Top

CoinGecko security breach latest threat within crypto space

Web3 & Enterprise·January 12, 2024, 1:51 AM

The crypto space continues to suffer a disproportionate share of hacks and scams that were further exacerbated on Wednesday, with Malaysian crypto data aggregator the latest to succumb to a security breach.

 

Serving as yet another stark reminder of the persistent threats plaguing the sector, a phishing scam targeted CoinGecko's X account, leading to a brief compromise that raised concerns about the safety of user information.

https://asset.coinness.com/en/news/665e08d0b2b6f1b715f8ec42a31003c6.webp
Photo by GuerrillaBuzz on Unsplash

Phishing scam

During this incident, hackers posted a phishing link on CoinGecko's X account, falsely advertising a token airdrop for a cryptocurrency named GCKO. The deceptive post claimed that GCKO could be used for API services, including the cryptocurrency ANKR. Swift action by CoinGecko involved the removal of the fraudulent post and a public warning urging users to avoid interacting with any suspicious links or content.

 

In an X post, CoinGecko wrote:

”Our Twitter accounts @CoinGecko and @GeckoTerminal have been compromised. We're taking immediate steps to investigate the situation and secure our accounts. Please DO NOT click on any links or engage with suspicious content. Your security is our top priority.”

 

Employee error

The firm followed up with an update on Thursday, attributing the breach to a team member inadvertently clicking on a fraudulent Calendly link, granting unauthorized access to the hacker.

 

Despite having two-factor authentication (2FA) enabled and employing robust security measures, CoinGecko emphasized that the inadvertent click allowed unauthorized access. The compromised accounts were then exploited to disseminate misleading information and potentially engage in malicious activities.

 

CoinGecko expressed sincere apologies for any confusion or inconvenience caused by the incident. The company reiterated its commitment to platform security and continuous improvement of internal controls, assuring users that corrective measures were promptly implemented.

 

SEC incompetence

CoinGecko's security incident occurred within 24 hours of a similar occurrence involving the U.S. Securities and Exchange Commission (SEC). The SEC's X account was compromised, with scammers posting a false message from Chair Gary Gensler about the approval of spot bitcoin exchange-traded funds (ETFs).

 

While CoinGecko identified a vulnerability in its security regimen, the SEC later confirmed that the breach in its case was far more basic. It was not due to infrastructure attacks but rather the lack of 2-factor authentication (2FA) tied to the SEC's account, the most basic form of operations security.

 

Gensler and the SEC have come in for major criticism from the crypto community in the U.S. due to a policy of regulation by enforcement that has been pursued. With that, the Commission came in for swift and harsh criticism in the immediate aftermath of its X account hack.

 

Many pointed out the irony of Gensler advising consumers to secure their accounts back in October when the SEC itself had failed to do so. Others queried who would be responsible for what some interpreted as an episode of market manipulation, something that the SEC has perennially associated the crypto markets with. During the time that the account was compromised, millions of dollars of value were liquidated in short and long trading positions.

 

CoinGecko's quick response serves as a valuable lesson in the importance of vigilance and proactive security measures amid the growing threats facing the cryptocurrency community.

More to Read
View All
Markets·

Apr 24, 2023

K-Pop NFT Platform MetaBeat’s Token Listed on UniSwap v3

K-Pop NFT Platform MetaBeat’s Token Listed on UniSwap v3MetaBeat, a non-fungible token (NFT) platform based in Seoul and catering to K-pop fans, announced that its BEAT token is listed on Uniswap v3, one of the most popular decentralized cryptocurrency exchanges.©Pexels/Josh SorensonBEAT/USDC on UniswapBy introducing the BEAT/USDC liquidity pool on Uniswap v3, MetaBeat aims to increase the popularity of its BEAT tokens.MetaBeat ecosystemThe MetaBeat ecosystem enables music fans to contribute to their community with social media activities. Contributions from fans, along with their artists’ performances, are taken into account when determining the FANomance Index, which is then utilized to appropriately reward fans.Fans can support their favorite artists in three distinct ways: Drops, Mingle, and Shout Out.DropsWithin the MetaBeat platform, Drops indicate NFT sales. MetaBeat creates and sells community NFTs backed by music intellectual property (IP), allowing fans to own or stake them for value sharing. The IP value depends on music consumption, such as album sales and streams.MingleMetaBeat users can stake tokens on an open Mingle, backed by music IP, and obtain rewards based on the Mingle’s FANomance Index.Shout OutThe Shout Out program incentivizes fans who upload their artist-related posts on social media and verify their activities on MetaBeat.KuCoinMeanwhile, it is also worth noting that the BEAT token is tradable on a centralized exchange. In November last year, the global centralized exchange KuCoin began supporting the trading pair of BEAT/USDT.

