# Сопутствующие статьи по теме Security

Новостной центр HTX предлагает последние статьи и углубленный анализ по "Security", охватывающие рыночные тренды, новости проектов, развитие технологий и политику регулирования в криптоиндустрии.

Bitcoin Faces Quantum Risk — New Proposal Could Lock Vulnerable Coins

A new Bitcoin security proposal, BIP-361, introduces a three-phase plan to protect the network from the future threat of quantum computers. It specifically addresses the vulnerability of approximately 1.7 million BTC, including Satoshi Nakamoto's fortune, held in old-style P2PK addresses whose public keys are exposed. The proposal would eventually freeze any coins not moved to a new quantum-resistant format after a multi-year grace period. A controversial "rescue window" would allow users who miss the deadline to reclaim funds by proving ownership of their seed phrase. The plan has faced significant community backlash, with critics labeling it authoritarian and confiscatory for rendering old Bitcoin unspendable. Its adoption depends on achieving network consensus.

bitcoinist04/15 20:04

Bitcoin Faces Quantum Risk — New Proposal Could Lock Vulnerable Coins

bitcoinist04/15 20:04

Deutsche Börse Drops $200M On Kraken In Push Toward Hybrid Crypto Markets

Deutsche Börse Group has invested $200 million in Kraken's parent company, Payward, acquiring a 1.5% fully diluted stake. This investment, part of a secondary transaction, aims to advance Deutsche Börse's digital asset strategy and provide institutional clients with regulated crypto services. The deal, expected to close in Q2 2026, deepens a partnership established in 2025. Separately, Kraken reported a security incident where a criminal group accessed limited client support data for about 2,000 accounts, though no funds were at risk. Meanwhile, Bitcoin and Ethereum saw significant price rallies, with Bitcoin climbing back to $75,600.

bitcoinist04/15 15:31

Deutsche Börse Drops $200M On Kraken In Push Toward Hybrid Crypto Markets

bitcoinist04/15 15:31

Bitunix Exchange Secures ISO 27001:2022 Certification, Reinforcing Strong Protection of User Data

Bitunix, a cryptocurrency derivatives exchange, has obtained the ISO/IEC 27001:2022 certification, an international standard for information security management. This certification confirms that Bitunix has established formal systems to manage and protect sensitive user data and assets, following an external audit that evaluated its risk management and security controls. For users, this means stronger protection of personal information and funds, better alignment with global data protection rules, and increased operational transparency. The achievement reinforces user trust and commits the platform to continuous security improvements. Bitunix also maintains additional security measures, including Proof of Reserves with over 100% backing for major cryptocurrencies, real-time Merkle tree verification, a 1:1 asset backing model, and a $30 million USDC care fund for unexpected situations. According to Chief Strategy Officer Steven Gu, the certification reflects the company's commitment to security and transparency, ensuring users can trade with confidence. The exchange plans to continue updating its security practices as it grows.

TheNewsCrypto04/15 11:12

Bitunix Exchange Secures ISO 27001:2022 Certification, Reinforcing Strong Protection of User Data

TheNewsCrypto04/15 11:12

Kraken Reveals Extortion Demands After Client Data Incident: ‘We Will Not Pay’, Security Chief Says

Kraken, a major US crypto exchange, has publicly refused extortion demands from a criminal group following two incidents of unauthorized access to limited client support data. Chief Security Officer Nick Percoco stated the exchange identified and terminated access for individuals involved, emphasizing that no systems were breached and user funds remained safe. Approximately 2,000 client accounts (0.02% of users) were affected. Kraken is cooperating with law enforcement and industry partners to investigate what it describes as insider recruitment efforts targeting multiple sectors. The incident has sparked community concerns over insider threats and data security, drawing comparisons to a similar past event at Coinbase.

