Security

Hackers Steal $305 Million From DMM Bitcoin Crypto Exchange (techcrunch.com) 28

Japanese crypto exchange DMM Bitcoin confirmed on Friday that it had been the victim of a hack resulting in the theft of 4,502.9 bitcoin, or about $305 million. From a report: According to crypto security firm Elliptic, this is the eighth largest crypto theft in history. DMM Bitcoin said it detected "an unauthorized leak of Bitcoin (BTC) from our wallet" on Friday and that it was still investigating and had taken measures to stop further thefts. The crypto exchange said it also "implemented restrictions on the use of some services to ensure additional safety," according to a machine translation of the company's official blog post (written in Japanese).
Bitcoin

PayPal Adds Stablecoin To Solana Blockchain 22

Last August, PayPal became the first major financial company to roll out a stablecoin. Labeled PayPal USD, or PYUSD, the coin was issued on the Ethereum blockchain and "fully backed by U.S. dollar deposits, short-term Treasuries and similar cash equivalents." Now, the financial company is adding Solana as an option, "making PayPal's stablecoin faster and cheaper to use."

"The Solana blockchain is known for processing massive amounts of transactions at high speeds with extremely low costs, providing significant benefits for commerce use cases," says the company in a press release. "As the most used blockchain for stablecoin transfers, according to data from blockchain analytics platform Artemis, Solana has emerged as the leading blockchain to run tokenized transactions and is ideal for PYUSD as it continues to be used for payment use cases."
Bitcoin

Former FTX Executive Ryan Salame Sentenced To 7.5 Years In Prison (apnews.com) 14

Former FTX executive Ryan Salame has been sentenced to more than seven years in prison, "the first of the lieutenants of failed cryptocurrency mogul Sam Bankman-Fried to receive jail time for their roles in the 2022 collapse of the cryptocurrency exchange," reports the Associated Press. From the report: Salame, 30, was a high-ranking executive at FTX for most of the exchange's existence and, up until its collapse, was the co-CEO of FTX Digital Markets. He pleaded guilty last year to illegally making unlawful U.S. campaign contributions and to operating an unlicensed money-transmitting business. The sentence of 7 1/2 years in prison, plus three years of supervised release, was more than the five to seven years prosecutors had asked Judge Lewis A. Kaplan to impose on Salame in their pre-sentencing memo.

While Salame was a high-level executive at FTX, he was not a major part of the government's case against Bankman-Fried at his trial earlier this year and did not testify against him. In a bid for leniency, Salame said during the sentencing hearing that he cooperated and even provided documents that aided prosecutors in their cross examination of Bankman-Fried, as well as in his own prosecution. Along with helping Bankman-Fried hide the holes in FTX's balance sheet that ultimately led to the exchange's failure, Salame was used as a conduit for Bankman-Fried to make illegal campaign contributions to help shape U.S. policy on cryptocurrencies. On the surface, Bankman-Fried mostly gave political contributions to Democrats and liberal-leaning causes, while Salame gave contributions to Republicans and right-leaning causes. But ultimately the funds that Salame used for those contributions came from Bankman-Fried.

The judge also chastised Salame for pulling $5 million in cryptocurrencies out of FTX as the exchange was failing. "You tried to withdraw tens of millions more," Kaplan said. "It was me first. I'm getting in the lifeboat first. To heck with all those customers."

Bitcoin

Researchers Cracked an 11-Year-Old Password To a $3 Million Software-Based Crypto Wallet (wired.com) 74

An anonymous reader quotes a report from Wired: Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about [...] $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password. "At [that] time, I was really paranoid with my security," he laughs.

Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrencyhe thought he'd lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle "Kingpin," turns down most of them, for various reasons. Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel's Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password. But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand's hardware skills were relevant this time. [...] Michael contacted multiple people who specialize in cracking cryptography; they all told him "there's no chance" of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets.

Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version -- and subsequent versions until 2015 -- did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user's computer -- it determined the computer's date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past. [...] There was one problem: Michael couldn't remember when he created the password. According to the log on his software wallet, Michael moved bitcoin into his wallet for the first time on April 14, 2013. But he couldn't remember if he generated the password the same day or some time before or after this. So, looking at the parameters of other passwords he generated using RoboForm, Grand and Bruno configured RoboForm to generate 20-character passwords with upper- and lower-case letters, numbers, and eight special characters from March 1 to April 20, 2013. It failed to generate the right password. [...] Instead, they revealed that they had finally found the correct password -- no special characters. It was generated on May 15, 2013, at 4:10:40 pm GMT.

Republicans

Trump Promises He'd Commute the Life Sentence of 'Silk Road' Founder Ross Ulbricht (semafor.com) 283

In 2011 Ross Ulbricht launched an anonymous, Tor-hidden "darknet" marketplace (with transactions conducted in bitcoin). By 2015 he'd been sentenced to life in prison for crimes including money laundering, distributing narcotics, and trafficking in fraudulent identity documents — without the possibility of parole.

Today a U.S. presidential candidate promised to commute that life sentence — Donald Trump, speaking at the national convention of the Libertarian Party as it prepares to nominate its own candidate for president.

Commuting Ulbricht's life sentence is "a top demand" of a political movement that intends to run its own candidate against Trump, reports Semafor: "On day one, we will commute the sentence," Trump said, offering to free the creator of what was once the internet's most infamous drug clearinghouse. "We will bring him home." His speeches more typically include a pledge to execute drug dealers, citing China as a model.

"It's time to be winners," said Trump, asking rhetorically if third party delegates wanted to go on getting single-digit protest votes. "I'm asking for the Libertarian Party's endorsement, or at least lots of your votes...."

"I've been indicted by the government on 91 different things," Trump said. "So if I wasn't a libertarian before, I sure as hell am a libertarian now."

More coverage from NBC News: At times, Trump turned on the crowd, criticizing libertarians' turnout at previous elections. "You can keep going the way you have for the last long decades and get your 3% and meet again, get another 3%," Trump said following jeers from the crowd.
Another high-profile supporter for commuting Ulbricht's sentence is actor-turned documentary maker Alex Winter. Best known for playing slacker Bill S. Preston Esq in Bill & Ted's Excellent Adventure and its sequels, Winter also directed, wrote, and co-produced the 2015 documentary Deep Web: The Untold Story of Bitcoin and the Silk Road (narrated by Keanu Reeves).

Writing earlier this month in Rolling Stone, Winter called Silk Road "inarguably a criminal operation" but also "a vibrant and diverse community of people from around the world. They were not only there for drugs but for the freedom of an encrypted and anonymous space, to convene and discuss everything from politics to literature and art, philosophy and drugs, drug recovery, and the onerous War on Drugs..." It's my firm opinion, and the opinion of many prison-system and criminal-law experts, that [Ulbricht's] sentence is disproportionate to his charges and that he deserves clemency. This case indeed reflects just one of the millions of unjust sentences in the long and failed War on Drugs... No matter what one thinks of Ulbricht, Silk Road, or the crimes that may have been committed, 10 years in prison is more than sufficient and customary punishment for those offenses or sins. Ross Ulbricht should be free.
Bitcoin

SEC Approves 8 Ethereum ETFs Including BlackRock and Fidelity (theblock.co) 12

The SEC on Thursday approved multiple spot Ethereum ETFs, including those from BlackRock, Fidelity and Grayscale. The Block reports: While the [19b-4 forms] have been approved, the ETF issuers need to have their S-1 registration statements go effective before trading can begin. The SEC has started conversations with issuers about their S-1 forms but only recently. It's unclear how long this process will take but some analysts are speculating that it could take weeks. "I think that if they work extremely hard it can be done within a couple weeks but there are plenty of examples of this process taking 3+ months historically," added Bloomberg ETF analyst James Seyffart. [...]

Since the Bitcoin ETFs were approved, they have amassed an additional 207,000 bitcoin ($14 billion) on top of the 621,000 ($42 billion) bitcoin held in the Grayscale Bitcoin Trust when it converted into an ETF. However, Ethereum ETFs may struggle to get the same level of traction. Bloomberg ETF analyst Eric Balchunas estimated that the Ethereum ETFs may get 10 to 15% of the assets that their Bitcoin counterparts received. "That would put them at like $5 to $8 billion, which, again, for any normal launch in the first couple of years. That's pretty good."

