Crypto
Bitcoin users should not overlook cryptocurrency’s fundamental flaw
Kelvin Low is professor of legislation on the Nationwide College of Singapore.
In mild of the current cryptocurrency meltdown and the mounting criticism of a know-how that has promised a lot however delivered little, it’s helpful to revisit Satoshi Nakamoto’s Bitcoin white paper and take into account what it will get unsuitable and why many imagine that blockchains can not work.
In “Bitcoin: A Peer-to-Peer Digital Money System,” Nakamoto, the pseudonymous individual or individuals who developed bitcoin, posited a chic resolution to double-spending, a possible flaw in a digital money scheme during which the identical single digital token will be spent greater than as soon as. However the issue was misdiagnosed. Whereby lies the misdiagnosis?
Our belief in banks lies within the debtor-creditor relationship between banker and buyer, not in stopping double-spending. The place our accounts are in credit score, the connection entails the client performing its contractual obligation by extending a mortgage to the financial institution earlier than the financial institution counter-performs, repaying the mentioned mortgage.
In different phrases, we belief that after we name upon our banks to carry out their aspect of the cut price, whether or not by withdrawing money at an ATM or directing them to make an interbank switch to a specific payee, they’re prepared and capable of carry out. This belief is reversed when the financial institution extends credit score to us for the reason that order of contractual efficiency is right here reversed.
It would come as a shock to many, however we aren’t, in precept, involved with whether or not or not a monetary middleman permits the double cost of its clients’ cash. Immediately, it’s not unusual for monetary intermediaries to encourage clients to utilize their providers by the use of so-called cashback schemes, during which a small share of funds is “refunded” to the client. Such cashback schemes, in spirit not less than, offend the so-called double cost precept.
As a result of trendy financial principle assumes a versatile cash provide, with personal banks chargeable for creating not less than a part of this provide, double funds are usually not in precept objectionable.
The important thing lies not within the precept however within the sensible implementation: since personal cash is basically a debt, are intermediaries capable of generate enough earnings to cowl the brand new cash they create, whether or not by working earnings reminiscent of service provider charges or massive infusions of fairness, in order that they’re able to meet their liabilities?
Think about the usage of good playing cards reminiscent of Pasmo, an IC card issued by subway operator Tokyo Metro, or MTR’s Octopus card in Hong Kong, the place one safety concern can be if a consumer tampered with their card’s credit score. While this may occasionally look like an issue of synthetic inflation of the cash provide, the priority is definitely extra elementary than that.
No authorized system permits personal people to create claims in opposition to one other with out the latter’s consent. Moreover, as a result of digital cash on public transport good playing cards is basically a declare in opposition to the issuer, on this case transport corporations, there is no such thing as a precise inflation of the cash provide, and the fraudulently created cash is booked as a loss to the issuer.
As a result of the blockchain’s obsession is with stopping this solely imagined drawback of double-spending, it utterly ignores the much more commonplace frauds that happen every day.
When the cryptocurrency business describes the blockchain as a safe, decentralized ledger, you will need to observe that the safety is anxious completely with ex-post-ledger edits as a result of that’s what double-spending entails.
However anybody finding out frauds involving ledgers, whether or not financial institution ledgers or land registers, will know that no fraudster targets the ledger itself. Slightly, they aim the end-users immediately.
Which means blockchain safety is akin to the notorious Maginot Line constructed by France to discourage invasion by Germany earlier than World Struggle II, besides that it could be pointed within the unsuitable route at Dover. For this reason we see hacks frequently for what’s marketed as safe. Even worse, as a result of blockchains are immutable, the way in which during which we’d usually deal with such frauds by reversing the fraudulent switch is rendered extremely impractical.
This can be as a result of the transferee can’t be recognized. The whole lot within the cryptoverse is pseudonymous. Or, if the transferee will be recognized, they’re situated in one other jurisdiction and is uncooperative. Over time, it’s inevitable that the blockchain ledger will develop more and more inaccurate as extra errors and frauds happen, and solely a proportion are, with a lot effort, reversed.
