News BITCOIN, Heists, Thefts, Hacks, Scams, and Losses

[kyphysics]

Securities brokers in the US have SIPC, which insures individual accounts up to $500K if the broker becomes insolvent - investors who had money directly invested with Madoff were eligible for this as the firm was a registered broker dealer and the ponzi purported to involve purchasing securities for clients, but crypto is not a security. The crypto grifters have gone to great lengths to protect themselves from cryptocurrencies getting classified as a security and then coming under the authority of regulators.

Given the amount of hacks, what private insurer would want to assume this liability and what would they have to charge for it?

Yeah, I wouldn't want to insure them either.

The thing with major brokerages is that even if you knew someone's account# and password, etc., it's still not that easy to steal. They have so many protections in place. If you enter a name/password, they'll call your landline (hopefully, you're not dumb enough to use your cell for that feature) to give you a one-time usage password to login to the account. So, what is the hacker going to do? Tap your landline phone? Even if he does that and enters your account, they'll usually know from the IP address difference. So, what can he do? Take over your computer? Even if he takes over your computer or spoofs your IP, what can he do?

To get any money, he has to either transfer your assets out and/or sell something (or take your money market fund cash) and put it into some bank account. There will be a record of that. He cannot cash a check if it's in your name. So, he'd have to fake an account with your name and photo ID, etc. Is he going to wear a wig, Mission Impossible face mask, etc. when he sets up the account in person? And even with that fake account, there is a record trail when he ultimately tries to cash out at the bank.

So...quick question(s):

If Mr. Criminal knows someone's crypto account info. and login, can he transfer/cash out that account in a way that leaves NO RECORD trail whatsoever? Or, is the record trail just a bit more difficult to establish vs. brokerage and bank accounts?

 

[BWV]

Well, so are stocks. Prices don't go up without a constant supply of new money to fuel the rise.

No, stocks represent partial ownership in (hopefully) a business that generates internal cash flow. this cash flow can return value through dividends and share repurchases regardless of whether new demand for shares exist

 

[BWV]

So...quick question(s):

If Mr. Criminal knows someone's crypto account info. and login, can he transfer/cash out that account in a way that leaves NO RECORD trail whatsoever? Or, is the record trail just a bit more difficult to establish vs. brokerage and bank accounts?

Basically yes, which is why crypto’s only use cases so far are money laundering, cyber fraud and selling drugs and child porn on the dark web

 

[Rive]

If Mr. Criminal knows someone's crypto account info. and login, can he transfer/cash out that account in a way that leaves NO RECORD trail whatsoever? Or, is the record trail just a bit more difficult to establish vs. brokerage and bank accounts?

There are 20k+ cryptocurrencies right now. I don't think there will be a general answer for that.

As I recall, with remaining in BTC the trail cannot be erased but without accessing the 'target' account(s) the transaction cannot be reversed or the 'money' locked.
But there are ways around that already.

 

[russ_watters]

Ponzi and pyramid schemes require a constant supply of new money and collapse when this dries up - in that sense crypto is in the same category. Not only does bitcoin require a constant stream of new investors, it requires a massive capital spend by miners to keep the network running

Maybe it's a nitpick, but that's a loose association. In a normal Ponzi scheme, the money paid in is paid back out on demand through the fund manager, who skims off the top. The total amount of money held in the fund never actually exists, nor do the gains. Some money and some gains do though.

An asset bubble also at least kind of requires a constant influx of money, but that money is driving supply and demand, not going to a 3rd party who is skimming off the top and falsifying balance sheets. And there's no direct correlation between the volume traded and the value. So, one (generally) has someone committing fraud organizing it, and the other one proceeds organically -- there's no "scheme" and no organizer stealing the money. This difference matters because it could otherwise be argued that every asset with increasing value is a Ponzi scheme. And also that's why someone goes to jail for a Ponzi scheme and no one necessarily does due to an asset bubble.

With Celsius, the reason I say they might not even know it is that I don't know the nuts and bolts of the scheme. If they (Celsius) were simply offering guaranteed 18% returns and figuring crypto would generally make much larger returns and they could pocket the difference, I'd call that a foolish Ponzi, not necessarily a fraudulent one. When the asset bubble is expanding it works, but when the bubble popped, it stopped working in spectacular fashion.