United States

US Securities Regulator Urges Against Crypto Bill Adoption 39

The U.S. securities regulator on Wednesday urged U.S. lawmakers not to adopt a bill that aims to create a new legal framework for digital currencies, saying it would undermine existing legal precedent and put capital markets at "immeasurable risk." From a report: The U.S. House of Representatives is expected later on Wednesday to take up the Republican-sponsored Financial Innovation and Technology for the 21st Century Act, which would in part determine which agencies have jurisdiction over which digital assets. The bill's supporters in Congress say it will provide regulatory clarity, helping promote the industry's growth.

The legislation faces an uncertain fate in the U.S. Senate but comes as the U.S. Securities and Exchange Commission (SEC) signals that it will likely approve applications for spot ether exchange-trade funds in a surprising boost to the industry. But SEC Chair Gary Gensler said in a statement that the bill "would create new regulatory gaps and undermine decades of precedent regarding the oversight of investment contracts, putting investors and capital markets at immeasurable risk."
Bitcoin

Vitalik Buterin Addresses Threats To Ethereum's Decentralization In New Blog Post (theblock.co) 26

In a new blog post, Ethereum co-founder Vitalik Buterin has shared his thoughts on three issues core to Ethereum's decentralization: MEV, liquid staking, and the hardware requirements of nodes. The Block reports: In his post, published on May 17, Buterin first addresses the issue of MEV, or the financial gain that sophisticated node operators can capture by reordering the transactions within a block. Buterin characterizes the two approaches to MEV as "minimization" (reducing MEV through smart protocol design, such as CowSwap) and "quarantining" (attempting to reduce or eliminate MEV altogether through in-protocol techniques). While MEV quarantining seems like an alluring option, Buterin notes that the prospect comes with some centralization risks. "If builders have the power to exclude transactions from a block entirely, there are attacks that can quite easily arise," Buterin noted. However, Buterin championed the builders working on MEV quarantining through concepts like transaction inclusion lists, which "take away the builder's ability to push transactions out of the block entirely." "I think ideas in this direction - really pushing the quarantine box to be as small as possible - are really interesting, and I'm in favor of going in that direction," Buterin concluded.

Buterin also addressed the relatively low number of solo Ethereum stakers, as most stakers choose to stake with a staking provider, either a centralized offering like Coinbase or a decentralized offering like Lido or RocketPool, given the complexity, hardware requirement, and 32 eth minimum needed to operate an Ethereum node solo. While Buterin acknowledges the progress being made to reduce the cost and complexity around running a solo node, he also noted "once again there is more that we could do," perhaps through reducing the time to withdraw staked ether or reducing the 32 eth minimum requirement to become a solo staker. "Incorrect answers could lead Ethereum down a path of centralization and 're-creating the traditional financial system with extra steps'; correct answers could create a shining example of a successful ecosystem with a wide and diverse set of solo stakers and highly decentralized staking pools," Buterin wrote. [...]

Buterin finished his post by imploring the Ethereum ecosystem to tackle the hard questions rather than shy away from them. "...We should have deep respect for the properties that make Ethereum unique, and continue to work to maintain and improve on those properties as Ethereum scales," Buterin wrote. Buterin added today, in a post on X, that he was pleased to see civil debate among community members. "I'm really proud that ethereum does not have any culture of trying to prevent people from speaking their minds, even when they have very negative feelings toward major things in the protocol or ecosystem. Some wave the ideal of 'open discourse' as a flag, some take it seriously," Buterin wrote.

Bitcoin

Self-Proclaimed Bitcoin Inventor Lied 'Repeatedly' To Support Claim, Says UK Judge (reuters.com) 33

An Australian computer scientist who claimed he invented bitcoin lied "extensively and repeatedly" and forged documents "on a grand scale" to support his false claim, a judge at London's High Court ruled on Monday. From a report: [...] Judge James Mellor ruled in March that the evidence Craig Wright was not Satoshi was "overwhelming", after a trial in a case brought by the Crypto Open Patent Alliance (COPA) to stop Wright suing bitcoin developers. Mellor gave reasons for his conclusions on Monday, stating in a written ruling: "Dr Wright presents himself as an extremely clever person. However, in my judgment, he is not nearly as clever as he thinks he is." The judge added: "All his lies and forged documents were in support of his biggest lie: his claim to be Satoshi Nakamoto."
IT