Cryptocurrency lovers dismiss the importance of those safety breaches by preaching a libertarian creed. To make use of cryptocurrency necessitates what some describe as intense self-discipline. One should be alert to potential safety breaches 24-7, twelve months a yr. Human fallibility is insupportable.
However this isn’t how the legislation works. All authorized methods face the tough alternative of allocating losses when an proprietor is disadvantaged of their property by a fraudster who then sells the identical to a bona fide purchaser.
The strain is one between static safety favoring the proprietor and dynamic safety favoring the bona fide purchaser as a result of the fraudster is commonly both nowhere to be discovered or is an individual of straw.
There isn’t a uniformity around the globe when it comes to the place the steadiness ought to lie, and plenty of authorized methods even apply totally different balances relying on the character of the property concerned.
No authorized system on Earth, going again a number of centuries, has ever adopted a libertarian view of how losses needs to be allotted and possession established, making it tough to see how blockchains can work as authoritative information of possession.
The inevitable fork between the ledger and the authorized established order is amenable to solely three options.
First, the blockchain prevails over the legislation. This can be a heartless alternative and, because the case legislation rising over disputes involving crypto-assets exhibits, will not be at the moment accepted. Second, the legislation prevails over the blockchain, and the ability to edit the blockchain is embedded in its protocol, successfully making the blockchain pointless since its immutability which is its very raison d’etre, is successfully neutered.
Third, the legislation prevails, however the blockchain stays immutable. This makes the ledger totally ineffective for the reason that solely factor worse than an inaccurate ledger is one that’s immutably inaccurate.
Except entire societies shift their collective ethical compass in a single day, the usage of a blockchain dictates that we should select between three equally unpalatable options: heartless, pointless, or ineffective.
Crypto
North Korean hackers linked to hack of 4,500 bitcoins from Japanese crypto exchange – SiliconANGLE
North Korean hackers linked to the infamous Lazarus hacking group have been identified as being behind the theft of more than 4,500 bitcoins from Japanese cryptocurrency exchange DMM Bitcoin earlier this year.
The Federal Bureau of Investigation, in conjunction with the Department of Defense Cyber Crime Center and National Police Agency of Japan, has revealed that hackers who go by the name of TraderTraitor, an arm of Lazarus, successfully stole the equivalent of $308 million from DMM in May and have detailed how the North Korean hackers did so.
The investigation into the hack found that in late March 2024, a North Korean cyber actor pretending to be a recruiter on LinkedIn contacted an employee at Ginco, a Japanese enterprise cryptocurrency wallet software company. The threat actor sent the target, who maintained access to Ginco’s wallet management system, a URL linked to a malicious Python script under the guise of a pre-employment test located on a GitHub page. The victim copied the Python code to their personal GitHub page and was subsequently compromised.
With the access gained, the TraderTraitor hackers sat patiently, waiting until May to exploit their access. To steal the bitcoin, the actors exploited session cookie information to impersonate the compromised employee and successfully gained access to Ginco’s unencrypted communications system. With this access, it’s believed that the hackers then manipulated a legitimate transaction request from a DMM employee, resulting in the theft of 4,502.9 bitcoin.
The stolen bitcoin was subsequently transferred to TraderTraitor-controlled wallets, which ultimately lead back to the North Korean government.
“The FBI, National Police Agency of Japan and other U.S. government and international partners will continue to expose and combat North Korea’s use of illicit activities — including cybercrime and cryptocurrency theft — to generate revenue for the regime,” the FBI noted in a statement.
The involvement of both North Korea and an arm of Lazarus in the hack comes as no surprise, as the hack of DMM isn’t the first time Lazarus has targeted cryptocurrency exchanges.
In 2022, Lazarus was linked to the hack on the Ronin Network that led to the theft of $615 million in cryptocurrency, and more recently, in July, the group was linked to the theft of $234.9 million in cryptocurrency from India-based cryptocurrency exchange WazirX.
Image: SiliconANGLE/Ideogram
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
Crypto
Japan, US blame North Koreans for $300 million crypto theft
Tokyo, Japan — A North Korean hacking group stole cryptocurrency worth over $300 million from the Japan-based exchange DMM Bitcoin, according to Japanese police and the United States’ FBI.
