Information Technology

Popular NFT marketplace OpenSea confirmed an outage that affected its API, causing problems for multiple sites that use it to display NFTs. On Thursday, several people took to social media to report issues with their NFTs displaying. MotherBoard was the first to report the outage.An OpenSea spokesperson said the outage occurred at 6:05am PT and by 8:30am PT, the outage was resolved. But their own status update page shows the outage lasted far longer, with programmatic access to the API being fully restored by about 3:30pm PT.OpenSea said the time discrepancy was because they kept their programmatic API disabled while monitoring their fix to ensure site reliability.OpenSea initially told ZDNet that their platform team was “immediately all hands on deck to identify and correct the issue.””We know how important a reliable site with minimal downtime is to our community, and are working quickly to address this area in a number of ways, including expanding our engineering team to more than 200 people by the end of this year, re-architecting OpenSea for scale, and reducing our customer support times significantly,” the OpenSea spokesperson said. The spokesperson added that the NFT ecosystem exploded last year and interest in NFTs skyrocketed. OpenSea’s transaction volume increased over 600x in 2021, according to the spokesperson, who added that the massive increase in user activity prompted “technical growing pains” as they tried to scale rapidly.

Data from tradingplatforms.com shows that NFT global sales surpassed the $4 billion mark over the last 30 days. OpenSea topped the sales charts, handling nearly 500,000 transactions that earned $3 billion in returns. The platforms transactions grew 20%.The OpenSea spokesperson pointed to a blog released two weeks ago from OpenSea CEO Devin Finzer that sought to address the site stability challenges that the platform has experienced over the last few months.”I recognize that the impact of OpenSea downtime is significant for many of you who depend on our platform. We take accountability for the recent instabilities – and I wanted to personally apologize, explain, and outline our plans to prevent this from affecting you in the future,” Finzer said.”Improving site reliability has been a priority for some time (in fact, it’s one of the focus areas I mentioned in our recent funding announcement). We were a team of just seven people at the start of 2021, and as NFTs took off last year, we had to scale fast. That kind of scale comes with growing pains, which many of you have experienced firsthand.”Finzer reiterated what the OpenSea spokesperson told ZDNet, pledging to build out the engineering team, rearchitect OpenSea and reduce customer support times. In October, security firm Check Point Research said that flaws in the OpenSea NFT marketplace could have allowed “hackers to hijack user accounts and steal entire crypto wallets of users, by sending malicious NFTs.”The outage on Thursday occurred on the same day that Twitter announced it would allow some users to use NFTs as their profile picture. More

Google is calling on lawmakers in the US and Europe to establish new rules for a secure data transfer framework.Kent Walker, President of Global Affairs and Chief Legal Officer at Google, published a blog post on Wednesday about the current data framework that is causing issues between the US and the European Union.

The General Data Protection Regulation (GDPR) went into effect in 2018 as a data privacy law to provide more privacy for citizens, deliver a better understanding of their rights when handing over personal data, and encourage organizations to take more precautions when handling information.Under the terms of the GDPR, organizations must ensure that personal data is gathered legally and under strict conditions. In addition, those who collect and manage data must protect it from misuse or exploitation and respect the rights of data owners — or else face penalties.The issues between US tech companies and the GDPR have been ongoing. Last week, the Austrian Data Protection Authority (DSB) decided that a local Austrian website breached the GDPR by using Google Analytics. The DSB said that Google Analytics did not provide an adequate level of protection for users’ data.This isn’t the first time Google has been in hot water over the GDPR. In 2019, the French data protection authority, CNIL, issued a fine to Google. CNIL alleged that the tech giant was breaking the rules around transparency when processing people’s data for advertising purposes.Google’s current stance is clear: It wants more transparency between the US and the EU in regards to the GDPR. “A durable framework — one that provides stability for companies offering valuable services in Europe — will help everyone, at a critical moment for our economies,” Walker wrote. 

Walker warned that if a framework is not created and data flows become blocked, it would “highlight the lack of legal stability for international data flows facing the entire European and American business ecosystem.” More

Even if you’re not a frequent flyer, you’ve probably heard that the Federal Aviation Administration (FAA) and numerous airlines are claiming that AT&T and Verizon Wireless’s recently approved C-Band 5G will dangerously interfere with airplanes take offs and landings.Will this new 5G be dangerous? Can a 5G call knock a plane out of the sky? Here’s what we know:

What kind of 5G is potentially dangerous?

