As crypto becomes lucrative daily it is also attracting back eggs and unethical hackers doing everything possible to rob others of their crypto money by all illegal means.

On Bitcointalk, there surfaced a post with link to a suspected fake version of the popular secured Ethereum wallet extention. Thus, we decided to dig deep and research further to confirm the genuinety of the post and its indeed turn out to be a fake version (our screenshots of the app live in Google chrome store explains things better below). That is while this is been published to our MyCDApp users and crypto community at large to stay on alert and check well before downloading or installing any App or Extention that will directly handle your cryptocurrencies and essential information like private key and seed words.

See the link to the detected fake Metamask: https://chrome.google.com/webstore/detail/metamask/ajhghapnjiaimhegcipdpehnihdkljdj?utm_source=chrome-ntp-icon

Screenshots taken by MYCDApp team after thorough examination of the extension below:

Before you check the screenshots, not that we did circled our metamask extenstion already installed which exposed the fake one even more with things like the logo, logo colour, no rating, developer not official metamask account,the overall extention theme colour does not tally with the real Metamask yet it takes careful study and even a bit crypto awareness and observation to spot it and hope Metamask team will read this article and work on bringing that fake extension down to prevent their prospective users from falling victim.

Always download from the official Metalmask website at https://Metamask.io

We also acknowledge that most of our App users are new to crypto and just getting adapted. Thus, we also added screenshot of the real Metamask and you will notice that simply identified that we already installed that extension unlike the fake one claiming we should Add to Chrome even though its already in use.

Real Metamask Extension 1a - Picture By MyCryptoDictionary App
Real Metamask Extension 1a – Picture By MyCryptoDictionary App
Fake Metamask Extension 1a - Picture By MyCryptoDictionary App
Fake Metamask Extension 1a – Picture By MyCryptoDictionary App
Fake Metamask Extension 1a - Picture By MyCryptoDictionary App
Fake Metamask Extension 1a – Picture By MyCryptoDictionary App
Fake Metamask Extension 1a - Picture By MyCryptoDictionary App
Fake Metamask Extension 1a – Picture By MyCryptoDictionary App

Note: To continue to develop MyCDApp to other platform aside Android and also keep user updated with helpful info like this, we look forward to Donation or Sponsorship for MyCryptoDictionary App with some juicy ads bonuses in return to compensate you/your platform. Click here for details!

Kindly share this article using the social media sharetools and safe a friend from falling victim. Also comment below and recommend our MYCDApp to other people in crypto community.

 

This is crucial and should not be ignored and surely it is a necessity for MyCDApp team to research and post this on time to save crypto community and especially NewB.

First lets start this way:

What is Ether?

It is the token used in Ethereum Blockchain and needed to pay for GAS fee when sending out Ether or any Ether ERC20 tokens from one wallet to another. Check the dictionary section of our App for more info on Ethereum.

What is Ether Tokens?

Due to the fact that Ethereum allows the development of smart contract Apps on the Ethereum Blockchain, alot of startups have found this interesting and undoubtably helpful, easier and faster to deploy their projects on Blockchain and reduce the financial burden of building a blockchain from scratch, providing security, upgrades, patches and lot others.

This had help many to kick start their businesses on blockchain with less capital and focus majorly on their product/services and not merge it with the headache of maintaining a Blockchain itself. Check the dictionary section of our App for more info on ERC20 Token.

4 Ways To Secure Your Ether and Ethereum Tokens

Yeah, we aim to run you through four basic tested and proven ways to secure your Ethereum wallet especially if you only hold it in MyEtherWallet (MEW) for now.

As crypto coins/tokens are gaining value, they are also attracting unethical hackers always in look for ways to feed on others wallet unlawfully and sure anyone can easily fall a prey if not vigilant enough.

1) Be On Alert:

Indeed a lot may have told you that cryptocurrency money is easy and cheap to access but most times do remove the fact that you will need to stay at alert or you lose all you gathered in twinkle of eyes to unknown hacker(s) and most time 99% cases are non retrievable considering the fact that crypto is still at infant stage and largely unregulated.

To be on alert means you should not just buy into a coin/token and go to sleep awaiting to return later to catch profit -NO! You need to stick to latest information as regards to the coin/token, the exchange or wallet platform you hold it on and crypto community security updates generally.

