Profanity May Be The Cause Of Crypto Trading Firm Wintermute’s $160 Million Hack

Wintermute, a London-based cryptocurrency firm that trades billions of dollars’ worth of digital assets daily, lost $160 million in a hack early on Tuesday. Founder and CEO Evgeny Gaevoy says he learned of the hack a few minutes after it took place, around 6:00 AM London time.

An hour later, he announced the theft on Twitter without saying how it happened. All told, the hacker stole about $120 million worth of Wintermute’s “stable coins” including USDC and USDT, $20 million worth of its bitcoin and ether and another $20 million worth of lesser-known cryptocurrencies.

Gaevoy explained to Forbes that, although the investigation is still ongoing, the hack likely originated with a service called Profanity, which generates “vanity addresses” for digital cryptocurrency accounts to make them easier to work with. Otherwise, crypto accounts are roughly 30-character strings of varied letters and numbers.

Last week, a blog post by another crypto firm revealed a security vulnerability with Profanity’s code. The gist of the problem: someone with enough computing power can generate all the possible keys or passwords created for a Profanity vanity address. Then they can scan the associated accounts to see how much money they hold and steal the funds.

Wintermute had been using Profanity not to create easy-to-remember names for digital accounts, but to lower its trading transaction costs, since that’s another feature of Profanity’s service, Gaevoy says. When Wintermute learned of the vulnerability last week, they took steps to technologically “blacklist” their Profanity accounts, shielding them from being liquidated.

However, due to their own “human error,” one of the 10 accounts didn’t get blacklisted, according to Gaevoy, which probably resulted in the $160 million heist. These trading accounts were part of Wintermute’s “decentralized finance” or DeFi business, where it makes rapid trades on decentralized exchanges like Uniswap and Sushi Swap that aren’t controlled by a single entity.

Since the DeFi ecosystem is young, highly experimental and designed to be more openly accessible than traditional finance, it doesn’t have the same safeguards that centralized exchanges like Coinbase has. “You don’t have any circuit breakers. You don’t have any two-factor authentication to help store your keys,” Gaevoy says.

In 2021, DeFi hacks totaled $1.3 billion, according to research by security firm Certik. Analytics firm Chainalysis estimates that North Korea-linked groups stole $1 billion from DeFi protocols in the first eight months of 2022. Some tried and true security practices in crypto, such as using external hardware wallets or “multi-sig” applications that need to be digitally signed by multiple parties before a transaction is approved, can’t be used for the type of automated trading Wintermute does.

“You need to sign transactions on the fly, within seconds,” says Gaevoy. So they had to invent their own tech tools and security protocols. “Ultimately, that’s the risk we took. It was calculated.” DeFi has been a flourishing part of Wintermute’s business in prior years. “It didn’t work out this year,” he admits.

The Wintermute CEO has some leads on who the hacker might be, and he’s investigating them “both internally and with the use of external partners.” He’s hoping that the hacker will become a “white hat” who returns most of the funds, and he’s now offering a 10% bounty, or $16 million, if the hacker gives back the remaining $144 million. He tweeted that Wintermute “would prefer to resolve this in a simple way, but the window of opportunity to do so is closing fast due to the high profile of this exploit.”

Despite the new $160 million hole in its balance sheet, Gaevoy says Wintermute is on sound financial footing, with more than $350 million in equity. “We are one of the very few crypto-native proprietary trading firms that can actually take this punch,” the CEO says. For a couple hours after the hack, the company paused its OTC trading desk, where it facilitates large trades between other parties. But that has resumed to its normal operation.

I lead our fintech coverage at Forbes and also cover crypto. I edit our annual Fintech 50 and 30 Under 30 for fintech, and I’ve written frequently about leadership and corporate

Source: Profanity May Be The Cause Of Crypto Trading Firm Wintermute’s $160 Million Hack

.

Critics by  

As per 1inch’s findings, the private keys linked to vanity addresses could be calculated with brute force attacks. A hacker managed to steal $3.3 million worth of cryptocurrencies from several Ethereum addresses generated with the “Profanity” tool. The funds were drained even after the decentralized exchange aggregator 1inch warned users about discovering a severe vulnerability putting millions of dollars at risk.

It had previously advised users owning wallet addresses generated with the Profanity tool to transfer their assets to a different wallet.

1inch Security Report

In early 2022, 1inch contributors observed that Profanity used a random 32-bit vector to seed 256-bit private keys and suspected it could be unsafe. Upon further investigation, more suspicious activity was noted, signaling that Profanity wallets were compromised.

“The 1inch contributors checked the richest vanity addresses on popular networks and came to the conclusion that most of them were not created by the Profanity tool. But Profanity is one of the most popular tools due to its high efficiency. Sadly, that could only mean that most of the Profanity wallets were secretly hacked.”

According to 1inch, Profanity happens to be a popular and “highly efficient” tool with which users are able to create millions of addresses per second. However, the procedure used by Profanity to generate the addresses was not flawless either and was susceptible to attacks.

The security disclosure report published by 1inch last week also noted that the vulnerability may have enabled hackers to “secretly” steal millions of dollars from Profanity users’ wallets for years. The contributors are currently trying to determine all the compromised vanity addresses.

Soon after the warning, blockchain investigator ZachXBT notified the attack draining over $3 million in funds. Fortunately, his tweet helped a user save $1.2 million in crypto and NFTs from the hacker who had access to their wallet.

Profanity Devs Abandon Project

According to Tal Be’ery, ZenGo’s security lead and chief technology officer, the malicious entities could have been “sitting” on the vulnerability in an attempt to get their hands on as many private keys as possible of bug-ridden Profanity-generated vanity addresses before the vulnerability was detected. However, they cashed out after it was publicly exposed by 1inch.

Meanwhile, one of the Profanity developers, who goes by the pseudonym ‘johguse’ on Github, said that they have already “abandoned” the project a few years ago. The comment regarding the same read

“This project was abandoned by me a couple of years ago. Fundamental security issues in the generation of private keys have been brought to my attention. I strongly advise against using this tool in its current state. This repository will soon be further updated with additional information regarding this critical issue.”

.

Related News:

Washington Monument Vandalized With Red Paint, ProfanityNBC Washington

20:38 Tue, 20 Sep
13:49 Mon, 19 Sep
05:10 Mon, 19 Sep
15:57 Sun, 18 Sep
00:45 Wed, 14 Sep
13:35 Thu, 01 Sep
00:08 Wed, 31 Aug
17:15 Fri, 26 Aug
10 Bold Actions In Positive Life & Work                https://jvz3.com/c/202927/383942/
360Apps                https://jvz2.com/c/202927/263380
3D Pal Toons                https://jvz6.com/c/202927/381689/
4brandcommercial        https://jvz1.com/c/202927/375487
7 Minutes Kit                    https://jvz8.com/c/202927/374505/
9 figure Success                        https://jvz8.com/c/202927/384653/
Ad Raven                       https://jvz4.com/c/202927/382796/
Ada leadz                           https://jvz8.com/c/202927/376381
ADA Web                        https://jvz3.com/c/202927/383751/
AdRaven                          https://jvz3.com/c/202927/382851/
Adsense Machine                  https://jvz2.com/c/202927/290487
Adtivate Agency                   https://jvz3.com/c/202927/383706/
AdzHero                      https://jvz2.com/c/202927/366972/
AffiliateMatic                 https://jvz3.com/c/202927/381148/
Agency Client Finder                        https://jvz3.com/c/202927/384619/
AgencyScale                          https://jvz4.com/c/202927/383111/
Agencyscale                      https://jvz1.com/c/202927/383113/
AIWA Commercial              https://jvz2.com/c/202927/365061
AIWA22                           https://jvz6.com/c/202927/377907/
ALL-in-One HD Stock                   https://jvz4.com/c/202927/381560
Animaxime                   https://jvz2.com/c/202927/383307/
Appimize                            https://jvz8.com/c/202927/370227
Appoint B Agency                     https://jvz1.com/c/202927/384630/
Appointomatic               https://jvz6.com/c/202927/374258
Appowls                     https://jvz4.com/c/202927/381231/
AppOwls                https://jvz4.com/c/202927/381976/ Bundle
Art Of Living                       https://jvz4.com/c/202927/382425/
Audiencetoolkit              https://jvz6.com/c/202927/302715
Aweber Crash Course                     https://jvz6.com/c/202927/383057/
Backlinkindexer           https://jvz6.com/c/202927/88118
BevTraders                               http://www.bevtraders.com/?ref=arminham
Big Audio Club                       https://jvz6.com/c/202927/380087/
BigAudio Club                   https://jvz2.com/c/202927/380877/
Boost Optimism                    https://jvz2.com/c/202927/380692/
BrandElevate                  https://jvzoo.com/c/202927/381812
BrandElevate                https://jvz4.com/c/202927/381807/
Bybit Crypto Trade                  https://www.bybit.com/en-US/invite?ref=ALEXP
CanvaKitz                     https://jvz4.com/c/202927/379051/
ChatterPal Commercial                 https://jvz8.com/c/202927/324615
Clientfinda                     https://jvz8.com/c/202927/370806
Clipsreel                             https://jvz3.com/c/202927/372682
Commission smasher          https://jvz3.com/c/202927/376879
Content Gorilla              https://jvz2.com/c/202927/330783
Content Tool Kit                     https://jvz3.com/c/202927/329145/
CourseAlly eLearning                      https://jvz4.com/c/202927/384759/
CourseReel                          https://jvz6.com/c/202927/355256/
CourseReel                        https://jvz2.com/c/202927/355249
Courserious                       https://jvz8.com/c/202927/360397/
Coursova                         https://jvz1.com/c/202927/376527
Creaitecontentcreator          https://jvz1.com/c/202927/376986
Credit Repair                        https://jvz8.com/c/202927/377815/
Crypto Kit                     https://jvz8.com/c/202927/383809/
Crypto Rocket                     https://jvz6.com/c/202927/378113/
Crypto Underworld                           https://jvz8.com/c/202927/374345/
Dealcheck                                  https://dealcheck.io?fp_ref=armin16
Design beast               https://jvz6.com/c/202927/371547
Designa Suite License                  https://jvz2.com/c/202927/297271
Develop Self Empowerment                 https://jvz6.com/c/202927/383094/
DFY Content Club                 https://jvz6.com/c/202927/381337/
DFY Suite                                    https://jvz2.com/c/202927/337292
DFY Suite                      https://jvz2.com/c/202927/381194/
DFY Suite                    https://jvz3.com/c/202927/381194/
Diabetes Guide                       https://jvz2.com/c/202927/358870/
Diddly Pay’s DLCM                  https://jvz2.com/c/202927/315596
Diet fitness diabetes              https://jvz1.com/c/202927/286851
Domainname                  https://jvz6.com/c/202927/377005
Dominate Email             https://jvz4.com/c/202927/386980/
Dropshiply                   https://jvz3.com/c/202927/383483/
DUX Forex Signals                        https://jvz3.com/c/202927/128215/
EBook Agency                        https://jvz2.com/c/202927/384573/
Ejaculation Total                     https://jvz2.com/c/202927/75989/
Email Monetizer                     https://jvz2.com/c/202927/386337/
EngagerMate                         https://jvz8.com/c/202927/328172
EngageYard                     https://jvz2.com/c/202927/383051/
Extreme Adz                 https://jvz8.com/c/202927/379244/
Extreme Coupon                  https://jvz1.com/c/202927/216101/
EZ Local Appointmen                            https://jvz2.com/c/202927/385180/   t
Ezy                https://jvz1.com/c/202927/381935/
Ezy MultiStores               https://jvzoo.com/c/202927/381935
Facebook Cash Machine                 https://jvz4.com/c/202927/382333/
Facedrip                          https://jvz1.com/c/202927/376325/
FaceSwap                 https://jvz4.com/c/202927/381768/
Fade To Black                   https://jvz2.com/c/202927/344541
Fanpage                          https://jvz4.com/c/202927/144349
Fitness Nutrition                    https://jvz4.com/c/202927/353334/
Followup Builder                         https://jvz3.com/c/202927/386313/
Forex Atlatian                        https://jvz8.com/c/202927/25069/
Forex Blizz                             https://jvz8.com/c/202927/144577/
Forex Blue Stark                      https://jvz3.com/c/202927/47481/
Forex expert                   https://jvz1.com/c/202927/376877
Forex Hybrid Scalper                        https://jvz6.com/c/202927/95037/
Forex Joustar                     https://jvz8.com/c/202927/381617/
Forex Joustar                  https://jvz6.com/c/202927/381617/
Forex Mastery                    https://jvz2.com/c/202927/144621/
Forex Scouts                         https://jvz6.com/c/202927/132677/
forrk                                              https://jvz1.com/c/202927/373449
FusionMT4                             https://jvz2.com/c/202927/372523/
FX Goldminer                      https://jvz1.com/c/202927/381439/
Galactic                         https://jvz1.com/c/202927/188236/
Gaming job                    https://jvz2.com/c/202927/184902  s
Genesis Mining                         https://www.genesis-mining.com/a/2535466
Givvy Mobile Lottery             https://givvy-numbers.app.link/qNDZMGGbhsb
Gluten free                              https://jvz4.com/c/202927/296191
GMB Magic                        https://jvz2.com/c/202927/377194
Graphic Alta           https://jvz2.com/c/202927/324492/
Heal Your Emptiness                         https://jvz6.com/c/202927/384848/
High Converting Emails                  https://jvz3.com/c/202927/386305/
HostLegends                       https://jvz4.com/c/202927/384755/
Hostley Domain Creator                        https://jvz1.com/c/202927/379223/
Human Synthesys Studio                      https://jvz8.com/c/202927/367353/
ImageX                      https://jvz6.com/c/202927/363237/
IMSyndicator                   https://jvz1.com/c/202927/370769
Inboxr                            https://jvz2.com/c/202927/312692
Insta Keyword                https://jvz6.com/c/202927/351606/
Instant Website                https://jvz2.com/c/202927/377557
InstantWebsiteBundle          https://jvz6.com/c/202927/377557
iTraffic X                          https://jvz2.com/c/202927/320466
keysearch                                    https://jvz3.com/c/202927/194909
Klippyo Kreators                         https://jvz8.com/c/202927/327447
KoinCart                            https://jvz2.com/c/202927/383555/
Leadvalet                         https://jvz3.com/c/202927/385580/
Levidio Royal Podcasting                        https://jvz6.com/c/202927/384025/
