Categories
Crypto News

Crypto Exchanges With No Gas Limit Set On Ethereum (ETH) Transactions Are Vulnerable To Cyber Attacks

On November 21st, researchers revealed a vulnerability in crypto exchange platforms with no gas limit established for outgoing transactions related to Ethereum (ETH) smart contracts. According to a Level K publication, since November 9th, several crypto exchanges have been alerted about this security flaw that could empty their hot wallets by the permanent collection of commissions or gas in Ethereum network.

Level K explained that this is because, in smart contracts (from tokens ERC20, tokens ERC721 like CryptoKitties and others), the receiving addresses are the ones that arbitrarily set the gas limit to carry out a transaction, which is paid by its initiators, in this case, the crypto exchange platforms.

When cryptocurrency exchanges have not established a well-defined gas limit for Ethereum (ETH) smart contracts, malicious users can set high gas costs to process their transactions and withdraw more funds than necessary from the hot wallet used by the exchange platforms. This scenario could be even worse if a crypto trading platform does not have KYC standards.

Crypto Exchange Platforms With No Gas Limit Set On Ethereum (ETH) Transactions Are Vulnerable ToCyber Attacks

Many cryptocurrency exchanges allow the withdrawal of Ethereum (ETH) to arbitrary addresses with no gas limit. Since sending ETH to a contract address performs its backup function, attackers can make these crypto exchange platforms pay for commissions. That allows cyberattackers to force exchange platforms to burn their own Ethereum (ETH) at high transaction costs. Hackers can even benefit economically by using GasTokens.

Keep in mind that GasToken is a smart contract that could be used to further exploit this vulnerability by conducting a “profitable attack.” GasToken functions as a gas bank, the fundamental resource for transactions in the Ethereum network. So, users can buy representative GasToken and store them when this resource is at low prices.

Also, through GasToken, users can benefit from Ethereum (ETH) storage rebate. This rebate only applies to contract transactions, when these remove storage elements that otherwise must be housed in the blockchain. The advantage of this type of reimbursement is that it can represent up to half of the gas in a contract transaction.

Categories
Crypto News

Canadian Court Takes Custody Of QuadrigaCX Funds, Frozen By The Canadian Imperial Bank of Commerce

The Ontario Superior Court of Justice has decided to safeguard the funds in dispute between the QuadrigaCX crypto exchange house and the Canadian Imperial Bank of Commerce (CIBC). The Court will have custody of the funds until it is determined to whom they belong.

In October, QuadrigaCX sued the CIBC for unexpectedly freezing its accounts. The funds in the accounts totaled $28 million. On November 9th, the court published a document stating that it will safeguard the assets until it decides in favor of either party.

Back in January, the CIBC froze three personal accounts and two business accounts. These accounts belonged to QuadrigaCX’s payment processor and its owner, Jose Reyes. According to the CIBC, the transfer of assets from the payment processor to Reyes’ accounts was suspicious. QuadrigaCX sued the Bank claiming that they own most of the funds. The CIBC asked the Court to take custody of the funds while their ownership will be determined. The document issued on Friday is the Court’s response in favor of the Bank.

Canadian Court Takes Custody Of QuadrigaCX Crypto Exchange Funds, Frozen By The Canadian Imperial Bank of Commerce

In an October statement, the president of the crypto exchange, Gerard Cotten, said CIBC’s actions were detrimental to the company’s operations. Most of the funds were in QuadrigaCX’s trading accounts. User withdrawal operations have been delayed, according to Cotten. Apparently, the losses generated and the malfunctioning of the exchange could be ignored by the court. Judge Glenn Hainey, in charge of the lawsuit, stated on Friday that the Court could not determine whether or not the CIBC’s actions effectively harmed the crypto exchange.

The Court asked the CIBC to provide further evidence before making a decision. Although the Court has not ruled in favor of the Bank, ultimately the freezing of accounts has harmed the exchange house. This situation is not new, because recently there has been a crusade by banks against crypto exchanges, especially in Chile and Brazil.

At the suggestion of his lawyer, the president of QuadrigaCX refused to answer whether all the funds received had been credited to users’ accounts. For this reason, the judge ruled that there might be a possibility that users might file a claim requesting the return of their funds. CIBC could participate in this claim, too.

Categories
Crypto News

The US SEC Fined EtherDelta, An Ethereum (ETH) and ERC20 Exchange, For Operating Without A License

The US Securities and Exchange Commission (SEC) sanctioned Zachary Coburn, founder of Ethereum’s decentralized Ethereum (ETH) and ETH tokens exchange platform, EtherDelta, with $388,000, alleging that the startup operated as an unauthorized cryptocurrency exchange. The regulator said Thursday, November 8th, that EtherDelta “was required to register with the SEC or qualify for an exemption.”

In the press release, the SEC said this is the first action it has taken “based on the findings that the platform operated as a national means of exchanging unlicensed securities.” Also, the officials said EtherDelta provided a market for buyers and sellers to exchange tokens “using an order book, an order display website, and a smart contract based on Ethereum (ETH).”