Wallet Recovery Firms Buzz as Locked-out Crypto Investors Panic in Bitcoin Boom (reuters.com) 35

The recent surge in bitcoin prices has the phones at crypto wallet recovery firms ringing off the hook, as retail investors locked out of their digital vaults make frantic calls to regain access to their accounts. From a report: Cryptocurrencies exist on a decentralized digital ledger known as blockchain and investors may opt to access their holdings either through a locally stored software wallet or a hardware wallet, to avoid risks related to owning crypto with an exchange, as in the case of the former FTX. Losing access to a crypto wallet is a well-known problem. Investors forgetting their intricate passwords is a primary reason, but loss of access to two-factor authentication devices, unexpected shutdowns of cryptocurrency exchanges and cyberattacks are also common.

Wallet passwords are usually alphanumeric and the wallet provider also offers a set of randomized words, known as "seed phrases," for additional security - both these are known only to the user. If investors lose the passwords and phrases, access to their wallets is cut off. With bitcoin prices regaining traction since last October and hitting a record high of $73,803.25 in March, investors seem to be suffering from a classic case of FOMO, or the fear of missing out. Reuters spoke to nearly a dozen retail investors who had lost access to their crypto wallets. Six of them contacted a recovery services firm and managed to regain access to their holdings.

Bitcoin

MIT Students Stole $25 Million In Seconds By Exploiting ETH Blockchain Bug, DOJ Says (arstechnica.com) 112

An anonymous reader quotes a report from Ars Technica: Within approximately 12 seconds, two highly educated brothers allegedly stole $25 million by tampering with the ethereum blockchain in a never-before-seen cryptocurrency scheme, according to an indictment that the US Department of Justice unsealed Wednesday. In a DOJ press release, US Attorney Damian Williams said the scheme was so sophisticated that it "calls the very integrity of the blockchain into question."

"The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of ethereum users across the globe," Williams said. "And once they put their plan into action, their heist only took 12 seconds to complete." Anton, 24, and James Peraire-Bueno, 28, were arrested Tuesday, charged with conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering. Each brother faces "a maximum penalty of 20 years in prison for each count," the DOJ said. The indictment goes into detail explaining that the scheme allegedly worked by exploiting the ethereum blockchain in the moments after a transaction was conducted but before the transaction was added to the blockchain.
To uncover the scheme, the special agent in charge, Thomas Fattorusso of the IRS Criminal Investigation (IRS-CI) New York Field Office, said that investigators "simply followed the money."

"Regardless of the complexity of the case, we continue to lead the effort in financial criminal investigations with cutting-edge technology and good-ol'-fashioned investigative work, on and off the blockchain," Fattorusso said.
Bitcoin

'Roaring Kitty' Trader Returns, Causing GameStop Shares To Jump More Than 70% (cbsnews.com) 33

GameStop shares surged over 72% on Monday after Keith Gill, also known as "Roaring Kitty," returned to social media following a three-year hiatus. Gill gained notoriety for his role in the 2020 meme stock frenzy, where he encouraged amateur investors to buy GameStop shares, significantly driving up the stock price and challenging hedge funds. From a report: He resurfaced on X, Sunday night, with an image of a sketched man leaning forward in a chair, marking the end of a roughly three-year hiatus. He followed that post with several others featuring various comeback-themed videos featuring movie clips and charged music.

GameStop had experienced declining sales amid an industrywide pivot from game cartridges to video game streaming and digital downloads, but with the help from meme stock investors, last March the company turned its first profit in two years. Before then, the company had posted seven straight quarterly losses. This January, GameStop reported its first annual profit since 2018. Roaring Kitty's post helped bump GameStop's share price to $28.25 on Monday. GameStop's all-time high stock price is $120.75 in January 2021.

