If you're having a bad day, at least you didn't accidentally lose $38 million dollars in crypto

In what will probably go down in history as one of the biggest blunders of the 2020's, Prime Trust has revealed in court bankruptcy filings that it accidentally lost access to over $38 million in crypto.

In the filing, Prime Trust unveils a series of extremely unfortunate steps which resulted in the loss of all access to "Wallet 98f", including the loss of access to the hardware wallet as well as backup seed phrases.

According to court filings, "The Company used a seed storage system provided by 'Cryptosteel' (the 'Cryptosteel Hardware' and, together with the Hardware Devices, the 'Wallet Access Devices'), which allows physical storage of a copy of the seed phrases on extremely durable hardware. This provides a method of storing seed phrases that is generally believed to be safer than storing seed phrases on paper hard copy, images, or pictures." In other words, they laser engraved the seed phrases onto a piece of metal, because apparently that's somehow safer, and surely nobody is going to throw away a random piece of metal they find that looks like a bunch of jibberish and was probably just somebody testing out their laser engraver.

Apparently Wallet 98f was a "legacy" wallet which wasn't supposed to be used anymore, but was still being used for customer deposits. As such, it's highly likely that Prime Trust probably discarded the "Wallet Access Devices" when they thought they were no longer needed. Because that would probably be in line with how the rest of this has played out.

So, it's possible that somewhere in a Nevada landfill, is a piece of metal with a bunch of jibberish words engraved on it, worth $38 million.

For reference, here's a photo of one of these devices, from the court filings.

So, who wants to join me in a treasure hunt in Nevada? All we need to do is identify which landfill these seed keys went to, and start digging! Rumor has it, American Pickers are already on their way.

Ken is a cybersecurity professional with over 15 years experience. All opinions are his own, and do not reflect those of his employer or his clients.

Moving Beyond Web3 - How Peer-to-Peer and Personal Branding is the Future of Communication

Commonly I see Web3 being associated with decentralized finance, blockchain, cryptocurrency, and NFTs. And while that's likely an excellent example of Web3, that's not what Web3 truly is at its core. Web3 is much more than that. Web3 is a true information revolution, laying the foundations for Web4. I had a great conversation last night with the Diamond Hand Media Group about this concept, and thought I'd go a little more in-depth here.

Let's step in the time machine for a moment and go through the history of the web. And I, being older than the Internet, can happily step you through.

Web1 - Static websites, news sites, email. Everybody paid per minute for access to the web. Sign on, find what you need, sign off so you don't get charged extra.

Web1.5 - This is when the potential of the web started to take shape. We added in chat rooms, instant messaging, and forums. Geocities let us even publish our own (limited) webpages! And now, unlimited internet access!  Suddenly, the world got a little bit smaller, as we started to communicate across the globe.

Web2 - Behold, broadband and social media! YouTube, Myspace, and eventually Facebook and Twitter! Blogs also started to rapidly grow, and the redistribution of content creation from commercial publishers to users started to take shape. But unfortunately, commercial publishers looked to continue controlling the narrative, continue controlling the audience, continue controlling the message. Everything is still centrally managed and owned by a select few companies, and social media "networks" aren't actually networks at all, but distribution hubs. One-way live streams of audio and video start to take off, because we actually have the internet connection speeds to support this type of content.

Web2.5 - Gnutella, Limewire, and other filesharing networks enter the stage, and early peer-to-peer distributed computing is born.

Web3 - Distributed finance, distributed content, distributed knowledge. Through blockchain, crypto, and NFTs, "digital ownership" can be established for assets, and distributed finance can allow for digital currency transactions without the need for a bank or the Federal reserve. For content creation, anyone can create content and share with others, and even have multi-party livestream audio and video sessions. No longer are we locked into getting our news and information from publishers, but instead shared directly person-to-person. But this person-to-person sharing is still limited to rely on distribution hubs such as social media networks, and even when using a network such as Mastodon (which could arguably be considered Web3.5), users still rely on a centralized hub to connect. Love him or hate him, the effects of this concept of direct person-to-person information sharing are now showing through Tucker Carlson's announcement of his own show on Twitter, and the massive reach this announcement has achieved. Carlson is now, on his own, likely going to get just as many if not more viewers on his own personal show than he did through Fox News. What we're now seeing is a shift from "trusted sources" such as news outlets to "trusted voices" such as the personalities we once saw on those news outlets. Those trusted voices will become the face of those organizations, and the reason people trust those sources - not because of the company name and the people behind it, but because of the people in front of it! This shift is why I've started focusing more on my own personal brand in the cybersecurity community, in addition to helping grow the brand of the fantastic company I'm working for. Only by moving in front of the brand instead of hiding behind it, can I be considered a "trusted voice" and help that company brand grow.