And I think it's foolish on both ends. If you, the investor, are treating it like a high interest savings account and only keep a little money in it, fine, but if you're treating it like an investment then you're letting someone else take most of the returns instead of just buying the underlying asset yourself. Consider the same with a twist on an S&P Index fund. Let's say it makes an average of 10% a year before inflation. It goes up most years, but once a decade or so it drops by 20% for a year or two. Let's say you don't like that and would prefer to see lower but stable growth. I'll offer you a guaranteed 5% return and invest your money in the S&P. I'll absorb the volatility and pocket the long-term difference in the gains. But oops, this time it went down 25% and I didn't keep enough liquid (well, unless you count the winery I bought with your money), so now I can't cover you when you try to take some money out to buy a house. It's foolish because it removes much of the returns without actually removing all the risk.

 

[kyphysics]

There are 20k+ cryptocurrencies right now. I don't think there will be a general answer for that.

As I recall, with remaining in BTC the trail cannot be erased but without accessing the 'target' account(s) the transaction cannot be reversed or the 'money' locked.
But there are ways around that already.

Interesting. So, BTC is one of the "safer" or safest (even if only in relative terms) crypto in your view?

20K cryptos does NOT make sense. 20,000 stocks makes, given so many companies in the world. But, with crypto, that's just crazy! What differentiating factor is there really?

I can understand 20,000 companies doing 20,000 different things of value to society (from Google search to Coca-Cola drinks, all the way to Southwest airlines and AMD chips). I can't grasp 20K coins having truly valuable and unique properties in the same way.

 

[russ_watters]

What differentiating factor is there really?

I can't grasp 20K coins having truly valuable and unique properties in the same way.

There is only one truly valuable and unique cryptocoin: Russcoin has the totally unique and massive advantage over all the others in that if you buy it, I'm the one who gets rich.

 

[Rive]

Interesting. So, BTC is one of the "safer" or safest (even if only in relative terms) crypto in your view?

Sorry: above I meant that by now there are ways to circumvent tracking, and not that by now authorities could revert or block transactions

Interesting. So, BTC is one of the "safer" or safest (even if only in relative terms) crypto in your view?

In my book that word just does not apply. In any sense.

 

[kyphysics]

Basically yes, which is why crypto’s only use cases so far are money laundering, cyber fraud and selling drugs and child porn on the dark web

That certainly makes me wonder if hackers like to target crypto, b/c so many of the victims may be less likely to report. It'd be like robbing a drug dealer or prostitute with them having a harder time explaining a large sum of money to authorities (given illegal occupations).

There have been articles written about how many minority and low-income communities flock to crypto, b/c they are pushed out of traditional banking options. High minimum balances/fees/requirements can make these avenues of wealth storage and growth inaccessible.

Of course, that doesn't mean crypto is safe. It's just that it's more easily accessible. ...And you have major celebs like Matt Damon and even Jay-Z doing commercials/ads for crypto, making it seem both cool and acceptable/safe.

 

[Vanadium 50]

Russcoin

No, no! Vanadium coin! Backed by real Vanadium futures!

Just like stonks - they only go up!

 

[Drakkith]

No, stocks represent partial ownership in (hopefully) a business that generates internal cash flow. this cash flow can return value through dividends and share repurchases regardless of whether new demand for shares exist

Certainly.

Basically yes, which is why crypto’s only use cases so far are money laundering, cyber fraud and selling drugs and child porn on the dark web

Respectfully, that's simply not true. The main aim of most legitimate cryptocurrencies is to create a decentralized platform for various uses like banking, investments, smart contracts, and others. Criminal activity happens of course, but they happen with virtually every other currency in the world too. One can argue the pros and cons of cryptocurrency, and whether they will survive the near future, but please don't spread obvious falsehoods that can be debunked with a one minute google search.

Interesting. So, BTC is one of the "safer" or safest (even if only in relative terms) crypto in your view?

It depends. With BTC, the most dangerous things that can happen to you are to lose your private wallet key (if you control your own wallet), your exchange account (if your wallet is on an exchange or other site that manages wallets for you), or to have that account or the exchange hacked and your assets taken. The blockchain itself is virtually immune to hacking given its decentralized nature and its cryptographic foundations.

Other cryptocurrencies are more centralized, making the threat of a single-point attack much larger, but also making it easier to change the code for updates and even perform 'rollbacks' in the case of a major hack.

So 'safe' is somewhat ambiguous. Is it safer to be completely decentralized, but without a way to protect people from accidents and scams? Or is it safer to be more centralized to protect people?

20K cryptos does NOT make sense. 20,000 stocks makes, given so many companies in the world. But, with crypto, that's just crazy! What differentiating factor is there really?

The vast majority are carbon copies of others with just a different name slapped on to take advantage of the current 'hype' to make quick money, but others are very different in technology and use. For example, ethereum is different than bitcoin, as ethereum allows the incorporation of things like smart contracts onto its blockchain, making it much more flexible and have a broader number of uses than BTC.