Bitcoin

FTX Customers Poised to Recover All Funds Lost in Collapse (nytimes.com) 44

Lawyers for the defunct cryptocurrency exchange FTX said customers would receive all the money they lost when the firm collapsed in 2022 and receive interest on top of it. "But the recoveries come with a caveat," reports the New York Times. "The amount owed to customers was calculated based on the value of their holdings at the time of FTX's bankruptcy in November 2022. That means customers won't reap the benefits of a recent surge in the crypto market that sent the price of Bitcoin to a record high." From the report: The announcement was a landmark in the attempt to recover the $8 billion in customer assets that disappeared when FTX imploded virtually overnight, setting off a crisis in the crypto industry. Under a plan filed in federal bankruptcy court in Delaware, virtually all FTX's creditors, including hundreds of thousands of ordinary investors who used the exchange to buy and sell cryptocurrencies, would receive cash payments equivalent to 118 percent of the assets they had stored on FTX, the lawyers said. Those payments would flow from a pool of assets that FTX's lawyers have pulled together in the 17 months since the exchange collapsed, the lawyers said. [...] It will take months for the payouts to begin. The plan must be approved by the federal judge overseeing FTX's bankruptcy, John T. Dorsey.
Bitcoin

Jack Dorsey's Block Is Investing 10% Of Its Bitcoin Profits Into Monthly Bitcoin Purchases (bitcoinist.com) 17

An anonymous reader shared this report from the blog Bitcoinist: Jack Dorsey's financial services and digital payments company, Block Inc., announced it will begin investing 10% of its monthly Bitcoin-related gross profits into BTC purchases. This announcement was made following the release of Block's first-quarter earnings for 2024, which demonstrated substantial profits from its Bitcoin operations.

Block reported Bitcoin-related gross profits amounting to $80 million in the first quarter alone. If this trend continues, the implementation of the new dollar cost averaging (DCA) program could see the company investing approximately $24 million in Bitcoin within one year... Dorsey also shared a detailed document [PDF] titled "Bitcoin Blueprint For Corporate Balance Sheets," which serves as a comprehensive guide for other corporations interested in integrating BTC into their financial strategies.

According to the document, Block, formerly known as Square, began its substantial acquisitions in October 2020, purchasing 4,709 BTC at an aggregate price of $50 million. The company later bought an additional 3,318 BTC in February 2021 for $170 million. As of March 31, 2024, Block holds approximately 8,038 BTC, representing about 9% of its total cash and marketable securities.

Bitcoin

Binance Founder Changpeng Zhao Sentenced To 4 Months In Prison (cnbc.com) 9

Binance founder Changpeng Zhao has been sentenced to four months in prison after pleading guilty to charges related to enabling money laundering through his cryptocurrency exchange. CNBC reports: The sentence handed down to Zhao in Seattle federal court was significantly less than the three years that federal prosecutors had been seeking for him. The defense had asked for five months of probation. The sentencing guidelines called for a prison term of 12 to 18 months. In November, Zhao struck a deal with the U.S. government to resolve a multiyear investigation into Binance, the world's largest cryptocurrency exchange. As part of the settlement, Zhao stepped down as the company's CEO.

Zhao, who wore a dark navy suit with a light blue tie to court, is accused of willfully failing to implement an effective anti-money laundering program as required by the Bank Secrecy Act, and of allowing Binance to process transactions involving proceeds of unlawful activity, including between Americans and individuals in sanctions jurisdictions. The U.S. ordered Binance to pay $4.3 billion in fines and forfeiture. Zhao agreed to pay a $50 million fine.

Security

Change Healthcare Hackers Broke In Using Stolen Credentials, No MFA (techcrunch.com) 24

An anonymous reader quotes a report from TechCrunch: The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company's systems that weren't protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG). UnitedHealth CEO Andrew Witty provided the written testimony ahead of a House subcommittee hearing on Wednesday into the February ransomware attack that caused months of disruption across the U.S. healthcare system. This is the first time the health insurance giant has given an assessment of how hackers broke into Change Healthcare's systems, during which massive amounts of health data were exfiltrated from its systems. UnitedHealth said last week that the hackers stole health data on a "substantial proportion of people in America."

