Lawsuit Sees Further Chinese Crypto TV Coverage

Mixin Network Suspends Services Amid $200 Million HackOn Monday, Mixin Network, a decentralized peer-to-peer network whose project team is based in Hong Kong, officially confirmed a substantial security breach that resulted in the loss of approximately $200 million in crypto assets from its mainnet.Photo by GuerrillaBuzz on UnsplashSeptember 23 hackThis incident, disclosed via an X (formerly Twitter) post, prompted the immediate suspension of all deposit and withdrawal services on Mixin Network until further notice.The project team outlined that the hack occurred on September 23, exposing vulnerabilities that allowed malicious actors to compromise the database of a third-party cloud service provider. Mixin Network has taken action to address the situation, enlisting the expertise of Singapore-headquartered blockchain security investigator SlowMist and the support of Google to conduct a thorough investigation and formulate a recovery plan.At the time of the breach, Mixin Network’s holdings included $94.48 million in Ether, $23.55 million in Dai, and $23.3 million in Bitcoin, as reported in an independent investigation by PeckShield. The total value of assets affected amounted to $141.32 million.Cyvers, an Israeli Web3 security firm, has also been looking into the matter on Monday. In a social media post, the firm stated:”Our internal investigation has uncovered suspicious funding transactions involving @MixinKernel hacker addresses. Two of hacker addresses received 51 $ETH from 0x1795F0eBDa5A836aE63F28CE546E72de069A8bd2 who was interacted with @HuobiGlobal and @binance.”The firm goes on to call on Binance and its CEO Changpeng Zhao (CZ) and Huobi to help identify the wallet address in question.Halting withdrawalsIn response to the security breach, Mixin Network has temporarily halted all deposits and withdrawals on its platform. These services will only resume once the vulnerabilities have been identified and fully resolved. On X, the project stated:”Deposit and withdrawal services on Mixin Network have been temporarily suspended. After discussion and consensus among all nodes, these services will be reopened once the vulnerabilities are confirmed and fixed. During this period, transfers are not affected.”Details regarding the plans to recover the lost assets for affected users have yet to be announced.Despite initial promises that Mixin Network’s Founder, Feng Xiaodong, would address the incident in a public Mandarin live stream on September 25, links to the live stream were not provided on the official social media channels or the website mixin.network.The incident has garnered criticism on the basis of a lack of decentralization. One commentator stated:”Some of those blockchain protocols are so decentralized that when their cloud database is hacked, coins are also gone.”Ongoing hacksThis security breach on Mixin Network is the latest in a series of high-profile crypto-related incidents. Ethereum Co-Founder Vitalik Buterin recently fell victim to a SIM swap attack, which resulted in the compromise of his X (formerly Twitter) account.In a statement, Buterin revealed that the hackers had successfully executed a SIM swap, a type of attack that targets the victim’s mobile phone number to gain unauthorized access to various online accounts, including social media, banking, and cryptocurrency platforms.The repercussions of the Mixin Network hack underscore the ongoing challenges faced by the crypto industry in ensuring the security and protection of digital assets. As investigations continue, affected users await further developments and the eventual resumption of deposit and withdrawal services.

It's been nearly ten years since the infamous collapse of the Japanese bitcoin exchange Mt. Gox, with some creditors of the defunct business now claiming to have finally received their long-awaited repayments.Photo by Su San Lee on UnsplashSubreddit payment confirmationsTestimonies shared on the Mt.Gox creditor subreddit and a dedicated Telegram channel reveal that certain payments, in the form of Japanese yen, have been distributed to creditors who opted for PayPal as their preferred mode of receipt. Excitement marked the early stages of this repayment process. Users on Reddit joyfully shared their experiences, with one exclaiming:"I got money!! I just got my initial payment via Paypal!!"This development comes after Mt.Gox rehabilitation trustee, Nobuaki Kobayashi, had previously extended the repayment deadline from Oct. 31, 2023, to Oct. 31, 2024. However, last month, Kobayashi informed creditors that certain cash repayments would be initiated before the year's end. Despite efforts to expedite the process, the sheer volume of creditors and the complexities involved mean that repayments will continue into 2024. The collapse of Mt.Gox in early 2014 triggered global regulatory responses and initiated a nearly decade-long bankruptcy and corporate rehabilitation process. The exchange fell victim to a series of hacks between 2011 and 2014, leaving a lasting impact on the cryptocurrency landscape. The commencement of repayments has been hanging over the crypto market for many years, with many fearing that the process may have a dampening effect on the bitcoin unit price, given that funds are being distributed in Japanese yen and bitcoin. Earlier this year, the U.S. government indicted two Russian nationals for laundering funds stolen from Mt.Gox, shedding light on the enduring legal ramifications stemming from the exchange's demise. Double payment glitchHowever, it appears the process encountered some glitches, as other Reddit posts indicated that a few creditors received double payments via PayPal, adding a new layer of complexity to the already intricate Mt. Gox saga. Reddit users, such as u/rlycreativename, have shared emails they claim to have received from the Mt.Gox Rehabilitation Trustee. The emails acknowledge a system issue leading to inadvertent double transfers and legally obligate recipients to return the surplus amount. While some users have complied with the request and returned the duplicated funds, others have expressed hesitancy, citing the historical challenges creditors faced in obtaining their money. The situation has evoked discussions on Reddit, with users debating whether the Trust deserves a swift return, considering the prolonged struggle creditors endured to reclaim their funds. While it may be tempting for some creditors to hold on to the duplicate payment, such a decision may only serve to heap more misery on long-suffering Mt.Gox creditors. The recent case of Jatinder Singh and Thevamanogari Manivel would be very relevant for creditors to consider. Singh was a customer of well-known digital assets platform Crypto.com. In 2021 the firm inadvertently transferred $10 million to his account. Singh conspired with Manivel to withdraw and keep the funds. A community corrections order of 18 months has been imposed on Manivel in Australia while Singh will be sentenced in February.  

South Korean cryptocurrency exchange Flybit, which is operated by the Korean Fintech Industry Association, has passed the post-audit for its Information Security and Privacy Management System certification (ISMS-P), according to local news website News1 on Wednesday (KST).Photo by FlyD on UnsplashRigorous certification standardsThe ISMS-P is a security management system jointly operated by South Korea’s Ministry of Science and ICT and the Personal Information Protection Commission, representing the highest level of security management in the country. It combines 80 requirements for Information Security Management System (ISMS) certification and 22 requirements for Personal Information Management System (PIMS) certification, totaling 102 requirements that must be met. Once obtained, certification is valid for three years, and annual post-audits are required to maintain its validity. Flybit’s commitment to security"Cryptocurrency exchanges are businesses that manage customers' valuable assets. All Flybit members approach their work by recognizing the fact that the protection of personal information is our most important value,” the exchange said. "We will continually strive to maintain security accidents since the establishment of the exchange." Flybit first obtained the ISMS certification in December 2020 and the ISMS-P certification two years later in December 2022. The most recent ISMS-P follow-up audit was conducted last month. After a thorough examination, the results of the audit were delivered by the Korea Internet and Security Agency (KISA) on Dec. 12, which stated that the exchange could maintain its certification. In October last year, the firm also received the highest rating in the comprehensive anti-money laundering (AML) evaluation conducted annually by the Financial Intelligence Unit (FIU) under the Financial Services Commission.