 

[kyphysics]

Very educational, Drakkith. Helpful info. above.

Also, in regards to the alleged usefulness of crypto being an alternative, decentralized currency, it seems illogical for 20K to exist. A currency needs decently wide adoption to be successful. ...At least in any wider societal way (I'm not counting like incarcerated inmates trading Ramen noodles or coffee as essentially money in these small, closed communities) that is. There is statistically no chance for all 20K cryptos to be adopted as a currency. Not even for 1,000 of them.

There are 195 "recognized" countries in the entire world. If we set the minimum bar for a currency to mean that a country adopts it, then you've probably got at least 19,800+ non-viable cryptos "currencies."

eta: Although, I just realized "decentralized" + country adoption may seem oxymoronic. I guess I was thinking that "currency" should be one that you can use anywhere within your country for it to be practical. Otherwise, it would seem too limiting (say, if you could only use it in like Nevada or only to buy stuff on Amazon, etc.). You'd still need some other currency in that case to buy stuff in those other situations, which begs the question of why would need/want a crypto then?

What IS the end-goal of a crypto? Is it to get adopted by an entire country? Or maybe just a large population of people? If it's just based on network effects and popularity, what happens if people suddenly dislike Crypto-A and flock to Crypto-B? ...sort of like the risk of social media network effects (ahem, Facebook/Meta...losing popularity to Tik Tok).

 

[Drakkith]

Also, in regards to the alleged usefulness of crypto being an alternative, decentralized currency, it seems illogical for 20K to exist. A currency needs decently wide adoption to be successful. ...At least in any wider societal way (I'm not counting like incarcerated inmates trading Ramen noodles or coffee as essentially money in these small, closed communities) that is. There is statistically no chance for all 20K cryptos to be adopted as a currency. Not even for 1,000 of them.

Absolutely. But cryptocurrencies are VERY easy to create, and may not even require upkeep costs for whoever creates it since many users will gladly start mining at the chance of getting in early, soaking up the upkeep costs themselves, and some cryptocurrencies run on other blockchains, with the blockchain miners getting paid by normal mining fees. So just think of most of those 20k as being 'dead', created on a whim by someone who wanted the next memecoin, or just wanted to create something silly. The majority were not created with any seriousness or were created solely to gather new investors and then dump on them.

It really is an unregulated mess out in the crypto space, which is something everyone thinking about diving into it should be aware of. Don't put money into something that sounds too good to be true, has almost no history, or has a history of problems. If you think you've found a coin that's going to 10,000x your investment within 2 years, you're either wrong, getting scammed, or winning the lottery.

 

[BWV]

Certainly.

Respectfully, that's simply not true. The main aim of most legitimate cryptocurrencies is to create a decentralized platform for various uses like banking, investments, smart contracts, and others. Criminal activity happens of course, but they happen with virtually every other currency in the world too. One can argue the pros and cons of cryptocurrency, and whether they will survive the near future, but please don't spread obvious falsehoods that can be debunked with a one minute google search.

You are conflating the promise and hype with current reality, I was describing current reality - smart blockchain contracts do not exist, Celsius demonstrated the current state of crypto banking and we have all seen the investment results. This leaves crime as the only current use case for crypto

 

[russ_watters]

Respectfully, that's simply not true. The main aim of most legitimate cryptocurrencies is to create a decentralized platform for various uses like banking, investments, smart contracts, and others. Criminal activity happens of course, but they happen with virtually every other currency in the world too. One can argue the pros and cons of cryptocurrency, and whether they will survive the near future, but please don't spread obvious falsehoods that can be debunked with a one minute google search.

Noting @BWV's point, I disagree with the "promise" ("aim") part as well. "Decentralized" is a feature, not an "aim" (goal). The aim/goal has to be in why one wants decentralization. Since what decentralization does is take away government/bank oversight, there's a handful of possible problems that feature might aim to address:

1. Cost and inconvenience of using a bank as a middle-man.
2. Desire for decentralization/privacy/lack of oversight because you don't trust in the institutions of banks and government.
3. Desire for decentralization/privacy/lack of oversight because you're doing something illegal.

If #1 is a promise, it hasn't been realized yet, which is the main reason why adoption has been so limited. It just isn't cheaper, faster or otherwise better to use crypto than a credit card/bank transfer. #2 is a popular one. A lot of people are in crypto as a counter-culture movement. They don't trust banks or governments to not abuse their power. However, while I can see this justifying investing in crypto I don't see it driving much usage of crypto. It just isn't important enough (vs the downsides) for people to want to buy stuff with crypto. Unless...#3 is the other side of the coin from #2. Where #2 is hiding for fear of government malfeasance, #3 is hiding due to [wanting to get away with] user malfeasance.

