Connect with us

Security

Nightmare Market Security Breach

M. Ali

Published

on

Nightmare Market had a security breach and it’s users funds were stolen through SQL injection. Nightmare Market is an online darkweb marketplace and is considered the second largest active darknet market, was founded in 2018.

Nightmare marketplace offers a variety of illegal contents such as drugs, stolen data and counterfeit items, all using the Bitcoin, Bitcoin Cash, Monero, Litecoin, Dash, and Zcash cryptocurrencies.

A screenshot of Nightmare Marketplace at the time of writing

The hacker could breach into Nightmare Market through SQL injection and stole unknown amount of cryptocurrencies. Nightmare market disabled all withdrawals and lots of it’s users complained about missing BTC funds.

The hacker posted screenshots of Nightmare Market backend on Dread (Darkweb’s Reddit).

Nightmare Market Admin Section
Nightmare Market sale stats

At the time of writing, Nightmare Market has resumed operation and it’s website is back online.

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at [email protected]

Continue Reading
Advertisement
Comments

Altcoins

IOTA Releases an Updated Wallet To Fix Trinity’s Security Vulnerability

M. Ali

Published

on

By

IOTA Hack

IOTA’s team has released an updated version of it’s own Trinity wallet to fix some serious security vulnerabilities that allowed hackers to exploit Trinity wallet that was released by IOTA last summer. The new updates is available for Trinity Desktop, Android and IOS

Almost all IOTA’s users who have opened any version of Trinity (Desktop or Mobile) since the 17th of December 2019 are affected by this attack. Yet, only 10 wallets were hacked if not more.

A Reddit post about the recent attack

Iota team said that they are working with law enforcement and cybersecurity experts to track down the attackers. Yet, IOTA has revealed very few details about the attack.

A large amount of IOTA tokens have been stolen. The team predicts that $300,000 to $1.2 million worth of IOTA has been stolen so far. According to IOTA’s Team, the hack started on or around 25 January 2020 and that only Trinity Desktop users’ seeds were potentially compromised.

IOTA will implement a KYC procedure involving a third party that will enable all users who had their tokens stolen to reclaim them.

What is IOTA?

IOTA is a free and scaleable transaction settlement and data transfer layer for the Internet of Things (IoT). It is based on a novel distributed ledger technology, the Tangle, which overcomes the inefficiencies of current Blockchain designs and introduces a new way of reaching consensus in a decentralized peer-to-peer system.

IOTA USD price chart for the last 7 days:

Continue Reading

Exchanges

Poloniex Exchange Forces Password Reset After an Alleged Data Leak

June G. Bauer

Published

on

Poloniex data leak

Yesterday, Poloniex cryptocurrency exchange sent an email to some of its users alerting them about a potential security breach after an alleged list containing Poloniex’s users email addresses and passwords was posted on twitter, which could be used by hackers to gain access to their Poloniex accounts.

While almost all of the email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses listed that do have an account with us, including yours.

the exchange wrote in its email notification to the affected users.
A screenshot of Ploniex’s email

It’s unclear how the email addresses and passwords were posted on Twitter in the first place and what percentage of the leaked data contained current data from Poloniex customers. That left many users bewildered whether the leak is real or not.

The daily trading volume on Poloniex exchange is $138,972,143, which makes it within the top 50 cryptocurrency exchanges.

Last November, TRON founder Justin Sun confirmed that he was one of the investors who acquired Poloniex from Circle group.

Continue Reading

Exchanges

Graviex Blames Malicious DDoS Attack After The Exchange Went Offline

June G. Bauer

Published

on

Graviex-Ddos-Attacks

Mysterious attackers have taken down Graviex cryptocurrency exchange over the last couple of days using DDoS (distributed denial-of-service) attacks.

The DDoS attacks took place on Sunday and Monday, December 29 and 30 , and have targeted Graviex’s main exchange website. During the DDoS, attackers successfully managed to overload two of Graviex’s network providers and managed bring down Graviex’ external connections to other ISPs.

The attackers, which appears to actually own a DDoS botnet contacted Graviex’s team demanding ransom payments,but the exchange refused to pay.

At the time of writing, the exchange now appears to be online and fully functional.

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

Continue Reading

Popular