Linkable DFY                       https://jvz6.com/c/202927/385873/
Linkomatic                            https://jvz2.com/c/202927/380937/
LiteTrading                                 https://www.litefinance.com/?uid=929237543
Live Your Truth                       https://jvz6.com/c/202927/379020
Living An Intentional Life              https://jvzoo.com/c/202927/382455
Living an International Life                  https://jvz8.com/c/202927/382455/
Local Leader                   https://jvz4.com/c/202927/383751/
Local Sites                  https://jvz4.com/c/202927/380543/
LocalAgencyBox                 https://jvz2.com/c/202927/359468
LocalCentric                            https://jvz2.com/c/202927/379339/
Marketingblocks             https://jvz6.com/c/202927/374934
MarketPresso                  https://jvz2.com/c/202927/369837
Mat1 Simple Funnel                            https://jvz2.com/c/202927/380197/
Maxslides                         https://jvz8.com/c/202927/376842
Mech Forex Robot                           https://jvz6.com/c/202927/383447/
MediaCloudPro                 https://jvz2.com/c/202927/343635
Megasuite                         https://jvz3.com/c/202927/383953/
Mobi First                          https://jvz2.com/c/202927/353694/
Motion Kingdom Studio                    https://jvz4.com/c/202927/383177/
Movid Animation                     https://jvz6.com/c/202927/380385/
MT4Code System                  https://jvz2.com/c/202927/376925
My Passive Income                  https://jvz1.com/c/202927/384099/
MyMailIt                              https://jvz3.com/c/202927/292919
MyTrafficJacker               https://jvz2.com/c/202927/353558
Next Drive                      https://jvz4.com/c/202927/371095/
NichBox               https://jvz2.com/c/202927/370705/
Organic Life Guide                 https://jvz8.com/c/202927/366872/
Photokit                           https://jvz4.com/c/202927/373207/
PicsAds                         https://jvz2.com/c/202927/385468/
PigMoney Metho                     https://jvz4.com/c/202927/377665/   d
PigMoneyMethod                        https://jvz2.com/c/202927/377665/
Pitchdeck                      https://jvz3.com/c/202927/347847/
Pixal                     https://jvz2.com/c/202927/378775/
Pixivid                           https://jvz6.com/c/202927/385213/
PlanB Muscle Growth              https://jvz1.com/c/202927/36517/
PlayerNeos                 https://jvz2.com/c/202927/376962
Podcast Advantage                        https://jvz8.com/c/202927/379995/
Podcast Advantage              https://jvz1.com/c/202927/379995/
Podcast Masterclass               https://jvz3.com/c/202927/379998/
PodKastr                 https://jvz1.com/c/202927/369500/
Postradamus                              https://jvz6.com/c/202927/108695
Power Reviews                     https://jvz8.com/c/202927/384625/
Powrsuite                       https://jvz1.com/c/202927/376361
PR Rage                        https://jvz4.com/c/202927/343405
prime stocks                              https://jvz8.com/c/202927/369164  prime stocks
Profile mate                           https://jvz4.com/c/202927/358049
Promovidz                      https://jvz8.com/c/202927/375692/
Push Button Traffic         https://jvz2.com/c/202927/301402
QR Verse                      https://jvz3.com/c/202927/383865/
Quintex Capital                         https://quintexcapital.com/?ref=arminham
Quit Smoking                           https://jvz3.com/c/202927/359081/
Reputor                 https://jvz8.com/c/202927/380159/
ReVideo                     https://jvzoo.com/c/202927/381761
ReviewReel                        https://jvz6.com/c/202927/382663/
Rewriter                      https://jvz4.com/c/202927/353373/
RSI SEO                              https://jvz6.com/c/202927/384381/
Scriptdio                       https://jvz4.com/c/202927/385387/
Seniors Income                        https://jvz2.com/c/202927/383888/
Senuke                                  https://jvz6.com/c/202927/279944
ShopABot                           https://jvz2.com/c/202927/291955
ShopFunnels                        https://jvz3.com/c/202927/384069/
SocialAgency360                 https://jvz1.com/c/202927/385357/
SociCake                       https://jvz2.com/c/202927/321987
Socifeed                          https://jvz6.com/c/202927/375706
SociJam                    https://jvz2.com/c/202927/309649
Soronity                                 https://jvz6.com/c/202927/368736
SqribbleEbook                 https://jvz6.com/c/202927/283867
Stackable Picture                        https://jvz1.com/c/202927/385046/
Steven Alvey’s                      https://jvz2.com/c/202927/351754
Stoodaio                                    https://jvz1.com/c/202927/372094
Storymate                         https://jvz3.com/c/202927/320972
StreamPilot                        https://jvz2.com/c/202927/385431/
Studioninja                       https://jvz1.com/c/202927/374965
Sunday Freebie                             https://jvz1.com/c/202927/267113/
Super backdrop                https://jvz8.com/c/202927/376524
Superbackdrop                 https://jvz8.com/c/202927/376524
Survai                      https://jvz8.com/c/202927/380933/
Syndranker                          https://jvz3.com/c/202927/378143/
Talkingfaces                      https://jvz2.com/c/202927/375358
Talkingfaces                    https://jvz3.com/c/202927/375550
The Internet Marketing                https://jvz2.com/c/202927/289944
Tonai Voice Content           https://jvz8.com/c/202927/383119/
Toon Video Maker                   https://jvz2.com/c/202927/357201
TrafficFor                https://jvz8.com/c/202927/381950/
TrafficForU                   https://jvz3.com/c/202927/381950/
Trendio                       https://jvz3.com/c/202927/381003/
TubePal                        https://jvz6.com/c/202927/379863/
Tubeserp                        https://jvz3.com/c/202927/370472
TubeTargeter                   https://jvz6.com/c/202927/377211
TV Boss Fire                https://jvz6.com/c/202927/379480/
Ultrafunnels A.I                 https://jvz2.com/c/202927/381129/
VIADZ Ad Template                    https://jvz4.com/c/202927/379307/
Vidcentric                             https://jvz4.com/c/202927/376095
Viddeyo                                https://jvz6.com/c/202927/382326/
Videevolve                       https://jvz4.com/c/202927/381011/
Video Campaignor      https://jvz4.com/c/202927/387058/
Video Games                            https://jvz3.com/c/202927/184902/
VideoEnginePro                https://jvz2.com/c/202927/372916
VideoGameSuite                     https://jvz3.com/c/202927/366537/
VideoRobot Enterprise                https://jvz8.com/c/202927/291061
VidKreate                        https://jvz6.com/c/202927/386029/
VidMingo                           https://jvz6.com/c/202927/378359/
VidSnatcher                           https://jvz3.com/c/202927/342585
VidVoicer                      https://jvz1.com/c/202927/379983/
Vidzura                       https://jvz4.com/c/202927/385754/
Viral dash                            https://jvz6.com/c/202927/375959
Viral Quotes            https://jvz2.com/c/202927/386984/
VirtualReel                       https://jvz8.com/c/202927/376849
Vocalic                    https://jvz2.com/c/202927/383848/
VoiceBuddy                      https://jvz1.com/c/202927/342854
WebCop                         https://jvz4.com/c/202927/378683/
Webinarkit                       https://jvz3.com/c/202927/383937/
Webprimo                   https://jvz1.com/c/202927/379455/   Website Builder
WordPress Mastery                       https://jvz1.com/c/202927/386249/
WOW Backgrounds                      https://jvz3.com/c/202927/381615/
WowBackgraounds                       https://jvz2.com/c/202927/381556/
WP GDPR                                https://jvz8.com/c/202927/299907
WP Simulator                    https://jvz3.com/c/202927/46987/
Writer Arc           https://jvz1.com/c/202927/386602/
writing job                                  https://jvz8.com/c/202927/213027
XBrain Forex                           https://jvz3.com/c/202927/372305/
XFUNNELS                         https://jvz2.com/c/202927/310335
Xinemax                    https://jvz1.com/c/202927/381749/
YoDrive                    https://jvz2.com/c/202927/384700/
Your 3DPal                https://jvz2.com/c/202927/381685/
YTSuite                       https://jvzoo.com/c/202927/381179