There are three basic kinds of 5G: Millimeter wave (mmWave): Very fast, up to 1 Gigabit per second (Gbps), but has an extremely short range.Midband: Has speeds around 100 Megabit per second (Mbps) and 4G range.Lowband: Only comes with speeds around 20Mbps, but it has a range of dozens of miles. What has the FAA and the airlines worried is a new midband variation: C-Band 5G.The chunk of spectrum known as C-Band lies between 3.7 GHz and 4.2 GHz and it’s capable of speeds in the 200-800Mbps range. In the past, it was used for satellite video providers and satellite phone services. AT&T and Verizon bought up the bulk of this spectrum for a combined $68 billion. You don’t spend that kind of money unless you plan on using it. Quick Note: There’s no evidence behind the rumors that other kinds of 5G cause health problems.

What’s the problem with C-Band 5G and airplanes?

The FAA has warned airlines that these signals could interfere with some altimeters that pilots use to land in conditions with low visibility. According to a report from the Radio Technical Commission for Aeronautics (RTCA) — a technical non-profit used by government and industry regulatory authorities — “this frequency band may introduce harmful radio frequency (RF) interference to radar altimeters currently operating in the globally-allocated 4.2–4.4 GHz aeronautical band. Radar altimeters are deployed on tens of thousands of … aircraft …  to support several critical safety-of-life aircraft functions throughout multiple phases of flight.”The specific concern is that the altimeters’ radios may not filter out signals lapping over from another part of the spectrum, aka spurious emissions. In short, interference from C-Band 5G will keep the altimeters from working properly. Shrihari Pandit, co-founder and CEO of NYC-based internet provider Stealth Communications, said, “Both smaller and older aircraft don’t have a filter in place that would allow them to only receive signals designated to their systems.” Pandit continued, “Radar Altimeters are allocated 4.2 to 4.4 GHz, and are based on a radar modulation known as Linear Frequency Modulation… Unfortunately, most altimeters in the field do not use a crystal oscillator to stabilize the signal, thus altimeter signals may drift outside or to the edges of the 4.2 and 4.4 GHz band.” This, combined with the altimeters’ high receiver sensitivity, means they’re all too susceptible to interference. Making matters even worse is there are no, I repeat no technical standards for altimeters. The FAA said in a Special Airworthiness Bulletin that airlines and pilots must “be prepared for the possibility that interference from 5G transmitters and other technology could cause certain safety equipment to malfunction.” Such “5G interference with the aircraft’s radio altimeter could prevent engine and braking systems from transitioning to landing mode, which could prevent an aircraft from stopping on the runway.”This is a huge deal. The RTCA warns, “Radar altimeters are the only sensor onboard a civil aircraft which provides a direct measurement of the clearance height of the aircraft over the terrain or other obstacles, and failures of these sensors can therefore lead to incidents with catastrophic results resulting in multiple fatalities.”However, not everyone agrees with this worst-case assessment.

Is it really that bad?

The Federal Communications Commission (FCC) concluded in 2020 that studies warning of this danger did “not demonstrate that harmful interference would likely result under reasonable scenarios” or even “reasonably ‘foreseeable’ scenarios.”Tom Wheeler, a visiting Brookings Institution fellow and former FCC head, said in a paper that he doesn’t think there’s a real technical problem (the paper bears the rather alarming title, “Will 5G mean airplanes falling from the sky?”).The long-term answer to this problem is to “improve the resilience of future radar altimeter designs to RF interference.” In the meantime, Wheeler pointed out, “The FCC created a guard band between the 5G spectrum and the avionics spectrum in which 5G was forbidden. Boeing, in a filing with the FCC, had proposed just such a solution. The Boeing proposal was to prohibit 5G ‘within the 4.1-4.2 GHz portion of the band.’ The FCC agreed and then doubled the size of Boeing’s proposed guard band to a 220 MHz interference buffer between the upper 5G usage at 3.98 GHz, and avionics usage at 4.2 GHz.”That’s all well and good, but the FAA and major US and international airlines aren’t buying it.

What are airlines doing now?

On Monday, the major airlines warned that operating commercial networks on C-Band 5G could cause a “catastrophic” aviation crisis. Specifically, it could render many widebody aircraft unusable, “could potentially strand tens of thousands of Americans overseas,” and could cause “chaos” for US flights.Numerous international airlines are no longer flying their full scheduled US flights, including Emirates, Japan Airlines, British Airways, Singapore Airlines, Korean Air, and Air India. Some are canceling flights altogether, while others are switching out planes.As Emirates President Tim Clark told CNN, the airline was not aware of potential 5G rollout problems until the last minute. He called the C-Band 5G situation “one of the most delinquent, utterly irresponsible” he had ever seen.