In addition to these reasons, people might also use crypto just because it's the new thing and they want to try it, regardless of true benefit.

That all said, I haven't seen good data quantifying the usage for the different cases*. Logically there isn't much sense to anything other than crime, but that doesn't mean people don't believe/use it for those other reasons anyway.

*[edit] Note, I have seen claims of regarding the low percentage of transactions used for verifiable crime, but these statistics include all transactions, not just commerce so they don't mean much.

 

[Rive]

This leaves crime as the only current use case for crypto

I think you need to put a 'reliable' in there somewhere

 

[BWV]

Noting @BWV's point, I disagree with the "promise" ("aim") part as well. "Decentralized" is a feature, not an "aim" (goal). The aim/goal has to be in why one wants decentralization. Since what decentralization does is take away government/bank oversight, there's a handful of possible problems that feature might aim to address:

1. Cost and inconvenience of using a bank as a middle-man.
2. Desire for decentralization/privacy/lack of oversight because you don't trust in the institutions of banks and government.
3. Desire for decentralization/privacy/lack of oversight because you're doing something illegal.

If #1 is a promise, it hasn't been realized yet, which is the main reason why adoption has been so limited. It just isn't cheaper, faster or otherwise better to use crypto than a credit card/bank transfer. #2 is a popular one. A lot of people are in crypto as a counter-culture movement. They don't trust banks or governments to not abuse their power. However, while I can see this justifying investing in crypto I don't see it driving much usage of crypto. It just isn't important enough (vs the downsides) for people to want to buy stuff with crypto. Unless...#3 is the other side of the coin from #2. Where #2 is hiding for fear of government malfeasance, #3 is hiding due to user malfeasance.

In addition to these reasons, people might also use crypto just because it's the new thing and they want to try it, regardless of true benefit.

That all said, I haven't seen good data quantifying the usage for the different cases. Logically there isn't much sense to anything other than crime, but that doesn't mean people don't believe/use it for those other reasons anyway.

Just to add to Russ’s second point - you can get an idea how much people really value privacy by how many use Google vs DuckDuckGo, would be willing to pay a monthly subscription for their social media accounts, etc

 

[BWV]

A great site for crypto schadenfreude

https://web3isgoinggreat.com/

 

[kyphysics]

Just to add to Russ’s second point - you can get an idea how much people really value privacy by how many use Google vs DuckDuckGo, would be willing to pay a monthly subscription for their social media accounts, etc

Is DDG as good of a search engine, though? I was under impression Google had the best algorithms.

I wouldn't use Bing, b/c they don't find (nor recommend) me the stuff that I want as well as Google.

 

[BWV]

Is DDG as good of a search engine, though? I was under impression Google had the best algorithms.

I wouldn't use Bing, b/c they don't find (nor recommend) me the stuff that I want as well as Google.

DDG uses Google

 

[Office_Shredder]

DDG uses Google

If this is true it just proves how useful giving away your information to big tech companies is.

 

[kyphysics]

DDG uses Google

As in, the search engine IS Google's? ...but just w/o data collection?

 

[kyphysics]

So, this could be off-topic and, if so, I'm happy to converse about it in another thread...

But, I actually don't mind Google's data collection on me as the price to pay for using their AWESOME services like Maps, Gmail, YouTube, Search...Android, etc. These are extremely valuable tools I use pretty much every day and don't mind data collection or ads (I have an ad blocker anyways) if I don't have to pay a subscription fee.

Nothing in life is free. I value those tools. I'm LESS inclined to put up with Meta/Facebook's data collection, b/c I don't trust their company ethics and don't value their services as much.

 

[BWV]

As in, the search engine IS Google's? ...but just w/o data collection?

had heard that somewhere, but does not appear to be the case

https://en.wikipedia.org/wiki/DuckDuckGo#Features

DuckDuckGo's results are a compilation of "over 400" sources according to itself, including Bing, Yahoo! Search BOSS, Wolfram Alpha, Yandex, and its own web crawler (the DuckDuckBot); but none from Google.[60][3][61][62][63] It also uses data from crowdsourced sites such as Wikipedia, to populate knowledge panel boxes to the right of the search results.[62][64]

 

[fluidistic]

I've skimmed through some of the last messages, instead of replying to each one one by one, I'll make a few comments.