According to Witty's testimony, the criminal hackers "used compromised credentials to remotely access a Change Healthcare Citrix portal." Organizations like Change use Citrix software to let employees access their work computers remotely on their internal networks. Witty did not elaborate on how the credentials were stolen. However, Witty did say the portal "did not have multifactor authentication," which is a basic security feature that prevents the misuse of stolen passwords by requiring a second code sent to an employee's trusted device, such as their phone. It's not known why Change did not set up multifactor authentication on this system, but this will likely become a focus for investigators trying to understand potential deficiencies in the insurer's systems. "Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data," said Witty. Witty said the hackers deployed ransomware nine days later on February 21, prompting the health giant to shut down its network to contain the breach.
Last week, the medical firm admitted that it paid the ransomware hackers roughly $22 million via bitcoin.

Meanwhile, UnitedHealth said the total costs associated with the ransomware attack amounted to $872 million. "The remediation efforts spent on the attack are ongoing, so the total costs related to business disruption and repairs are likely to exceed $1 billion over time, potentially including the reported $22 million payment made [to the hackers]," notes The Register.
Biotech

Tether Buys $200 Million Majority Stake In Brain-Computer Interface Company (coindesk.com) 14

Crypto company Tether announced Monday that it has invested $200 million to acquire a majority stake in brain-computer interface company Blackrock Neurotech via its venture capital division Tether Evo. [The firm is not related to the asset management giant BlackRock.] CoinDesk reports: Blackrock Neurotech develops medical devices that are powered by brain signals and aims to help people impacted by paralysis and neurological disorders. The investment will fund the roll-out and commercialization of the medical devices and also for research and development purposes, the press release said. Tether is the company behind USDT, the largest stablecoin with a market cap of $110 billion. Recently, Tether established four divisions to expand beyond stablecoin issuance. "Tether has long believed in nurturing emerging technologies that have transformative capabilities, and the Brain-Computer-Interfaces of Blackrock Neurotech have the potential to open new realms of communication, rehabilitation, and cognitive enhancement," Paolo Ardoino, CEO of Tether, said in a statement.
Bitcoin

Stripe To Start Taking Crypto Payments, Starting With USDC Stablecoin (techcrunch.com) 9

Fintech giant Stripe announced on Thursday that it would let customers accept cryptocurrency payments, starting with USDC stablecoins, initially only on Solana, Ethereum and Polygon. TechCrunch reports: This will be the first time that Stripe has taken crypto payments since 2018, when it dropped support for Bitcoin due to it being too unstable. Stripe in 2022 tried its first reentry into the crypto market when it announced payouts (but not payments) in USDC, with Twitter as its marquee customer for the service. Thursday's news has no customer names attached to it.

On Wednesday the company unveiled a long list of other launches, the most significant update being that Stripe, for the very first time, would let customers integrate competing payment providers with Stripe's other financial services tooling. Thursday's nod to expanding crypto support is also part of that bigger strategy to open up its walled garden. A brief timeline of Stripe's dance with crypto underscores the tricky line that Stripe has walked over the years when it comes to cryptocurrency. True to its disruptive roots as a fintech, the company has wanted to be in the middle of the conversation around how blockchain-based technologies will affect financial services. But it runs the risk of subverting its bigger business and positioning as a stable and sensible financial powerhouse if it dabbles too deeply or for too long in periods of instability. The company processed $1 trillion in transactions last year, and it's still growing; it is currently worth $65 billion on paper.

Security

Change Healthcare Finally Admits It Paid Ransomware Hackers (wired.com) 29

Andy Greenberg reports via Wired: More than two months after the start of a ransomware debacle whose impact ranks among the worst in the history of cybersecurity, the medical firm Change Healthcare finally confirmed what cybercriminals, security researchers, and Bitcoin's blockchain had already made all too clear: that it did indeed pay a ransom to the hackers who targeted the company in February. And yet, it still faces the risk of losing vast amounts of customers' sensitive medical data. In a statement sent to WIRED and other news outlets on Monday evening, Change Healthcare wrote that it paid a ransom to a cybercriminal group extorting the company, a hacker gang known as AlphV or BlackCat. "A ransom was paid as part of the company's commitment to do all it could to protect patient data from disclosure," the statement reads. The company's belated admission of that payment accompanied a new post on its website where it warns that the hackers may have stolen health-related data that would "cover a substantial proportion of people in America."

