Monat: Juli 2024

• The 2FA app Authy breach exposed 33 million phone numbers, posing phishing attack risks.
• No accounts have been compromised yet.
• Twilio has already secured the endpoint and improved app security.

On July 1, 2024, Twilio, the developer behind the popular two-factor authentication (2FA) app Authy, disclosed a data breach affecting user phone numbers.

While the accounts themselves were not compromised, the exposure of phone numbers poses a significant risk of phishing and smishing attacks.

Details of the Authy data breach

In a security alert issued by Twilio, it was revealed that hackers had gained access to the Authy Android app database through an “unauthenticated endpoint.”

The breach allowed attackers to identify data associated with user accounts, including phone numbers.

Despite this, Twilio assured users that their accounts were not compromised and that authentication credentials remained secure.

However, the exposed phone numbers could be exploited for phishing and smishing attacks, prompting Twilio to urge users to remain cautious and aware of suspicious texts they might receive.

Authy, widely used by centralized exchanges like Gemini and Crypto.com for 2FA, generates codes on user devices for secure access to sensitive tasks such as withdrawals and transfers. Coinbase and Binance also allow the app as an option. It is often compared to Google Authenticator, serving a similar purpose in enhancing digital security.

Following the breach, Twilio secured the compromised endpoint and released an updated app version with improved security measures. The company emphasized that there was no evidence of attackers gaining access to Twilio’s systems or other sensitive data.

Implications of the 2FA app security breach

The Authy breach underscores the persistent threat posed by cybercriminal groups like ShinyHunters, reportedly responsible for the attack.

Known for high-profile breaches, including the 2021 AT&T data breach affecting 51 million customers, ShinyHunters leaked a text file containing 33 million phone numbers registered with Authy.

This breach serves as a stark reminder of the vulnerabilities in even the most trusted security applications.

Authenticator apps like Authy and Google Authenticator were developed to counter SIM swap attacks — a prevalent social engineering tactic where attackers trick phone companies into transferring a user’s phone number to the attacker. This allows them to receive 2FA codes intended for the legitimate user.

Despite these apps’ security advantages, this recent breach highlights that no system is entirely foolproof.

To mitigate the risks associated with such breaches, users are advised to adopt multi-layered security measures. This includes regularly updating authentication apps, enabling app-based rather than SMS-based 2FA, and remaining vigilant against phishing attempts.

Additionally, users could consider using hardware security keys for an added layer of protection.

The post 2FA app Authy data breach exposes 33M users to potential phishing attacks appeared first on CoinJournal.

• Kamala Horris (KAMA) meme coin was up 322% in the past 24 hours.
• Polymarket traders see odds of Biden dropping out from the race as high as 80%.
• Jeo Boden meme coin has dropped nearly 40% in the past 24 hours.

Kamala Horris (KAMA), a meme coin inspired by current US vice president Kamala Harris, has skyrocketed more than 320% in the past 24 hours.

The staggering gains for the meme coin come amid growing belief that President Joe Biden could drop out of this years’ US election.

On June 27, the first presidential debate between Joe Biden and Donald Trump took place. While the Trump team left the stage upbeat, most of the Democratic Party’s base felt Biden had been a disaster. Almost immediately, calls for the incumbent to step aside to allow for a replacement began to surface.

Although VP Kamala Harris has not officially commented on the matter or been publicly endorsed by the inside circle at White House, the market is factoring this possibility.

That’s why a political meme coin linked to the VP went parabolic on Wednesday. In this case, reports suggest that Biden is aware of the nosedive his chance of winning has taken since the debate.

Will Biden drop out?

According to Polymarket data, traders have catapulted bets on the odds that Biden drops out to over 60%. Traders on Polymarket see a 43% Kamala Harris becomes the Democratic nominie, ahead of Biden’s 36% and Gavin Newson at 7%.

This outlook coincides with the massive upside move for Kamala Horris (KAMA). CoinGecko data shows the meme coin is up 322% to $0.01588 at the time of writing. Earlier in the day, KAMA token reached highs of $0.01852.