Crypto Links With Banks Pose Threat To Financial Stability, Says ECB

The crypto industry’s deepening ties to banks and asset managers will pose a risk to financial stability, the European Central Bank has warned, in the latest sign of how central banks and governments are stepping up their scrutiny of the market. The ECB said on Tuesday it had undertaken “a deep dive into cryptoasset leverage and crypto lending” and found evidence that these activities were becoming more risky, complex and interconnected with traditional institutions.

Investors have been able to handle the €1.3tn fall in the market capitalisation of unbacked cryptoassets since November 2021 without any financial stability risks being incurred,” the ECB said. “However, at this rate, a point will be reached where unbacked cryptoassets represent a risk to financial stability.” The first such warning from the ECB, published as part of its twice-yearly financial stability review, followed similar messages from US and UK authorities, which have been unnerved by a series of recent failures in the crypto market.

Bitcoin, the world’s flagship cryptocurrency, has halved in value since November and recently fell below $30,000 for the first time since last summer. The market’s most important stablecoin, tether, momentarily lost its peg to the US dollar, while its rival terraUSD all but collapsed. The crypto market itself has boomed in size in recent years, with major platforms like Binance and FTX offering a wide array of complex financial products.

The world’s biggest crypto exchanges processed almost $700bn in spot trading last month and $1.1tn in bitcoin futures, according to data collated by The Block Crypto. Recommended Gillian Tett The Goldilocks crisis may have arrived for crypto The ECB said trading volumes for cryptoassets “have at times been comparable with or even surpassed those of the New York Stock Exchange or euro area sovereign bond quarterly trading volumes”.

At the same time, some crypto exchanges are offering loans to customers to allow them to increase their exposures by as much as 125 times their initial investment, it said. But “significant informational and data shortcomings persist”, which meant “the full extent of possible contagion channels with the traditional financial system cannot be fully ascertained”. ECB president Christine Lagarde said on Dutch television at the weekend that a crypto token was “worth nothing, it is based on nothing, there is no underlying asset to act as an anchor of safety”.

Fabio Panetta, an ECB executive, recently likened the sector to a “Ponzi scheme” and called for a regulatory clampdown to avoid a “lawless frenzy of risk-taking”. Links between eurozone banks and crypto assets “have been limited so far”, the ECB said in its report on Tuesday. The central bank said some international and eurozone banks are “already trading and clearing regulated crypto derivatives, even if they do not hold an underlying cryptoasset inventory”.

It added that large payment networks had “stepped up their support of cryptoasset services” and institutional investors were “now also investing in bitcoin and cryptoassets more generally”. Noting that German institutional investment funds have been allowed to put up to a fifth of their holdings into crypto assets since last year, it said such investments had been aided by the availability of crypto-based derivatives and securities listed on exchanges.

Recommended Behind the Money podcast20 min listen A crypto vibe shift? The ECB also cited risks from decentralised finance, or DeFi, in which cryptocurrency-based software programs offer financial services without the use of intermediaries such as banks. “Crypto credit on DeFi platforms grew by a factor of 14 in 2021, while the total value locked was hovering at around €70bn until very recently, on a par with small domestic peripheral European banks,” it said.

Rehypothecation, in which collateral for a loan can be repledged against another loan, increased the chances of leverage limits being breached. As many as one in 10 EU households “may own cryptoassets”, though most had less than €5,000 invested in the sector, according to a recent ECB survey. Similarly, a Fed survey released on Monday found 12 per cent of US adults held or used cryptocurrencies in 2021. The EU is finalizing legislation, called markets in crypto assets, but the ECB said it would not come into force until 2024 at the earliest.

“Given the speed of crypto developments and the increasing risks, it is important to bring cryptoassets into the regulatory perimeter and under supervision as a matter of urgency,” it said.

Source: Crypto links with banks pose threat to financial stability, says ECB | Financial Times

Critics by Kate Rooney

Financial services firms added three times as many crypto jobs last year than in 2015, according to recent data from LinkedIn. In the first half of 2021, that pace jumped by 40%. Banks on a crypto hiring spree included Deutsche Bank, Wells Fargo, Citigroup, Capital One, Barclays, Credit Suisse, UBS, Bank of America and BNY Mellon.

The crypto boom on Wall Street coincides with more funding and hiring in the start-up world. Crypto and blockchain companies raised a record $25 billion last year, an eightfold increase from a year earlier, according to CB Insights data.

Farooq said that even with the start-up boom, JPMorgan has seen “limited attrition.” Those leaving have been people “wanting to start their own company versus wanting to leave and go do something similar.”

However, JPMorgan did lose one of its highest-profile crypto deputies last year. Christine Moy is on garden leave after departing her role as managing director and global head of crypto and metaverse at Onyx. She has yet to announce her next move.

“After over a half-decade laying the foundations for blockchain-based infrastructure across financial markets and cross-border payments, creating new businesses that have already scaled into the $USD billions at J.P. Morgan, I am looking to challenge myself further by finding new opportunities to create value and drive impact for the Web3/crypto ecosystem from a new angle,” Moy told CNBC in an email.

Other top crypto executives who left Wall Street recently expressed some frustration at how long it takes to get projects moving within a large financial institution. Mary Catherine Lader, chief operating officer at Uniswap Labs, left her job as a managing director at BlackRock last year. Her foray into crypto started as a side project within the asset management company.

“It certainly wasn’t my primary job,” Lader said. “It was kind of a hobby, as it is for so many people on Wall Street, and it definitely wasn’t something that at the time I was thinking about, because it was early stages of adoption.”

Justin Schmidt, former head of digital asset markets at Goldman Sachs, made a similar career change last year. He joined institutional crypto trading platform Talos and described the risk in a similar way, calling the decision “multidimensional.”

“Inherently, you’re taking a brand risk — Goldman is one of the storied institutions of Wall Street,” Schmidt said. “You are also taking a risk by staying someplace more traditional, and I very firmly believe that this is a generational change and there’s a generational opportunity here…..

Further contents:

Sanctioning Russia On The Blockchain: Following The Money To A Network Of OTC Providers

Sanctions can only work if those who are supposed to enforce them understand exactly what to do so that they cannot be circumvented easily. Russia’s extensive network of Over-The-Counter (OTC) providers requires an extensive review by sanction committees, as they might be adopted to circumvent sanctions.

As described in the previous release, due to the limited liquidity of cryptocurrencies and Decentralized Finance space in general, it remains close to impossible for Russia to circumvent SWIFT-based systems by using crypto. However, Russians might still hold up to $200 Billion USD in crypto assets, besides running the third-largest crypto mining industry in the world. These funds can potentially be cashed out with Russian OTC providers.

The fifth EU sanction package on Russia limits the crypto asset holdings of Russian nationals, individuals, and legal entities established in Russia to €10,000 (with the same account, wallet or custody provider). The use of Russian OTC providers, which represents a network of physical providers offering cash payouts from crypto, could be adopted to circumvent these sanctions.

In oversimplified terms, OTC refers to a process in which individuals theoretically could agree on a price and meet to complete a transaction. An example of such a process could be a personal meeting in which one side brings bags with cash or any other pre-agreed means of value, and the other side could conduct a transaction on the blockchain on the spot. Transactions primarily with larger sums of money could be risky, to say the least.

Contrarily to peer-to-peer exchanges (P2P) which involve independent parties, OTC exchanges act comparable to physical pawn shops. At dedicated physical locations with announced opening hours, individuals can visit and exchange their cryptocurrencies in Russia for cash or bank transfers.

Depending on the business models of virtual assets service providers (VASPs), both OTC and P2P providers have existed in various jurisdictions since the beginning of financial interactions between individuals.

An example of such a platform in the EU is LocalBitcoin, registered with the Finnish Financial Supervisory Authority. Unlike Russian OTC providers which are subject to the 6th Anti Money Laundering Directive of the EU and connected to its so-called Counter-Terrorism Financing (CTF) legislation, LocalBitcoin is a unique case.

Existence of such a platform in the EU is only possible in Finland, as the rest of the EU has followed the recommendation of the Financial Action Task Force (FATF) to define and include Digital Assets in the national legislation and created an oversight program as a regulator.