Some people in here confuse Bitcoin with cryptocurrencies. Usually, to each cryptocurrency, there is an associated blockchain. This is not always the case (some of them are built on top of existing blockchains). The vast majority of the blockchains are public knowledge, but some aren't (e.g. as far as I know, Tether's USDT is private, and funds are freezable by Tether itself, and this has been used to freeze hackers' stolen funds). Some are obfuscated (Monero).

Bitcoin's security isn't as crystal clear as mentioned here. It is a complex system with more than 1 way to "crack" it. If you crack it, it doesn't mean you could crack other cryptocurrencies. Some cryptocurrencies are already, partially at least, resistant to quantum computing crack, as a security for a near future (e.g. Algorand).

Bitcoin doesn't "need" more people to use it, or more computing power. Bitcoin would work even if the whole world would gradually lower the computing resources down to an rpi, although in this extreme case a 51% attack wouldn't be preventable, but you get the idea.

I don't know what you mean when you say that there is no smart contract on the blockchain. Bitcoin's blockchain, sure, it's an archaic cryptocurrency that lacks smart contract capability. But others like Ethereum do. I have learned about a new way to make transactions on the Ethereum (and possibly other cryptocurrencies with smart contracts capability) impossible/near impossible to track down. The idea is that you send fund to a smart contract address, and its execution means that your funds will be sent to several different wallets, at different time, with different amounts. Apparently there is no obvious way to figure out where the money goes (see Tornado).

A smart contract could be supposed to replace a bank. If you can understand the code of the contract, you can guess/know what's going on. But that's not all to trust it. If the underlying blockchain hits the fan for some reason or another, then there is still a risk that the contract doesn't get fulfilled. Some popular (but centralized cryptocurrencies) have been DDOSed and were shut down momentarily (I don't really understand why people and companies invest in these shitty projects, but I'm not here to bash a particular crypto. I'm talking about Solana in particular, but several others are in the very same category.)

And citing the number of cryptocurrencies is bogus. You're probably less than 2 clicks away from creating a new one, by git cloning a github repository. Some people do that, change the name of the crypto and do pump and dump. But don't lose your time investigating this, this isn't worth it.

Edit: I think about USDT I am wrong. It is spread on several blockchains, the most popular one might be ethereum's one. It's the total reserves of USDT that is kept private. They can freeze your funds so I suppose there is a smart contract involved in some way. This should be easy to figure out for the interested (I am not.).

Edit 2: I remember a while back I had found a website explaining, with details but not all details, how Bitcoin work(ed). I think it is https://michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/, though I'm not 100% sure now.

There was another one explaining, with lots of details, why Bitcoin isn't anonymous, but it's not as transparent as it seems either.

 

[Vanadium 50]

However, is there not the equivalent to FDIC insurance for crypto brokerages

Of course not (and you could have looked that up). If the whole point of crypto is to get away with all that icky government interference. Like the FDIC.

 

[Melbourne Guy]

But a company offering exorbitant returns with no identifiable basis/reason is probably a Ponzi scheme, even if the company doesn't even know it.

OneCoin appears to have been an example of that, @russ_watters, with the added mystery that founder, Dr Ruja Ignatova, has vanished, purportedly with much of the poor rubes investors wealth socked away. Whether OneCoin really was a cryptocurrency is debatable, but it was certainly promoted as such, allowing the scam artists founders to hoover up some $4B in deposits.

Jamie Bartlett writes about this in "The Missing Cryptoqueen", it's an interesting tale for our times.

 

[Astronuc]

I had to look up her and OneCoin.

Missing Cryptoqueen: FBI adds Ruja Ignatova to top ten most wanted​

https://www.bbc.com/news/world-us-canada-62005066

A bureau notice published on Thursday offered a $100,000 reward for any information leading to the arrest of Ms Ignatova, who was charged in 2019 with eight counts including wire fraud and securities fraud.

Mr Bartlett, who has been investigating the case for years, said one of the reasons it had been so difficult to track down Ruja Ignatova is that she disappeared with at least $500m (£411m), helping her to hide from the law.

"We also believe she has high quality fake identity documents and has changed her appearance," he added, as well as raising the possibility that she may no longer even be alive.

OneCoin victim Jen McAdam told the BBC back in 2019 that she and her friends and family had thrown a quarter of a million euros away.

Ms McAdam said it all started from a friend's message about an unmissable investment opportunity. Sitting at her computer, the Glaswegian clicked on a link and joined a OneCoin webinar.

 

[Vanadium 50]

If someone turns her in, will the reward be in Bitcoin?

