Myth of Money: The Era of Hackers
Welcome to this week’s edition of Myth of Money, a weekly newsletter on the digital asset markets read by 12,000+ investors.
Disclaimer: The following is not intended as investment advice. Do your research.
Dear Investors,
As crypto and Web3 technologies gain traction in the mass market, an increasing number of consumers are making their personal data vulnerable.
A series of recent hacks have exposed these vulnerabilities.
OpenSea data breach leaks email addresses.
OpenSea, the world’s largest nonfungible tokens (NFT) marketplace, has issued a warning to customers after it was discovered that an employee of Customer.io, a platform for managing email newsletters and campaigns, leaked the list of OpenSea customers’ emails to an outside party.
The breach has affected all of the users who have given their email to the marketplace, whether it's for the platform or its newsletter. Following the breach, OpenSea advised customers against potential phishing attempts.
The NFT marketplace announced on Thursday that it has contacted law enforcement officials about the breach and that an investigation is in progress.
Binance detects resident records for sale.
Subsequently, CZ, the CEO of cryptocurrency exchange Binance disclosed that the company detected 1 billion resident records for sale on the dark web, pointing towards a bug in a deployment of an unnamed government agency. CZ emphasized the importance for all CEFI and DEFI platforms to enhance security measures in this area.
The CEO didn’t name a particular country in his post but according to Reuters, a user posting on a prominent underground hacking forum claimed to be selling a database containing over 23TB of personal information belonging to billions of Chinese citizens. The hacker further claimed that the information was leaked from the Shanghai National Police (SHGA) database and offered it up for sale for 10 bitcoin (currently valued at $200,000). Reuters confirmed the information.
Ankr DNS Hack
On July 1, 2022, the public Remote Procedure Call (RPC) gateway provided by Ankr for both Polygon and Fantom networks experienced a DNS hijack. DEFI projects such as CONVEX FINANCE, RIBBON FINANCE, DEFI SAVER, and ALL BRIDGE experienced the same DNS hijack attack.
Ankr is known for offering node endpoint, staking services, and other products to proof of stake blockchains. On Friday, a hacker forfeited a scam-like pop-up on Polygon and Fantom network by hijacking Ankr’s DNS to steal users’ seed phrases. The project soon recovered the human-made errors and stated that no funds were lost due to this incident.
The hack resulted from human error when the perpetrator deceived a third-party DNS provider into giving access to Polygon and Fantom’s DOMAIN A. Ankr web service provider named Gandhi was reported tricked by the hacker’s fake identity and this agreeing to change the email address for the domain registrar account. By this means, users who had accessed the blockchain through Ankr’s endpoint would receive a phishing phrase that asked them to urgently reset their seed on PolygonApp. The hackers could steal their funds by having affected users’ seed phrases.
How do we protect ourselves from hacks?
With an increasingly growing number of vulnerabilities across platforms it is important to take the following precautions. If you have found other helpful solutions, please share them by responding to this email.
Keep a separate phone number and email that is not tied to your name for crypto-related activities.
Keep separate hardware - phone, laptop, etc., for your crypto.
Always use a VPN for transaction
Double-check any requests coming in for user information.
This Week By the Numbers 📈
Top Stories 🗞️
CFTC Sues Over Alleged $1.7 Billion Fraud Involving Bitcoin
The main US derivatives regulator is the latest authority to seek penalties from a Bitcoin trader that’s been accused by South African officials of operating a massive crypto Ponzi scheme. The Commodity Futures Trading Commission said Thursday that Mirror Trading International Proprietary Ltd. and its leader Cornelius Johannes Steynberg between March 2018 and 2021 bilked at least 23,000 Americans out of Bitcoin investments that were worth $1.7 billion at the time. Mirror Trading operated as “an international fraudulent multilevel marketing scheme” that collected money from people to invest in an unregistered commodity pool, the CFTC said in a complaint filed in federal court in Texas. According to the regulator, Steynberg is a fugitive from South African law enforcement and was detained in Brazil.