It can be argued that the current regulatory frameworks remain far from perfect, but there is increased interest in incorporating DeFi into traditional financial compliance programs.

Such requirements to register a P2P or OTC exchange are way different within the Russian Federation. On the one hand, Russia approved use of cryptocurrency as an investment tool or a payment method as of Q1 2021 but on the other its national bank proposed a long list of bans that should outlaw the circulation of cryptocurrencies within the country.

Due to such unclear legal circumstances, licensing and supervisory programs are close to non-existent. In the absence of platforms that have chosen ‘compliance excellence’ as their differentiating business strategy, for example, Coinbase or some Scandinavian VASPs, many Russian providers have to operate in the gray space to say the least.

What is surprising is the fact that even though Russians store up to one fifth of the national bank’s reserves in digital assets, the public side has decided to not provide much clarity for the VASPs or any other players in Decentralized Finance (DeFi).

By not providing clarity for players in the Digital Assets space, the governments in Moscow and Minsk continue to lose on potential tax revenues and regulatory oversight of over 623 crypto platforms identified so far, associated with Russia and Belarus. The logic to continue to lose out on easily taxable capital gain from crypto investments remains questionable.

“Is it not paradoxical that despite the Russian Prime Minister stating that Russians hold $200 Billion USD in crypto, Russia has not yet formulated a comprehensive legislation to legalize crypto or set a taxation process for it?” — Dominika Kuberska, PhD, Faculty of Economic Sciences, University of Warmia and Mazury in Olsztyn.

With the absence of regulated players in Russia, there is a well-developed gray market of OTC exchanges that facilitate the trade of Digital Assets in exchange for rubles using both cash and bank transfers.

Sources, who desire to remain anonymous, underline that bank transfers to individuals or entities from OTC brokers are labeled as payments for IT or consultancy services. The Russian government will officially tax profits from such transfers with personal or corporate income tax (PIT, CIT).

Moreover, for customers that desire to purchase or exchange a significant amount of digital assets, there are at least ten physical brokers in Moscow or even price comparison websites like BestChange.ru that display the current rates of OTC providers in various regions.

Due to the nature of the business model, customers can often exchange cash for digital assets at the physical offices of these exchanges which can be visited by both individuals and the members of the Russian financial supervisory authorities, in case they would acknowledge their existence.

The majority of OTC providers operate without identifying their customers. Multiple sources report on direct cooperation between dedicated Ponzi schemes or sanctioned brokers with OTC providers. Even if hard evidence such as an agreement or email exchange between confirmed parties is continuously being collected, blockchain based analytics continues to provide indications for illicit transactions.

Russia has been connected with an elevated amount of illicit activities for a country that has a population of 144 million, which is 1.5 times bigger than that of Germany.

“Russia has surprisingly large amounts of confirmed illicit “Unicorns” like BTC-e/WEX exchange, Hydra dark web marketplace, dozens of pyramid schemes like PRIZM, the largest ransomware attacks and other cybercrimes which experts consider to be possibly parts of state-sponsored-activities” – Oleksii Fisun, Co-founder of Global Ledger Protocol.

With so many confirmed illicit activities coming out of one jurisdiction, it remains worth investigating how profits from illegal activities could be potentially cashed out. As described extensively in the previous article, the advantage of a public blockchain is that it remains visible and traceable.

An example of such confirmed illicit activity that could be cashed out with a Russian OTC provider, would be funds allocated in a cryptocurrency wallet provider called Konvert.im. It includes more than 100 transactions and has more than 69% exposure to funds originating from newly sanctioned Hydra Darknet Marketplace.

As Konvert.im represents an exchange, most certainly, their compliance must be aware of the origination of those funds from sanctioned Hydra. It is within such schemes the funds might be mixed with other funds that could potentially be forwarded to OTC providers for cash out.

Regardless of the choice of the provider used for Blockchain based analytics, due to the nature of Blockchain based investigations that accumulate all of the funds and its traces on the Blockchain between different brokers, there will always be a certain exposure to illicit traffic, which most likely will be at a single digit percentage wise.

Similar to accepting a physical banknote at the local farmer’s market, there could be a possibility that this banknote was used to conduct illicit activity in the past. This connection to illicit activity remains invisible on the banknote itself, but such a transaction is perfectly visible on the Blockchain.

Having said that, it remains impossible to state that an exposure of 69% to Hydra has been a technical mistake. It should rather be perceived as a dedicated action and tracing the money from Konvert.im to a Russian OTC provider might serve as a symbol that this strategy can and might be adopted to circumvent SWIFT-based sanctions and easily bypass a limitation specified in the fifth EU sanction package.

I’ve specialised in the topics on the intersection between Information Systems, Fintech, Insurtech, Cryptocurrency, Blockchain – Distributed Ledger Technologies

Source: Sanctioning Russia On The Blockchain: Following The Money To A Network Of OTC Providers

.

More contents:

Austrian Programmer And Ex Crypto CEO Likely Stole $11 Billion Of Ether

Ethereum, the second biggest crypto network, is worth $360 billion. Its creator, Vitalik Buterin, has more than 3 million Twitter followers, has made videos with Ashton Kutcher and Mila Kunis, and has met with Vladimir Putin. All the most popular trends in crypto over the last several years launched on Ethereum: initial coin offerings (ICOs), decentralized finance (DeFi), non-fungible tokens (NFTs), and decentralized autonomous organizations (DAOs). And it has spawned a whole class of blockchain imitators, often called “Ethereum killers.”

Ethereum is also the subject of a great mystery: who committed the largest theft of ether (Ethereum’s native token) ever, by hacking The DAO? The decentralized venture capital fund had raised $139 million in ether (ETH) by the time its crowd sale ended in 2016, making it the most successful crowdfunding effort to that date. Weeks later, a hacker siphoned 31% of the ETH in The DAO—3.64 million total or about 5% of all ETH then outstanding—out of the main DAO and into what became known as the DarkDAO.

Who hacked The DAO? My exclusive investigation, built on the reporting for my new book, The Cryptopians: Idealism, Greed, Lies, and the Making of the First Big Cryptocurrency Craze, appears to point to Toby Hoenisch, a 36-year-old programmer who grew up in Austria and was living in Singapore at the time of the hack. Until now, he has been best known for his role as a cofounder and CEO of TenX, which raised $80 million in a 2017 initial coin offering to build a crypto debit card—an effort that failed.

The market cap of those tokens, which spiked at $535 million, now sits at just $11 million.After being sent a document detailing the evidence pointing to him as the hacker, Hoenisch wrote in an email, “Your statement and conclusion is factually inaccurate.” In that email, Hoenisch offered to provide details refuting our findings—but never answered my repeated follow-up messages to him asking for those details.

To put the enormity of this hack in perspective, with ETH now trading around $3,000, 3.64 million ETH would be worth $11 billion. The DAO theft famously and controversially prompted Ethereum to do a hard fork—where the Ethereum network split into two as a way to restore the stolen funds—which ultimately left the DarkDAO holding not ETH, but far less valuable Ethereum Classic (ETC). The proponents of the fork had hoped ETC would die out, but it now trades around $30. That means the descendant wallets of the DarkDAO now hold more than $100 million in ETC—a high dollar monument to the biggest whodunnit in crypto.

Last year, as I was working on my book, my sources and I, utilizing (among other things), a powerful and previously secret forensics tool from crypto tracing firm Chainalysis, came to believe we had figured out who did it. Indeed, the story of The DAO and the six-year quest to identify the hacker, shows a lot about just how far the crypto world and the technology for tracking transactions have both come since the first crypto craze. Today, blockchain technology has gone mainstream. But as new applications arise, one of the first uses of crypto—as an anonymity shield—is in retreat, thanks to both regulatory pressure and the fact that transactions on public blockchains are traceable.