Cybersecurity and cryptocurrency researchers told WIRED last month that Change Healthcare appeared to have paid that ransom on March 1, pointing to a transaction of 350 bitcoins or roughly $22 million sent into a crypto wallet associated with the AlphV hackers. That transaction was first highlighted in a message on a Russian cybercriminal forum known as RAMP, where one of AlphV's allegedly jilted partners complained that they hadn't received their cut of Change Healthcare's payment. However, for weeks following that transaction, which was publicly visible on Bitcoin's blockchain and which both security firm Recorded Future and blockchain analysis firm TRM Labs told WIRED had been received by AlphV, Change Healthcare repeatedly declined to confirm that it had paid the ransom.

Change Healthcare's confirmation of that extortion payment puts new weight behind the cybersecurity industry's fears that the attack -- and the profit AlphV extracted from it -- will lead ransomware gangs to further target health care companies. "It 100 percent encourages other actors to target health care organizations," Jon DiMaggio, a researcher with cybersecurity firm Analyst1 who focuses on ransomware, told WIRED at the time the transaction was first spotted in March. "And it's one of the industries we don't want ransomware actors to target -- especially when it affects hospitals." Compounding the situation, a conflict between hackers in the ransomware ecosystem has led to a second ransomware group claiming to possess Change Healthcare's stolen data and threatening to sell it to the highest bidder on the dark web. Earlier this month that second group, known as RansomHub, sent WIRED alleged samples of the stolen data that appeared to come from Change Healthcare's network, including patient records and a contract with another health care company.

The Almighty Buck

How a Renewable Energy-Powered Bitcoin Startup Helps Electrify Rural Africa (cnbc.com) 66

CNBC visited a small group of bitcoin miners who "set up shop at the site of an extinct volcano" near Kenya's Hell's Gate National Park.

Their mine "consists of a single 500-kilowatt mobile container that, from the outside, looks like a small residential trailer." But what's more interesting is it's operated by a startup called Gridless. (According to its web site Gridless "designs, builds, and operates bitcoin mining sites alongside small-scale renewable energy producers in rural Africa where excess energy is not utilized...") Backed by Jack Dorsey's Block, Gridless electrifies its machines with a mix of solar power and the stranded, wasted energy from a nearby geothermal site. It's one of six mines run by the company in Kenya, Malawi and Zambia, powered by a mix of renewable inputs and working toward a broader mission of securing and decentralizing the bitcoin network... In early 2022, [the three Gridless co-founders] began brainstorming creative solutions for the divide between power generation and capacity, and the lack of access to electricity in Africa. They landed on the idea of bitcoin mining, which could potentially solve a big problem for renewable energy developers by taking their stranded power and spreading it to other parts of the continent.

In Africa, 43% of the population, or roughly 600 million people, lack access to electricity.... Africa is home to an estimated 10 terawatts of solar capacity, 350 gigawatts of hydro and another 110 gigawatts of wind. Some of this renewable energy is being harnessed already, but a lot isn't because building the specialized infrastructure to capture it is expensive. Even with 60% of the best solar resources globally, Africa only has 1% of installed solar PV capacity.

Enter bitcoin miners.

Bitcoin gets a bad rap for the amount of energy it consumes, but it can also help unlock these trapped renewable sources of power. Miners are essentially energy buyers, and co-locating with renewables creates a financial incentive to bolster production. "As often happens, you'll have an overage of power during the day or even at night, and there's nobody to soak that power up," said Hersman. He said his company's 50-kilowatt mining container can "take up whatever is extra throughout the day...." Demand from bitcoin miners on these semi-stranded assets is making renewables in Africa economically viable. The power supplier benefits from selling energy that previously had been discarded, while the energy plants will sometimes lower costs for the customer. At one of the Gridless pilot sites in Kenya, the hydro plant dropped the price of power from 35 cents per kilowatt hour to 25 cents per kWh.

The buildout of capacity is also electrifying households. Gridless says its sites have powered 1,200 houses in Zambia, 1,800 in Malawi and 5,000 in Kenya. The company's mines also have delivered power for containerized cold storage for local farmers, battery charging stations for electric motorcycles and public WiFi points.

Slashdot Top Deals