Voyager Digital files for Chapter 11 bankruptcy, propose a recovery plan
Days after pausing trading, withdrawals, and deposits, crypto exchange Voyager Digital is filing for bankruptcy under Chapter 11 in the Southern District Court of New York. Voyager’s Chapter 11 bankruptcy filing indicated that it is on the hook for anywhere from $1 billion to $10 billion in assets to more than 100,000 creditors. The troubled crypto exchange wasted no time after the United States holiday to file for bankruptcy on Tuesday. In a Wednesday statement, Voyager explained that the move is part of a “Plan of Reorganization.” When implemented, the plan would enable clients to reaccess their accounts, and Voyager would “return value to customers.” Voyager CEO explained its proposed plan, which involves customers with crypto in their account receiving a combination of crypto, proceeds from the Three Arrows Capital (3AC) recovery, common shares in the newly reorganized company, and Voyager tokens.
El Salvador's Bitcoin wallet Chivo scores $52M in remittances in 2022
Salvadorans living abroad sent over $50 million in remittances from January to May this year, according to the El Salvador Central Reserve Bank. Douglas Rodríguez, president of the El Salvador central bank, unpacked the general economic outlook for the country on the local television news program Frente a Frente on Wednesday. A major takeaway was the $52 million of remittances processed by national digital wallet service Chivo through the first five months of the year. This marks a 3.9%, $118 million increase in value when compared to the same period in 2021.
Binance gets VASP registration for its Spanish subsidiary from the Bank of Spain
Crypto exchange Binance is now registered as a virtual asset service provider (VASP) by the Bank of Spain, allowing the exchange to offer custody and crypto exchange services. In an announcement on Friday, Binance said that its Spanish subsidiary, Moon Tech Spain, was registered as a VASP by Spain’s central bank on Thursday. It applied for registration in January. Binance can now provide fiat currency exchange to digital assets and wallet custody services while complying with the country’s Anti-Money Laundering and Counter-Terrorist Financing rules. Binance CEO Changpeng Zhao said the development in Spain is a result of the company’s hard work to make its platform centered on protecting users.
US expansion for Huobi is a step closer after it secures a FinCEN license
A subsidiary of the Huobi cryptocurrency exchange called HBIT Inc has received its Money Services Business (MSB) license from the United States Financial Crimes Enforcement Network (FinCEN). The Seychelles-based Huobi said on Tuesday that the license creates a foundation for it to carry out crypto-related business in the U.S. in the future, as part of its strategic goals of “globalization and compliance.” The exchange is a significant player, with more than $1 billion in volume in the past 24 hours, according to CoinGecko. Before the great crypto crackdown by Chinese authorities, most Huobi users came from China, but according to the latest figures from Statista, most users in February 2022 originated from Russia and Ukraine. The MSB license allows Huobi’s subsidiary to transmit money and operate as a fiat currency exchange, a required step by U.S. regulators to ensure FinCEN can monitor financial crimes such as money laundering.
Deal of the Week 💰 * Ape Water *
Recently featured in NFT NOW, Ape Water is capitalizing on the recent popularity of the Bored Ape Yacht Club NFTs, Ape Water allows owners of Apes to license their characters and monetize their NFTs by selling…. yup, water. Canned water has taken off as a category, with companies like Liquid Death gaining a valuation north of $500M. Ape Water is an all-American-made sustainable brand sourced from Mt. Shasta, regarded as one of the best water sources on earth.
Ape Water already has support from several key players in the space, including their lead investor, “Pink Dot” a Los Angeles iconic landmark convenience store chain, which also has hundreds of ghost stores distributed through Postmates.
I like this team for their experience in consumer beverages with former executives of some of the biggest beverage brands in the world. I like the concept as it addressed both the NFT trend, as well as sustainability. I like this valuation (seed-stage) and am comfortable with the potential return profile.
If you would like to learn more or participate in my SPV for the deal, please reach out.
Thank you for reading this week’s edition of the Myth of Money.🚀
Until next week,
Tatiana Koffman
By Tatiana Koffman
Hi there and thanks for reading. If you stumble upon my newsletter, you will notice that I write about money, economics, and technology. I hold a JD/MBA and spent my career in Capital Markets working across Mergers & Acquisitions, Derivatives, Venture Capital, and Cryptocurrencies. I believe in empowerment closing the financial education gap and creating equal opportunity for the next generation. I have invested in 20+ companies and funds. Check out my portfolio here.
Enjoyed your reading experience?
Follow me on Twitter.
Hit reply with your feedback and ideas :)
Share this post with others.
Disclaimer: This email does not contain financial advice and was created solely for informational purposes.
Received this email by accident? Unsubscribe below.