Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

Solana’s hack is one of the major events that happened this week. These are my additional comments.

According to a tweet on Solana account. “There is no evidence the Solana protocol or its cryptography was compromised.” I think we should not take this lightly. I would expect a full postmortem later this week to address to the attack.

The addresses that were affected by the attack were at one point created, imported or used in the Slope mobile applications. Private key information was also accidentally sent to an application monitoring service. I think a decentralized network should stay independent and operate purely by codes. This can help to reduce similar problems.

Whether it is a bridge exploit or supply chain attack, the root problem is still uncertain. I would suggest users to create a new wallet, move their funds over to the new wallet and delete the old ones. Users for the time being can also consider moving their funds to the more reputable centralized exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now.

I think the rest on the network should check on their codes and increase their security to prevent any other possible exploits that could happen. Never be too sure and let your guard down.

 

 

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

With reports indicating around 8,000 ‘hot’ wallets were compromised in the attack, experts advise investors to switch to hardware wallets for better security.

Close on the heels of cross-chain messaging platform Nomad being the target of a $200-million crypto heist, investors using ‘hot’ or internet-connected crypto wallets on the popular blockchain Solana were under attack from an unknown bad actor.

 

Over $8 million stolen from 8,000 investors

With crypto holdings worth over $8 million stolen from approximately 8,000 investors, this latest attack has raised many questions about the security offered by both the Solana network and ‘hot’ wallets that are quite popular with the average crypto investor.
While Solana’s official Twitter account was quick to clarify that the attack was not the result of any compromise in the network’s software, it added that its team of engineers is fervently working with security researchers and ecosystem teams to identify the root cause of this wallet hack.

Create new wallets, delete old ones

“While it is my opinion that a decentralised network should stay independent and operate purely by codes, I think the team at Solana should re-check all their partner systems and increase their security to prevent any other possible exploits. Investors ought to remain vigilant and take necessary precautions at their end,” he said.

“I would suggest users create a new wallet, move their funds over to the new wallet and delete the old ones. They can also consider moving their funds to the more reputable centralised exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now,” he added.

Preliminary investigations have revealed that this exploit was limited to just the Slope wallet on the Solana ecosystem, while hardware wallets used by Slope remained unscathed.

According to Solana, affected wallet addresses were at one point created, imported or used in Slope mobile wallet applications, and their private key information was transmitted to an application monitoring service.

 

Do not store private keys on computers

Commenting on the Solana network and the underlying sentiment, Lin, a senior analyst at Block Review, said according to his statistics, there were 10.5 percent negative sentiments for Solana in the last seven days, while Ethereum had around 6.2 percent and anything below 15 percent is still okay in his opinion.

“Coming back to the private keys that were compromised, I think any of this information should never be on any computer at any given time. This part should be taken care of and well audited by the wallet providers. Users, on the other hand, have to take extra care of their private keys and seed phrases,” Lin said.

Solana has already urged investors affected by the attack to abandon the affected wallets as they could still be compromised even after revoking wallet approvals.

While the exact modus operandi employed is still unknown, crypto industry leaders have highlighted that the suspect transactions were properly signed, further indicating that it could be a supply chain attack with a specific focus on Slope ‘hot’ wallet users.

 

Investors should opt for cold or hardware wallets   

Elaborating on how hackers can still steal from a compromised wallet, Raj Kapoor, founder of India Blockchain Alliance, said since private keys are stored in application and device wallets, hackers can access them and steal cryptocurrencies and that sums up the Solana hack.

“If your wallet has been compromised, it’s paramount that you transfer any existing funds from your compromised wallet to another wallet. Hackers will wipe your account of funds immediately, but if you’re lucky and they have not done this yet, it’s time for investors to take immediate action,” he added.

Since most hacks happen to hit “hot” wallets, investors should opt for cold or hardware wallets instead. While investors may need some of it online for transactions, they should keep what they need in the short term and store most of it offline.

A cold crypto wallet, which is similar in size to a USB device, holds a private key that can be used to access your funds. Investors can set their own private keys as well.

 

Use multi-factor authentication

Investors should also use multi-factor authentication (MFA) as this creates a layered defence on their account with independent credentials based on a password, security token, and/or biometrics.

Phishing is another danger and to prevent it, investors should never log in to their cryptocurrency exchange unless they are sure they are on the correct site.

 

Do not share information over texts, emails

Additionally, investors should not trust texts, emails or chats that ask for your personal information.

Avoiding public WiFi is also a great idea as is updating your software from time to time. Regularly changing the passwords is great as well. Change the password regularly and use a password manager like LastPass or 1Password.