bitcoinist04/14 14:02

Kraken Reveals Extortion Demands After Client Data Incident: ‘We Will Not Pay’, Security Chief Says

bitcoinist04/14 14:02

Web3er Travel Safety Manual: a16z Security Lead's 6-Step Checklist

Web3 Travel Safety Guide: 6-Step Checklist from a16z's Security Lead With increased travel for crypto conferences, a16z's security head and former Secret Service agent Carl Agnelli shares a personal safety guide for Web3 professionals. Step 1: Develop a security mindset. Understand what’s normal, trust your intuition, and create small safety habits. Distance equals safety—avoid confrontation by leaving suspicious situations. Step 2: Stay alert in public. Remain aware of your surroundings, avoid routines, and don’t discuss sensitive travel plans loudly in public or rideshares. Step 3: Day and night safety. Walk with purpose, avoid walking alone at night, share your location with trusted contacts, and never discuss crypto holdings in public. Step 4: Safer travel and hotels. Travel discreetly, familiarize yourself with hotel emergency routes, use the safe, and keep an emergency kit handy. Step 5: Extra precautions for high-risk roles. Use a decoy wallet, avoid company logos, reduce your digital footprint, secure your home, and practice locating exits and cover in public. Step 6: Maintain safety habits. Keep a low profile, avoid sharing family photos online, regularly review home and digital security, and conduct monthly drills.

marsbit04/14 08:46

Web3er Travel Safety Manual: a16z Security Lead's 6-Step Checklist

marsbit04/14 08:46

In-Depth Reconstruction of the $285 Million Drift Hack: How Should DeFi Governance Move Beyond "Amateur Hour"?

On April 1, 2026, Drift Protocol, the largest perpetual futures DEX on Solana, suffered a catastrophic hack resulting in a loss of $285 million. The attack, attributed to a sophisticated social engineering campaign rather than a technical exploit, unfolded over several months. Hackers first infiltrated Drift’s internal circles by posing as a legitimate market maker, building trust over time. They then exploited Solana’s "Durable Nonce" feature to trick core team members into blindly signing transactions that granted administrative control. A critical vulnerability was introduced when Drift migrated to a 2/5 multisig structure without a timelock, allowing instant execution of privileged transactions with just two signatures. The attackers finally triggered the attack by adding a fake token (CVT) to the whitelist, manipulating its oracle price, and using it as collateral to drain the protocol’s treasury. The incident highlights fundamental flaws in DeFi governance, including overreliance on multisig mechanisms that lack intent verification and are vulnerable to social engineering. It underscores the misalignment between retail-grade security tools and institutional-scale treasury management. The hack signals the need for a security paradigm shift in DeFi, including adoption of Hardware Security Modules (HSMs) for key management, intent-based policy engines for transaction validation, and professional third-party custody solutions to ensure institutional-grade safety.

marsbit04/13 12:00

In-Depth Reconstruction of the $285 Million Drift Hack: How Should DeFi Governance Move Beyond "Amateur Hour"?

marsbit04/13 12:00

1 Billion DOT Minted Out of Thin Air, Yet Hacker Only Made $230,000

On April 13, a security breach occurred involving the Polkadot bridge on the Ethereum network, where an attacker exploited a replay vulnerability in the MMR proof mechanism of Hyperbridge’s ISMP protocol. By reusing a historically valid proof and pairing it with a malicious request, the attacker bypassed verification and gained admin and minting rights over the wrapped DOT contract on Ethereum. They then minted 1 billion wrapped DOT tokens—2,805 times the existing supply—and attempted to liquidate them. However, due to extremely low liquidity in the wrapped DOT market, the massive sell-off crashed the token’s price by 99.98%, from $1.22 to approximately $0.000128. The attacker ultimately exchanged the tokens for only about 108.2 ETH (worth roughly $237,000), with gas costs as low as $0.74. The same exploit had been used previously in attacks on MANTA and CERE tokens, resulting in a total loss of around $242,000. Polkadot confirmed that the incident only affected DOT bridged via Hyperbridge to Ethereum and did not impact the native Polkadot network or DOT on other bridges. Exchanges including Upbit and Bithumb temporarily suspended DOT deposits and withdrawals as a precaution. The event highlights ongoing vulnerabilities in cross-chain infrastructure and the critical role of liquidity in limiting actual damages during large-scale exploits. It also reflects a broader trend of increasing DeFi security incidents in early 2026.

marsbit04/13 10:10

1 Billion DOT Minted Out of Thin Air, Yet Hacker Only Made $230,000

marsbit04/13 10:10

Edge AI Daily Morning Report (April 12)

