The currency was blackmailed again, this time with 300 bitcoins.
On August 7, Chanan said on Weibo that he received a threat from an unidentified person and was asked to exchange 300 bitcoin chips for the 10,000 KYC information he claimed to hold about Binance. The unidentified person leaked the information through the Internet because he did not get the blackmail immediately.
However, the currency security believes that it is not yet possible to prove that the information comes from their platform.
- Is the decentralization of the decoupling on the Korean line? Is it a pseudo-proposition?
- Coin An DEX launched 37 projects with a break rate of over 70%
- Restore coin security user information disclosure incident: hacker attack hacker?
- Discussion: The currency is down the BSV, is this right?
- Currency Security BSV Debate: Rules, Neutrality and Decentralization
- Currency security "monitoring self-stealing"? Don't let the hacker internally dispel the trust of the entire cryptocurrency
The "Daily Economic News" reporter noted that this is not the first time that the currency has occurred in this year. In May of this year, the currency hacked technology, stolen 7,000 bitcoins, about 40 million US dollars. In March of last year, the currency security also had a lock-up event.
A number of cryptocurrency exchanges have been hacked, causing at least a loss of about 780 million yuan. What caused repeated incidents of repeated theft of exchanges?
Currency Announces 25 Bitcoins for Extender Information
On August 7, Chanan announced the beginning of the extortion of 300 bitcoin events through Weibo. Coin said that it recently received a threat from an unidentified person and was asked to exchange 300 bitcoin chips for the 10,000 KYC information he claimed to have about Binance.
Coin said that a security team has been set up to investigate the case, and the exact source of the case and information is still under investigation.
The unidentified person immediately began to disseminate relevant information to the public and the media because he did not get the blackmail immediately. However, Qian An said that the data disseminated in the telegraph group is different from the data in the coin security background. Because the internal information of the currency security is all electronic watermark, the pictures transmitted on the Internet do not have a specific electronic watermark.
After a preliminary review of the pictures posted online, the currency said that all the pictures were dated February 2018. During this period, due to the huge workload, Qian’an had outsourced some KYC audits to third-party service companies in a week.
Currently, Coin Security is checking all information with third party service companies. And said that it will continue to investigate and keep the information in sync.
Coin said that the data is in the same batch as the data involved in the KYC phishing incident reported by the previous media. The currency said that at the time, the hacker claimed to know the KYC information of multiple exchanges at the same time. When asked to prove the source of the data, the unidentified person who extorted 300 bitcoins from Binance refused to provide relevant evidence and directly provided information to the media in the false identity of “white hat hackers”. Coin Security has contacted the relevant law enforcement agencies and will work closely to track this person's behavior.
At the same time, the currency security is rewarded with 25 bitcoins, hoping to obtain information about the unidentified person.
Has stolen 7,000 bitcoins worth about $40 million
On May 8 this year, the currency claimed to have stolen 7,000 bitcoins, and the CEO of Changan Zhao Changpeng communicated with the users about the hacking incident.
Zhao Changpeng said that he encountered a very clever and long-term latent hacker. The hacker group used a compound attack technology to bypass the currency control system and took away 7,000 bitcoins (including about BTC's total holdings). 2% of the stock), about 40 million US dollars. And said that the currency security has set up a security fund SAFU to bear the loss, there will be no loss to any users.
By accessing the block record, you can see that this transfer is the only transfer record for this event. The cold wallet was not affected, only the Bitcoin hot wallet was affected, and other wallets and assets were safe.
Since then, the company announced that it will suspend recharge and withdrawal of coins to ensure that the attack is completely eliminated from all data, and the system is rebuilt and restored. Due to the large database and system architecture, it is expected to take about a week to complete.
It must be mentioned that in March last year, the currency security also had a lock-up event.
On March 8 last year, the currency security announcement stated that all abnormal transactions had been rolled back and the withdrawal function had been restored. Previously, the currency security control system monitored large-scale attacks, locked in cash withdrawals, prevented theft of money, and locked 31 accounts in reverse. The attacker was frozen by Binance in this attempt.
Why are cryptocurrency exchanges stolen repeatedly?
According to the "Daily Economic News" reporters incomplete statistics, in 2019, including the New Zealand cryptocurrency exchange, Coinmama exchange, DragonEX Longnet exchange, South Korea Bithumb exchange, the currency security exchange, Japan licensed cryptocurrency exchange BITPoint Japan and other hackers have caused a total loss of about 780 million yuan.
The cryptocurrency exchanges have repeatedly been stolen. Does the formation of such exchanges use blockchain technology? What caused repeated incidents of cryptocurrency exchanges being stolen repeatedly?
Lei Kai, an associate professor at the Peking University Shenzhen Graduate School, told the Daily Economic News that there are three aspects of computer systems, cryptocurrencies, exchanges, and exchange-related procedures.
The standard cryptocurrency is generally the use of blockchain technology, its transaction settlement is decentralized, does not require manual participation, can ensure the authenticity and validity of the transaction, and is distributed through consensus algorithms.
The cryptocurrency exchange is like Tmall and Taobao, and is responsible for the exchange of buyers and sellers. Some exchanges claim to be distributed blockchain exchanges, but it does not guarantee the trustworthiness of transaction settlement, but only the sale and purchase relationship. Under the premise that the cryptocurrency exchange has no public code and has not been supervised and verified by a third party, it is difficult to judge whether the blockchain technology is utilized.
The cryptocurrency uses blockchain technology when maintaining its value. After the cryptocurrency is generated, there will be an automatically executed program (such a program is called a smart contract) to automatically process the transaction, and the program is generally difficult to avoid without bugs.
What caused repeated incidents of cryptocurrency exchanges being stolen repeatedly? Lei Kai analyzed three situations.
The first is that the process of mining digital currency such as bitcoin is open, and both good and bad people can participate. If someone has more than 51% of the computing power, they can have a greater say. More than half of the world’s people say that this money is not yours. Even if the money is yours, you may be subject to the majority and your money as someone else’s.
Second, there is a problem with the security of cryptocurrency exchanges. The trading platform is written by a program. When the program is attacked, it will generate events such as distributing money to others. The common situation is that when the blockchain branches (from the low version to the high version), some people use the forked gap to attack, such as power attack, identity attack and so on. Because the fork is a decentralization process, once the fork program is not written, it may cause B to pretend to be A, stealing stolen events that should have been assigned to A, which cannot be directly related to the block. Chain-related, but a procedure for encrypting currency exchanges. This is similar to the banking system upgrade. However, the bank is upgraded within the central protection and stops the service externally, so the bank can find various errors and will not be used.
Third, the digital currency is in the user's wallet, but the wallet key is stolen, and the digital currency is stolen. The equivalent of the home key was stolen, and the thief stole the gold from the house. The scope of influence in each case is different.
Lei Kai said that blockchain technology is a double-edged sword, with its advantages and disadvantages. Such as anonymity. Anonymity makes it difficult to identify a person's true identity, and he may have multiple identities. Therefore, cryptocurrency exchanges are actually executed according to rules and consensus, and over-emphasis on rules can lead to some unreasonable errors. In addition, the cost of the blockchain is very high. Once it is confirmed that it is difficult to make corrections, if a confirmation is wrong, everyone will regard this error as true.
Source: Daily Economic News
Every reporter, Pan Ting, edited by Yi Qijiang