 

‘Hot’ wallets are vulnerable

As Solana continues to work with Slope Finance in conjunction with their partners OtterSec and SlowMist to restore normalcy, this incident again serves to highlight the vulnerability of ‘hot’ wallets to cyberattacks, despite the faster transaction times offered by them.

Comprising the entire collection of web-based, mobile and desktop wallets available today, ‘hot’ wallets should be used in conjunction with ‘cold’ or hardware wallets to strike the perfect balance between speed, functionality and security.

For those actively trading in crypto tokens and other crypto assets, it is recommended to hold trading funds in a ‘hot’ wallet while the bulk of their crypto holdings remains secure in a ‘cold’ or hardware wallet.

Nearly impossible to hack hardware wallets

Since a user’s private keys never leave the device, stealing funds from a hardware wallet is an almost impossible task for malicious cyber entities. Ranging from 50 to a few hundred dollars, the security offered by these hardware wallets more than compensates for the one-time costs involved and is highly recommended for all crypto investors out there.

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j

China investors call it quits as Xi, ‘zero COVID’ sap confidence

China investors call it quits as Xi, ‘zero COVID’ sap confidence

Taipei, Taiwan – For months, Singaporean investor Anndy Lian has been selling off Chinese stocks to reduce his portfolio’s exposure to the world’s second-largest economy.

Once a regular investor in Chinese tech companies, Lian now views  China as an increasingly risky bet as the country’s autocratic turn under Xi Jinping and ongoing “zero COVID” lockdowns cast a cloud over the economy.

“I started gradually lowering my exposure since last year as that was when the downward trend became obvious, but I’ve increasingly sold off my holdings this year as things have gotten worse,” Lian told Al Jazeera,

“The instability is my biggest concern as an investor. The overall environment in China is uncertain right now, and it goes way beyond the financial sector.”

Lian is among a growing number of international investors who are pulling back from China after years of record inflows.

Overseas investors shed more than $150bn in China-based yuan-denominated assets in the first quarter of this year, the largest decline on record. Chinese bonds alone saw a $61bn sell-off between February and May. Roughly $300bn could exit the country this year, more than double last year’s outflow of $129bn, according to forecasts by the Washington-based Institute of International Finance.

Overseas investors shed more than $150bn in China-based yuan-denominated assets in the first quarter of this year, the largest decline on record [File: Qilai Shen/Bloomberg]

China’s economy barely avoided contraction in the second quarter, expanding just 0.4 percent, a dramatic decline from 4.8 percent growth during the first quarter.

Lian said the effects of last year’s crackdown on the tech sector, which decimated the stock prices of major players such as Alibaba, Tencent and Didi, are still being felt.

In one of the most prominent episodes of China’s “techlash”, ride-hailing app Didi lost 80 percent of its market cap – more than $60bn in value – within a year of going public after Chinese regulators accused the firm of violating data security rules. Facing mounting scrutiny at home, Didi delisted itself from the New York Stock Exchange last month.

“Chinese tech companies may be great performers, but they need to be in the best possible environment to achieve the best returns,” Lian said.

“If you look at the tech crackdown last year, and how the value of a whole company like Didi can be virtually wiped out, it makes you nervous.”

Ride-hailing app Didi lost 80 percent of its market cap after Chinese regulators accused the firm of violating data security rules

Other investors, though, see room to adapt to Beijing’s tightening grip on the economy.

“Investors understand what the goals of the tech crackdown were, taking aim at inequality and related social issues, so I think that makes the sector still very investible,” Ker Gibbs, former president of AmCham Shanghai and a veteran China investor, told Al Jazeera.

“There’s always policy risk in China, and regulation moves much faster than in the US. That is something people must be accustomed to.”

Nonetheless, Gibbs said the lingering uncertainty around the Chinese economy has been a significant concern.

“For me, it’s all about the uncertainty of the lockdowns and zero-COVID and not knowing when it will all end,” he said. “Investors just can’t see where it’s headed. People don’t know what environment they’re in now.”

Beijing has given mixed signals to investors about what to expect.

While Chinese officials have promised to tweak pandemic restrictions for the sake of the economy, Xi has repeatedly ruled out shifting from “zero COVID” to living with the virus.

China has opened up new offerings of asset classes to foreign investors but also stepped up supervision of institutional investors in the country.

This month, authorities announced the launch of Swap Connect, a mechanism to allow overseas investors to participate in mainland China’s financial derivatives market.