 

[Drakkith]

There was another one explaining, with lots of details, why Bitcoin isn't anonymous, but it's not as transparent as it seems either.

My understanding is that bitcoin is only an anonymous as the wallet addresses are. That is, everyone can see all the transactions into or out of wallet AxX76TTcF (or whatever the wallet address is), but they don't know who actually controls that wallet and there's no way to find out by purely looking at the blockchain. But if I link a wallet address to, say, Coinbase, who I think require an ID verification, then Coinbase knows that I control that wallet and thus the transactions aren't entirely anonymous anymore.

 

[Melbourne Guy]

But if I link a wallet address to, say, Coinbase, who I think require an ID verification, then Coinbase knows that I control that wallet and thus the transactions aren't entirely anonymous anymore.

"Know your customer" law is the weak link in the libertarian blockchain ideal, @Drakkith. Exchanges are increasingly bound by banking regulation in order to convert between crypto or into fiat currency, so your point is absolutely spot on.

Even where people try and obfuscate their ownership by chaining crypto transactions and spreading the load, the trail can usually be traced because there are fewer truly anonymous options available. And as most investors are not libertarian zealots, industry participants are yielding to regulation because otherwise, their business model is too sketchy for the serious money investors such as hedge and 401(k) funds.

 

[fluidistic]

What you say is true Drakkith, but that's just the easy part. In reality, it is much more complicated than this. I wish to find the website.

To Melbourne guy, as I mentioned, for some blockchains (such as ethereum), there's a Tornado cash possibility. If a hacker gets stolen funds in a wallet without passing through any exchange, then he can send the funds to a Tornado cash address. This will be visible to all of us. What happens next, however, cannot (at least shouldn't) be traceable. The stolen funds will be sent to many wallets (mostly from the hacker, but possibly not exclusively), at different random times, and with different amounts. The hacker wins.

 

[Melbourne Guy]

The hacker wins.

They often do, @fluidistic, and it seems the immaturity of crypto is one reason we're seeing significant theft, but do you think that if hacks and scams continue to plague the crypto world, the hype phase will pass and use / acceptance will start to wane?

 

[fluidistic]

They often do, @fluidistic, and it seems the immaturity of crypto is one reason we're seeing significant theft, but do you think that if hacks and scams continue to plague the crypto world, the hype phase will pass and use / acceptance will start to wane?

I don't think so, I think crypto has a bright future.
Today, many hacks are done because smart contracts are being written in a way allowing exploits, the programmers are noobs who don't have a solid background in computer science and/or math. Then, as far as I know, the general populace who sign those contracts, cannot undetstand them. Either because the programming language is low level like assembly, or because we see a decompiled version which makes it extremely hard to decipher. Most people just blindly trust.the contract. A hacker would spend.the time to decipher it and exploit it. If this point would be improved on, then less hacks would be performed, I think.

 

[Office_Shredder]

What you say is true Drakkith, but that's just the easy part. In reality, it is much more complicated than this. I wish to find the website.

To Melbourne guy, as I mentioned, for some blockchains (such as ethereum), there's a Tornado cash possibility. If a hacker gets stolen funds in a wallet without passing through any exchange, then he can send the funds to a Tornado cash address. This will be visible to all of us. What happens next, however, cannot (at least shouldn't) be traceable. The stolen funds will be sent to many wallets (mostly from the hacker, but possibly not exclusively), at different random times, and with different amounts. The hacker wins.

If all the tornado address does is take stolen bitcoin and distribute it to other wallets, then we still know all those other wallets contain stolen bitcoin. Nothing has been obfuscated.

 

[fluidistic]

If all the tornado address does is take stolen bitcoin and distribute it to other wallets, then we still know all those other wallets contain stolen bitcoin. Nothing has been obfuscated.

I would have hoped a little bit more research. It's not the known smart contract address that redistribute parts of the stolen funds. There are relayer addresses, I would guess they are similar to nodes in the Tor network. Anyone is free to set up such wallets.

 

[Rive]

If all the tornado address does is take stolen bitcoin and distribute it to other wallets, then we still know all those other wallets contain stolen bitcoin. Nothing has been obfuscated.

You can't request a proof of origin for every piece you receive. With putting everything in a common pool somewhere and distributing it among random transactions the traces are messed up just sufficiently.

 

[Melbourne Guy]

I would have hoped a little bit more research. It's not the known smart contract address that redistribute parts of the stolen funds. There are relayer addresses, I would guess they are similar to nodes in the Tor network. Anyone is free to set up such wallets.

