Shahar Madar, the head of security products at Fireblocks, spoke with Cointelegraph at the Israel Crypto Conference about the importance of security for Web3 startups. Madar emphasized that many startups prioritize growth over developing a security protocol, but this approach is not effective in a Web3 world with a focus on finance. He stressed the need for companies to have a security framework and to ask important questions about access control and infrastructure testing. Madar recommended that startups start small and imagine how they would hack themselves in order to create a game plan for security.
Welcome Back
Click “Sign in” to agree to Cointime’s Terms of Service and acknowledge that Cointime’s Privacy Policy applies to you.
Join CoinTime
Already have an account?
Click “page.Sign up” to agree to Cointime’s <a class="underline" href="#term-of-service">Terms of Service</a> and acknowledge that Cointime’s a class="underline" href="#privacy-policy">Privacy Policy</a> applies to you.
Sign in with email
Sign up with email
Your email
Check your inbox
Click the link we sent to to sign in.
Click the link we sent to to sign up.
Security Expert Advises Web3 Startups To Prioritize Security Protocols
-
Wechat scan to share
Recommended for you
-
SlowMist: Beware of fake on-chain news impersonating Coinbase officials
The SlowMist security team recently detected a suspicious behavior that appeared to be disguised as the official Coinbase address (0xcd53b841ffa2afba778d03ef928cfe864accca7b). The address attempted to send false messages to users who extracted large amounts of assets from Coinbase Prime through on-chain shouting. The shouting claimed that "due to operational errors during the transaction, users need to return all funds transferred through ETH due to errors, otherwise law enforcement agencies will be contacted." We advise all users to be wary of such phishing behavior and to verify transfer information as much as possible before executing transfer operations to avoid unnecessary asset losses. -
ALEX releases security incident update: The attacker's on-chain balance is approximately 5.56 million STX
On June 17th, Bitcoin DeFi platform ALEX Lab released a security incident update. As of 11am on June 17th, the attacker had broadcasted over 9700 transactions, involving the creation of new wallet addresses and dispersing STX balances on the chain to these new wallets. The number of trackable transactions began to exponentially grow from 300 to over 9600 and has been accelerating without any signs of stopping. This also means that the attacker's independent address count has increased from less than 100 to over 4700 in 7 days. -
ZachXBT: Scammers are impersonating a16z team members in social engineering attacks
ZachXBT posted on social media that his fans fell victim to a social engineering attack by someone posing as a member of the a16z team, resulting in a loss of $245,000 after inadvertently downloading malicious software onto their computers.The fraudsters claimed to be Peter Lauten of the a16z team and sent messages to a project team enquiring about potential podcast collaborations.The real Peter Lauten had previously changed his X (Twitter) handle from "peter_lauten" to "lauten," but a16z's website still lists his old handle, and several posts from the a16z X account also @'d his old username. The victims were unaware of this and were subsequently targeted in a social engineering attack, which installed a fake conference app called "Vortax" on their devices, which was actually malicious software. -
UK FCA issues urgent warning to cryptocurrency investment firm Digital Assets Nest
According to Be In Crypto, the UK Financial Conduct Authority (FCA) issued an urgent warning to a cryptocurrency investment company called Digital Assets Nest. The company promoted financial services without proper authorization, posing risks to investors. FCA strongly advises investors to avoid contact with the company to prevent potential scams, and emphasizes that only transactions with authorized companies can ensure the protection of investors' rights. If trading is conducted with unauthorized companies such as Digital Assets Nest, investors will not be able to receive assistance from the Financial Ombudsman Service or enjoy the protection of the Financial Services Compensation Scheme (FSCS) in case of problems. -
Singapore's Cybersecurity Agency warns businesses of Bitcoin ransomware risks
Singaporean authorities, including the Singapore Cyber Security Agency, have issued a joint warning to remind local businesses of the increasing threat posed by the Akira ransomware variant. The warning states that the Akira ransomware has stolen $42 million from over 250 organizations in North America, Europe, and Australia in the past year, and is currently actively targeting Singaporean businesses. -
More than 32 million users lost more than $42 million to phishing scams in May
According to Scam Sniffer, in May of this year, more than 32,000 users lost over $42 million due to falling victim to online phishing scams. -
CoinGecko data breach, user accounts remain safe
CoinGecko announced that on June 5th, they detected unusual activity on the third-party email marketing platform, GetResponse. The attacker had breached a GetResponse employee's account, resulting in data leakage. The attacker exported 1,916,596 contacts from CoinGecko's GetResponse account and sent phishing emails to 23,723 emails from another GetResponse customer's account. CoinGecko stated that user accounts are still secure, passwords were not leaked, and they are currently reviewing security procedures while seeking to collaborate with vendors to strengthen security protocols. -
Crypto Companies Warn of Supply Chain Email Breach Attack Targeting Newsletter Vendors
Several cryptocurrency companies have reported an ongoing "supply chain email breach attack" that uses newsletter mailing lists to send malicious phishing links to users. The attack targeted an unnamed vendor that manages mailing lists for crypto companies, and it is currently unclear how much has been stolen. Bitfinex CTO Paolo Ardoino and CoinGecko founder Bobby Ong have confirmed the breach and warned users to be careful with email newsletters in the coming days. Phishing is a technique used by hackers to lure victims into clicking on malicious links, which can drain personal information or give attackers access to online crypto wallets. -
CoinGecko COO: Supply chain email breaches against email newsletter providers are currently underway, please be cautious with email newsletters
CoinGecko COO Bobby Ong stated on X platform that there is currently a supply chain email leak attack targeting email communication providers. Several cryptocurrency companies may be affected by email explosions from fake tokens. Please be cautious about email communication in the coming days. CoinGecko may also be potentially affected, and we are actively working with suppliers to conduct further investigations to determine the scope of this leak. We have already seen phishing emails from CoinGecko sent from other customer accounts. -
Tether CEO: It is confirmed that a mailing list provider has been hacked, please be wary of all airdrop-related emails
Tether CEO Paolo Ardoino stated that "we have received two independent confirmations that a well-known supplier commonly used by cryptocurrency companies to manage mailing lists may have been hacked. We will not disclose any names until the investigation is complete, but please be wary of all emails received regarding airdrops in the past 24 hours."
Daily Must-Read
-
OpenAI reportedly considering shift to for-profit as CEO stacks board
-
What are validiums, and how do they work?
-
Why is Bitcoin price down today?
-
Friend.tech's plan to develop own blockchain leaves users confused
-
Binance reaches 200M users with $100B in assets under custody
-
OpenAI launches official ChatGPT support for universities and nonprofits
All Comments