How was Europe able to deploy C-Band 5G without any trouble?

US C-Band spectrum and European C-Band spectrum are not the same thing. In the EU, C-Band 5G works in the spectrum 3.4 to 3.8 GHz range. This is further away from the radar altimeters’ spectrum, which lies between 4.2 and 4.4 GHz.

Which planes are safe and which aren’t?

According to the FAA, some Boeing 717, 737, 747, 757, 767, 777, MD-10/-11, and Airbus A300, A310, A319, A320, A330, A340, A350, and A380 models use one of five approved safe altimeters. At first, 777s were not considered safe, and many flights using this plane have been canceled. Now, 777 flights are back on schedule. On the other hand, the FAA warns that Boeing 787-8, 787-9, and 787-10 airplanes’ altimeters may not be safe when exposed to C-Band 5G. Without going into any more detail, however, the FAA warned yesterday that only about 62% of the US commercial airplanes are safe to perform low-visibility landings at airports where C-band 5G has been deployed.Faye Malarkey Black, head of the Regional Airline Association (which represents smaller, regional airlines) tweeted that “0% of the regional airline fleet has been cleared to perform low visibility landings at #5G impacted airports if/when weather drops below minimums. Today’s fair weather is saving rural America from severe air service disruption.”The FAA claims it is “reviewing testing data for altimeters used in regional jets.”

Which airports are safe?

The FAA reports originally agreed to delay C-Band 5G deployments near 50 airports. Following an outcry from several major US airlines and aircraft manufacturers, resulting in a joint letter being sent to multiple government agencies, both AT&T and Verizon agreed to hold off on launching their C-Band services within two miles of any US airports at all. This means that all US air travel hubs should be technically safe. However, that hasn’t stopped some disruptions from occurring anyway, as mentioned above.

When will C-Band 5G be deployed near airports?

After many delays, C-Band 5G no longer has a scheduled deployment date anywhere near airports in the US. Both AT&T and Verizon agreed to the aforementioned last-minute delays of their planned 5G C-Band rollouts within two miles of airports. Although both carriers quickly offered new launch dates during previous delays, the pair now seems to be taking a “wait and see” approach. Given the secondary and tertiary launch dates that both telecom companies have already had to postpone, it’s understandable they wouldn’t want to make yet another commitment that they’ll end up having to plug the plug on at the last minute, if this conflict between regulators can’t be settled. 

How did we ever get to a point where the FAA and the FCC were so completely disconnected from each other?

Washington Post columnist David Von Drehle puts the blame squarely on the FAA. “5G — the long-promised next step in cellular technology. … wasn’t a secret. … Yet it seems to have caught the FAA by surprise. … Various compromises and delays [have been] offered by the wireless industry — all met with last-minute panic-mongering by the FAA.Wheeler, however, puts the blame squarely on former President Donald Trump’s administration for neglecting the problem. Wheeler said:The Department of Commerce’s National Telecommunications and Information Administration (NTIA) is supposed to be the telecommunications advisor to the president. It was NTIA that was tasked with developing the national spectrum plan that never was. Unfortunately, and reportedly as a consequence of a spectrum dispute, the NTIA head was axed and the agency remained without a permanent leader for the last 20 months of the Trump administration.The consequence of this absence in both framework and leadership meant there was no underlying rationale nor consistent team to adjudicate among the various spectrum claimants. This left government agencies free to advocate their own spectrum policies. In such a situation, it is only natural that the individual agencies would retreat into their comfort zones and view spectrum only within their parochial interests.

Where do we go from here?

According to President Joe Biden in a January 19th press conference, “I’ve … pushed as hard as I can to have 5G folks hold up and abide by what was being requested by the airlines until they could more modernize over the years so that 5G would not interfere with the potential of the landing.  So, any tower — any 5G tower within a certain number of miles from the airport should not be operative.”In a statement, Biden added, “My team has been engaging non-stop with the wireless carriers, airlines, and aviation equipment manufacturers to chart a path forward for 5G deployment and aviation to safely co-exist – and, at my direction, they will continue to do so until we close the remaining gap and reach a permanent, workable solution around these key airports.”And when will that be? We simply don’t know. 