Latest news on Tornado Cash is a blacklist status from the US Treasury that is likely to catch up honest retail investors and likely to be applied to other sites that provider similar services:

"In blacklisting Tornado Cash on Thursday, the Treasury Department said it was going after criminals, who used the service to launder more than $7 billion worth of virtual currency since it launched in 2019."

Regulators do not appreciate 100% transaction privacy because it is commonly utilised by bad actors who avoid taxes and fund nefarious parties.

https://www.cnbc.com/2022/08/08/tor...reasury-punishes-honest-crypto-investors.html

 

[Astronuc]

https://www.msn.com/en-us/money/markets/largest-cryptocurrencies-fall-as-cardano-plunges/ar-AA10Q82k

Polkadot plunged 11.52% to $7.47, and Uniswap plunged 11.14% to $7.05.

Dogecoin plunged 11.14% to 7 cents on Friday, while Litecoin tumbled 10.72% to $54.63 and Ripple plunged 11.02% to 34 cents.

Bitcoin Cash and Ethereum fell 10.60% to $119.42 and 9.96% to $1,690.01

Bitcoin rounded out the decreases with an 8.50% decline to $21,427.93.

In crypto-related company news, shares of Coinbase Global Inc. shed 8.03% to $76.77, while MicroStrategy Inc. fell 9.40% to $293.90. Riot Blockchain Inc. shares declined 9.24% to $7.52, and shares of Marathon Digital Holdings Inc. plunged 11.76% to $13.76.

As of 2000 EDT

Symbol	Last Price	Change	% Change
BTC-USD Bitcoin USD	20,882.00	-2,319.29	-10.00%
ETH-USD Ethereum USD	1,613.30	-232.46	-12.59%
USDT-USD Tether USD	1.0000	+0.0001	+0.0150%
https://finance.yahoo.com/quote/BNB-USD?p=BNB-USD Binance Coin USD	279.68	-18.30	-6.14%

 

[Astronuc]

FBI issues new warning for investors on DeFi hacks
https://finance.yahoo.com/news/fbi-says-cyber-criminals-exploit-de-fi-to-steal-crypto-152235403.html

The FBI is warning investors of the risks decentralized finance (DeFi) platforms face from hackers stealing cryptocurrency, and is urging both investors and platforms amp up efforts to ward off attacks.

"Cyber criminals are increasingly exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal cryptocurrency, causing investors to lose money," the FBI said in a new public service announcement. "Cyber criminals seek to take advantage of investors’ increased interest in cryptocurrencies, as well as the complexity of cross-chain functionality and open source nature of DeFi platforms."

In a smart contract, the terms of the agreement between the buyer and seller are written directly into lines of code on a blockchain network.

Cyber criminals have been trying to manipulate the complexities of blockchain and DeFi platforms to their advantage. The FBI warned criminals have exploited signature verification on DeFi platforms, allowing the actors to steal all of the platform’s investments, resulting in millions in losses.

 

[Drakkith]

Solana DeFi Exchange Accidentally Bricks Itself, Locks Up $661K Forever
https://decrypt.co/108585/solana-defi-exchange-optifi-bricks-itself-loses-661k

Options-trading decentralized exchange OptiFi announced on Monday that it had accidentally closed down its program on Solana’s mainnet, which means that all funds within the app are now permanently inaccessible. The damage? Some $661,000 worth of USDC stablecoin in total.

661k USDC is locked in the PDAs, luckily 95% of the fund is from our team member

 

[kyphysics]

https://finance.yahoo.com/news/fbi-says-cyber-criminals-exploit-de-fi-to-steal-crypto-152235403.html

The FBI is warning investors of the risks decentralized finance (DeFi) platforms face from hackers stealing cryptocurrency, and is urging both investors and platforms amp up efforts to ward off attacks.

"Cyber criminals are increasingly exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal cryptocurrency, causing investors to lose money," the FBI said in a new public service announcement. "Cyber criminals seek to take advantage of investors’ increased interest in cryptocurrencies, as well as the complexity of cross-chain functionality and open source nature of DeFi platforms."

In a smart contract, the terms of the agreement between the buyer and seller are written directly into lines of code on a blockchain network.

Cyber criminals have been trying to manipulate the complexities of blockchain and DeFi platforms to their advantage. The FBI warned criminals have exploited signature verification on DeFi platforms, allowing the actors to steal all of the platform’s investments, resulting in millions in losses. . .

Chainalysis found in a separate report that crypto lost from hacks has surged in 2022, with more than $202 million stolen in August in addition to the $1.9 billion of investor funds lost through the end of July, a 37% increase from last year.

