Cybersecurity

Multisig wallets vulnerable to exploitation by StarkEx apps, says developer Safeheron

The vulnerability allegedly allows Web3 apps using the StarkEx protocol to bypass the security protection of private keys in MPC wallets, potentially exposing users’ layer 2 keys to wallet providers.

Certain multisignature (multisig) wallets can be exploited by Web3 apps that use the StarkEx protocol, according to a March 9 press release provided to Cointelegraph by Multi-Party Computation (MPC) wallet developer Safeheron. The vulnerability affects MPC wallets that interact with StarkEx apps such as dYdX. According to the press release, Safeheron is working with app developers to patch the vulnerability.

According to Safeheron’s protocol documentation, MPC wallets are sometimes used by financial institutions and Web3 app developers to secure crypto assets they own. Similar to a standard multisig wallet, they require multiple signatures for each transaction. But unlike standard multisigs, they do not require specialized smart contracts to be deployed to the blockchain, nor do they have to be built into the blockchain’s protocol.

Instead, these wallets work by generating “shards” of a private key, with each shard being held by one signer. These shards have to be joined together off-chain in order to produce a signature. Because of this difference, MPC wallets can have lower gas fees than other types of multisigs and can be blockchain agnostic, according to the docs.

MPC wallets are often seen as more secure than single signature wallets, since an attacker can’t generally hack them unless they compromise more than one device.

However, Safeheron claims to have discovered a security flaw that arises when these wallets interact with StarkEx-based apps such as dYdX and Fireblocks. When these apps “obtain a stark_key_signature and/or api_key_signature,” they can “bypass the security protection of private keys in MPC wallets,” the company said in its press release. This can allow an attacker to place orders, perform layer 2 transfers, cancel orders, and engage in other unauthorized transactions.

Related: New “zero-value transfer” scam is targeting Ethereum users

Safeheron implied that the vulnerability only leaks the users’ private keys to the wallet provider. Therefore, as long as the wallet provider itself is not dishonest and has not been taken over by an attacker, the user’s funds should be safe. However, it argued that this makes the user dependent on trust in the wallet provider. This can allow attackers to circumvent the wallet’s security by attacking the platform itself, as the company explained:

“The interaction between MPC wallets and dYdX or similar dApps [decentralized applications] that use signature-derived keys undermines the principle of self-custody for MPC wallet platforms. Customers may be able to bypass pre-defined transaction policies, and employees who have left the organization may still retain the capability to operate the dApp.”

The company said that it is working with a number of Web3 app developers, including Fireblocks, Fordefi, and StarkWare to patch the vulnerability. It has also made dYdX aware of the problem, it said. In mid-March, the company plans to make its protocol open source in an effort to further help app developers patch the vulnerability.

A source familiar with the matter told Cointelegraph that StarkEx had known about the vulnerability before Safeheron brought it to attention, noting that the it does not allow an attacker to transfer funds off of the layer 2 and back onto mainnet. This seemingly implies that it may not be possible for an attacker to successfully steal funds through the attack.

Cointelegraph attempted to contact dYdX, but did not receive a response prior to publication.

Avihu Levy, Head of Product at StarkWare told Cointelegraph that the company applauds Safeheron’s attempt to raise awareness about the issue and to help provide a fix, stating:

“It’s great that Safeheron is open-sourcing a protocol focusing on this challenge. We encourage developers to address any security challenge that should arise with any integration, however limited its scope. This includes the challenge being discussed now.”

He continued, explaining “The growth in companies and individuals finding fixes for some of the teething troubles of L2 integration is very positive.”

StarkEx is a layer 2 Ethereum protocol that uses zero-knowledge proofs to secure the network. When a user first connects to a StarkEx app, they derive a STARK key using their ordinary Ethereum wallet. It is this process that Safeheron says is resulting in leaked keys for MPC wallets.

Uniswap DAO debate shows devs still struggle to secure cross-chain bridges

Developers face tradeoffs between making bridges upgradeable to fix bugs versus making them decentralized.

Over $2.5 billion was stolen in cross-chain crypto bridge hacks from 2021 to 2022, according to a report by Token Terminal. But, despite several attempts by developers to improve bridge security, a debate from December 2022 to January 2023 on the Uniswap DAO forums has laid bare security weaknesses that continue to exist in blockchain bridges.

In the past, bridges like Ronin and Horizon used multisig wallets to ensure that only bridge validators could authorize withdrawals. For example, Ronin required five out of nine signatures to withdraw, whereas Horizon required two out of five. But attackers figured out how to circumvent these systems and withdrew millions of dollars worth of crypto, leaving users of these bridges with unbacked tokens.

After these multisig bridges were hacked, developers started turning to more sophisticated protocols like Celer, LayerZero and Wormhole, which claimed to be more secure.

But in December 2022, Uniswap DAO began discussing deploying Uniswap v3 to the BNB Chain. In the process, the decentralized autonomous organization (DAO) had to decide which bridge protocol would be used for cross-chain Uniswap governance. In the discussion that followed, the security of each solution was challenged by critics, leaving some observers to conclude that no single bridge solution was secure enough for Uniswap’s purposes.

As a result, some participants concluded that only a multibridge solution can secure crypto assets in the cross-chain environment of crypto today.

Over $10 billion of crypto assets are currently locked on bridges as of Feb. 15, according to DefiLlama, making the issue of bridge security an urgent one.

How blockchain bridges work

Blockchain bridges enable two or more blockchains to share data with each other, such as cryptocurrency. For example, a bridge may enable USD Coin (USDC) to be sent from Ethereum to BNB Chain or Trader Joe (JOE) from Avalanche to Harmony.

But each blockchain network has its own architecture and database, separate from others. So in a literal sense, no coin can be sent from one network to another.

Cybersecurity, Security, Web3, Smart Contracts, Hacks

To get around this problem, bridges lock coins on one network and mint copies of them on another. When the user wants to “move” their coins back to the original network, the bridge then burns the copies and unlocks the original coins. Although this doesn’t move coins between networks, it’s similar enough to suit the purposes of most crypto users.

However, the problem arises when an attacker can either mint unbacked coins on the receiving chain or withdraw coins on the sending chain without burning its copies. Either way, this results in the receiving chain having extra coins that are not backed by anything. This is exactly what happened in the Ronin and Horizon hacks of 2022.

Ronin and Horizon: When bridging goes wrong

Ronin bridge was a protocol that allowed Axie Infinity players to move coins between Ethereum and the Ronin sidechain to play the game.

The Ethereum contracts for the bridge had a function called “withdrawERC20For,” which allowed Ronin validators to withdraw tokens on Ethereum and give them to the user, with or without burning them on Ronin. However, the Ronin software that validators ran was programmed only to call this function if the corresponding coins on Ronin had been burned. Calling the function required signatures from five out of the nine validator nodes, preventing an attacker from withdrawing the funds even if they got control of a single node.

To further ensure that the funds couldn’t be stolen, Axie Infinity developer Sky Mavis distributed the majority of validator keys to other stakeholders, including Axie DAO. This meant that if Sky Mavis’s computers were taken over, the attacker still wouldn’t be able to withdraw coins without their backing since the attacker would only have four keys.

But despite these precautions, an attacker could still obtain all four of Sky Mavis’ keys, plus a fifth signature from Axie DAO to withdraw over $600 million worth of crypto from the bridge.

Recent: SEC vs. Kraken: A one-off or opening salvo in an assault on crypto?

Sky Mavis has since reimbursed victims of the attack and has relaunched the bridge with what the developers call a “circuit breaker” system that halts large or suspicious withdrawals.

A similar attack happened to the Harmony Horizon Bridge on June 24, 2022. This bridge allowed users to transfer assets from Ethereum to Harmony and back again. The “unlockTokens” (withdraw) function could only be called if two out of five signatures from the Harmony team authorized it. The private keys that could produce these signatures were encrypted and stored using a key management service. But through some unknown method, the attacker was able to gain and decrypt two of the keys, allowing them to withdraw $100 million of crypto from the Ethereum side of the bridge.

The Harmony team proposed a reimbursement plan in August 2022 and relaunched the bridge using LayerZero.

After these hacks, some bridge developers believed they needed better security than a basic multisig wallet. This is where bridging protocols came in.

The rise of bridging protocols

Since the Ronin and Horizon hacks have called attention to the problem of bridge security, a few companies have begun to specialize in creating bridge protocols that other developers can customize or implement for their specific needs. These protocols claim to be more secure than just using a multisig wallet to handle withdrawals.

In late January, the Uniswap DAO considered launching a BNB Chain version of its decentralized exchange. In the process, it needed to decide which protocol to use. Here are the four protocols considered, along with a brief explanation of how they try to secure their bridges.

LayerZero

According to the LayerZero docs, the protocol uses two servers to verify that coins are locked on the original chain before allowing them to be minted on the destination chain. The first server is called the “oracle.” When a user locks coins on the sending chain, the oracle transmits the block header for that transaction to the destination chain.

The second server is called the “relayer.” When a user locks coins on the sending chain, the relayer sends proof to the second chain that the locking transaction is contained within the block referenced by the oracle.

As long as the oracle and relayer are independent and do not collude, it should be impossible for an attacker to mint coins on chain B without locking them on chain A or to withdraw coins on chain A without burning them on chain B.

LayerZero uses Chainlink for the default oracle and provides its own default relayer for application developers that want to use it, but devs can also create custom versions of these servers if they want to.

Celer

According to the Celer cBridge docs, Celer relies on a network of proof-of-stake (PoS) validators called “state guardians” to verify that coins are locked on one chain before being minted on another. Two-thirds of the validators have to agree that a transaction is valid for it to be confirmed.

In the Uniswap debate, Celer co-founder Mo Dong clarified that the protocol also offers an alternative mechanism for consensus called “optimistic rollup-style security.” In this version, transactions are subject to a waiting period, allowing any single state guardian to veto the transaction if the information it has contradicts the two-thirds majority.

Mo argued that some app developers, including Uniswap, should use the “optimistic rollup-like security model” and run their own app guardian to guarantee they can block fraudulent transactions even if the network is compromised.

In response to a question about who the validators for the network are, the Celer co-founder stated:

“Celer has a total of 21 validators, which are highly reputable PoS validators securing chains such as Binance Chain, Avalanche, Cosmos and more, such as Binance, Everstake, InfStones, Ankr, Forbole, 01Node, OKX, HashQuark, RockX and more.”

He also emphasized that Celer slashes validators who attempt to get fraudulent transactions confirmed.

Wormhole

According to a forum post from the team, Wormhole relies on 19 validators called “guardians” to prevent fraudulent transactions. 13 out of 19 validators have to agree for a transaction to be confirmed.

In the Uniswap debate, Wormhole argued that its network is more decentralized and has more reputable validators than its peers, stating, “Our Guardian set comprises the leading PoS validators, including Staked, Figment, Chorus One, P2P, and more.”

DeBridge

The deBridge docs say that it is a proof-of-stake network with 12 validators. Eight of these validators have to agree that a transaction is valid for it to be confirmed. Validators that attempt to pass through fraudulent transactions are slashed.

In the Uniswap debate, deBridge co-founder Alex Smirnov stated that all deBridge validators “are professional infrastructure providers that validate many other protocols and blockchains” and “all validators bear reputational and financial risks.”

In the later stages of the debate, Smirnov began advocating for a multibridge solution rather than for using deBridge as the sole solution for Uniswap, as he explained:

“If deBridge is chosen for the temperature check and further governance voting, the Uniswap-deBridge integration will be built in the context of this bridge-agnostic framework and thus, will enable other bridges to participate.”

Throughout the Uniswap bridge debate, each of these protocols was subjected to criticism in terms of its security and decentralization.

LayerZero allegedly gives power to app devs

LayerZero was criticized for allegedly being a disguised 2/2 multisig and for putting all power into the hands of the app developer. On Jan. 2, L2Beat author Krzysztof Urbański alleged that the oracle and relayer system on LayerZero can be circumvented if an attacker takes control of the app developer’s computer systems.

To prove this, Urbański deployed a new bridge and token using LayerZero, then bridged some tokens from Ethereum to Optimism. Afterward, he called an admin function to change the oracle and relayer from the default servers to ones under his control. He then proceeded to withdraw all of the tokens on Ethereum, leaving the tokens on Optimism unbacked.

Urbański’s article was cited by multiple participants in the debate, including GFX Labs and Phillip Zentner of LIFI, as reasons why LayerZero shouldn’t be used as the sole bridging protocol for Uniswap.

Speaking to Cointelegraph, LayerZero CEO Bryan Pellegrino responded to this criticism, stating that a bridge developer using LayerZero “can burn [its] ability to change any settings and have it be 100% immutable.” However, most developers choose not to do this because they fear imposing immutable bugs into the code. He also argued that putting upgrades into the hands of a “middlechain auth” or third-party network can be riskier than having an app developer control it.

Some participants also criticized LayerZero for having an unverified or closed-source default relayer. This would allegedly make it difficult for Uniswap to develop its own relayer quickly.

Celer raises concerns about security model

In an initial non-binding vote on Jan. 24, the Uniswap DAO chose to deploy to BNB Chain with Celer as the official Uniswap bridge for governance. However, once GFX Labs started testing the bridge, they posted concerns and questions about Celer’s security model.

According to GFXLabs, Celer has an upgradeable MessageBus contract under the control of three of five multisigs. This could be an attack vector by which a malicious person could gain control of the entire protocol.

In response to this criticism, Celer co-founder Mo stated that the contract is controlled by four highly-respected institutions: InfStones, Binance Staking, OKX and the Celer Network. Dong argued that the MessageBus contract needs to be upgradeable to fix bugs that may be found in the future, as he explained:

“We made the MessageBus upgradeable with the goal of making it easier to address any potential security issues just in case and add must-have features. However, we approach this process with care and continually evaluate and improve our governance process. We welcome additional active contributors such as GFXLabs to be more involved.”

In the later stages of the debate, Celer began supporting a multibridge solution instead of arguing for its own protocol being the only bridge.

Wormhole not slashin’

Wormhole was criticized for not using slashing to punish misbehaving validators and for allegedly doing a lower volume of transactions than it is admitting.

Mo argued that a PoS network with slashing is usually better than one without, stating, “Wormhole does not have any economic security or slashing built in the protocol. If there is any other centralized/off-chain agreement, we hope wormhole can make them known to the community. Just by looking at this comparison, a reasonable level of economic security in protocol >> 0 economic security in the protocol.”

Mo also claimed that Wormhole’s transaction volume might be lower than the company admits. According to him, over 99% of Wormhole transactions come from Pythnet, and if this number is excluded, “there are 719 message per day in the last 7 days on Wormhole.”

DeBridge had very little criticism directed against it, as most participants seemed to think that Celer, LayerZero and Wormhole were the dominant choices.

In the later stages of the debate, the deBridge team began advocating for a multibridge solution.

Toward a multibridge solution?

As the Uniswap debate continued, several participants argued that no single bridging protocol should be used for governance. Instead, they argued that multiple bridges should be used and that a majority or even unanimous decision from all bridges should be required to confirm a governance decision.

Celer and deBridge came around to this point of view as the debate progressed, and LIFI CEO Phillip Zentner argued that Uniswap’s move to BNB should be postponed until a multibridge solution could be implemented.

Ultimately, the Uniswap DAO voted to deploy to BNB Chain with Wormhole as the official bridge. However, Uniswap executive director Devin Walsh explained that deployment with a single bridge does not preclude adding additional bridges at a later date. So the advocates for a multibridge solution will likely continue their efforts.

Can blockchain bridges be secure?

No matter what ultimately happens to Unsiwap’s cross-chain governance process, the debate has illustrated how hard it is to secure cross-chain bridges.

Putting withdrawals into the hands of multisig wallets creates the risk that bad actors may gain control of multiple signatures and withdraw tokens without the consent of users. It centralizes the blockchain world and makes users rely upon trusted authorities instead of decentralized protocols.

Recent: DeFi security: How trustless bridges can help protect users

On the other hand, proof-of-stake-style bridging networks are complex programs that may be found to have bugs, and if their contracts are not upgradeable, these bugs can’t be fixed without a hard fork of one of the underlying networks. Developers continue to face a tradeoff between putting upgrades into the hands of trusted authorities, who may get hacked, versus making protocols truly decentralized and, therefore, non-upgradeable.

Billions of dollars of crypto assets are stored on bridges, and as the crypto ecosystem grows, there may be even more assets stored on these networks over time. So the problem of securing a blockchain bridge and protecting these assets continues to be critical.

Coinbase discloses recent cyberattack targeting employees

No customer funds or information were impacted, according to the company. Coinbase’s engineering team believes the attack is associated with a sophisticated phishing campaign.

Coinbase employees were targeted in a cybersecurity attack on Feb. 5 involving SMS scams and the impersonations of IT staff, according to a recent report from the company’s engineering team. No customers’ funds or information were impacted, the crypto exchange said.

According to the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter’ instructions:

“While the majority ignore this unprompted message – one employee, believing that it’s an important and legitimate message, clicks the link and enters in their username and password. After ‘logging in,’ the employee is prompted to disregard the message and thanked for complying.”

The perpetrator then made repeated attempts to gain remote access to Coinbase’s internal systems with the employee’s username and password, but was unable to pass through the Multi-Factor Authentication (MFA) security measure. 

After failing to authenticate and being automatically blocked, the exploiter contacted the employee by phone. According to the report, the attacker claimed to be Coinbase’s IT department and asked the employee for assistance:

“Believing that they were speaking to a legitimate Coinbase IT staff member, the employee logged into their workstation and began following the attacker’s instructions. That began a back and forth between the attacker and an increasingly suspicious employee. As the conversation progressed, the requests got more and more suspicious.”

Coinbase’s Computer Security Incident Response Team (CSIRT) was alerted about an unusual activity by its Security Incident and Event Management (SIEM) system. An incident responder reached out to the victim via the company’s internal messaging system in response to the atypical behavior.

“Realizing something was seriously wrong, the employee terminated all communications with the attacker,” said the report. According to Coinbase, its layered control environment protected customer funds and information, even though some of its personnel information had been compromised.

has The company believes the attack is associated with a sophisticated attack campaign that has targeted many companies since last year, especially in the United States. Cybersecurity company Group-IB reported in August similar phishing attacks on employees of Twilio and Cloudflare as part of a massive campaign ending in 9,931 accounts of over 130 organizations being compromised.

Coinbase’s team also noted that its customers and employees are frequent targets of fraudsters, and the solution lies in offering appropriate training:

“Research shows again and again that all people can be fooled eventually, no matter how alert, skilled, and prepared they are. We must always work from the assumption that bad things will happen. We need to be constantly innovating to blunt the effectiveness of these attacks while also striving to improve the overall experience of our customers and employees.”

DeFi protocol Platypus suffers $8.5M flash loan attack, suspect identified

The attack has led to the de-pegging of the Platypus USD stablecoin, which fell to $0.48 from $1.

A potential suspect has been identified over the $8.5 million attack on decentralized finance protocol Platypus, which saw $8.5 million drained from the protocol.

Blockchain security firm CertiK first reported the flash loan attack on the Avalanche-based stable swap platform through a tweet on Feb.16, alongside the alleged attacker’s contract address.

According to CertiK, nearly $8.5 million has been already been moved. As a result, the Platypus USD stablecoin became de-pegged from the U.S. dollar, dropping 52.2% to $0.478 at the time of writing.

Platypus later confirmed the hack on Twitter, while a moderator of Platypus’ Telegram group confirmed that Platypus has halted trading.

“The attacker used a flashloan to exploit a logic error in the USP solvency check mechanism in the contract holding the collateral.”

Platypus confirmed a loss of “8.5 million” from its main pool and said that deposits were covered at 85%. Other pools were unaffected. The company has contacted the hacker to negotiate a bounty for the return of the funds.

Tether Holdings has frozen the USDT stolen, and Platypus had reached out to Circle and Binance to freeze other stolen tokens.

A tweet from crypto “on-chain sleuth” ZachXBT has called out a now-deleted Twitter account going by @retlqw, alleging that the addresses identified by Platypus are linked to the account.

“I’ve traced addresses back to your account from the @Platypusdefi exploit and I am in touch with their team and exchanges. We’d like to negotiate returning of the funds before we engage with law enforcement,” said ZachXBT.

Platypus’ official Twitter account has also retweeted the message from ZachXBT

A flash attack is the same method used by Avi Eisenberg when he allegedly manipulated the price of Mango Markets’ MNGO coin in October. Eisenberg said shortly after the exploit that he believed “all of our actions were legal open market actions, using the protocol as designed.” Eisenberg was arrested on fraud charges on Dec. 28.

Update Feb. 17, 4:53 am UTC: Added a tweet from ZachXBT relating to the possible identity of the Platypus flash loan attacker.

OneKey says it’s fixed the flaw that got its hardware wallet hacked in 1 second

Unciphered posted a video showing a “Massive critical vulnerability” in the OneKey Mini. The creators noted it’s been patched and are now working on further securing the wallet.

Crypto hardware wallet provider OneKey says it has already addressed a vulnerability in its firmware that allowed one of its hardware wallets to be hacked in one second flat.

On Feb. 10, a video on YouTube posted by cybersecurity startup Unciphered showed they had figured out a way to exploit a “Massive critical vulnerability” in order o “crack open” a OneKey Mini.

According to Eric Michaud, a partner at Unciphered, by disassembling the device and inserting coding, it was possible to return the OneKey Mini to “factory mode” and bypass the security pin, allowing a potential attacker to remove the mnemonic phrase used to recover a wallet. 

“You have the CPU and the secure element. The secure element is where you keep your crypto keys. Now, normally, the communications are encrypted between the CPU, where the processing is done, and the secure element,” Michaud explained.

“Well it turns out it wasn’t engineered to do so in this case. So what you could do is put a tool in the middle that monitors the communications and intercepts them and then injects their own commands,” he said, adding:

“We did that where it then tells the secure element it’s in factory mode and we can take your mnemonics out, which is your money in crypto.”

However, in a Feb. 10 statement, OneKey said it had already addressed the security flaw identified by Unciphered, noting that its hardware team had updated the security patch “earlier this year” without “anyone being affected,” and that “All disclosed vulnerabilities have been or are being fixed.”

“That said, with password phrases and basic security practices, even physical attacks disclosed by Unciphered will not affect OneKey users.” 

The company further highlighted that while the vulnerability was concerning, the attack vector identified by Unciphered can’t be used remotely and requires “disassembly of the device and physical access through a dedicated FPGA device in the lab to be possible to execute.”

According to OneKey, during correspondence with Unciphered, it was disclosed that other wallets have been found to have similar issues.

“We also paid Unciphered bounties to thank them for their contributions to OneKey’s security,” OneKey said.

Related: ‘Haunts me to this day’ — Crypto project hacked for $4M in a hotel lobby

In its blog post, OneKey has said it’s already gone to great pains to ensure the security of its users, including protecting them from supply chain attacks — when a hacker replaces a genuine wallet with one controlled by them. 

OneKey’s measures have included tamper-proof packaging for deliveries and the use of supply chain service providers from Apple to ensure stringent supply chain security management.

In the future, they hope to implement onboard authentication and upgrade newer hardware wallets with higher-level security components.

OneKey noted that the main purpose of hardware wallets has always been to protect users’ money from malware attacks, computer viruses and other remote dangers, but acknowledged that unfortunately, nothing can be 100% secure. 

“When we look at the entire hardware wallet manufacturing process, from silicon crystals to chip code, from firmware to software, it’s safe to say that with enough money, time and resources, any hardware barrier can be breached, even if it’s a nuclear weapon control system.”

OneKey says it has fixed flaw that got its hardware wallet hacked in 1 second

Unciphered posted a video showing a “Massive critical vulnerability” in the OneKey Mini. The creators say it’s been patched and they are now working on further securing the wallet.

Crypto hardware wallet provider OneKey says it has already addressed a vulnerability in its firmware that allowed one of its hardware wallets to be hacked in one second flat.

A video on YouTube posted on Feb. 10 by cybersecurity startup Unciphered showed they had figured out a way to exploit a “Massive critical vulnerability” that allowed them to “crack open” a OneKey Mini.

According to Eric Michaud, a partner at Unciphered, by disassembling the device and inserting coding, it was possible to return the OneKey Mini to “factory mode” and bypass the security pin, allowing a potential attacker to remove the mnemonic phrase used to recover a wallet. 

“You have the CPU and the secure element. The secure element is where you keep your crypto keys. Now, normally, the communications are encrypted between the CPU, where the processing is done, and the secure element,” Michaud explained.

“Well it turns out it wasn’t engineered to do so in this case. So what you could do is put a tool in the middle that monitors the communications and intercepts them and then injects their own commands,” he said, adding:

“We did that where it then tells the secure element it’s in factory mode and we can take your mnemonics out, which is your money in crypto.”

However, in a Feb. 10 statement, OneKey said it had already addressed the security flaw identified by Unciphered, noting that its hardware team had updated the security patch “earlier this year” without “anyone being affected” and that “All disclosed vulnerabilities have been or are being fixed.”

“That said, with password phrases and basic security practices, even physical attacks disclosed by Unciphered will not affect OneKey users.” 

The company further highlighted that while the vulnerability was concerning, the attack vector identified by Unciphered can’t be used remotely and requires “disassembly of the device and physical access through a dedicated FPGA device in the lab to be possible to execute.”

According to OneKey, during correspondence with Unciphered, it was disclosed that other wallets have been found to have similar issues.

“We also paid Unciphered bounties to thank them for their contributions to OneKey’s security,” OneKey said.

Related: ‘Haunts me to this day’ — Crypto project hacked for $4M in a hotel lobby

In its blog post, OneKey has said it’s already gone to great pains to ensure the security of its users, including protecting them from supply chain attacks — when a hacker replaces a genuine wallet with one controlled by them. 

OneKey’s measures have included tamper-proof packaging for deliveries and the use of supply chain service providers from Apple to ensure stringent supply chain security management.

In the future, they hope to implement onboard authentication and upgrade newer hardware wallets with higher-level security components.

OneKey wrote that the main purpose of hardware wallets has always been to protect users’ money from malware attacks, computer viruses and other remote dangers, but unfortunately, nothing can be 100% secure. 

“When we look at the entire hardware wallet manufacturing process, from silicon crystals to chip code, from firmware to software, it’s safe to say that with enough money, time and resources, any hardware barrier can be breached, even if it’s a nuclear weapon control system.”

Jump Crypto unveils critical vulnerability on Binance’s BNB Chain

The security flaw would allow the mint of an unlimited amount of arbitrary tokens. The issue was privately disclosed to the BNB team.

Web3 infrastructure firm Jump Crypto has discovered a vulnerability in the BNB Beacon Chain, which would allow the mint of an unlimited amount of arbitrary tokens. The issue was privately disclosed to the BNB team, enabling a patch to be developed and deployed within 24 hours.

In a blog post from Feb. 10, Jump Crypto disclosed a detailed report about the vulnerability found two days earlier, which could “have led to a large loss of funds.“

As per the report, the BNB Chain comprises two blockchains: The Ethereum Virtual Machine-compatible Smart Chain, based on a fork of go-ethereum and the Beacon Chain, built on top of Tendermint and Cosmos SDK.

However, the Beacon Chain uses a BNB fork hosted on GitHub with several BNB-specific changes. “It deviates from the Cosmos SDK upstream in several ways, motivating us to take extra care in reviewing the differences,” notes Jump Crypto, which recently started a broad research effort dedicated to discovering and patching vulnerabilities across projects via coordinated disclosure.

The vulnerability would allow an attacker to mint an almost unlimited amount of BNB tokens via a malicious transfer, meaning that destination accounts would receive a much larger number of BNB tokens than the sender initially provided. Jump Crypto noted:

“Bugs that allow infinite minting of native assets are some of the most critical vulnerabilities in Web3. As such, this finding is proof that we all must stay vigilant and collaborate to elevate security assurances across all projects. “

The BNB team fixed the issue by switching to overflow-resistant arithmetic methods for the SDK coin type. The patch will result in a golang panic and a transaction failure if the coin calculation overflows.

BNB Chain is the native blockchain behind the crypto exchange Binance. The company CEO, Changpeng Zhao, thanked Jump Crypto’s team for reporting the bug on Twitter:

In October 2022, the BNB Chain was briefly suspended after a cross-chain exploit compromised nearly $80 million worth of cryptocurrency. The genesis of the breach took place on the BSC Token Hub, eventually resulting in the creation of an “extra BNB,” shows an official post on Reddit. 

Uniswap’s BNB deployment should use multiple bridges, claims LIFI CEO

The LIFI executive proposed that a team of four researchers be appointed to study the idea of a multi-bridge approach.

As Uniswap DAO’s vote to deploy to BNB Chain continues, LIFI CEO Phillip Zentner argued in a Feb. 6 forum post that the current proposal is flawed. According to Zentner, the plan to use Wormhole as the sole governance bridge for Uniswap should be abandoned. Instead, he claimed that Uniswap researchers should work on a standardized system for using multiple bridges to handle governance decisions.

In the post, Zentner stated that LIFI strongly recommends “that Uniswap not select one bridge provider for its BNB Chain Deployment Proposal” because “no single AMB [arbitrary messaging bridge] is tested enough to be considered a robust and secure solution that a project of Uniswap’s size can solely rely on at this point.”

As evidence of this, Zentner reminded readers of the slew of bridge hacks the crypto community has suffered over the past two years, stating:

“Lest it be forgotten, two major AMBs were exploited in the past twelve months (Nomad and Wormhole), while LayerZero has also come under fire recently for its security model (Prestwich 2, L2Beat). We do not say this as condemnation, rather, we point this out to highlight just how difficult it is to build secure AMBs and the subsequent risks a dApp is exposed to by choosing a single bridging solution.”

For this reason, LIFI wants to see “a multi-bridge, agnostic approach” to Uniswap governance. Zentner proposed that this could be accomplished by appointing a team of four engineers to study the subject and submit a proposal.

Related: Wormhole wins second ‘temp check’ become bridge for Uniswap

The LIFI CEO seemed to imply that the current proposal should be voted down and the date of BNB Chain deployment postponed until at least March 27. According to an image posted by Zentner, the Uniswap team had previously set a deadline of March 27 for a “final report published with community recommendations.” Zenter said that he believes this deadline can still be met, even if the current proposal is voted down.

Venture capital firm a16z recently attempted to use its 15 million UNI tokens to vote the BNB proposal down, due to the firm’s concerns about Wormhole bridge security. However, Metamask developer ConsenSys has used its 7 million UNI votes to support the proposal. The vote is scheduled to end on Feb. 10.

Scammers are targeting crypto users with new ‘zero value TransferFrom’ trick

The trick allows the attacker to confirm zero-value transactions from the victim’s wallet, hijacking the user’s transaction history.

Data from Etherscan shows that some crypto scammers are targeting users with a new trick that allows them to confirm a transaction from the victim’s wallet, but without having the victim’s private key. The attack can only be performed for transactions of 0 value. However, it may cause some users to accidentally send tokens to the attacker as a result of cutting and pasting from a hijacked transaction history.

Blockchain security firm SlowMist discovered the new technique in December and revealed it in a blog post. Since then, both SafePal and Etherscan have adopted mitigation techniques to limit its effect on users, but some users may still be unaware of its existence.

According to the post from SlowMist, the scam works by sending a transaction of zero tokens from the victim’s wallet to an address that looks similar to one that the victim had previously sent tokens to.

For example, if the victim sent 100 coins to an exchange deposit address, the attacker may send zero coins from the victim’s wallet to an address that looks similar but that is, in fact, under the control of the attacker. The victim may see this transaction in their transaction history and conclude that the address shown is the correct deposit address. As a result, they may send their coins directly to the attacker.

Sending a transaction without owner permission 

Under normal circumstances, an attacker needs the victim’s private key to send a transaction from the victim’s wallet. But Etherscan’s “contract tab” feature reveals that there is a loophole in some token contracts that can allow an attacker to send a transaction from any wallet whatsoever.

For example, the code for USD Coin (USDC) on Etherscan shows that the “TransferFrom” function allows any person to move coins from another person’s wallet as long as the amount of coins they are sending is less than or equal to the amount allowed by the owner of the address.

This usually means that an attacker can’t make a transaction from another person’s address unless the owner approves an allowance for them.

However, there is a loophole in this restriction. The allowed amount is defined as a number (called the “uint256 type”), which means it is interpreted as zero unless it is specifically set to some other number. This can be seen in the “allowance” function.

As a result, as long as the value of the attacker’s transaction is less than or equal to zero, they can send a transaction from absolutely any wallet they want, without needing the private key or prior approval from the owner.

USDC isn’t the only token that allows this to be done. Similar code can be found in most token contracts. It can even be found in the example contracts linked from the Ethereum Foundation’s official website.

Examples of the zero value transfer scam

Etherscan shows that some wallet addresses are sending thousands of zero-value transactions per day from various victims’ wallets without their consent.

For example, an account labeled Fake_Phishing7974 used an unverified smart contract to perform more than 80 bundles of transactions on Jan. 12, with each bundle containing 50 zero-value transactions for a total of 4,000 unauthorized transactions in one day.

Misleading addresses

Looking at each transaction more closely reveals a motive for this spam: The attacker is sending zero-value transactions to addresses that look very similar to ones the victims previously sent funds to.

For example, Etherscan shows that one of the user addresses targeted by the attacker is the following:

0x20d7f90d9c40901488a935870e1e80127de11d74.

On Jan. 29, this account authorized 5,000 Tether (USDT) to be sent to this receiving address:

0xa541efe60f274f813a834afd31e896348810bb09.

Immediately afterwards, Fake_Phishing7974 sent a zero-value transaction from the victim’s wallet to this address:

0xA545c8659B0CD5B426A027509E55220FDa10bB09.

The first five characters and the last six characters of these two receiving addresses are exactly the same, but the characters in the middle are all completely different. The attacker may have intended for the user to send USDT to this second (fake) address instead of the real one, giving their coins to the attacker.

In this particular case, it appears that the scam did not work, as Etherscan does not show any transactions from this address to one of the fake addresses created by the scammer. But given the volume of zero-value transactions done by this account, the plan may have worked in other cases.

Wallets and block explorers may vary significantly as to how or whether they show misleading transactions.

Wallets

Some wallets may not show the spam transactions at all. For example, MetaMask shows no transaction history if it is reinstalled, even if the account itself has hundreds of transactions on the blockchain. This implies that it stores its own transaction history rather than pulling the data from the blockchain. This should prevent the spam transactions from showing up in the wallet’s transaction history.

On the other hand, if the wallet pulls data directly from the blockchain, the spam transactions may show up in the wallet’s display. In a Dec. 13 announcement on Twitter, SafePal CEO Veronica Wong warned SafePal users that its wallet may display the transactions. In order to mitigate against this risk, she said that SafePal was altering the way addresses are displayed in newer versions of its wallet so as to make it easier for users to inspect addresses.

In December, one user also reported that their Trezor wallet was displaying misleading transactions.

Cointelegraph reached out through email to Trezor developer SatoshiLabs for comment. In response, a representative stated that the wallet does pull its transaction history directly from the blockchain “every time users plug in their Trezor wallet.”

However, the team is taking steps to protect users from the scam. In an upcoming Trezor Suite update, the software will “flag the suspicious zero-value transactions so that users are alerted that such transactions are potentially fraudulent.” The company also stated that the wallet always displays the full address of every transaction and that they “strongly recommend that users always check the full address, not just the first and last characters.”

Block explorers

Aside from wallets, block explorers are another type of software that can be used to view transaction history. Some explorers may display these transactions in such a way as to inadvertently mislead users, just as some wallets do.

To mitigate against this threat, Etherscan has begun graying out zero-value token transactions that aren’t initiated by the user. It also flags these transactions with an alert that says, “This is a zero-value token transfer initiated by another address,” as evidenced by the image below.

Other block explorers may have taken the same steps as Etherscan to warn users about these transactions, but some may not have implemented these steps yet.

Tips for avoiding the ‘zero-value TransferFrom’ trick

Cointelegraph reached out to SlowMist for advice on how to avoid falling prey to the “zero-value TransferFrom” trick.

A representative from the company gave Cointelegraph a list of tips for avoiding becoming a victim of the attack:

  1. “Exercise caution and verify the address before executing any transactions.”
  2. “Utilize the whitelist feature in your wallet to prevent sending funds to the wrong addresses.”
  3. “Stay vigilant and informed. If you encounter any suspicious transfers, take the time to investigate the matter calmly to avoid falling victim to scammers.”
  4. “Maintain a healthy level of skepticism, always stay cautious and vigilant.”

Judging from this advice, the most important thing for crypto users to remember is to always check the address before sending crypto to it. Even if the transaction record seems to imply that you’ve sent crypto to the address before, this appearance may be deceiving.

How to protect against crime in the metaverse

To protect against crime in the metaverse, take precautions, such as using secure passwords, and report suspected criminal activities to law enforcement.

How to protect yourself in the metaverse

To protect yourself in the metaverse, use strong passwords, be cautious of suspicious activity, and limit the amount of personal information shared online.

Here are some ways to protect yourself in the metaverse:

  • Use strong and unique passwords: Create secure passwords utilizing a variety of letters, numbers and symbols and steer clear of using the same one for many accounts.
  • When disclosing personal information, exercise caution: Be cautious when sharing information online and be on the lookout for unauthorized requests for personal information.
  • Utilize two-factor authentication: To further secure your accounts, use two-factor authentication.
  • Update your hardware and software: To guard against any vulnerabilities, make sure to keep your software and devices up to date with the most recent security upgrades.
  • Report suspicious activity: Inform the proper authorities or the platform’s moderation team of any questionable activity or behavior.
  • Pay attention to phishing attempts: To deceive you into revealing personal information or login passwords, you should be on the alert for phishing attempts.
  • Use a virtual private network (VPN), if possible: When entering the metaverse, use a VPN to secure your internet connection and safeguard your personal data.
  • Set privacy preferences: Utilize the privacy settings and tools offered by the metaverse platforms to control how much of your personal information is exposed to others.
  • Be aware of the potential sexual harassment: Take precautions to shield yourself from offensive or unwanted behavior by being aware of the possibility of sexual harassment in the metaverse.
  • Beware of scammers: Criminals may try to fool you by using social engineering, making up identities or impersonating.

By being mindful of the hazards and cautions in virtual reality worlds, users can take further precautions to protect themselves. This can entail being watchful with the data they disclose online, exercising caution when speaking to strangers and blocking or reporting any individuals who engage in inappropriate behavior.

Are there any sexual harassment risks in the metaverse?

In virtual worlds, people may feel empowered to engage in unethical or criminal behavior, such as sexual harassment, due to the anonymity and lack of oversight by law enforcement agencies.

In the metaverse, sexual harassment can take many forms, including:

  • Virtual sexual assault: Sexual propositions, unwanted touching and other unwanted physical contacts could all constitute virtual sexual assault.
  • Online sexual harassment: Online sexual harassment may take the form of sending unwelcome sexually suggestive messages, exchanging inappropriate or sexually explicit photographs, or making vulgar remarks.
  • Cyberstalking: This can involve persistently sending unwelcome messages or following someone online with the intention of intimidating or harassing them.
  • Non-consensual sharing of intimate images: Sharing intimate photos or films of someone without their consent is referred to as non-consensual sharing of intimate photographs or revenge porn.
  • Online grooming: This may involve adults pursuing children or other vulnerable individuals in virtual spaces with the intention of sexually exploiting them.

Metaverse users should report any instances of sexual harassment to the relevant authorities, and metaverse companies should have strong policies in place to handle and prevent it.

What financial crimes occur in the metaverse?

Money laundering, fraud and asset theft are all types of financial crimes that can cost people and virtual communities a lot of money in the metaverse.

The use of cryptocurrencies to conceal the proceeds of criminal activity, such as the sale of illegal narcotics or weapons, by hiding the source and ownership of the money through a convoluted web of transactions is an example of money laundering in the metaverse.

A Ponzi scheme is an example of financial fraud in the metaverse, which involves the use of virtual goods or money to trick investors into thinking that their money is being put toward a successful project when, in reality, the returns are being paid from the contributions of new investors rather than from any genuine business gains. Moreover, criminals may use the metaverse to conduct financial transactions that are not reported to tax authorities in order to evade taxes.

Criminals may also utilize hacking methods to steal users’ confidential financial data in the metaverse. Similarly, criminals may use the metaverse to conduct cyberextortion, which is a type of digital blackmail in which a criminal demands payment in exchange for withholding sensitive information or data.

These are only a few instances of how metaverse users are targeted by cybercriminals; therefore, it’s crucial to be aware of these threats and take precautions to safeguard your information. One can do this by using two-factor authentication and strong passwords, being cautious about unsolicited requests for personal information, and making sure their software and devices are up-to-date with the most recent security patches.

How do cybercriminals target the metaverse?

By taking advantage of flaws in virtual systems and user behavior, such as malware infections, phishing scams and illegal access to personal and financial information, cybercriminals prey on the metaverse.

Cybercriminals may target the metaverse in a variety of ways, including:

  • Phishing scams: Thieves may employ phishing techniques to deceive victims into disclosing personal information or login credentials, which can then be used for identity or data theft or other unlawful acts.
  • Hacking: To steal money or personal information, criminals may try to hack into user accounts or metaverse platforms.
  • Malware: To access sensitive data or carry out illicit operations, criminals may use malware to infect virtual environments or devices that support the metaverse.
  • Frauds: Criminals may leverage the anonymity and lax regulation of the metaverse to carry out scams such as Ponzi or pyramid schemes.
  • Ransomware: Thieves may use ransomware to encrypt a user’s digital possessions or personal data before requesting payment in exchange for the decryption key.
  • Exploiting virtual goods and assets: Cybercriminals may use bots or other tools to buy virtual goods and assets, which they then sell on the black market for real money. 
  • Creating fake digital assets: Criminals may make false virtual assets and sell them to unwary buyers, causing the victims to suffer financial loss.
  • Social engineering: Thieves may take advantage of the metaverse’s social elements to win over people’s trust before defrauding them.

Related: How are metaverse assets taxed?

The “Crypto Crime Cartel” case is one real-world instance of cybercrime in the metaverse. In 2020, it was discovered that a group of cybercriminals had been working in the metaverse, more specifically in the online community of Second Life.

They tricked customers into submitting log-in and personal information via a phishing scam, which they then utilized to steal virtual money and digital assets. The group also perpetrated identity theft and other financial crimes in the real world using the stolen information. Money-laundering crypto criminals were successful in stealing digital assets and currencies worth millions of dollars.

This example demonstrates how cybercriminals might use the anonymity and lax regulation of the metaverse to carry out unlawful acts. It emphasizes the significance of exercising caution when using virtual worlds and taking precautions to safeguard private data and digital assets, such as using strong passwords, being wary of unsolicited requests for personal information and notifying the appropriate authorities of any suspicious activity.

The Decentral Games hack is just another instance of financial crime in the metaverse. A group of hackers attacked Decentral Games, a well-known metaverse gaming site built on the Ethereum blockchain, in 2021 by taking advantage of a flaw in the smart contract. They were able to steal Ether (ETH) and other cryptocurrencies valued at more than $8 million from users of the network.

This illustration shows how susceptible smart contracts and decentralized systems can be to hackers and other sorts of cyberattacks. It also demonstrates how a lack of oversight and regulation in the crypto and metaverse industries can make it simpler for criminals to commit cybercrimes and steal substantial sums of money.

What is the dark side of the metaverse?

The metaverse has the potential to alter the way we interact and engage with one another and technology. However, there are also possible drawbacks and risks, just like with any new technology. Potential problems with privacy, security and legislation are part of the metaverse’s negative side.

One of the main issues with metaverse platforms is privacy. People may disclose more sensitive data and personal information in the metaverse, increasing the risk of hacking and data breaches. Furthermore, there may be less supervision and regulation over how businesses gather and use this data, which might result in the misuse of personal data.

Being a virtual environment, the metaverse is open to various security risks, including hacking, intellectual property theft and misuse of user data that can lead to the loss of personal data, financial harm and damage to the reputation and stability of virtual communities. For instance, the metaverse may be used by criminals to commit additional crimes, propagate malware or steal personal data.

Regulation is another issue because the metaverse is a young and rapidly changing environment. Governments and other institutions can find it difficult to keep up with technology and lack the resources or tools necessary to govern it successfully. This absence of oversight may result in problems like unlawful activity and hazardous content.

However, it is also unclear how society will be affected by the metaverse because it is a brand-new area that is developing quickly. While some experts assert that technology will create more options for community and connection, others counter that it will just increase social alienation and isolation.