Flybit’s Bug Bounty Program to Strengthen Its Crypto Exchange Security

CarrieVerse token CVTX listed on BitgetWeb3 metaverse and NFT platform CarrieVerse’s governance token CVTX will be listed on global cryptocurrency exchange Bitget on Dec. 13, according to an article published by South Korean news outlet Money Today. This is the eighth exchange listing for the altcoin, following Gate.io, GOPAX, BingX and more. This comes as part of the platform’s efforts to expand its Web3 ecosystem.Photo by Maxim Hopman on UnsplashCVTX’s versatilityBuilt on Polygon, CVTX is integrated into the tokenomics ecosystem of CarrieVerse and its card strategy role-playing game (RPG) SuperKola Tactics. It is also the governance token for the CarrieVerse blockchain gaming platform Cling. CVTX can be traded for USDT on all of the exchanges it is listed on except for GOPAX, which offers a CVTX/KRW pair. KRW stands for Korean won.Global expansionLast month, CarrieVerse also joined the Dubai Multi Commodities Centre (DMCC), the UAE’s largest free-trade zone for blockchain and crypto companies, as a metaverse service provider. The platform has received approval to set up a local subsidiary there, which will serve as a base to expand its ecosystem, particularly in the Middle East and North Africa (MENA) region.“The market value of CarrieVerse and CVTX is expected to significantly increase once the platform is released in target regions. This will serve as a foundation for more listings on major domestic and international exchanges,” the company said, adding that its number of daily active users has exceeded 5,000.Bitget’s substantial presenceBitget is a cryptocurrency derivatives exchange registered in Seychelles, with global offices in Japan, South Korea, Canada and more. As one of the top ten derivatives exchanges in the world according to CoinMarketCap, Bitget handles over five million users and more than 500 cryptocurrencies. It is also registered on South Korea’s two largest exchanges, Upbit and Bithumb, as a market that facilitates deposits and withdrawals after the implementation of the crypto Travel Rule. The Travel Rule, enforced by the intergovernmental Financial Action Task Force, states that VASPs must share personal information about customers when facilitating crypto transactions that exceed a certain amount as a means of preventing related crimes.

Ripple Labs, the American technology company that developed and supports XRP and the XRP Ledger (XRPL), has partnered with Japan’s Web3 Salon initiative, while in a separate development, the company is also funding crypto-related academic research within the Asia-Pacific (APAC) region.Photo by Moose Photos on PexelsDriving Web3 adoption in JapanIn a statement published to its website on June 9, the company outlined that it has partnered with Japan’s Web3 Salon project, a Web3 initiative with the objective of educating businesses and developers, nurturing blockchain startups and driving Web3 adoption through the provision of startup incubator programs and running hackathons and workshops.One of Japan’s most active Web3 projects, Web3 Salon has the backing of the Japan External Trade Organization (JETRO). The project has also collaborated with a range of Japanese Web3 startups, Asia Web3 Alliance Japan (AWAJ), institutional investors and venture capital firms, as well as a number of key industry stakeholders. Grant fundingAs part of its involvement in this collaboration, Ripple will provide grant funding of up to $200,000 to Japanese startups who have developed their projects on XRPL. Ripple’s grant funding forms part of its broader initiative to finance XRPL-related startups in Japan and Korea. Earlier this month, it confirmed that it had established the XRPL Japan and Korea Fund for this purpose.  At a broader level still, Ripple said that this latest funding commitment also falls under its one billion XRP commitment. Back in 2022 the company committed one billion XRP to advance XRPL ecosystem projects. Christina Chan, Senior Director of Developer Growth at Ripple, commented on the development, stating:“Ripple is proud to collaborate with Web3 Salon to unlock new opportunities in Japan’s thriving startup ecosystem. Together, we hope to fuel innovation and support the next generation of leaders.” Supporting APAC university researchIn a separate blog post published to its website on June 10, Ripple outlined that it was committing $5 million in funding within the APAC region as part of its University Blockchain Research Initiative (UBRI). The funding will cover blockchain-related academic research projects in Japan, South Korea, Singapore, Taiwan and Australia. $1.1 million has been allocated to South Korea’s Korea University in funding that will be released over a six-year period. The funding builds on another relationship that had already been established with Yonsei University via the UBRI in 2024. Equally, Japan’s Kyoto University had engaged with the UBRI last year. That support is now being renewed while funding is also being allocated to the University of Tokyo. The two institutions will be able to avail to funding in excess of $1.5 million.Other APAC region educational institutions to benefit include the National Kaohsiung University of Science and Technology (NKUST) in Taiwan, the National University of Singapore (NUS) and Nanyang Technological University (NTU) in Singapore and the Australian National University (ANU) in Australia.’An epicenter of digital finance’Ripple called APAC “an epicenter of digital finance.” Expanding further on that assertion, it stated that the region has shown “an appetite for experimentation and boasting thriving communities for builders.” Consequently, it views the APAC region as a leader in payment technologies and digital asset adoption.

