Opensea warns API users about third-party security breaches
Non-fungible token (NFT) marketplace OpenSea has warned users that one of its third-party vendors has experienced a security incident that could expose users' OpenSea API keys.
The NFT platform said they do not expect the security incident to have an immediate effect on users looking to integrate into the platform, a recent email shows.
Choose your third party wellโฆ
Opensea posted that a provider was attacked, leading to developers' API keys being leaked.
Get advice from a professional security consultant on third-party security before choosing. E.g @SlowMist_Team pic.twitter.com/jcBJ9IaAENโ 23pds (@IM_23pds) September 23, 2023
"However, your key could be used by external parties who will use your assigned rate limit," OpenSea explained.
An application programming interface (API) key is a code used to identify an application or user and is used for authentication in computer applications. According to OpenSea, its API helps developers create experiences using NFTs and their market data.
The NFT firm asked its users to deprecate their existing key immediately and replace it with a newly generated key that will have the same permissions and speed limits as the existing keys.
Existing keys will expire on October 2, OpenSea confirmed.
OpenSea did not disclose how many users were affected by the security breach and what other information may have been collected.
On September 20, the blockchain analysis company Nansen revealed a similar violation, causing users to lose emails, passwords, and blockchain addresses.
Important update from us at Nansen. Please take a moment to read this. pic.twitter.com/syKE0sNnC6
-Nansen (@nansen_ai) September 22, 2023
Nansen said that only 6.8% of its users were affected during the first 48 hours of the security breach.
The two security breaches caused some members community to reflect on whether the incidents are related.
Arrington Capital founder leaves Celsius NewCo
Arrington Capital founder Michael Arrington has confirmed that he will no longer serve on the board of NewCo, the entity that will eventually be owned by Celsius creditors and managed by Fahrenheit.
In a Sept. 24 X post, Arrington said he requested the change, but did not go into why.
According to September 23 presentationArrington's seat on NewCo's board will be filled by Ravi Kaza, an investor and advisor to Arrington Capital.
A court filing was filed today in the Celsius bankruptcy case, presenting an amended plan supplement to show a change in the board of directors of the new company being created.
I will no longer be on the board of directors of the new company. On the other hand, Ravi Kaza, my partner in... pic.twitter.com/RBaGlbxW5w
- Michael Arrington โ ๏ธ ๏ธ (@arrington) September 24, 2023
US Bitcoin Corp, Arrington Capital, Proof Group, Steven Kokinos and Ravi Kaza provide the capital, management team and technology necessary to help the new company get off the ground, which will be done in accordance with Celsius' Chapter 11 bankruptcy plan.
Arrington, who also founded TechCrunch, did not reveal exactly why he decided to leave, but admitted that some disagreements ultimately led him to step down from the board.
โI disagree with some of the decisions made around the constitution of the board and, in particular, with the board observers. That is why I chose to retire from the board of directors.โ
The Arrington Capital founder said he is still looking to support Celsius creditors and shareholders in their bankruptcy proceedings in other ways.
"Other than not joining the board, our active investment and advisory role through Fahrenheit will continue as planned."
Venezuelan authorities stumble upon Bitcoin miners in prison raid
A recent police raid on a Venezuelan prison reportedly resulted in the seizure of several rocket launchers, bullets, grenades, and, interestingly, Bitcoin mining machines.
The news of the raid on the Venezuelan Tocoro prison was confirmed by Venezuelan military officer Domingo Hernรกndez Lรกrez in a statement on September 20, but also details They were provided by Agence France-Presse on September 21.
Statement: The community is informed that the โCacique Guaicaipuroโ liberation operation is underway.#FANB#StumpLiberation pic.twitter.com/RqQO2nbcVk
โGJ. Domingo Hernรกndez Lรกrez (@dhernandezlarez) September 20, 2023
The AFP reported that 11,000 police and soldiers stormed the prison operated by the Venezuelan gang Tren de Aragua, when they discovered the Bitcoin miners, among other things:
"Authorities revealed that they confiscated bitcoin machines, sniper rifles, explosives, rocket launchers and grenades at the scene."
Several videos appeared on X (formerly Twitter) showing a building full of Bitcoin mining machines.
There were bitcoin miners in one of the most dangerous places in Venezuela
We recently saw an intervention in Tocorรณn, one of the best-known prisons in the country, in which the criminals had control.
Besides all the weird stuff they had, they even had some bitcoinsโฆ pic.twitter.com/xEfZfj9NJN
โ Javier โฟastardo โโ ๏ธ (@criptobastardo) September 22, 2023
Related: Venezuela Shuts Crypto Mining Facilities and Exchanges Amid Corruption Investigation
Earlier this month, Chilean police found 19 Bitcoin mining machines when they raided a house believed to be involved in drug trafficking. according to local media outlet El Mostrador.
Digital asset platform Mixin Network suffers $200 million exploit
Cryptocurrency platform Mixin Network says its cloud service provider was attacked on September 23, resulting in an estimated loss of $200 million in assets on the mainnet.
The firm explained in a statement on September 25 that, as a result, deposit and withdrawal services on the Mixin platform were temporarily suspended.
[Announcement] In the early morning of September 23, 2023, Hong Kong time, the database of cloud service provider Mixin Network was attacked by hackers, resulting in the loss of some assets on the main network. We have contacted Google and the blockchain security company @SlowMist_Teamโฆ
- Mixin Kernel (@MixinKernel) September 25, 2023
โAfter discussion and consensus among all nodes, these services will be reopened once the vulnerabilities are confirmed and fixed. During this period transfers are not affected,โ the platform added.
Mixin Network said that they will announce their recovery plan soon and Mixin Network founder Feng Xiaodong will explain this incident in a public live broadcast in Mandarin on September 25 at 5:00 am UTC.
Blockchain security company SlowMist explained on September 25 that they are helping with the investigation, while Mixin Network said they have contacted Google to help with the investigation as well.
SlowMist Safety Alert
On September 23, Mixin Network cloud service provider database was attacked, the amount of funds involved was ~$200 million.
SlowMist is assisting in the investigation. Please wait @MixinKernel updates for more information.
- Slow Mist (@SlowMist_Team) September 25, 2023
Mixin Network operates as a peer-to-peer transactional network for digital assets. It was established in 2017 and has earned over $1 billion in value on its platform. according to the firm's website.
In other news
US-based law firm Fenwick & West, which previously served now-defunct cryptocurrency exchange FTX, has refuted a class action lawsuit filed against him, alleging in a September 21 filing that he did not assist in the exchange's alleged fraudulent activities.
Coinbase has ensured a fight against money laundering (AML) compliance record of the central bank of Spain as part of its current expansion across Europe. Spanish users will be able to retain custody of their crypto assets on Coinbase and continue buying and selling cryptocurrencies in euros.
Magazine: Best and Worst Countries for Crypto Taxes, Plus Crypto Tax Tips