news
Policy & Regulation·

Apr 01, 2025

Japan to implement crypto insider trading restrictions

According to a report published on March 31 by Nikkei, a Tokyo-based financial news outlet, the Japanese authorities are gearing up to categorize digital assets as financial products, while in the process broadening the scope of insider trading restrictions. While the publication didn’t cite a particular source, it reported that the Japanese Financial Services Agency (FSA) is expected to file a draft amendment related to the existing Financial Instruments and Exchange Act in 2026.Photo by M.S. Meeuwesen on UnsplashFrom payment to investment productCurrently, Japan’s Payment Services Act categorizes crypto assets as a means of settlement. That categorization looks at these assets from the perspective of a payment tool rather than considering them as investment products. The move is understood to be part of a broader effort to copper-fasten crypto sector oversight. Earlier this month, the Japanese cabinet approved a proposal that seeks to amend the Payment Services Act.  At the time, it had been suggested that the amendment would look to exclude crypto assets from being classified as securities, while also bringing about a reduction in the capital gains tax rate as it is applied to digital assets. It’s likely that crypto assets will find themselves in a distinct category, apart from securities like stocks and bonds. Crypto adoptionActivity related to crypto assets has been growing in Japan. 7.34 million active accounts were found to be responsible for crypto transactions in Japan in January. That amounts to a tripling in such crypto transaction activity over the course of five years. Japan enjoyed greater adoption at a very early stage in the global development of crypto. However, following the Mt. Gox crypto exchange collapse in 2014, which at the time accounted for the loss of 7% of Bitcoin’s supply, regulators responded by clamping down on the sector.  That situation led to greater investor protection for Japanese investors but it presented as a difficulty for Japan-based exchanges to compete globally with other exchange businesses overseas. A conservative stance taken by the FSA has also held back crypto exchange-traded fund (ETF) approval and adoption. Bitcoin ETFs were approved in the United States over a year ago. Earlier this month, Astar Network founder Sota Watanabe outlined that the current ruling party in Japan plans to remove crypto assets from a securities classification, alongside other changes which could potentially lead to the approval of crypto ETFs. The Liberal Democratic Party has also put forward crypto tax reforms that, if implemented, would see a 20% tax rate brought into effect where capital gains on digital assets are concerned.The finer detail with regard to the nature of insider trading restrictions as they will be applied to crypto assets has yet to be revealed. Nikkei speculated that such restrictions would likely be similar to those applied to conventional financial products. Last week, the Asia Web3 Alliance Japan, a crypto advocacy group, put forward a proposal to the U.S. Securities and Exchange Commission (SEC) that, if implemented, would see collaboration between the U.S. regulator and Japan’s FSA, its central bank and the Ministry of Economy, Trade and Industry. The objective of the proposal is to bring about cross-border regulatory clarity related to the further development of the Web3 ecosystem in both Japan and the U.S.

news
Policy & Regulation·

Aug 22, 2023

China Furthers Efforts to Shape the Metaverse

China Furthers Efforts to Shape the MetaverseFindings by US political media outlet POLITICO suggest that Chinese authorities and state-owned companies are seeking to mold the metaverse in line with existing systems in China such as the country’s social credit scoring system.The concept of the metaverse entails a network of interconnected immersive virtual worlds powered by virtual reality, augmented reality, and simulations. Development in this area is centered around applications such as online gaming and virtual events.Photo by Hanson Lu on UnsplashDigital Identity SystemIn a report published on Sunday, POLITICO referenced recently drafted proposals put forward by China Mobile, a state-owned telecoms operator. The proposals outline a “Digital Identity System” for users within online virtual worlds and metaverses.These proposals recommend the use of “natural characteristics” and “social characteristics” within digital IDs, encompassing personal data such as occupation, “identifiable signs,” and other attributes. Moreover, they suggest storing this information “permanently” and sharing it with law enforcement to ensure order and safety within the virtual realm.Setting agreed benchmarks for emerging techThe proposals present a hypothetical scenario involving a disruptive user named Tom, who causes turmoil in the metaverse. The digital identity system, according to these proposals, would facilitate prompt identification and punishment by law enforcement.These discussions are occurring within the framework of the International Telecommunication Union (ITU), a United Nations (UN) agency responsible for establishing global technology standards. This strategy echoes China’s endeavor to set worldwide benchmarks for emerging technologies.The ITU, as a UN agency, holds significant sway in defining global telecommunications and technology infrastructure standards. Given that the US and China have quite different outlooks when it comes to technology governance, particularly the future development of the internet and related technologies, the ITU has become a means through which common ground can be found and differences resolved.Upcoming vote on proposalsChina Mobile’s proposals, presented during the ITU’s metaverse focus group meeting, are poised to be voted on during the next meeting in October in Geneva. The company is the largest mobile operator by subscriber base. Demonstrative of ongoing tensions that exist between the US and China, the company was delisted from the New York Stock Exchange in 2021 following a US executive order.Chinese organizations are reportedly submitting more proposals than their Western counterparts, demonstrating that China is very much taking a lead in metaverse development. It’s evident that there is a clear strategy for China to establish itself in furthering this technology.In May, Alibaba Cloud, a subsidiary of Chinese e-commerce giant Alibaba Group, entered into a partnership with layer one blockchain Avalanche to better enable businesses to deploy metaverses. Around the same time, an administrative body within China’s Henan Province established a $22 million dollar investment fund, focused on financing metaverse-related ventures.Later that month, the city of Zhengzhou announced a set of policy proposals designed to support the growth and development of metaverse companies in the region.Within the Chinese autonomous territory of Hong Kong too, there has been plenty of metaverse-related activity. Metaverse start-up Artifact Labs completed a funding round with a view towards expanding its operations. The city is home to Animoca Brands, a prominent player in metaverse-related development.

news
Loading