The US regulators noted that, over an 18-month period, EtherDelta crypto exchange’s users executed more than 3.6 million orders for ERC20 tokens, “including tokens that are securities under federal securities laws.”

The US Securities and Exchange Commission (SEC) Fined EtherDelta Ethereum (ETH) Crypto Exchange For Operating Without A License

The US Securities and Exchange Commission’s decision marks a precedent that could impact the creation and development of decentralized crypto exchange projects. Stephanie Avakian, co-director of the SEC’s Enforcement Division, noted that “EtherDelta had both the user interface and the underlying functionality of a national online stock exchange and was required to register with the SEC or qualify for an exemption.”

Without admitting or denying the facts, Zachary Coburn agreed to pay $388,000 in penalties broken down into $300,000 in profit returns, $13,000 in interest, plus a fine of $75,000.

EtherDelta attracted media attention back in December 2017 when its platform was hacked, putting users’ information and funds at risk. The system is used to exchange Ethereum (ETH), the Ethereum blockchain’s native cryptocurrency, as well as other tokens created on this network, known as the ERC20 tokens, among others.

Categories
Crypto News

BTCC Crypto Exchange, the First Bitcoin (BTC) Exchange In China, Plans to Relaunch in South Korea

China’s first Bitcoin (BTC) exchange, BTCC, formerly known as BTC China, is ready to launch new trading services in South Korea, as The Investor reported yesterday, October 16th. BTCC, currently based in Hong Kong, will begin marketing its facilities in South Korea later this month via a Beta phase, while it would make its official debut in November.

According to BTCC’s website, the South Korean service, headed by Lee Jae-Beom, would comprise a new crypto exchange platform, a wallet service, a mining fund, and a service to enable consumer payments.

“BTCC is establishing an online/offline payment system using cryptocurrencies, and is expanding services for use in real life,” BTCC stated.

BTC China (BTCC) established in 2011 and was previously one of China’s top-three crypto exchange platforms, before intensified pressure from the country’s regulators and central bank, amid signs of imminent crypto repression, forcing BTCC to announce its closure in September 2017, while China’s national regulatory banned Initial Coin Offerings (ICOs) at the same time.

BTCC Crypto Exchange, the First Bitcoin (BTC) Exchange In China, Plans to Relaunch in South Korea in November

In January of this year, however, the company was acquired by a Hong Kong-based blockchain investment fund. Subsequently, a new BTCC project continued to develop with improvements on its mining pool and its Mobi software crypto wallet, that before relaunching its trading platform in July.

Crypto exchange platforms in South Korea have also come under considerable scrutiny by national watchdogs, which have intensified markedly in the wake of high-profile checkpoints and allegations of fraud. This year, however, China has been working to reclassify the exchanges as “crypto assets and brokerage exchanges,” thereby “recognizing them as regulated financial institutions.”

A decision is expected to be announced next month following officials’ deliberation on the possible repeal of South Korea’s ban on ICOs, which has also been in effect since September 2017. At the time of going to press, BTCC is recording about $170,000 in daily trading volumes.

Categories
Crypto News

Blockchain Technology To Be The Next Target For South Korea Government Investment

Park Won-soon, mayor of Seoul, South Korea, announced last week at a conference in Zug, the crypto valley of Switzerland, a Blockchain Urban Plan to turn the South Korean capital into a smart city by 2022, based on blockchain technology. The project requires an investment of $108 million and covers 14 public services in five areas, according to local sources.

Among the areas covered by the plan presented by Won-soon are the management of vehicle records, non-duplicable elections, management of donations, and labor protection. It is part of the program that the first decentralized services serve as a “test bed” and then undertake the innovation of all administrative services of the metropolitan government, the official said.

In the area of labor protection, for example, the city and the private sector can draw up a smart contract for part-time workers or those not covered by insurance policies. The agreement will determine the type of coverage that corresponds to each worker, according to the hours worked, as well as automate the payroll.

Park Wan-soon explained that by 2022, 200 companies focused on blockchain technology are expected to be operating and that 73 of them will already be active as of 2019. These companies will work in collaboration with the technology business accelerator Gaepo Digital Innovation Park and Mapo Seoul Startup Hub.

South Korea plans to invest $100 million in blockchain technology and crypto exchange

“There are many areas where blockchain technology is applied (…) I will contribute to the activation of the industry by applying it to management, to this end we will create an environment where companies can work freely and cultivate their talent,” said Park Won-soon
Metropolitan Mayor of Seoul, South Korea.

This initiative could have positive effects on the cryptocurrency and blockchain technology ecosystem, a field in which South Korea is one of the leading countries. Until the beginning of this year, the trade in crypto coins was not regulated in any way, and it deprived the participants of self-regulation in that ecosystem.

Seven months ago, the South Korean financial authorities established a set of measures that regulate the cryptocurrency exchange, along with the Initial Coin Offerings (ICOs). Also, South Korea implemented strict Know-Your-Customer (KYC) policies.

Such measures, according to local media, have not had the expected effects. The new identification system for crypto exchange platforms, for example, has only been adopted by 4 of the trading platforms, namely, Upbit, Bithumb, Korbit, and Coinoine.

Exit mobile version