Meanwhile, more than 80 Shanghai- and Shenzen-listed exchange-traded funds will be made available to investors in Hong Kong. Beijing has also announced it will substantially raise its currency swap with the territory to new levels to provide extra liquidity for the offshore yuan.

“There is a dramatic opening of China’s securities, insurance broking, and wealth management markets going on,” Duncan Clark, founder of Beijing-based investment advisory firm BDA, told Al Jazeera.

“The transition isn’t going to be easy, though, from N-shares [shares of Chinese companies listed in New York] to onshore Chinese listings or even Hong Kong listings. Investor confidence is shaken and Chinese issuers can’t meet face to face,” Clark added.

Lian said Swap Connect is unlikely to turn the tide of investors exiting the Chinese market.

“On the one hand, it may help attract new investors to China, but I doubt it will do much to retain those who are already moving away, and that is a bigger issue,” he said.

“It will take time to turn the tide. There will probably be a two or three-year trial phase until they get the settings right. Another question investors will ask is ‘How do we exit?’ Can they be assured they can withdraw their stock when they wish? We will have to see what the final details are when it comes out.”

Even as Beijing courts more foreign investors, it is also seeking to monitor them more closely. Last month, the China Securities Regulatory Commission formally issued guidelines mandating the establishment of communist party cells within global hedge funds that operate in China.

“I think it will be problematic, but mostly because of the optics back at headquarters in the US,” Gibbs said, noting that many hedge fund managers specifically asked him about the measures at a recent conference he attended in San Francisco.

“Those of us who operate in China long term understand the role the party plays and the importance of aligning with their goals for society. Actually, the conversations they have with you are often about issues of social compliance, like labour standards or equality, which is not necessarily a bad thing,” Gibbs added, describing the scrutiny as comparable to “Chinese-style ESG [Environmental, social and governance]”.

“But in the US, we see the CCP [Chinese Communist Party] and think of the whole party apparatus, and so the idea of a party official in the boardroom sounds much scarier from an American perspective.”
China’s handling of the pandemic has widened the perception gap between the country and global markets, according to some observers [File: China Daily via Reuters]

Some observers say that the perception gap between China and global markets has only widened since the pandemic.

“Many in China don’t realise how dramatically perceptions have changed overseas about their country,” Clark said. “The wall of zero-COVID and the Great Firewall works both ways: they keep capital out and information skewed on both sides. China will have to hustle much more to raise funds going forward. The penny hasn’t dropped yet.”

Beijing may need to work harder at retaining local capital as well.

“We need to remember this is not just about foreign capital and foreigners leaving China. It impacts everyone,” Gibbs said. “Many Chinese investors are heading out, too, to places like Singapore.”

Lian said he has noticed an increasing number of Chinese tech entrepreneurs setting up in Singapore, especially those working on blockchain-based applications.

“It depends a lot on their business structure, but I believe those who can move will continue to do so,” he said.

“So you have these startups that were founded in China, the largest market of all, by Chinese entrepreneurs, and now they are here in Singapore, and now they are bringing their capital with them. To me, that says it all.”

 

 

Original Source: https://www.aljazeera.com/economy/2022/7/21/china-investors-call-it-quits-as-xi-zero-covid-rattle-markets

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j

Crypto Crash: Is it the end and what should retail investors do?

Crypto Crash: Is it the end and what should retail investors do?

The Crypto market is in tatters.  The global cryptocurrency market cap moved up to the $961 billion mark, rising about 3 per cent in the last 24 hours. Several big players in the cryptocurrency markets have had difficulties, and further declines could force other crypto investors to sell out.

Rajeev who is kind enough to host me and brought up the following topics.
a) How long this bear market or correction go?
b) How to save your crypto capital now
c) Who / which exchanges could be next to fall?
d) Should you buy the crypto dip?
e) Staking, stablecoins

00:00:00 Introduction
00:00:59 What lead to the bear market in Crypto.
00:02:16 The worst is not yet over for Crypto markets
00:04:38 What exchanges can fall next?
00:08:10 How should retail investors save their capital? Buy a cold wallet and withdraw from the exchange?
00:09:14 Could Binance be under threat?
00:10:26 Does the current bear market affect the long-term bullish thesis of Crypto?
00:12:55 How to use spare cash when crypto prices are low? What are possibly good coins?
00:20:35 View on Luna? Why did Luna fail and why Anndy was one of Luna’s skeptics?
00:23:33 Are stablecoins here to stay?
00:27:09 What should retail investors do in this scenario?
00:29:19 Should investors stake their coins now?
00:32:15 Investors should be careful of crypto influencers!
00:34:50 Thank you

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j