CoinMetro’s CEO, Kevin Murcko brings you the most recent crypto market news during the weekly AMA every Friday.
Crypto Market News Highlights
This is social engineering. Do you think they hacked into the crypto exchange by sweating at night, drinking coffee and pounding on keyboards? Of course not.
What they probably did was go into Telegram, found out who was working on the company, got into their LinkedIn profile and made it seem like they were getting contacted by maybe the CEO, and got access to information they shouldn’t have, gained access to cold/hot wallets, and stole the money.
When people think about crypto and cyber security, they have this idea that you need to be super tech-savvy to protect your assets. You don’t. On blockchain, there are some technical requirements, sure. Certain wallets can only send to certain address, multi signatures, hot and cold wallets.
But at the end of the day, it’s all about making sure you have internal policies that stop these social engineering hacks from working. If someone in CoinMetro gets an email from Kevin that says “pay this amount of Bitcoin to a wallet” — they wouldn’t do it. Because we don’t send emails requesting wallet transfers.
These are simple techniques, but it is usually how people get hacked. Kevin would say that more than 90% of all hacks, start or end with social engineering.
They’re saying that most Bitcoin miner-makers have been affected by the outbreak since their factories are based in cities. Almost all production will be halted for some time.
Kevin thinks this whole Coronavirus is quite overblown. At the end of the day, there will most likely not be a lasting effect. A bubble of a month or two, or three — most of that hash power would be eaten up by older machines coming back online, cloud mining — whatever. Especially if the hash power spikes down, people will assume they have a better chance to get their old miners back online.
More hacking topics.
It’s funny because crypto is traceable. They demanded 2x100 Bitcoins from each firm. 100 Bitcoin to restore access to the data, and 100 Bitcoin to delete the copy instead of selling it.
So, they’re asking for Bitcoin, which is pseudo anonymous. If the law firms are savvy enough, they could send the Bitcoin, just to catch these guys.
This just shows that while the guys are smart enough to social engineer a hack, they’re not smart enough to know that Bitcoin is probably the worst cryptocurrency to accept their ill-gotten gains through.
CoinMetro’s comprehensive guide to Bitcoin.
That’s the municipal bond market for those that don’t know. When small and large municipalities around the country want to do something — like build new roads, they sell bonds.
It’s a huge market, in the trillions. And it’s difficult to get into because of the high value of the lowest amount you can invest in those bonds. There is really no secondary market, and definitely not a retail secondary market.
ConsenSys is assuming that tokenizing it and allowing them to fractionalize those bonds would open up more access to retail investors.
They’re still not talking about the settlement of those things. In the US, a “transfer agent registration” is not that difficult to get, but it’s not mentioned in the article. They’re just talking about a broker-dealer license, so opening up to a secondary market. They still need to settle them somewhere.
Well, it’s going down the right path.
Kevin is not sure why everybody is getting so excited about the ebb and flows in Bitcoin and back into altcoins. They are natural. There has never been a bull market in history, that was underneath the most recent high watermark. The most recent high watermark for Bitcoin is around $20,000.
Until we reach there, we are not in a bull market. We can be in a bull trend, while still being inside a bear market.
Interested in trading discussions? Join CoinMetro’s Trading Channel on Telegram!
News from the previous week
This is a civil case, not the pending litigation that is going through a grand jury right now, with Tether and Bitfinex (and a few other companies). He wrote to the judge, vouching for the legal team. A non-lawyer vouching for a legal team… — that would be like Kevin saying “this legal team is awesome” to a judge.
An ETP is an Electronically Traded Paper. This is a bit ridiculous. You take a digital asset and make a paper version of it, and trade it electronically…
Switzerland likes to think that they are on the forefront of financial products — but they build things that no one wants. It only really gets sold in Switzerland. Maybe in Austria, Germany.
The idea here is that people who already trade ETPs will already have an account and can start trading. It’s the same idea that people had when Futures came out. And for the most part, it didn’t do anything to the market.
Another asset being traded. Great. What does Kevin think about that? Doesn’t care.
This is a “no shit Sherlock”-story.
Centralized exchanges hold a good amount of the available Bitcoin and Ether. One of the only things you can do with crypto — let’s be honest — is trade it. The vast majority of use is for trading.
This is an audit on how security compliance is done inside of a company. It’s a good thing. Did they need to do it? No. Does it mean that they are fully secure and can’t get hacked? No.
For the most part, this type of exam does not include most of the security measures that would be needed from a pure technical standpoint to protect blockchain-based assets.
Having said that, most hacks are not hacks. It’s not some guy jumping into a system and typing on a screen with lots of text flying past. That’s mostly what happens in movies.
Most hacking is social engineering. They get a phone call or an email and they think that it’s from somebody within the company, and they givethem access to something. In another example, someone uses a public WiFi on the Hilton Hotel called “Hilton Free WiFi” which happens to be a WiFi hotspot from the phone of the guy next to them, and through the hotspot, files are stolen.
Hacks usually happen like this. Negligence and lack of policies. This is probably covered to an extent inside of this security audit. So that’s good. Did they have to pass it? No. It’s good that they passed it, but it’s mostly only for PR. Lots of organizations pass this, and some are required to, by law. No other crypto company has done it, mainly because they don’t have to.
There we go. We will start seeing more and more of this. Austria has not yet fined anyone, but they will. Which is what regulators are supposed to do.
Tune in every Friday for “This Week in Crypto” with CoinMetro’s CEO Kevin Murcko on our Youtube channel: https://www.youtube.com/coinmetro