NEM Gives Up Chase for $500M USD in Stolen Coins

For no apparent reason NEM has given up the chase for these coins.  In all fairness I don’t think it was ever their issue, the stolen coins were the fault of the Coincheck Exchange’s security and not due to any flaw in the NEM client or network side.  Of course naturally they were interested but one bold prediction is that “hackers would not be able to launder the coins due to lack of liquidity”.  I am not sure if the NEM developers really believed that or if they thought heat on the exchanges would dissuade or slow the thieves down.  I suspect they exchanged the NEM for other coins and then sold them back again clean through multiple exchanges.

I would say this isn’t bad for cryptocurrency because bank heists occur each day and nothing stops one from spending or exchanging the money in real life.  It’s really no different than the initial fears of “e-commerce sites were hacked” just as real life stores have theft and holdups everyday.  It is just a matter of mitigation whether physical or virtual.

But with that aside NEM clearly said they were ending the chase and wouldn’t say much more due to the “sensitivity of the investigation”.  This is something I find a little strange, is it that they did find something but the authorities have forbidden them from disclosing it?

Was this an inside job on the part of Coincheck in Japan or was it something else explosive that they found?  Could it have been a rival currency, bankers or government behind the hack?  Anything is possible and speculation will rightfully run abound until more details emerge.

Ledger Nano S Bitcoin Altcoin Hardware Wallet Hacked By Teenager

I have warned for awhile about these hardware wallets.  I’ve never trusted them as you truly don’t know what is in the hardware or firmware and if it could be extremely vulnerable.  As bad as it sounds a traditional, secure PC is still the safer way to handle your cryptocurrency.

A teenager stumbled upon a vulnerability by noting the CPU that controls the private keys cannot differentiate between authentic or user made firmware.  This CPU is used to transmit data including keys.  Without much effort he was able to compromise this supposedly secure hardware wallet.

On top of that it looks like Ledger tried to downplay the issue and brush off the teenager who warned them of the vulnerability.  In all fairness physical is required but that’s not good, you shouldn’t worry that if your hardware wallet is found that someone could easily extract your private keys and coins from it!

They’ve also recently admitted another vulnerability exists where attackers could trick users to send out their funds to hackers.

For this reason I still don’t recommend hardware wallets, you are much safer on a secure computer.