Related Stories: More

The US Treasury Department announced sanctions against four Ukrainians accused of helping further Russian attempts to destabilize Ukraine and build support for an eventual invasion. The US claimed Russia “has directed its intelligence services to recruit current and former Ukrainian government officials to prepare to take over the government of Ukraine and to control Ukraine’s critical infrastructure with an occupying Russian force.” 

The Treasury Department’s Office of Foreign Assets Control (OFAC) issued sanctions against Taras Kozak, Oleh Voloshyn, Volodymyr Oliynyk,m and Vladimir Sivkovich — four current and former Ukrainian officials the US said were involved in efforts to gather information and spread disinformation. Kozak and Voloshyn are both current members of the Ukrainian Parliament and Oliynyk is a former government official who fled to Russia. Sivkovich is the former Deputy Secretary of the Ukrainian National Security and Defense Council.The sanctions mean any US property owned by the four is blocked and must be reported to OFAC. The four are also blocked from doing business in the US. The US worked with Ukrainian government officials on the sanctions. “The United States is taking action to expose and counter Russia’s dangerous and threatening campaign of influence and disinformation in Ukraine,” said Deputy Secretary of the Treasury Wally Adeyemo. “We are committed to taking steps to hold Russia accountable for their destabilizing actions.”

Kozak, Voloshyn, Oliynyk, and Sivkovich are accused of working with Russia’s Federal Security Service (FSB) on efforts to influence public opinion and create a climate in Ukraine that would make it easier for a new Russian-controlled government to operate and manage Ukraine’s critical infrastructure using an occupying Russian force. Both Kozak and Voloshyn are part of a political party led by Victor Medvedchuk, who has previously been sanctioned by the US for alleged efforts to destabilize Ukraine in 2014. Medvedchuk is closely tied to the Russian government, according to the Treasury Department. Also: Ukraine says 70 state websites were defaced, 10 were subjected to ‘unauthorized interference’Kozak manages a number of news outlets in Ukraine, and the Treasury Department noted that he was also involved in spreading misinformation about the 2020 US election in coordination with the FSB. Voloshyn has close ties to Konstantin Kilimnik, who was previously sanctioned by the US for his role in spreading misinformation about the 2020 US presidential election. Oliynyk is accused of helping the FSB gather information about Ukrainian critical infrastructure, and he currently lives in Moscow. According to the Treasury Department, Sivkovich worked with the FSB on a plot to “build support for Ukraine to officially cede Crimea to Russia in exchange for a drawdown of Russian-backed forces in the Donbas.” The US noted that the sanctions are only one part of the US effort to “inflict significant costs on the Russian economy and financial system if it were to further invade Ukraine.” The sanctions come one day after US President Joe Biden warned that there would be a response to the website defacements and cyberattacks conducted against Ukrainian government systems. “The overall strategy is designed to pull Ukraine into Russia’s orbit by thwarting Ukraine’s efforts at Western integration, especially with the European Union (EU) and North Atlantic Treaty Organization (NATO),” the Treasury Department added.

Government

“[Russia] has focused on disrupting one critical infrastructure sector in particular: Ukraine’s energy sector. Russia has also degraded Ukraine’s access to energy products in the middle of winter. Acting through Russia’s state-owned gas company Gazprom, Russia has repeatedly disrupted supplies to Ukraine — a vital transshipment country with pipelines to other European countries — due to purported disputes over gas pricing.”LogPoint CTO Christian Have, who previously served as head of network security for the Danish National Police, told ZDNet that the recent cyberattacks against Ukraine were disruptive but not destructive to critical infrastructure or defense operations.He called equating the recent cyberattacks to cyber warfare or advanced attacks “foolish” because no government services were disrupted. But the attacks, from a Russian perspective, were effective because they are a relatively low-cost, low-harm measure that would not provoke a harsh response yet would still send a clear signal about Russia’s cyber capabilities.The attacks also put pressure on Ukraine to reach a new settlement in the ongoing political talks, he added.But Have noted that the recent attacks could be a cover-up for something else, like credential harvesting in preparation for a bigger attack later. He theorized that the attackers may have been harvesting login details and then defaced the websites when the operational objective was reached. “This is a tactic that has been used by Belarusian threat actors, that are suspected for involvement in the Ukraine attacks. They have previously used credential harvesting domains attempting to spoof legitimate webmail providers, generic login pages, and the legitimate websites of their targets,” Have said. “While the origin of the attacks is still not determined, Russia’s cyber capabilities are well-established.” More

More than half of the connected medical devices in hospitals pose security threats due to critical vulnerabilities that could potentially compromise patient care. 