Since Hoenisch won’t talk to me, I can only speculate about his possible motives; back in 2016 he identified technical vulnerabilities in the DAO early and may have decided to strike after concluding his warnings weren’t being taken seriously enough by the creators of the DAO. (One of his TenX cofounders, Julian Hosp, an Austrian medical doctor who now works in blockchain full time, says of Hoenisch:

“He is a person that is super opinionated. Always believed he was right. Always.”) Looked at from that perspective, this is also a tale of the big brains and big egos that drive the crypto world–and of a hacker who may have justified his actions by telling himself he simply did what the faulty code baked into The DAO allowed him to do.

In early 2016, the Ethereum network was not even a year old, and there was only one app on it that people were interested in: The DAO, a decentralized venture fund built with a smart contract that gave its token holders the right to vote on proposals submitted for funding. It had been created by a company named Slock.it, which, instead of seeking traditional venture capital, had decided to create this DAO and then open it up for crowdfunding—with the expectation that its own project would be one of those funded by The DAO. Slock.it’s team thought The DAO might attract $5 million.

Yet when the crowd sale opened on April 30th, it took in $9 million in just the first two days, with participants exchanging one ether for 100 DAO tokens. As the money poured in, some on the team felt queasy, but it was too late to cap the sale. By the time the funding closed a month later, 15,000 to 20,000 individuals had contributed, The DAO held what was then 15% of all ether and the price of the cryptocurrency was steadily rising. At the same time, a variety of security and structural concerns were being raised about The DAO, including one that would, ironically, later prove to be crucial to limiting the hacker’s immediate access to the spoils.

That problem: withdrawing funds was too hard. Someone wanting to retrieve their money had to first create a “child DAO” or “split DAO,” which required not only a high degree of technical knowledge, but also waiting periods after each step and the agreement of anyone else who moved funds into that child DAO.

On the morning of June 17th, ETH reached a new all-time high of $21.52, making the crypto in The DAO worth $249.6 million. When American Griff Green woke up that morning in Mittweida, Germany (he was staying in the family home of two brothers who were Slock.it cofounders), he had a message on his phone from a DAO Slack community member who said something weird was happening— it looked like funds were being drained.

Green, Slock.it’s first employee and community organizer, checked: there was indeed a stream of 258-ETH (then $5,600) transactions leaving The DAO.  By the time the attack stopped a few hours later, 31% of the ETH in The DAO had been siphoned out into the DarkDAO. As awareness of the attack spread, ether had its highest trading day ever, with its price plummeting 33% from $21 to $14.


Split Fortunes

The 2016 DAO crowdfunding sale drove the price of ether (ETH) to a then record high—until the June 17th attack on The DAO sent it plummeting. After the hard fork on July 20th, the old blockchain began trading as ether classic (ETC).


Soon, the Ethereum community pinpointed the vulnerability that enabled this theft: the DAO smart contract had been written so that any time someone withdrew money, the smart contract would send the money first, before updating that person’s balance. The attacker had used a malicious smart contract that withdrew money (258 ETH at a time), then interfered with the updating of the contract, allowing them to withdraw the same ether again and again. It was as if the attacker had $101 in their bank account, withdrew $100 at a bank, then kept the bank teller from updating the balance to $1, and again requested and received another $100.

Even worse, once the vulnerability became public, the remaining 7.3 million ETH in The DAO was at risk of a copycat attack. A team of white hat hackers (that is, hackers acting ethically) formed and used the attacker’s method to divert the remaining funds into a new child DAO. But the attacker still had about 5% of all outstanding ETH, and even the rescued ether was vulnerable, given the flaws in The DAO. Plus, the clock was ticking down to a July 21st deadline—the first date when the original hacker might be able to get at the funds they had diverted into the DarkDao.

If the community wanted to keep the attacker from cashing out, they would need to put tokens in the hacker’s DarkDAO and then in any future “split DAOs” (or child DAOs) the unknown hacker created. (Under the rules of the DAO smart contract, the attacker couldn’t withdraw funds if anyone else in their split DAO objected.) Bottom line: if the white hats ever missed their window to object, the attacker would be able to abscond with the funds—meaning this informal group would have to be constantly vigilant.

Eventually, after much bickering (on Reddit, on a Slack channel, over email and on Skype calls) and Ethereum founder Buterin publicly weighing in, and after it seemed that a majority of the Ethereum community supported the measure, Ethereum did a “hard fork.” On July 20th the Ethereum blockchain was split into two. All the ETH that had been in the DAO was moved to a “withdraw” contract which gave the original contributors the right to send in their DAO tokens and get back ETH on the new blockchain. The old blockchain, which still attracted some supporters and speculators, carried on as Ethereum Classic.

• • •

On Ethereum Classic, The DAO and the attacker’s loot (in the form of 3.64 million ETC) remained. That summer, the attacker moved their ETC a few hops away to a new wallet, which remained dormant until late October, when they began trying to use an exchange called ShapeShift to cash the money out to bitcoin. Because ShapeShift didn’t at that time take personally identifying information, the attacker’s identity was not known even though all their blockchain movements were visible.

Over the next two months, the hacker managed to obtain 282 bitcoins (then worth $232,000, now more than $11 million). And then, perhaps because ShapeShift frequently blocked their attempted trades, they gave up cashing out, leaving behind 3.4 million Ether Classic (ETC), then worth $3.2 million and now more than $100 million.

That might have been the end of the story—an unknown hacker sitting on a fortune he couldn’t cash out. Except last July, one of my sources involved in the DAO rescue, a Brazilian named Alex Van de Sande (aka Avsa) reached out, saying the Brazilian Police had opened an investigation into the attack on The DAO — and whether he might be a victim or even the hacker himself.  Van de Sande decided to commission a forensics report from blockchain analytics company Coinfirm to help exonerate himself (though then, the police closed the investigation, he said). In case any similar situations arose in the future, he went forward with the report examining those cash-out attempts in 2016.

Among the early suspects in the hack had been a Swiss businessman and his associates, and in tracing the funds, Van de Sande and I also found another suspect: a Russia-based Ethereum Classic developer. But all these people were in Europe/Russia and the cash-outs mapped onto an Asian-morning-through-evening schedule—from 9 A.M. to midnight Tokyo time—when the Europeans were likely sleeping. (The timing of their social media posts suggested they kept fairly normal hours.) But based on a customer support email the hacker had submitted to ShapeShift in the leadup to the attack, I believed they spoke fluent English.

Jumping off from the Coinfirm analysis, blockchain analytics company Chainalysis saw the presumed attacker had sent 50 BTC to a Wasabi Wallet, a private desktop Bitcoin wallet that aims to anonymize transactions by mixing several together in a so-called CoinJoin. Using a capability that is being disclosed here for the first time, Chainalysis de-mixed the Wasabi transactions and tracked their output to four exchanges. In a final, crucial step, an employee at one of the exchanges confirmed to one of my sources that the funds were swapped for privacy coin Grin and withdrawn to a Grin node called grin.toby.ai. (Due to exchange privacy policies, normally this sort of customer information would not be disclosed.)

The IP address for that node also hosted Bitcoin Lightning nodes: ln.toby.ai, lnd.ln.toby.ai, etc., and was consistent for over a year; it was not a VPN.

It was hosted on Amazon Singapore. Lightning explorer 1ML showed a node at that IP called TenX.

For anyone who was into crypto in June 2017, this name may ring a bell. That month, as the ICO craze was reaching its initial peak, there was an $80 million ICO named TenX. The CEO and cofounder used the handle @tobyai on AngelList, Betalist, GitHub, Keybase, LinkedIn, Medium, Pinterest, Reddit, StackOverflow, and Twitter. His name was Toby Hoenisch.

