24 Arrested in Turkey for Allegedly Stealing $2.4 Million Worth of Cryptocurrency

Francisco Memoria

Turkish authorities have reportedly recently conducted a nationwide operation that targeted individuals suspected of stealing 13 million Turkish liras, about $2.47 million, worth of cryptocurrency from a company based in Istanbul.

According to local news outlet Daily Sabah, the unnamed Istambul-based cryptocurrency firm filed a report with the police after it found that a “large amount” of their funds stored in bitcoin, ether, and XRP had been stolen.

An investigation conducted by Turkey’s anti-cybercrime units reportedly revealed two of the company’s cryptocurrency wallets had been hacked. The authorities reportedly managed to trace the funds on the blockchain, and ultimately managed to identify suspects, which were coordinating via a popular online game called PlayerUnknown’s Battlegrounds (PUBG).

Police arrested 24 suspects, and raided their addresses. In them, authorities found 54,000 liras in cash, worth about $10,200, and reportedly managed to seize 1.3 million liras ($247,000) worth of cryptocurrency, which were returned to the company.

Per the Daily Sabah two of the arrested suspects were released after the legal procedures were complete, while six were arrested by the Istanbul Courthouse in Çağlayan. 16 were “released on condition of judicial control.”

Turkey is notably a country that has been seeing increased cryptocurrency adoption over its economic woes. As CryptoGlobe pointed out last year, the country’s residents may turn to cryptocurrencies for economic relief, after Turkey’s fiat current plummeted 14% against the US dollar over tariffs imposed by the US.

Local cryptocurrency users have last year revealed they’ve been investing in the crypto ecosystem after losing trust in the traditional financial system. Back in August, Turkey launched its first blockchain research and innovation center.

1.2 Million Ethereum dApps Have Used A Free Security Tool to Prevent Bugs

  • Free crypto security tool from Amberdata has now been used by 1.2 million Ethereum-based decentralized applications (dApps)
  • Researchers at Amberdata use a grading system (from A+ to F) to rate the overall security of apps.

Over 1.2 million Ethereum (ETH)-based decentralized applications (dApps) have reportedly used a security software program, developed by Amerdata (in October 2018), to prevent potential software bugs from adversely affecting their operating systems.

Amberdata’s free security tool may be used to detect vulnerabilities in dApps launched on the Ethereum blockchain. In the past year, vulnerabilities in smart contracts have resulted in huge losses for users - with some accounts losing hundreds of millions of dollars.

High Level Of Code Reuse Between Smart Contracts

As explained on its official website, Amberdata’s automated software scans dApps for the most commonly occurring software bugs (usually found in smart contracts). Based on its findings, the company’s security program assigns a letter grade (A, B, or C) which is used to assess how secure (or insecure) a dApp platform might be.

According to a research report published in early November 2018 (by the University of Maryland), most Ethereum-based smart contracts had been using potentially vulnerable code. Notably, 1.2 million contracts issued on Ethereum were “reduced” by the researchers to 5,877 clusters - as most contained similar code. The research team had said that due to the high level of code reuse between smart contracts, there were chances that even a greater number of such programs contained critical vulnerabilities.

As noted by Shawn Douglass, the CEO at Amberdata, the cybersecurity firm aims to provide "greater access and enhanced visibility into smart contracts.” Douglass remarked:

We hope that by providing these tools to the community, we can reduce outside dependencies and enable the community to develop faster and more safely.

13 Main Types Of Vulnerabilities Searched For In Smart Contracts

Commenting on the 13 different types of vulnerabilities that Amberdata’s software has been programmed to detect, Joanes Espanol, the firm’s CTO, said that each smart contract bug is comparable to “engine lights on [a vehicle’s] dashboard.” Espanol added:

It just means that I need to check what’s going on with the car. Any of these can result in security error.

Elaborating on how Amberdata’s grading system used works, Espanol mentioned that the greater the number of bugs detected in an app, the lower the grade assigned to the app. For instance, a dApp that may have an excessive amount of vulnerabilities might be assigned the letter “F” (lowest grade). Meanwhile, a dApp with zero or almost no vulnerabilities detected could receive a grade of “A+.”

TrueUSD-Related Vulnerabitlies Not "Critical"

In January, security researchers found that stablecoin platform TrueUSD had a potential vulnerability related to its “message call” function. Other issues found earlier this year with TrueUSD included one in its delegate call - which was used to issue smart contracts. Developed by blockchain firm, TrustToken the 1-to-1 USD-backed TrueUSD stablecoin is based on the Ethereum platform. At present, TrueUSD has been assigned a “C” security grade.

However, William Morriss, a security specialist at TrustToken, has claimed that the vulnerabilties were not critical. Morriss also said:

The vulnerabilities that are being reported are not ways in which we can be attacked. We are aware of them and when people bring vulnerabilities to us we treat them very seriously.