$1.9 billion is a lot of value (granted, total crypto market cap has hovered at $1-$2 trillion the past 12 months).

I wonder if this has slowed the pace of investors buying into crypto? What amount of stolen/lost $$ would prompt a retail investor from buying back in? $1,000 . . .$10,000? . . .$100,000?

Or, even getting divorced?

 

[russ_watters]

Solana DeFi Exchange Accidentally Bricks Itself, Locks Up $661K Forever
https://decrypt.co/108585/solana-defi-exchange-optifi-bricks-itself-loses-661k

I don't understand what actually happened there. Sure, I sometimes accidentally close a program without saving, but why did closing the program brick the funds? Isn't the data on who owns what in a database that the program is just accessing? Heck, even if the database got corrupted, couldn't they go to a backup?

 

[russ_watters]

https://finance.yahoo.com/news/fbi-says-cyber-criminals-exploit-de-fi-to-steal-crypto-152235403.html

$1.9 billion is a lot of value (granted, total crypto market cap has hovered at $1-$2 trillion the past 12 months).

I wonder if this has slowed the pace of investors buying into crypto? What amount of stolen/lost $$ would prompt a retail investor from buying back in? $1,000 . . .$10,000? . . .$100,000?

2% of the market being stolen a year sounds like an awful lot. I don't know what it is for normal money/investments, but it can't be a significant amount of money. When was the last time you heard of a bank getting robbed of all its money? Part of the issue is that unlike banks, it seems like knowing which crypto exchange is going to be the next to get robbed (or collapse due to being a scam) is a blind game of Russian Roulette.

 

[Drakkith]

I don't understand what actually happened there. Sure, I sometimes accidentally close a program without saving, but why did closing the program brick the funds? Isn't the data on who owns what in a database that the program is just accessing? Heck, even if the database got corrupted, couldn't they go to a backup?

I don't know either. At least almost all of the lost funds were from themselves.

 

[kyphysics]

2% of the market being stolen a year sounds like an awful lot. I don't know what it is for normal money/investments, but it can't be a significant amount of money. When was the last time you heard of a bank getting robbed of all its money? Part of the issue is that unlike banks, it seems like knowing which crypto exchange is going to be the next to get robbed (or collapse due to being a scam) is a blind game of Russian Roulette.

For theft, it's a lot.

I don't know if that'd deter desperate, enthusiastic, gambling, etc. crypto investors, though. Lots have a "HODL" mentality.

 

[Office_Shredder]

I don't understand what actually happened there. Sure, I sometimes accidentally close a program without saving, but why did closing the program brick the funds? Isn't the data on who owns what in a database that the program is just accessing? Heck, even if the database got corrupted, couldn't they go to a backup?

My rough understanding is Solana let's you deploy software onto a blockchain. If you close the software it shuts the program down and returns to you all your native Solana currency that the program had access to. If you want to restart it you can just upload the program again.

How this connects to the program using usdc I don't really know. It seems like a flaw in the system you can't recover that as well. The program must have had access to a crypto wallet that no one could know about (I'm not sure how this would work in practice) and that key was lost with the closure.

 

[Vanadium 50]

t seems like knowing which crypto exchange is going to be the next to get robbed (or collapse due to being a scam) is a blind game of Russian Roulette.

Oh, I dunno.

Suppose I were a cryprocriminal. I short..un...lets call it Friendlycoin, and then I hack it. I don't need to make off with all that much money, just enough for people to lose confidence in Friendlycoin. It tanks, and I make a ton of money.

Of course, there are no criminals involved in crypto - just technologists and civil libertarians. No criminals at all, nosiree.

 

[fluidistic]

Here's a slightly more detailed explanation of what happened to solana's incident.https://halborn.com/explained-the-optifi-glitch-august-2022/
I think that in theory the devs could revert the faulty transaction, without asking the community's opinion (solana is centralized and.the main dev had hidden premined a ton of coins so he got rich quickly. It's also very innefficient, etc. that's beside the scope). In practice he may not do that, otherwise people will realize anything can be done on that ''insert pejorative word'' blockchain.

 

[fluidistic]

2% of the market being stolen a year sounds like an awful lot.

It's 2 billions out of a marketcap a thousand (or 500 times these days) times bigger, so that would be about 0.1 percent.
I'm not sure it's accurate to call ''market'' the daily crypto marketcap though.
What hurts is not.the relative amount of.crypto that.gets stolen, it's the irreversibility of the transactions that aren't allowed even by a 3rd party. I mean, the FBI can do it, when it is lucky enough to find and torture the malicious person, but it's not a given.