For example, the day we plan to sell a token (now worth $1,500) via EtherDelta was the day it was hacked, fake website by hacker fixed up sapping users private keys had replaced the genuine ED and ultimately their funds flying off their account like birds off their nest. We got series of alerts from our alerts channels and that was the what stopped us from using the website that day, if not all our token will graciously be given to those hacker with ease. That’s precisely what it means to stay on alert in crypto community.

2) Bookmark/Crosscheck Every Website:

Yeah, this might sound unrealistic but if your portfolio is less than $1,000 you can do anyhow with it but if more than that you will need to take caution. You simply bookmark the original verified website and always recheck once loaded to make sure you are not on copied version.

For example while this article was been compile, we got alert of a duplicate of Bitconnectx ico website (please we are not advertising bitconnectx ICO here but we need to use live example so you know this article is not just to gather popularity or readership but to protect every crypto community member that will read and implement it). The original website url of the ICO is Bitconnectx.com and the fake is xbitconnect.com, both websites have same design but little things like the ICO timer makes the different but that is only for observers, some may have falling prey even as we are discussing this here.

This does not stop on the website alone, always do same for every addresses you are sending coin/token too. At least try to cross check the first and the last six digits before you click the send button because some software now auto change copied address before you paste it if your device has been infected with their malicious software.

3) Use Double layer confirmation platforms

Do you every wonder why most platforms are now making it mandatory to have Two-Factor Authentication (2FA) on your exchange or wallet account? Yeah, its simple – The more layers placed on your wallets before it could be access, the more secured it becomes and for any to access it means it was a clean, well planed and schemed hacking specifically on your own account not just general hacking if you have all those security layers activated.

For example if you open Binance exchange account, you can deposit but before you withdraw you need at least your 2FA activated. After activation, you try to withdraw and then get the following layers of security.

(1)Login password – (2)enter 2FA code – (3)access to account – (4)request withdrawal – (5)enter 2FA code again – (6)open the verified email for the Binance account to approve the withdrawal – Then withdrawal successfully processed. You need atleast 6 solid layers to have your account wallet compromised and that makes if a bit more secured compared to just entering password and click withdraw and its done.

The same applies to MEW users, see how your Etheruem address on MEW works:

(1) Enter your Private Key on MEW – (2) Access to all features to withdraw Eth and tokens.

Did you noticed that, you only need your Private key and 100% access to your wallet is granted to you or hacker that may also have your key and do anything with your Ether balance and tokens. Yet a lot of newbie uses this platform due to the fact that its very compatible with ERC20 tokens and this article is not to condemn the platform (In fact we use it too) because they had been for long and one of the major platforms that made crypto attractive to newbies and for Airdrops but the security feature should not be ignored too and that posses danger to users.

So, lets now see how you can create some additional layers for yourself with your Ethereum address on MEW using the following;

i) Metamask: this platform gives you extra layer of security to your MEW wallet or you may just open your Ethereum account directly from there – it also supports ERC20 tokens like MEW. Let see how this works.

We are certain that most readers here already have MEW and looking for ways to make it more secured beyond the just one step full access explained above and we have the solution outlined below too.

1) Visit https://Metamask.io and follow their instruction on the website to install and setup your Metamask account via Chrome extension

2) Click the extension to create new account and import your MEW address to give it additional security

3) Henceforth don’t login into MEW or other platforms like EtherDelta, IDEX with your Private key again, instead locate option to login with Metamask and that gives you access to those platform full features without exposing your Private key anymore.

Once the steps above is done, see how the new security later added works

(1) Login with Metamask on MEW,Etherdelta,IDEX etc. – (2) Request withdraw of Eth or tokens – (3) Login To Metamask – (4) Approve the withdrawal request prompt with another opportunity to crosscheck that it is the transaction you initiated on other platforms and click Accept/Approve to complete it if not you press Cancel/Reject and the transaction will automatically fail on the other platforms where transaction was initiated.

Now if you crosscheck, Metamask has helped to add additional 2 extra layers of security to your account, first preventing easy access to your Private key unlike when you enter it directly and secondly giving you the power to control what transaction is allowed on your account.

ii) BLUE: Yeah if you have came across a token called EthereumBlue, you still mean the same. You may also been lucky to have gotten 1,000 to 10,000 of BLUE free via their Airdrop about 3 months ago. They are finally coming out strong and we can say this platform is doing strong has we have been following them since the Airdrop done.