Edge AI Daily Brief (April 12) **Silicon Valley Front:** CoreWeave expanded partnerships with Meta and Anthropic, reflecting surging AI compute demand. Major cloud providers in China raised prices by 5%-30% due to soaring GPU costs and a 1000x increase in daily token usage since 2024. Anthropic, with annualized revenue exceeding $30B, is exploring in-house chip development to address shortages and signed a 3.5GW TPU deal with Google and Broadcom. The U.S. MATCH Act tightened semiconductor export controls, lowering technology thresholds and threatening global supply chains. ASML and Tokyo Electron saw stock declines. OpenAI addressed a third-party Axios library security issue, requiring macOS app updates. Microsoft restructured Windows Insider channels to simplify testing. Meta, Amazon, and Google invested in small modular nuclear reactors (SMRs) to power energy-intensive AI data centers. Mozilla criticized Microsoft for forcing Copilot integration in Windows 11, highlighting broader concerns about user choice and DMA compliance. Microsoft paused new carbon credit purchases due to quality concerns. **Domestic Progress:** MUJI’s Q2 revenue grew 14.8%, while Amazon launched a global smart hub in Shenzhen to streamline cross-border logistics for Chinese sellers, cutting delivery times by up to 7 days. **Open Source Trends:** Meta AI and KAIST proposed "Neural Computers" (NCs), merging computation and memory into learning runtime states. Agent AI is shifting from prediction to world-state modeling, driving edge infrastructure redesign. Quantum computing demonstrated exponential advantages in classical data processing, using under 60 logical qubits to outperform classical machines. France began migrating government systems to Linux to enhance digital sovereignty and reduce U.S. tech reliance. (Source: Edge AI Daily, Guangjiao Guancha)

marsbit04/12 00:52

Edge AI Daily Morning Report (April 12)

marsbit04/12 00:52

Android Flaw Leaves 30 Million Crypto Wallets Open To Attack: Microsoft Analysts

Microsoft analysts revealed a critical security flaw in the EngageLab SDK (v4.5.4), leaving over 30 million Android crypto wallets vulnerable to attack. The "intent redirection" vulnerability allowed a malicious app to bypass Android's sandbox and gain read/write access to a wallet's private data, including seed phrases and keys, without any user interaction. A patch (SDK 5.2.1) was released in mid-2025. Users who haven't updated their apps since then are advised to not only update but also move their funds to new wallets with fresh seed phrases, as any unpatched wallet is considered compromised. The flaw also affected over 50 million apps in total.

bitcoinist04/11 15:31

Android Flaw Leaves 30 Million Crypto Wallets Open To Attack: Microsoft Analysts

bitcoinist04/11 15:31

Will Quantum Computing Kill Bitcoin and Mining? Is This Alarmist?

The article addresses the recurring concern that quantum computing could break Bitcoin's encryption and disrupt mining. It references a Google Quantum AI white paper from March 2026, which suggests that the resources needed for a quantum computer to crack Bitcoin’s elliptic curve digital signature algorithm (ECDSA) have been reduced by about 20 times. Under ideal conditions, such an attack could theoretically derive a private key from a public key in roughly 9 minutes using 500,000 physical qubits. However, the threat is not immediate. Current quantum processors, like Google’s Willow (105 qubits) or IBM’s Condor (~1,121 qubits), are far from the scale required. The risk primarily targets transaction signatures—especially during the brief window when a transaction is broadcast but not yet confirmed, or when public keys have been historically exposed. It is estimated there is only a 10% probability of a “quantum break” by 2032. The impact on mining is considered negligible. Research indicates that quantum mining would require astronomically high qubit counts and energy—far exceeding entire national grids—making it economically and physically infeasible. The broader solution lies in post-quantum cryptography (PQC). Standards like ML-DSA and SLH-DSA are being developed, and Bitcoin improvement proposals such as BIP 360 aim to reduce quantum vulnerability by modifying transaction structures to avoid exposing public keys. While quantum computing poses a future risk to all public-key encryption systems—not just Bitcoin—the cryptocurrency ecosystem has time to adapt. Upgrades and migration to quantum-resistant algorithms are underway, ensuring the network evolves ahead of the threat.

marsbit04/11 14:40

Will Quantum Computing Kill Bitcoin and Mining? Is This Alarmist?

marsbit04/11 14:40

活动图片

Популярные категорииright-arrow

Популярные тегиright-arrow

Regulatory Policy