Taiwan and Crypto-mining, Electrum and Hacks

It’s the end of the year and it’s lights on for cryptocurrencies everywhere. After a devastating December for Bitcoin, with the cryptocurrency plummeting in a tailspin to the depths of despair, cryptocurrency and blockchain are still here.
Let’s finish, though talking about the news as they happened this week and put a distance between ourselves and any fears about the future of the industry.
At Cryptonewest, we’re once again quite certain that the industry is here to stay and there’s no mistaking that.

A Taiwanese Man Bags $3-million Worth of Electricity to Mine Cryptocurrencies

Cryptocurrencies are hungry little devils. One can almost wonder – how do you get yourself sufficient power to mine them. And it’s a tough question which deserves, perhaps, a tougher and frank answer – it’s expensive.
It’s probably what our Taiwanese suspect must have thought when he started stealing electricity. It all started modestly. Perhaps a few kilowatt hours a pop, but then he grew unabashed, drinking the succulent juices of the power grid and pouring them generously into his mining operation.
Our suspect had Ethereum (ETH) and Bitcoin (BTC) in mind, hoping to secure himself a small fortune, whatever the cost. The news was delivered by EBC Dongsen News on December 26.
And since then, the whole of the crypto world has buzzed.
Yang (the suspect’s surname) has stolen and that has disgruntled the locals. But also – Yang has been successful. The culprit has reportedly amassed $14.5 million worth of cryptocurrencies – a staggering amount, which we can’t help but ask – why? Why not stop after the first… few millions, even.
Because Yang was smart. He started opening toy shops and internet cafes to hide his appetites. Yang also reached out to electrician, re-wiring the meters and avoiding register in a spike in the network. But you can’t syphon off $3 million worth of electricity without really raising a few eyebrows.
So, the Taiwan Power Company looked into it, and it turned to the police. And thus, Yang was discovered.
It wasn’t the bust of the century, although the collected prize money was certainly a very big and significant catch indeed.

Electrum is Targeted by Prying Parties

Electrum is having woes of its own. The cryptocurrency wallet Electrum has been coming under reportedly continuous attacks. Malicious parties have been trying to break into the wallet and empty it out.
And now, they have succeeded. Estimated 250 bitcoin worth $937,000 have gone missing. A small catch, but one that certainly has highlighted some difficulties in maintaining the security of the place.
But on the plus side, it has not been entirely the crypto exchange’s fault. It’s really simple actually. The hackers have been creating fake versions of the wallets and asking customers to provide their IDs willingly.
Alas, when it comes to your online wallets, you can never be too sure. You need to read and scrutinize every individual message. The hackers did set up fake servers which wooed customers into following a scam URL.

Reddit user normal_rc explained the scam as follows: “If someone’s Electrum Wallet connected to one of those servers, and tried to send a BTC transaction, they would see an official-looking message telling them to update their Electrum Wallet, along with a scam URL.”

And here is the strange thing. Users were asked to fulfil a two-step authentication process (which is not normally requested when logging into Electrum), but users automatically thought it was part of the “update”.

“I kept trying to send and kept getting an error code ‘max fee exceeded no more than 50 sat/B [satoshis per byte]’ I then restored my wallet on a separate pc and found that my balance had been transferred out in full[.]”

Still, while the attack has taken places successfully, it’s rather bizarre that people would so willingly log into a website that looks suspicious. Although this time, the culprits used a GitHub repository, but even then – there are a lot of things that can done to double-check the validity of the software:

  • Look into the dates and uploads
  • Check the history of the repository
  • Wait for other people to download and report they have been successful

Phishing attacks are not the fault of exchanges and crypto wallet companies. It’s understandable that hackers would go after products worth millions of dollars. With this in mind, attacks on cryptocurrencies will continue.
There’s hardly ever going to be a deterrent and the more the value of these digital assets grows, the more daring hackers will become.
And herein comes another problem – if everyday users must be careful about every individual transaction, how can cryptocurrency truly be mainstream? Educating users globally would be a difficult undertaking and one that will come with its fair share of stolen crypto money.
It’s a long road towards the full digitalization of the economy. And this fear is quite a decent reason not to pursue it immediately.

Comments (No)

Leave a Reply