Where was he based? In Singapore.

Although he was German-born and raised in Austria, Hoenisch is fluent in English.

The cash-out transactions occurred mainly from 8 A.M. until 11 P.M. Singapore time.

And the email address used on that account at the exchange was [name of exchange]@toby.ai.

In May 2016, as it was finishing up its historic fundraise, Hoenisch was intensely interested in The DAO. On May 12, he emailed Hosp a tip (“Profitable crypto trade coming up”) to short ETH once the DAO crowdfunding period ended. On May 17th and 18th, in the DAO Slack channel, he engaged in a long conversation in which he made, depending on how you count, 52 comments, minimum, about vulnerabilities in The DAO, getting into various aspects of the code and nitpicking over exactly what was possible given the way the code was structured.

One issue spurred him to email Slock.it’s chief technology officer, Christoph Jentzsch, its lead technical engineer, Lefteris Karapetsas, and community manager Griff Green. In his email, he said he was writing a proposal for funding from The DAO for a crypto card product called DAO.PAY, and added, “For our due diligence, we went through the DAO code and found a few things that are worrisome.” He outlined three possible attack vectors and later emailed with a fourth. Jentzsch, a German who had been working on a PhD in physics before dropping out to focus on Ethereum, responded point by point, conceding some of Hoenisch’s assertions but saying others were “false” or “don’t work.” The back and forth ended with Hoenisch writing; “I’ll keep you in the loop if we find anything else.”

But instead of further email exchanges, on May 28th, Hoenish wrote four posts on Medium, beginning with, “TheDAO—risk free voting.” The second, “TheDAO—blackmailing withdrawals,” foreshadowed the main issue with The DAO and why Ethereum ultimately chose to hard fork: if it did not, the only other options were to let the attacker cash out his ill-gotten gains or for some group of DAO token holders to follow him forever into new split DAOs he created as he attempted to cash out. “TLDR: If you end upon in a DAO contract without majority voting power, then an attacker can block all withdrawals indefinitely,” he wrote. The third showed how an attacker could do this cheaply.


To put the enormity of this hack in perspective, with ETH now trading around $3,000, 3.64 million ETH would be worth $11 billion.


His last, most telling post for the day, “TheDAO—a $150m lesson in decentralized governance,” said DAO.PAY decided against making a proposal after uncovering “major security flaws” and that “Slockit down-played the severity of the attack vectors.” He wrote, “TheDAO is live … and we are still waiting for Slockit to put out a warning that THERE IS NO SAFE WAY TO WITHDRAW!”

On June 3, his last Medium post, “Announcing BlockOps: Blockchain Hack Challenges” said, “BlockOps is your playground to break encryption, steal bitcoin, break smart contracts and simply test your security knowledge.” Although he promised to “post new challenges in the field of bitcoin, ethereum and web security every 2 weeks,” I could find no record that he did so.

Two weeks later came the DAO attack. The morning after the attack, at 7:18 A.M. Singapore time, Hoenisch trolled Ethereum creator Vitalik Buterin by retweeting something Buterin had said before The DAO was attacked, but after it was known that the vulnerability used in the attack was evident in the DAO’s code. In the two-week old tweet, Buterin had said that he’d been buying DAO tokens since the security news. Over the following weeks, Hoenisch tweeted anti-hard fork posts like one titled, “Too Big to Fail is Failure Guaranteed.”

Curiously, on July 5, a couple weeks after the attack, Hoenisch and Karapetsas exchanged Reddit DMs titled “DarkDAO counter attack” — though the substance of the messages is unclear because Hoensich has deleted all his Reddit posts. (Hosp recalls that Hoenisch told him he had deleted his Reddit account after an altercation with an “idiot” on Reddit over The DAO.) Hoenisch wrote, “Sorry for not contacting first. I got carried away from finding it and telling the community that there is a way to fight back. In any case, I don’t see any way the attacker can use this.”

After Karapetsas told Hoenisch of the white hats’ plans to protect what was left in The DAO, Hoenisch replied, “I took down the post.” Karapetsas responded, “I will keep you up to date with what we do from now on.” Hoenisch’s last message in that exchange: “I’m sorry if I messed up the plan.”

On July 24th, the day after the Ethereum Classic chain revived and began trading on Poloniex, Hoenisch tweeted, “ethereum drama escalating: from #daowars to #chainwars. Ethereum classic now traded on poloniex as $ETC and miners planning attacks.” On July 26th, he retweeted Barry Silbert, the founder and CEO of the powerful and well-respected Digital Currency Group, who had tweeted, “Bought my first non-bitcoin digital currency…Ethereum Classic (ETC).”


“He (the DAO hacker) really screwed the pooch. Reputation is way more valuable than money.”


Upon hearing the name Toby Hoenisch, without knowing evidence indicated he was the DAO attacker, Karapetsas, a usually good-humored Greek software developer who was one of the DAO creators and had engaged with him by email and on Reddit, said: “He was obnoxious…. he was quite insistent on having found a lot of problems.”

After hearing that the DarkDAO ETC had been cashed out to a Grin node with Hoenisch’s alias, Karapetsas observed that if Hoenisch had instead remedied the situation while the DarkDao funds were frozen, the Ethereum community would have given him “huge kudos” for finding the weakness and then returning the ETH. Similarly, Griff Green, whose current projects lean towards helping non-profit and public causes grow in the digital world, believes the hacker missed the chance to “be a hero.” Says Green: “He really screwed the pooch…Reputation is way more valuable than money.”

Ironically, in a 2016 blog post, Hoenisch wrote, “I’m a white hat hacker by heart.’’ Twenty days later came the DAO attack.

As I noted earlier, after being sent a document laying out the evidence that he was the hacker and asking for comment for my book, Hoenisch wrote that my conclusion is “factually inaccurate.” He said in that email he could give me more details—and then did not respond to four requests for those details, nor to additional fact checking queries for this article. In addition, after receiving the first document detailing the facts I’d gathered, he deleted almost all his Twitter history (though I’ve saved the relevant tweets).

In May 2015, Hoenisch and the cofounders of his crypto debit card venture—first known as OneBit—had some success at a Mastercard Masters of Code hackathon in Singapore. They started making the card available that year on an invitation-only basis, because, as Hoenisch explained on Reddit, “We don’t want to launch a half-assed Bitcoin wallet that gets us in trouble for violating KYC (know your customer) laws. And yes, legal is the main reason we can’t just ship it.” A Bitcoin Magazine article at the time said Hoenisch had a background in AI, IT security and cryptography.

In early 2017, just months after the presumed DAO attacker stopped trying to cash out their ETC, Hoenisch’s team—by then operating as TenX—announced it had received $1 million in seed funding from (among others) Fenbushi Capital, where Ethereum founder Buterin was a general partner. Then came the $80 million ICO. In early 2018, things started to go south for TenX when its card issuer, Wavecrest, was booted from the Visa network, meaning that TenX’s users could no longer use their debit cards.

On Oct. 1, 2020, TenX announced it was sunsetting its services because its new card issuer, Wirecard SG, had been directed by the Monetary Authority of Singapore to cease operations. On April 9, 2021, TenX posted a blog called “TenX, Meet Mimo.” It outlined a new business that would offer a euro-pegged stablecoin, which kept its value pegged to a fiat currency such as US dollars or euros or Japanese Yen. The market cap of TenX tokens, which spiked at $535 million, now sits at just $11 million. TenX has rebranded itself as Mimo Capital and is offering holders of TenX tokens mostly worthless MIMO tokens instead at a rate of 0.37 MIMO for each TenX.

