Head of BitConnect Asia Arrested in Delhi

Avi Rosten

In another twist in the saga of Asian cryptocurrency scams, the alleged head of operations for the failed cryptocurrency BitConnect has been arrested in Delhi.

Arriving in Delhi Aiport on Saturday, August 18th, local media report that Divyesh Darji, a vocal promoter of the BitConnect platform and coin, was detained by immigration officials.

Gaining enormous popularity in December 2016 with the launch of its initial coin offering, Bitconnect saw its market-cap reach an enormous $2.6bn, before being exposed as little more than a Ponzi scheme and the largest scam in the cryptocurrency industry.

With the value of the coin collapsing in January 2017, Darji was a notable proponent of Bitconnect in India and Asia more broadly, and was linked to several scandals including the alleged extortion of 2,000 bitcoin from investors in the ill-fated Bitconnect coin.

Police reported that 169 bitcoins and 8kg of gold were seized as part of the investigation, and in a statement to the Times of India, Ashish Bhatia of Gujurat CID explained:

The company was registered in the UK and had an office in Surat. They launched their own ‘bitconnect coins’ soon after demonetization. They promoted the company on social media and by holding gala functions in cities across the world. They lured investors with 60% monthly interest, and incentives in the form of ‘referral interest.

With the BitConnect project gaining substantial traction in the Indian market, the collapse and exposure of the scheme led to significant disenchantment with cryptocurrencies in general in the country.

While Asian scams seemingly continue apace - with three Chinese citizens arrested today in the latest scam to plague the continent - many will hope that this latest arrest attests to authorities’ growing efforts to clamp down.

 

Featured Image Credit: "Scam" by "Nick Youngson" via Alpha Stock Images; licensed under "CC BY 3.0"

Kraken Unveils Potential Attacks Against Ledger Nano X Hardware Wallet

Kraken Security Labs, the cybersecurity division of the popular cryptocurrency exchange Kraken, has unveiled two potential attacks against the Ledger Nano X hardware wallet, which have now been patched.

The attacks, according to Kraken’s cybersecurity arm, could see bad actors get access to victims’ computers, and use said access to install malware that would allow them to steal their cryptocurrency holdings.

The first attack, named Bad Ledger, would require the hacker to first tamper with the device before it was sold to the victim – something that can happen if the victim buys a Ledger from a seller on eBay, for example – to add a protocol that behaves like a keyword and can send malicious keystrokes to the victim’s computer.

In a video Kraken shared, cybersecurity experts use an infected Ledger Nano X to open their website on a computer.

The second attack, dubbed Blind Ledger, could see hackers run malicious code on a non-secure processor to turn off the Ledger Wallet’s display, even if the device was running on its battery. They could then use social engineering to convince a victim top press several buttons to trigger a transaction that would move the funds to the hacker’s address.

As the display would be disabled, the victim could not check the transaction was being sent to that wallet. To stay safe, Kraken recommends users only buy Ledger devices from trusted stores, always verify transactions on the Ledger Now wallet, and be wary of the devices acts strangely.

Ledger, in response to Kraken’s findings, upgraded its firmware to protect its users against these attacks.

Featured image by Alejandro Escamilla on Unsplash