They are really doing their best to keep crypto community safe and fight it hard and openly against coin/token developers with questionable features hidden in their codes and user interface.

Blue finally released their wallet alternative to Metamask (still in public beta with less fatures activated) which also helps to give added security to your existing MEW wallet or you can just open a fresh Ethereum address with them via their Chrome extension as they support ERC20 token too and also translate GAS value to dollar to make it easily readable before you send your Ether or ERC20 tokens..

Visit https://www.etherblue.org/wallet to get started with BLUE.

4) Diversify your portfolio

Its time to round this up before you get bored and lets close it with diversification of crypto portfolio. Following the above keeps you safe but it does not guarantee that hackers can not penetrate via one way or the other new ways yet to be known (remember hacker(s) can even be your close pals offline whom have access to where you store your backup offline and could break all odds above with ease).

Thus, another way to play safe in crypto is diversification, once your portfolio worth $1,000 above, don’t keep everything in one coin/token, spread it to two, three, four, five upto seven coins/tokens and do not have them all in one wallet even if they are all Ethereum based (which is not advisable, spread your investments outside Ethereum coins/token too for more safety).

If eventually one platform, exchange or wallet get hacked and you stand to lose your fund, diversification will safe you from complete wretch from crypto world.

Wahooo, thats a long epistle, but we hope it helps some of our users and you can download our App if you don’t have it yet, use and send feedback and also share with friends and family.

We await your feedbacks and comments

Regards!

MyCryptoDictionary Team

Wahooooooooooooooooooooooooooooo its indeed worth saying Happy New Month and Year to all MyCD App community.

We launched just about 3 weeks ago and you are really giving us more reason to push further based on feedbacks and increasing download and install rate of the App.

Once again we wish you the best of New Year 2018

Don’t forget to recommend our App to every of your Crypto friends, they will surely thank you for it.

Also send your feedback for us to incorporate as we plan to release new version in Quarter1 of 2018 and if you want your ads on the dictionary section of the App and our blog Kindly click here

THANK YOU

MyCDApp Team

 

Over the past week or so, CCN has dedicated a number of articles to the alleged revival of Segwit2x. The proposed fork is slated for block 501451, approximately December 28th.  Inspired by the aborted November Segwit2x fork, this revamped version is the product of an entirely new team.

And crypto community members are not convinced.  Many have either asked the question “Is this B2x a scam?” or have come to the conclusion that it is.

Some of our own readers even raised concerns in a few of our articles’ comment sections.  Well we want to make sure that we’re presenting all the facts we can, so we’ve done some digging to address these concerns.  Here’s what we found.

Questions Surround Segwit2x’s Team

Until today, the revival fork’s website only listed three team members: Jaap Terlouw, Donna Khyuz, and Robert Szabo.

On his LinkedIn, Jaap Terlouw labels himself as the “Main developer and advisor at segwit2x,” but his work bio includes no prior experience in blockchain development or relevant coding experience.  His current position lists him as CEO of an unidentified company, and his only other past job title is “Mayor SLM new build”–if you’re unsure about what this means, you’re not alone.

Let’s move on to Donna Khyuz, whose LinkedIn profile is currently inactive.  According to a Medium post authored by Dr-Hack, she sports an updated Instagram profile as a self-proclaimed “Crypto Developer, ICO & Blockchain expert.”  I’m calling this profile updated because, according to an archived Instagram profile from December 19th, Khyuz’s advertised herself as a “Model, Dancer, Actress, Business Woman.”  That’s quite a career change to make in a little over a week, and it’s given root to community skepticism.

Robert Szabo has the most detailed LinkedIn, but there’s still little to show for a background in coding or blockchain development.  His past employment largely consists of jobs at T-Mobile, and his professional training is in automation engineering.

Two new team members (Artur Bujnicki and Bartosz Kozlowski) were added in the last 24 hours. Perhaps in an attempt to build credibility, Bujnicki’s LinkedIn lists prior software development experience, while Kozlowski’s own contains extensive experience in account management.

Perhaps one of the bigger red flags for B2x’ credibility was the inclusion of Sairam Jetty on the official team without his knowledge.  As Dr-Hack pointed out, the B2x team listed Jetty as a contributor sans his permission, and he was only recently delisted from the website.  When asked in a Facebook message if the revived fork is a scam, Jetty shared his belief that “it is.”