According to the 2022 State of Healthcare IoT Device Security Report from Cynerio, 53% of internet-connected medical devices analyzed were found to have a known vulnerability, while one-third of bedside devices were identified to have a critical risk. Cynerio analyzed over 10 million medical devices at more than 300 global hospitals and medical facilities.    The report warns that if these medical devices were to be accessed by hackers, it would impact service availability, data confidentiality, and even patient safety.  “Healthcare is a top target for cyberattacks, and even with continued investments in cybersecurity, critical vulnerabilities remain in many of the medical devices hospitals rely on for patient care,” said Daniel Brodie, the CTO, and co-founder, Cynerio, in a statement. “Hospitals and health systems don’t need more data — they need advanced solutions that mitigate risks and empower them to fight back against cyberattacks, and as medical device security providers, it’s time for all of us to step up. With the first ransomware-related fatalities reported last year, it could mean life or death.”  Out of all the medical devices, the report found that infusion (IV) pumps are the most common device with some type of vulnerability at 73%, especially since they make up 38% of a hospital’s IoT. If attackers were to hack into an IV pump, it would directly affect the patients since the pumps are connected. Some of the causes of these vulnerabilities result from relatively simple things, such as outdated programs. For example, the report found that most medical IoT devices were running older Windows versions, specifically, older than Windows 10. In addition, default passwords that are the same throughout an organization are common risks, especially since these weak default credentials secure about 21% of devices. Healthcare has become the number one target for cybercriminals in recent years, primarily due to outdated systems and not enough cybersecurity protocols. More than 93% of healthcare organizations experienced some type of data breach between 2016-2019. 

Just last month, Maryland’s Department of Health experienced a ransomware attack that affected the department for weeks. The attack left the department scrambling since it could not release COVID-19 case rates amid the Omicron surge, and the number of COVID-19 deaths were not reported in the state for almost all of December.  Cynerio notes that the solution to mitigating these vulnerabilities to reduce ransomware attacks is network segmentation. By dividing up a hospital’s network, more than 90% of critical risks in medical devices would be addressed. More

The US government has urged organizations to shore up defenses “now” in response to website defacements and destructive malware targeting Ukraine government websites and IT systems. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new ‘CISA Insights’ document aimed at all US organizations, not just critical infrastructure operators. The checklist of actions is CISA’s response to this week’s cyberattacks on Ukraine’s systems and websites, which the country’s officials have blamed on hackers linked to Russian intelligence services. Ukraine officials also told media that dozens of systems in at least two government agencies were wiped during an attack last week. The use of destructive malware is reminiscent of NotPetya in 2017, which was effectively ransomware that lacked a recovery mechanism. It hit several global businesses, most notably shipping giant Maersk which needed to overhaul 45,000 desktops and 4,000 servers, although the actual target was probably businesses in Ukraine. Many NotPetya victims were infected through a hacked update for a Ukrainian software accounting package.”The identification of destructive malware is particularly alarming given that similar malware has been deployed in the past—e.g., NotPetya and WannaCry ransomware—to cause significant, widespread damage to critical infrastructure,” CISA notes in the Insights document. Prior to the latest cyberattacks on Ukraine, CISA published an advisory aimed primarily at US critical infrastructure operators detailing recent Russian state-sponsored hacker tactics, techniques, and attacks on enterprise systems such as VPNs, Microsoft Exchange, VMware, Oracle software. It also spotlighted destructive attacks on operational technology (OT)/industrial control systems (ICS) networks in the US and Ukraine.  The new CISA document stresses that “senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise.” It added “If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.”

Microsoft on Saturday said it had found destructive malware on dozens of systems at government, non-profit and IT organizations, all located in Ukraine. The malware displays a ransom demand but this is just a ruse, as it overwrites the Windows Master Boot Records (MBR) and lacks a recovery mechanism, according to Microsoft.   Multi-factor authentication is central to CISA’s recommendations. It should be used by all organizations for network and systems that require privileged or admin access. The other is patching systems with available updates. Also, organizations should disable all non-essential ports and protocols, implement controls for using cloud services, and conduct vulnerability scanning. CISA also recommends preparing a crisis-response team, developing response plans and nominating key personal, and practicing incident response. To build resilience to destructive malware, CISA urges everyone to test backup procedures, ensure backups are isolated from network connections, and ensure that critical data can be rapidly restored. Organizations with ICS or OT systems should endure critical functions remain operable in a network outage.     More