While distributed finance without a central bank sounds great in theory, it's still difficult to implement. Many would argue that cryptocurrency's potential downfall is the now heavy reliance on crypto exchanges which are now going bankrupt, and in the process resulting in significant reductions in the value of crypto currencies.

Some of you might be too young to remember the dot com bubble burst. There was a lot of speculation, a lot of investing in companies which never should have been invested in, but all a company had to do to get investors was talk about how they were going to revolutionize their industry through the internet. The result of course was extreme overvalue of the companies, and when these companies failed to live up to their promises, the investors lost significant amounts of money.

Bitcoin 5 Year Value - Source: Google

Crypto currency is now facing the aftermath of a similar bubble. The collapse of crypto exchanges is very similar to the dot com bubble burst, in that the exchanges were causing crypto to become extremely overvalued. Unfortunately, with some exchanges still in operation, it's quite possible that this burst hasn't quite finished yet, but only time will tell. Personally, I prefer to invest in much more tangible assets I can directly influence the value of, such as real estate, than investments I have little to no control over. I currently have a wonderful property in Florida that is sitting in an upcoming neighborhood and will absolutely skyrocket in value once I build a house on it. The key here is that I can directly influence the value of the property by improving the property. With crypto currency, or even the stock market for that matter, I am but a bystander at a horse race, hoping that my bet will win. That's not investing in my opinion, that's just gambling. In fact, often I would be better off taking that money to the horse track, because at least at a horse track I know what my odds are of winning, and how much I'll make if I do win.

Full disclosure, I sold all my crypto currencies several years ago when I started to see indicators that the market was in a bubble and about to burst. I'm glad I did, because those investments would today be worth a fraction of what I sold them for. I didn't make much from this, as I only had about a hundred dollars invested anyway. But getting a hundred dollars back is much better than getting only twenty-five. With that said, I believe that crypto currencies are not the future of the web, but blockchain is in fact an important building block for the future of the web, and the true currency of tomorrow - information.

So what's next? What comes after distributed finance, crypto currency and Web3? 

Web3.5 - Artificial intelligence such as ChatGPT will help further pave the road for Web4. Much like the traditional OSI computing "layer" model, information will develop its own layers which ChatGPT will help revolutionize. I'll write further on this in a future blog, but think of information as "raw data" with an accompanying "presentation layer", i.e. formatting, or even illustrations. DALL-E and ChatGPT have the ability to take raw data or concepts and turn them into presentable information, ready for consumption by others. This helps further break down barriers for users by helping build useful content with less time and fewer resources. By the way, the illustration at the beginning of this article was AI generated, though I opted not to have AI write the article. After all, I still take much enjoyment in writing, and I won't let a computer deny me that.

Web4 - The Web4 revolution will remove the content distribution hubs for information. Content will be shared directly with users peer-to-peer. Not only does this create a failsafe redundancy in case a social media outlet goes down, but it also creates the opportunity to operate without censorship. And no, sorry Mark Zuckerberg, but virtual reality "Metaverse" will not be part of the Web4 revolution. The Web4 revolution will focus more on the digitally connected world which is constantly mobile, and until we get better augmented reality glasses to connect to our mobile phones, our digital conversations will remain in the two dimensional world. Don't get me wrong, virtual reality will absolutely play an important part in our lives in the future, but won't be the "virtual Facebook" experience that Zuckerberg is hoping for - because at that point, most content distribution will be peer-to-peer instead of centrally managed. This is also going to shift branding away from corporate branding as trusted sources and more towards personal branding and trusted voices. By building to make yourself a trusted voice now through your own personal branding, you'll be much better positioned to be viewed as an expert in your field with the Web4 transition.

Think of the Web4 content sharing concept like a relay network of walkie-talkies. You broadcast your message on a frequency that others are tuned into, and the recipients of your message then pass on that message to others within their listening area. Eventually your message makes it across the entire network. We could then enhance this communication to include unique signatures through blockchain, ensuring that you were indeed who you say you are, and that your message wasn't tampered with.

The beautiful part of this approach is that it becomes self regulating, and users share their content with other users who want to see that content. If a user doesn't like the content you're distributing, they simply need to block your posts, and in the process block the re-distribution of your content through their network node. Like users will find like users, and corporate censorship will be a thing of the past. Now I know that this causes concerns for illegal content, but I'm quite confident that through the non-repudiation part of the blockchain, law enforcement would be able to successfully find the originator of such content and prosecute accordingly. After all, they were able to shut down Silk Road.

Web3 has absolutely laid the foundation for the distributed communication and information sharing of tomorrow. I find myself more and more interested in ongoing conversations on Discord and Twitter Spaces, and it's fantastic some of the information you can learn just by listening, and the relationships you can build by participating. There are already some applications out there under development for Web4 distributed communication and social network sharing. I've tried them, I love the concept. They're young, they're buggy, they're absolutely not ready for prime time. But I think with a lot of nurturing, and support from the community for such projects, these Web4 applications will begin to shine, and give the power back to the people for sharing information, with Web3.5 helping people build that content for Web4. 

In the meantime, start working on that personal branding and becoming a "trusted voice" - you're going to need it sooner than you think.

Ken is a cybersecurity professional with over 15 years experience. All opinions are his own, and do not reflect those of his employer or clients. I am not a financial advisor, don't use this for investing advice.

Is Quantum Computing the Achilles Heel of Cryptocurrency?

The world of cryptocurrency has experienced explosive growth over the past decade, with Bitcoin and other digital currencies becoming increasingly popular as a means of payment and store of value. However, one of the biggest threats to the future of cryptocurrencies is the emergence of quantum computing.

Quantum computing is a technology that harnesses the power of quantum mechanics to perform calculations exponentially faster than traditional computers. While this is an exciting development with many potential benefits, it also poses a significant risk to the security of cryptocurrencies.

The security of most cryptocurrencies, including Bitcoin, is based on complex mathematical algorithms that are designed to be resistant to attacks from traditional computers. These algorithms are based on the difficulty of solving certain mathematical problems, such as factoring large numbers, which are believed to be computationally infeasible for classical computers. However, quantum computers are able to solve these problems much faster than classical computers, which means that they could potentially be used to break the security of cryptocurrencies.

One of the most significant risks posed by quantum computing is the potential for an attacker to use a quantum computer to perform a so-called "51% attack" on a cryptocurrency network. In a 51% attack, an attacker gains control of more than 50% of the computing power on a network, which allows them to manipulate transactions and potentially double-spend coins. This type of attack is currently difficult to carry out on most cryptocurrencies, but a quantum computer could make it much easier.

Another risk posed by quantum computing is the potential for an attacker to break the cryptography that is used to secure cryptocurrency wallets. Most cryptocurrencies use public-key cryptography, which relies on the difficulty of factoring large numbers. If a quantum computer is able to factor large numbers quickly, it could potentially break the security of these wallets and allow an attacker to steal funds.

There are also concerns that quantum computing could be used to break the cryptography used to secure the Bitcoin blockchain itself. The Bitcoin blockchain is a decentralized ledger that records all transactions on the network. It is secured by a complex cryptographic algorithm known as SHA-256. While this algorithm is currently believed to be secure, it is possible that a quantum computer could be used to break it.

Despite these risks, it is important to note that quantum computing is still in its early stages of development, and it may be several years or even decades before it poses a significant threat to the security of cryptocurrencies. In the meantime, researchers are working to develop new cryptographic algorithms that are resistant to quantum attacks.

In conclusion, while quantum computing represents a major threat to the security of cryptocurrencies, it is important to keep these risks in perspective. Cryptocurrencies have already faced many challenges in their short history, including hacking attacks, regulatory scrutiny, and price volatility. However, they have continued to grow in popularity and adoption, and it is likely that they will continue to do so in the future. As long as developers are able to stay ahead of the curve and develop new security measures to protect against quantum attacks, cryptocurrencies will remain a viable and valuable asset class for years to come.

Ken is a Cybersecurity professional with over 15 years experience. All opinions are his own, and do not reflect those of his employer or clients.

Scams and cryptocurrency can go hand in hand – here’s how they work and what to watch out for

Yaniv Hanoch, University of Southampton and Stacey Wood, Scripps College

When one of our students told us they were going to drop out of college in August 2021, it wasn’t the first time we’d heard of someone ending their studies prematurely.

What was new, though, was the reason. The student had become a victim of a cryptocurrency scam and had lost all their money – including a bank loan – leaving them not just broke, but in debt. The experience was financially and psychologically traumatic, to say the least.

This student, unfortunately, is not alone. Currently there are hundreds of millions of cryptocurrency owners, with estimates predicting further rapid growth. As the number of people owning cryptocurrencies has increased, so has the number of scam victims.

We study behavioral economics and psychology – and recently published a book about the rising problem of fraud, scams and financial abuse. There are reasons why cryptocurrency scams are so prevalent. And there are steps you can take to reduce your chances of becoming a victim.