Hosp, who was the public face of the company while there, was booted by Hoenisch and another cofounder in January 2019. This occurred a couple months after some crypto publications reported on Hosp’s past affiliation with an Austrian multi-level marketing scheme. However, before hearing that evidence indicated Hoenisch was the DAO attacker, Hosp said his feeling had been that Hoenisch had perhaps pushed him out over jealousy that Hosp had sold bitcoin at the top of the bubble in late 2017, netting himself $20 million. Meanwhile, Hoenisch had kept all his crypto as the bubble – and his personal net worth – deflated.

“He came from a very poor family, he had no experience in investing, and he was in crypto in 2010 but he had literally no money, nothing, when we were in Las Vegas together [in the summer of 2016] he had nothing, and I was doing really well with my investments… he would always push for getting more salary, for having something nicer.” Hosp also mentioned Hoenisch had to send money home to his mother, who had raised him, as well as his sister and brother, as a single parent.


As new blockchain applications arise, one of the first uses of crypto—as an anonymity shield—is in retreat.


Upon hearing that Hoenisch was the likely DAO attacker, Hosp said he was “getting goose bumps” and begin recalling details from his interactions with his former partner that now seemed to take on new significance. For example, when asked if Hoenisch was into Grin (the privacy coins to which the hacker had cashed out) Hosp said, “Yes! Yes, he was. He was fascinated by that…I lost money because of those stupid coins! I invested in them because of him, because he was so fascinated by them.”

He said that Hoenisch was also obsessed with building a Bitcoin/Monero “atomic swap” – or a way to use smart contracts to swap between Bitcoin and the privacy coin Monero. At the time, Hosp was confused by that, because he felt there was no market for such a product. Later, Hosp pulled up chats from August 2016, in which Hoenisch seemed excited about the price of ETC, the coin held by the hacker after the ethereum fork.

When trying to recall the incident that he believed prompted Hoenisch to close his Reddit, Hosp began searching on his computer and muttered to himself, “He always used tobyai.” He confirmed that one of Toby’s regular email addresses ended in @toby.ai.

Recalled a still astounded Hosp: “For some weird reason, he was quite well aware of what was happening…He understood more of the DAO hack when I asked him what had happened…than I had found on the internet or anywhere.”

MORE FROM FORBES

MORE FROM FORBESHow An NFT Pivot Turned A Tiny Mobile Game Company Into Multibillion-Dollar Powerhouse MORE FROM FORBESHow Azukis Suddenly Became The World’s Best-Selling NFT Collection MORE FROM FORBESHow Crypto’s Original Bubble Boy Rode Ethereum And Is Now Pulling The Strings Of The DeFi Boom MORE FROM FORBESForbes Blockchain 50 2022 MORE FROM FORBESDAOs Aren’t A Fad – They’re A Platform

Follow me on Twitter or LinkedIn. Check out my website.

A former senior editor of Forbes, I’m a crypto journalist, host of the Unchained podcasts, and author of The Cryptopians: Idealism, Greed, Lies, and the Making of the First Big Cryptocurrency Craze. https://bit.ly/cryptopians

Source: Exclusive: Austrian Programmer And Ex Crypto CEO Likely Stole $11 Billion Of Ether

.

Recent News

Jump Trading Replaces Stolen Wormhole Funds After $320M Crypto Hack

The cryptocurrency arm of Jump Trading said on Thursday it had restored more than $320 million to crypto platform Wormhole after the decentralized finance site was hit with one of the largest crypto heists on record.

In a tweet, Jump Crypto said they chose to replace the stolen money “to make community members whole and support Wormhole now as it continues to develop.”

Chicago-based Jump Trading acquired Certus One, the developer behind Wormhole, in August.

Wormhole, an online platform that allows the transfer of information across crypto networks, said on Wednesday it had been “exploited” for 120,000 digital tokens connected to the second-largest cryptocurrency, ether.

At the time of its announcement, the market value of the tokens was just over $320 million.

The cryptocurrency arm of Jump Trading said on Thursday it had restored more than $320 million to crypto platform Wormhole after the decentralized finance site was hit with one of the largest crypto heists on record. REUTERS/Dado Ruvic/Illustration

maxslides-768x101-1The theft was the latest to hit the fast-growing but mostly unregulated DeFi sector. DeFi platforms allow users to lend, borrow and save – usually in crypto – while bypassing traditional gatekeepers of finance such as banks.

“All funds have been restored and Wormhole is back up,” the platform said on Twitter after earlier saying on its Telegram channel that “all funds are safe.”

London-based blockchain analysis firm Elliptic said that attackers were able to fraudulently create the wETH tokens, almost 94,000 of which were later transferred to the ethereum blockchain, which powers transactions for ether.

Elliptic added that Wormhole has offered the attacker a $10 million “bounty” to return the funds, citing messages embedded within ether transactions sent to the attacker’s digital address.

MAJOR HACKING RISK

Cash has poured into DeFi sites, mirroring the explosion of interest in cryptocurrencies as a whole. Many investors, facing historically low or sub-zero interest rates, are drawn to DeFi by the promise of high returns on savings.

adaleadzYet with their breakneck growth, DeFi platforms have emerged as a major hacking risk, with bugs in code and design flaws allowing criminals to target DeFi sites and deep pools of liquidity, and also to launder the proceeds of crime, while leaving few traces.

Fraud and theft at DeFi platforms surpassed $10 billion last year, research by Elliptic shows, laying bare the risks in the fast-growing but mostly unregulated area of cryptocurrencies.

Last August, hackers behind likely the biggest ever digital coin heist returned nearly all of the $610 million-plus they stole from the DeFi site Poly Network.

Hacks have long plagued crypto platforms. In 2018, digital tokens worth some $530 million were stolen from Tokyo-based platform Coincheck. Mt. Gox, another Japanese exchange, collapsed in 2014 after hackers stole half a billion dollars of crypto.

Source: Jump Trading replaces stolen Wormhole funds after $320M crypto hack | Fox Business

.

genesis-768x148-1-1More contents:

Tallinn, Hacking, and Customary International Law”. AJIL Unbound. 111: 224–228. doi:10.1017/aju.2017.59. S2CID 158071009.

Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web”. Stanford Law Review. 69 (4): 1075.

Hackers: Heroes of the Computer Revolution. 1984.

Internet Users’ Glossary”. Archived from the original on 2016-06-05.RFC 1983

In ’95, these people defined tech: Gates, Bezos, Mitnick and more”. CNET. Archived from the original on 28 May 2020. Retrieved 28 May 2020.

A Short History of “Hack””. The New Yorker. Retrieved November 3, 2015.

“Internet Users’ Glossary”. Archived from the original on 2016-05-16.RFC 1392

eyeslick-1-1024x116-1-768x87-1EDN – ‘Hacker’ is used by mainstream media, September 5, 1983″. EDN. Retrieved 2020-09-07.

A who’s who of hackers”. Reporter. Fortune Magazine. Archived from the original on June 19, 2011. Retrieved 19 June 2011.

TMRC site”. Archived from the original on 2006-05-03.

Antedating of “Hacker” Archived 2007-10-25 at the Wayback Machine. American Dialect Society Mailing List (13. June 2003)

The Origin of “Hacker””. April 1, 2008.

Happy 60th Birthday to the Word “Hack””. Archived from the original on 7 May 2016. Retrieved 16 December 2016.

Raymond, Eric (25 August 2000). “The Early Hackers”. A Brief History of Hackerdom. Thyrsus Enterprises. Retrieved 6 December 2008.

prrage2What are crackers and hackers? | Security News”. http://www.pctools.com. Archived from the original on May 15, 2011. Retrieved 2016-09-10.

Reflections on Trusting Trust” (PDF). Communications of the ACM. 27 (8): 761. doi:10.1145/358198.358210. S2CID 34854438.

The Hacker Community and Ethics: An Interview with Richard M. Stallman”. GNU Project. Retrieved

%d bloggers like this: