👾 How to Avoid This Weeks Crypto Hack

There is an active exploit on Telegram---here's how to avoid it! Also Ethereum's 2.0 testnet goes live, OpenSea's IPO controversy, and Zilliqa's Extended Reality Metaverse.

Hackers are Targeting Telegram Users
Source: Unsplash

Hackers are Targeting Telegram Users

Disable the auto-download feature on Telegram.

Hackers are targeting Telegram crypto chat users with malware that downloads automatically to the user's device and empties crypto wallets. According to a researcher at blockchain bug bounty platform Immunefi, a hacker called "Smokes Night" dropped the Echelon malware into a chat. Users in that chat with the auto-download feature enabled are susceptible to the hack.

SafeGuard Cyber notes in its report that this attack has been in use on Telegram since as early as October 2021. SafeGuard Cyber analyzed the Echelon malware, finding that it "performs several crypto wallet and credential stealing functions, as well as domain detection and computer fingerprinting" and attempts to screenshot the user's device.

The Echelon malware attempts to steal credentials and data for twelve crypto wallets:

– Armory
– AtomicWallet
– BitcoinCore
– ByteCoin
– DashCore
– Electrum
– Exodus
– Ethereum
– Jaxx
– LitecoinCore
– Monero
– Zcash

The malware also tries to steal credentials for common apps, such as:

– Discord
– Edge
– FileZilla
– NordVPN
– OpenVPN
– Outlook
– Pidgin
– ProtonVPN
– Psi (Jabber)
– Telegram
– TotalCommander

While Telegram is targeted primarily for its poor default security settings and large crypto user base, it's possible that the Echelon malware is also being used in other apps.

Ethereum 2.0 Testnet Live
Photo by Karla Vidal / Unsplash

Ethereum 2.0 Testnet Live

Last week, Ethereum developers deployed a testnet version of Ethereum 2.0, named Kintsugi. While this doesn’t mean Ethereum 2.0 is ready, it’s a strong signal that the Ethereum developers are making progress and we’re getting close to a full deployment.

Over the past few years, we’ve seen the 2.0 launch date pushed back many times, resulting in a loss of confidence by the wider crypto community that we’ll see a true Ethereum 2.0 deployment. The development work for 2.0 is to move Ethereum from a Proof of Work consensus to Proof of Stake, which will result in a faster, more energy efficient blockchain that is cheaper to interact on. This will completely remove the need for mining hardware from the average user.

“Kintsugi” is a Japanese word referring to the practice of fixing damage and cracks with gold to highlight the flaws, instead of trying to hide it. This is very fitting for the problems the Ethereum foundation is trying to fix with the 2.0 development. Over the past couple of years we’ve seen Ethereum’s gas fees spike to levels which has opened the door for competition, with fees to transact reaching hundreds of dollars per transaction. This has allowed high speed chains like Solana and Avalanche to grow rapidly due to their very low gas fees. Solana fees are consistently under a penny.

The last major 2.0 development was at the end of 2020 when the Ethereum foundation launched the Beacon Chain, which allowed people to stake ETH prior to the full 2.0 launch.  This was considered “Phase 0” of the 2.0 upgrade.

Metapolis: Zilliqa's Extended Reality Metaverse
Metapolis! Source: Zilliqa

Metapolis: Zilliqa's Extended Reality Metaverse

Last week, Zilliqa announced it will launch an expansive metaverse platform called Metapolis.

Zilliqa (ZIL) ($1B market cap) is a Layer-1 blockchain project from the National University of Singapore. Before Metapolis, Zilliqa was best known among Ethereum miners as a dual mining token.

Metapolis is a gamified extended reality (XR) metaverse platform that is set to launch in January 2022. This metaverse is designed for games, events, concerts, and e-commerce. Zilliqa will sell ads in Metapolis. Users will be able to interact with Metapolis through AR and VR.

The Metapolis metaverse is split into sections that Zilliqa is calling "domes." Each dome is "conceptualized to house brands, artists, concepts, games, e-stores, real estate, and more." Domes will also include non-fungible token (NFT) “land” that users can purchase and operate. Zilliqa also says that users will get customizable NFT avatars for interacting in Metapolis.

Zilliqa claims it is the first Layer-1 blockchain to offer this large of a metaverse. The project seems extremely ambitious, and it's unclear how much of the metaverse will be available to the public at launch.

OpenSea Walks Back IPO After Backlash
Photo by Rob Wicks / Unsplash

OpenSea Walks Back IPO After Backlash

OpenSea, the world’s largest NFT marketplace, hired a new Chief Financial Officer, Brian Roberts, earlier this month. Roberts comes from Lyft, where he was also the Chief Financial Officer. Apparently, one of Roberts’s responsibilities was to prepare to take the company public, which he mentioned in an interview with Bloomberg.  The company handles billions in transactions each month, and they take 2.5% from every trade.

Many in the crypto community are furious over the idea of OpenSea using a traditional IPO process. In the world of cryptocurrencies, users are accustomed to being rewarded for being early and active with a token airdrop. Airdrops are when companies mint their own token and give them out for free to the community members that have made them a success.  Some of the biggest projects, like MetaMask, OpenSea, and Ethereum Name Service, have been highly anticipated airdrops. Earlier this year when Ethereum Name Service did their airdrop, many users were rewarded with over tens of thousands in tokens for using the service.

Shortly after his comments, Roberts walked back talk of the IPO saying in a tweet: “Let me set the record straight: there is a big gap between thinking about what an IPO might eventually look like & actively planning one. We are not planning an IPO, and if we ever did, we would look to involve the community.”