Crypto takes off

Scams are not a recent phenomenon, with stories about them dating back to biblical times. What has fundamentally changed is the ease by which scammers can reach millions, if not billions, of individuals with a press of a button. The internet and other technologies have simply changed the rules of the game, with cryptocurrencies coming to epitomize the leading edge of these new cybercrime opportunities.

Cryptocurrencies – which are decentralized, digital currencies that use cryptography to create anonymous transactions – were originally driven by “cypherpunks,” individuals concerned with privacy. But they have expanded to capture the minds and pockets of everyday people and criminals alike, especially during the COVID-19 pandemic, when the price of various cryptocurrencies shot up and cryptocurrencies became more mainstream. Scammers capitalized on their popularity. The pandemic also caused a disruption to mainstream business, leading to greater reliance on alternatives such as cryptocurrencies.

A January 2022 report by Chainanalysis, a blockchain data platform, suggests in 2021 close to US$14 billion was scammed from investors using cryptocurrencies.

For example, in 2021, two brothers from South Africa managed to defraud investors of $3.6 billion from a cryptocurrency investment platform. In February 2022, the FBI announced it had arrested a couple who used a fake cryptocurrency platform to defraud investors of another $3.6 billion

You might wonder how they did it.

Fake investments

There are two main types of cryptocurrency scams that tend to target different populations.

One targets cryptocurrency investors, who tend to be active traders holding risky portfolios. They are mostly younger investors, under 35, who earn high incomes, are well educated and work in engineering, finance or IT. In these types of frauds, scammers create fake coins or fake exchanges.

A recent example is SQUID, a cryptocurrency coin named after the TV drama “Squid Game.” After the new coin skyrocketed in price, its creators simply disappeared with the money.

A variation on this scam involves enticing investors to be among the first to purchase a new cryptocurrency – a process called an initial coin offering – with promises of large and fast returns. But unlike the SQUID offering, no coins are ever issued, and would-be investors are left empty-handed. In fact, many initial coin offerings turn out to be fake, but because of the complex and evolving nature of these new coins and technologies, even educated, experienced investors can be fooled.

As with all risky financial ventures, anyone considering buying cryptocurrency should follow the age-old advice to thoroughly research the offer. Who is behind the offering? What is known about the company? Is a white paper, an informational document issued by a company outlining the features of its product, available?

In the SQUID case, one warning sign was that investors who had bought the coins were unable to sell them. The SQUID website was also riddled with grammatical errors, which is typical of many scams.

Shakedown payments

The second basic type of cryptocurrency scam simply uses cryptocurrency as the payment method to transfer funds from victims to scammers. All ages and demographics can be targets. These include ransomware cases, romance scams, computer repair scams, sextortion cases, Ponzi schemes and the like. Scammers are simply capitalizing on the anonymous nature of cryptocurrencies to hide their identities and evade consequences.

In the recent past, scammers would request wire transfers or gift cards to receive money – as they are irreversible, anonymous and untraceable. However, such payment methods do require potential victims to leave their homes, where they might encounter a third party who can intervene and possibly stop them. Crypto, on the other hand, can be purchased from anywhere at any time.

Indeed, Bitcoin has become the most common currency requested in ransomware cases, being demanded in close to 98% of cases. According to the U.K. National Cyber Security Center, sextortion scams often request individuals to pay in Bitcoin and other cryptocurrencies. Romance scams targeting younger adults are increasingly using cryptocurrency as part of the scam.

If someone is asking you to transfer money to them via cryptocurrency, you should see a giant red flag.

The Wild West

In the field of financial exploitation, more work has been done to study and educate elderly scam victims, because of the high levels of vulnerability in this group. Research has identified common traits that make someone especially vulnerable to scam solicitations. They include differences in cognitive ability, education, risk-taking and self-control.

Of course, younger adults can also be vulnerable and indeed are becoming victims, too. There is a clear need to broaden education campaigns to include all age groups, including young, educated, well-off investors. We believe authorities need to step up and employ new methods of protection. For example, the regulations that currently apply to financial advice and products could be extended to the cryptocurrency environment. Data scientists also need to better track and trace fraudulent activities.

Cryptocurrency scams are especially painful because the probability of retrieving lost funds is close to zero. For now, cryptocurrencies have no oversight. They are simply the Wild West of the financial world.

Yaniv Hanoch, Associate Professor in Risk Management, University of Southampton and Stacey Wood, Professor of Psychology, Scripps College

This article is republished from The Conversation under a Creative Commons license. Read the original article.