A rise in cheap, easy-to-use malware means it’s easier than ever for cyber criminals to steal cryptocurrency. Cryptocurrency has long been a popular target for organised cyber criminals, whether they’re stealing it outright from cryptocurrency exchanges, or demanding it as an extortion payment in ransomware attacks. But the growing value of cryptocurrency means it has quickly become a key target for cyber criminals and they’re increasingly launching attacks which aim to steal cryptocurrency from the wallets of individual users. Research by Chainalysis warns that cryptocurrency users are increasingly under threat from malware including information stealers, clippers – which allow attackers to replace text the user has copied, redirecting cryptocurrency to their own wallets – and trojans, all of which can be purchased for what’s described as “relatively little money” on cyber criminal forums. For example, a form of info stealer malware called Redline is advertised on Russian cyber crime forums at $150 for a month’s subscription or $800 for ‘lifetime’ access. For a cyber criminal looking to steal cryptocurrency, it’s sadly highly likely they’ll make back the money paid for the malware within a handful of attacks. The illicit service also provides users with a tool which allows attackers to encrypt the malware so it’s more difficult for anti-virus software to detect, increasingly the likelihood of attacks successfully stealing cryptocurrency from compromised victims. “The proliferation of cheap access to malware families like Redline means that even relatively low-skilled cybercriminals can use them to steal cryptocurrency,” warns the report. 

Overall, the malware families in the report have received 5,974 transfers from victims in 2021, up from 5,449 in 2020 – although that’s down significantly on 2019 which saw more that 7,000 transfers.SEE: A winning strategy for cybersecurity (ZDNet special report)But Redline is just one example of malware being designed to steal cryptocurrency and there’s a growing market in this space. Of the incidents tracked, Crypobot, an infostealer was the most prolific theft of cryptocurrency wallets and account credentials, stealing almost half a million dollars in cryptocurrency in 2021.  In addition to this, success in stealing cryptocurrency from users could easily push more ambitious cyber criminals to target organisations and even cryptocurrency exchanges, meaning that the threat of cyber criminals targeting crypto wallets and credentials is something organisations need to consider. “The cybersecurity industry has been dealing with malware for years, but the usage of these malicious programs to steal cryptocurrency means cybersecurity teams need new tools in their toolbox,” says the blog post. “Likewise, cryptocurrency compliance teams already well-versed in blockchain analysis must educate themselves on malware in order to ensure these threat actors aren’t taking advantage of their platforms to launder stolen cryptocurrency,” it said. MORE ON CYBERSECURITY More

A vulnerability in Multichain systems has led to the theft of at least $3 million, reports suggest. 

Multichain, previously known as Anyswap, is a cross-blockchain router protocol designed to allow users to swap and exchange digital tokens across chains while reducing fees and streamlining the overall process. However, chaos now reigns in the ecosystem due to a cybersecurity incident caused by a vulnerability in the network, as first reported by Vice.  Dedaub reported the vulnerability to Multichain. The company said in a blog post dated January 17 that the critical flaw impacted WETH, PERI, OMT, WBNB, MATIC, and AVAX swaps, but assured users at the time that “all assets on both V2 Bridge and V3 Router are safe [and] all cross-chain transactions can be done safely as usual.” In the same breath, the company urged users to log in to their accounts and remove any approvals relating to these tokens as quickly as possible or funds could be at risk.  Technical details of the vulnerability are yet to be disclosed.  On Wednesday, Multichain said that users who had not revoked WETH approval had been exploited. 

“Please do not transfer any of these six tokens to your accounts before revoking, otherwise, your wallets are in danger still,” the organization said. “The hack is contained for now. However, users still have to revoke the approvals for those six tokens (WETH, PERI, OMT, WBNB, MATIC, AVAX) to avoid a future attack.” The messaging has caused confusion and despite the approval issue and lost funds, Multichain says that bridging can take place “as usual.” Losses were originally estimated to be in the range of $1.4 million. Co-founder of ZenGo Tal Be’ery said on Wednesday that the total stolen amount has likely surpassed $3 million.  One of the victims who lost approximately $1 million in tokens attempted to negotiate with a thief who posted an on-chain ‘ransom’ note. In an update Thursday morning, Be’ery noted that negotiation has now taken place, with the attacker returning the funds – minus a $150,000 “tip.” Dedaub will be publishing an advisory on the vulnerability in the future.In related news this week, cryptocurrency exchange crypto.com CEO Kris Marszalek said that a cyberattack that occurred last week impacted 400 users. The company has not disclosed how much was stolen but did say that clients were reimbursed on the same day.  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More