Reddit Raises the Alarm

Numerous posts have surfaced on Reddit in recent days diagnosing the alleged fork, picking around the web for inconsistencies and suspicious information.

In one such post, original poster u/draget notes that the project’s Github is relatively inactive.  More over, the page has only been live for 8 days.  The team also has an extremely young presence on Bitcoin Talk forum, with the sole Segwit2x representative appearing just 12 days ago.

In the comments for separate post, u/Breakpoint claims that the project representative on Bitcoin Talk solicited community members for their private keys.  Within the same comment section, u/RzeroD provides a link that indicates there will be a 2,000,000 coin pre-mine, a fact that the B2x team does not reveal on its website.

Out of the Reddit posts we examined, a few users, including original posters u/Sonicthoughts and u/increaseblocks accuse the B2x’s orchestrators of falsifying developer identities and creating fake LinkedIn accounts.

A Fork in the Wrong Direction?

Community concerns don’t stop there.  In response to the team’s promise that Bitcoin holders will receive “a proportional number of Satoshi Nakamoto`s Bitcoins as a reward for their commitment to progress,” Dr-Hack reasonably charges: “I have no idea how they will get hold of BTC held by Satoshi Nakamoto ,[sic] the claims are weird and interesting at the same time.”  He also rightly indicates that the project’s “official Instagram, Twitter, second Telegram channel and Reddit are almost empty.”

Source: Segwit2x a Scam? Community Members Cry Foul

According to researchers at the cyber security firm Trend Micro a malware called Digmine infects Facebook’s instant messenger to harness the CPU’s power to mine Monero. Monero is an altcoin that is based on an anonymous blockchain.

Digmine comes to the victim as a video file sent from someone in their friend’s list, making it appear legitimate. Hacker’s will also be able to gain access to the victim facebook profile and their list of friends in order to spread the malware further. – Crytocoinmastery

Thus beware how to click links from Facebook messenger henceforth

Korean prosecutors have reportedly filed charges against several individuals associated with Mining Max, US-based cryptocurrency mining firm allegedly behind a major cryptocurrency mining scam.

According to a report by Korean publication Yonhap, authorities at the Incheon District Prosecutors’ Office have indicted 21 individuals suspected of being associated with Mining Max LLC, a US-based firm, on charges of fraud and allegedly soliciting 270 billion won (approx. $250 million) from investors across the world for an Ethereum mining operation promising large returns. Three others have been indicted without detention for embezzlement and other charges.

Mining Max presents itself as the developer of “premium cryptocurrency mining” machines headquartered in California. “All of the mining rigs are assembled and maintained in our Internet Data Centers (IDC) in Korea,” the company claims on its website.

The allegedly sweeping scam also entails seven other Korean and foreign nationals, now on Interpol’s wanted list, of being associated with Mining Max and blotching results that purported to mine more Ethereum than the operation actually did.  The scam unraveled when the company was not longer able to make sufficient returns from its ‘mining’ operation, presumably in its dividends to new investors.

Altogether, prosecutors allege that the suspects pocketed a significant portion of the $250 million, amassed from roughly 18,000 investors in 54 countries between September last year and October this year.

Source: $250 Million Ethereum Mining Scam? Korean Prosecutors File Charges

If you haven’t heard the news yet, EtherDelta was subject to a phishing attack on its DNS server yesterday.  A hacker compromised the EtherDelta website, supplanting it with a copycat version of the popular Ethereum exchange.  When the dust settled, the culprit stole away with 305 ETH, valued at over $244,000, and bag-full of ERC20 tokens.

This makes Ether Delta the latest to join an infirmary of exchanges plagued by hacking attacks in 2017. Earlier in the year, Bithumb lost hundreds of millions of won, and after recovering from an attack in April, Youbit had to terminate operations after losing 17% of its funds in a hack earlier this week.

Smart Contracts, Decentralization Ensure Damage Control

Unlike Youbit, EtherDelta managed to scrape by relatively unscathed in its own hacking run-in.  Users have decentralization and smart contracts to thank for that.

Typical exchanges (Bithumb, Bittrex, Binance, and the like) are centralized, trusted, and operate much like a bank.  When you use one of these services, you trust the exchange to manage the private keys of your accounts for you, and assets are purchased and distributed on an IOU basis through the exchange’s reserve.  The exchange holds all funds for its customers until they want to withdraw them from the exchange, at which time the exchange relinquishes the private keys to its users and debits them with the corresponding account balance.