Socket, a cross-chain infrastructure protocol, and its interoperability bridging platform, Bungee, have restarted operations following a temporary pause prompted by an exploit that led to the apparent theft of $3.3 million.Photo by Anna Tarazevich on PexelsSecurity incidentTaking to the company’s Discord, Socket team hospitality lead Taylor Melvin clarified that it had “experienced a security incident which affected wallets with infinite approvals to Socket contracts.” The incident, which occurred on Tuesday, involved an unknown attacker draining millions worth of stablecoins and other tokens from the Bungee bridging aggregator. The attackers targeted wallets with infinite approvals to Socket contracts, exploiting authorizations for blockchain-based tools that allow applications to access tokens in a user's wallet. Security researcher "@speekaway" was the first to flag the exploit on Tuesday. The attacker's wallet, connected to the exploit, held nearly $3 million in ether (ETH) and $300,000 worth of other tokens. By 2:47 p.m. ET, the attack seemed to have ceased, with the researcher recommending users to revoke approvals for Socket to safeguard their assets. Pausing contractsIn response to the security breach, Socket announced the pause of affected contracts on Tuesday at 3:15 p.m. ET. The project's team promptly identified and addressed the issue, taking swift action to mitigate the exploit's impact. @speekaway chimed back in once contracts had been paused, writing:”Think this pause fixed it, very likely no more attacks are possible. So if you are currently freaking out about revoking you can probably relax.” Normal service returnsAs Socket paused activity during the incident, preventing further propagation of the attack, developers worked to fix the issue. Early Wednesday, Socket developers announced that the problem had been resolved, and normal activities had resumed. The team also stated that plans for compensation were in progress. Cross-chain bridges, like Socket's Bungee, facilitate token transfers between different blockchains but remain susceptible to exploitation. Blockchain security and data analytics company PeckShield confirmed that at least $3.3 million had been lost, highlighting the need for enhanced security measures in the rapidly evolving blockchain ecosystem. The exploit involved the exploitation of a recently added route, which has since been disabled. The attacker targeted users who had over-approved Socket, draining funds up to the limit of their approval. This incident follows the $81 million hack of Orbit Chain, a cross-chain bridge connecting Ethereum to other networks, earlier in January. Cross-chain tools' complexity contributes to the frequency of such attacks, emphasizing the importance of understanding the security measures in place when utilizing these bridges. In a message to CoinDesk, Sergey Nazarov, co-founder of Chainlink, emphasized the need for users to scrutinize the security of their chosen bridge, considering the various levels of cross-chain security. With the complexities involved, users are encouraged to be vigilant and informed about the security spectrum of the bridges they employ. Socket was founded by Indian duo Rishabh Khurana and Vaibhav Chellani. In September, the company raised $5 million, with funding coming from Framework Ventures and Coinbase Ventures.