The TraderTraitor group — believed to be part of Lazarus Group, which is allegedly linked to the Pyongyang authorities — carried out the heist, Japan’s National Police Agency said Tuesday.
Lazarus Group gained notoriety a decade ago when it was accused of hacking into Sony Pictures as revenge for “The Interview,” a film that mocked North Korean leader Kim Jong Un.
READ: Philippines ranks 2nd in cryptocurrency ownership globally — study
The FBI detailed “the theft of cryptocurrency worth $308 million US dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors” in a separate statement dated Monday.
Article continues after this advertisement
It described a “targeted social engineering” operation where a hacker pretended to be a recruiter on LinkedIn to contact an employee of a different crypto wallet software company.
Article continues after this advertisement
They sent the employee what appeared to be a pre-employment test, which actually contained a malicious line of code.
That allowed the hacker to compromise their system and impersonate the employee, the FBI said.
“In late May 2024, the actors likely used this access to manipulate a legitimate transaction request by a DMM employee, resulting in the loss of 4,502.9 Bitcoin, worth $308 million at the time,” it said.
“The FBI, National Police Agency of Japan, and other US government and international partners will continue to expose and combat North Korea’s use of illicit activities — including cybercrime and cryptocurrency theft — to generate revenue for the regime,” it said.
North Korea’s cyber-warfare program dates back to at least the mid-1990s.
It has since grown to a 6,000-strong cyber-warfare unit known as Bureau 121 that operates from several countries, according to a 2020 US military report.
Crypto
North Korean hacker group identified in theft of DMM Bitcoin assets
A North Korea-linked hacker group stole digital assets worth 48.2 billion yen ($307 million) from Tokyo-based cryptocurrency exchange DMM Bitcoin Co. in May, Japanese police said Tuesday.
The hacker group was identified by the police as TraderTraitor following an investigation conducted in collaboration with the U.S. Department of Defense and the Federal Bureau of Investigation.
DMM Bitcoin said earlier this month it will go out of business after suspending some of its services following the detection of the unauthorized leakage of funds on May 31.
Photo illustration shows a visual representation of the digital cryptocurrency Bitcoin. (Getty/Kyodo)
The police tracked the flow of stolen bitcoin to an account managed by the group, which is suspected to be linked to the Lazarus hacking group allegedly sponsored by the North Korean government.
The investigation found that an employee at a company that manages DMM Bitcoin’s cryptocurrency accounts was contacted via the LinkedIn social network by a person purporting to be a headhunter.
The perpetrator then breached the wallet management system by planting malware and falsified transaction amounts as well as the destinations of remittances, the police said.
In September, Japan’s Financial Services Agency ordered the exchange to improve operations, saying its risk management structure was inadequate.
No customers suffered financial damage as the exchange secured 55 billion yen from a group firm to cover the lost assets.
The police, the FBI, and other U.S. government and international partners will “continue to expose and combat North Korea’s use of illicit activities,” including cybercrime and cryptocurrency theft, to generate revenue for the regime, they said in a statement.
Related coverage:
Japanese publisher paid $3 million to hacker group after cyberattack
Japan’s DMM Bitcoin to end business after losing 48 bil. yen in leak
Shiba Inu of “doge” meme fame leaves enduring legacy, online and off
-
Business1 week ago
Freddie Freeman's World Series walk-off grand slam baseball sells at auction for $1.56 million
-
Technology1 week ago
Meta’s Instagram boss: who posted something matters more in the AI age
-
Technology4 days ago
Google’s counteroffer to the government trying to break it up is unbundling Android apps
-
News1 week ago
East’s wintry mix could make travel dicey. And yes, that was a tornado in Calif.
-
News5 days ago
Novo Nordisk shares tumble as weight-loss drug trial data disappoints
-
Politics5 days ago
Illegal immigrant sexually abused child in the U.S. after being removed from the country five times
-
Entertainment5 days ago
'It's a little holiday gift': Inside the Weeknd's free Santa Monica show for his biggest fans
-
Politics1 week ago
Trump taps Richard Grenell as presidential envoy for special missions, Edward S. Walsh as Ireland ambassador