EtherDelta, on the other hand, is trustless.  Everything on the exchange is peer to peer, and EtherDelta itself does not manage user funds–it only provides a platform to facilitate trading.  As a result, users are completely in charge of their own keys.  They import them onto the exchange either by inputting the key manually or syncing EtherDelta with a Ledger Nano S or Meta Mask browser wallet.  Once uploaded, users manage their keys using Ethereum-powered smart contracts.

These smart contracts and EtherDelta’s trustless decentralization are the reason the hacker had to go to the lengths he did to pull off the heist.  If the culprit went after, say, Bittrex, s/he would only need to tap into the exchange’s hot wallet reserve to nab individual keys.  With EtherDelta, there is no reserve, so to access private keys, the hacker had to use a phishing scam to trick users into exposing them.  Once a user input private keys onto the fake website, they handed over what the hacker couldn’t have accessed otherwise.

This is why any funds being held on the exchange’s smart contracts went untouched.  It’s also why funds managed with a Ledger Nano S or Meta Mask wallet, which hold your private keys for you, would have been safe at the time of the attack.  The hacker would have only been able to steal keys that he could key log from manual inputs on the malicious site.  In redirecting website traffic, the hacker only hijacked EtherDelta’s domain name, not the exchange itself or its smart contracts.

EtherDelta can’t chalk this attack up as a win, but had this been a conventional exchange, the losses would have been much more substantial…..

Source: The EtherDelta Hack Hurts, but It Could Have Been Worse

Adds links to strings that look like Ethereum addresses to your favourite blockchain explorer.

It also tries to protect you from being phished by checking a domain blacklist that is constantly being updated.

EAL will also show you a popup container (non-intrusive) detailing the ETH balance of an address, the number of transactions going OUT, and if the address is a smart contract – The RPC node is managed by https://quiknode.io, so mega-thanks to those guys!

Currently in BETA phase.
Push issues to https://github.com/409H/EtherAddressLookup

CLICK HERE TO INSTALL EtherAddressLookup IN CHROME

Yeah, EtherDelta just got hacked and over 700k Eth and tokens withdrawn by phishing wallets with alrming transactions going on in there.

One of the leading security platform EthereumBlue warned via tweets and also encourage alot of ways to play safe during the hack to avoid falling victim if you have not.

For now the safest way is to totally avoid logging or doing any transaction on EtherDelta till problem resolved.

Click Here For More Security Updates

South Korean cryptocurrency exchange Youbit has revealed plans to file for bankruptcy. The decision to close operations follows announcements that the exchange was hacked for the second time this year.

Also Read: More Firms Entering the Bitcoin Market See Stocks Soar

   Second Accident in a Year

Youbit announced on its website on Tuesday that it had been hacked at 4:35am local time on Tuesday, causing a loss worth 17 percent of its total assets. It did not elaborate on the amount, but said all customers’ cryptocurrency assets will be marked down to 75 percent of their value, adding that the other coins were kept in cold wallets and there were no additional losses. Accordingly, all coins trading and cash withdrawals were suspended to minimize customer losses.

Korean Cryptocurrency Exchange Youbit to Close After Second Hacking in a Year

Youbit is a smaller player in South Korea’s cryptocurrency market. It had been hacked once before in April when nearly 4,000 BTC were stolen in a cyberattack that the country’s spy agency linked to North Korea, according to a recent South Korean newspaper report.

An official at Korea Internet & Security Agency (KISA), the state agency that responds to cyberattacks, said the police and KISA officials were starting an investigation into the hacking.

Rising Concerns About Security

Bitcoin exchanges have a history of being targeted, especially in a bullish crypto market where bitcoin and altcoins are gaining more traction.

Bitcoin traded at around $18,615 on Coinbase at press time. And on Sunday evening it made its long-awaited debut on CME Group with the sale price for its Jan. 18 contracts initially opening above $20,000 and later dropping back to $19,500. CME data reveals that over 200 January 2018 contracts were bought during the first hour.

Korean Cryptocurrency Exchange Youbit to Close After Second Hacking in a Year

Source: Korean Cryptocurrency Exchange Youbit to Close After Second Hack in a Year