETH, but the transactions and Ethereum addresses can be traced using Etherscan.

Since existing major decentralized exchanges do not have privacy solutions, the ERC-20 tokens would leave traces for exchanges to follow. For this reason, many analysts are not worried that the movement and market sale of Ether tokens will place pressure on Ether price.

Will Uniswap become the preferred destination for stolen coins?

According to Ardoino, selling the stolen ERC-20 tokens on a decentralized exchange like Uniswap carries interesting repercussions.

He suggested that in the future, decentralized exchanges implement privacy solutions like confidential transactions to appeal to users. Ardoino said:

“This might have interesting repercussions. While we’re staring at laundering while it happens on a transparent DEX, couple of considerations arise for me: Will liquidity providers be tainted? Privacy is key, probably the next DEX should use confidential transactions.”

Continue reading