While KAMA appears to be soaring, “Ruburt F Kenidy Jr” (KENIDY) has slumped more than 30% in the past 24 hours. Jeo BODEN (BODEN), on the other hand, is down 37% in the past 24 hours and over 79% down this past week.

The post Kamala Horris (KAMA) skyrockets as traders bet on Biden dropping out appeared first on CoinJournal.

The clock is ticking for Student Coin holders. The STC Wallet users have less than three months to redeem their tokens. The redemption process was launched on April 9 this year, with several stages scheduled for a total of five years.

The first and second deadlines for redeeming tokens within the STC wallet (automatically) and through centralized exchanges have already passed in June. The third stage, set to end on October 9, 2024, involves submitting a Redemption Request and requires direct contact with the Student Coin team. The final phase, which will continue until April 9, 2029, allows users to sell their tokens on-chain.

What is Student Coin, and why is it shutting down?

Student Coin was launched in 2019 by a group of students from Kozminski University, a Polish business school. The project’s primary purpose was to explore blockchain capabilities and inspire academia to embrace crypto technologies. The experiment proved a success and led to further initiatives, including creating the STC Wallet, launching the STC Academy, and, finally, establishing Coinpaper.com, currently one of the leading crypto news portals.

After a period of rapid growth and impressive valuations, the STC token faced a challenging environment. Economic turmoil, industry scandals, and regulatory uncertainty dampened its momentum. Despite navigating these stormy waters, the Student Coin team remained dedicated. They launched new initiatives, refined existing products, and prioritized user protection during major crypto collapses like Luna, UST, FTX, Genesis, and Celsius.

However, keeping the best interests of the community at heart, the Student Coin team has made the difficult decision to sunset the STC token and related projects, including the STC Terminal, STC University, and others.

STC Token Price Chart, source: StudentCoin.org

After winding down the STC ecosystem, the team shifted its attention to developing new projects, with a special focus on Coinpaper. The crypto news outlet has been experiencing significant growth, with an impressive monthly user increase rate of nearly 19.75%, suggesting a bright future ahead.

How to stay informed about the STC redemption process?

Throughout the project, the STC team prioritized transparency and responsible approach to handling user funds. Users can stay informed about the developments of the redemption process by following the project’s website StudentCoin.org and Twitter. The team maintains direct contact with followers and posts frequent updates.

According to recent announcements, 82,86% of the STC total supply and 100% of the tokens held by the team have already been burned. Additionally, between May 30 and June 15, the tokens were delisted from KuCoin, ProBit Global, HitBTC, and all remaining centralized exchanges. The project also closed its Telegram chat.

The team has been continuously reminding users about deadlines for STC redemption stages and helping them navigate the process. The redemption prices range between $0.006 and $0.0137 per token and vary based on particular accounts’ purchase history and activity. This approach aims to reward loyal users, long-term holders, Premium Program members, and direct purchases via STC Wallet.

How can I redeem my STC tokens?

The manual STC Wallet Redemption via OTC Redemption request, available until October 9, 2024, requires undergoing KYC/KYB procedures and AML checks, as well as submitting documents that prove the source of funds and source of wealth. You can find more details at StudentCoin.org.

The last and longest-lasting redemption option, available until 9 April 2029, involves an on-chain operation and allows two approaches:

– Uniswap V3 to USDC transaction,

– on-chain burn procedure.

The Uniswap transaction is recommended for low STC volumes due to security reasons and possible liquidity limitations. It involves depositing tokens into a Metamask wallet and converting them to USDC through a relevant pool at Uniswap decentralized exchange.

As an alternative, recommended for larger amounts, you can use an on-chain burn procedure by simply sending all your STC tokens to the burn address https://etherscan.io/address/0x000000000000000000000000000000000000dead directly from your self-custody wallet. In return, you’ll receive an adequate value in USDC transferred to you by the STC team. You can read the full procedure at studentcoin.org.

The process is fully transparent, as all blockchain transactions are visible. Once the deadline has passed, all STC tokens will be burned anyway. The maximum waiting time for a refund in the case of an on-chain burn procedure is three months.

The post Less Than Three Months Left For STC Wallet Users To Redeem Their Tokens appeared first on CoinJournal.