Sensitive data of more than 6,000 Web3 users stolen – BitcoinBlog.de – the blog for Bitcoin and other virtual currencies



The Berlin-based identity start-up Fractal ID was recently hacked: the data of more than 6,000 customers was stolen. That’s a shame, because Fractal ID actually offers an exciting product for decentralized finance.

On July 14th of this year, there must have been a stir in Fractal ID’s Berlin office. At 7 a.m., the systems sounded the alarm because they had detected unusual activity on a server. Shortly afterwards, it was clear that it was an attack. The engineers switched off the subsystem to reduce the damage.

But for 6,300 users, about 0.5 percent of all Fractal ID customers, it was already too late. The hackers stole sensitive data. Exactly which data varies from user to user. In the best case, only the name, wallet and email address; in the worst case, the entire program, including postal address and ID scan. A nightmare.

The incident is believed to be a result of a hack in September 2022, in which an “operator” — a customer or service provider of Fractal ID — was infected with malware that was circulating at the time. This malware intercepted a password, and the operator did not change it despite knowing about the incident. Using this password, the hacker was recently able to access internal systems with admin privileges and steal personal data.

Fractal ID has now introduced new security measures, such as more robust login systems and stricter IP controls. But the incident is undoubtedly a serious setback for the startup. As the company itself writes, it is aware that this is “really painful for the users affected” and “also painful for us, as we have a duty to protect users’ data.”

Decentralized identity for decentralized ecosystems

The Berlin-based startup operates as an identity service provider between the old web and the blockchain-based Web3. It offers software that allows users to have their identity verified directly or companies such as stock exchanges or banks to outsource identity verification. Unlike other such providers, however, Fractal ID links the identity with the Web3 of the blockchains.

Users can link their identity to a wallet address. Decentralized applications (Dapps), such as decentralized exchanges, can then query Fractal ID’s database for a wallet address via API. Alternatively, smart contracts can connect to the DID registry to access lists of verified wallet addresses.

Those who believe that the strength of cryptocurrencies lies primarily in the anonymity or pseudonymity of users will vehemently reject such identity solutions. But there are some applications in which there is hardly any way around them; it is not a question of whether, but of how bad it will be.

For example, airdrops that distribute coins, DAOs where users vote, or social Dapps like Common Ground have an interest in not being overrun by sock puppets, bots, and AIs. The “Proof of Personhood” allows Dapps to check whether a user is a unique individual.

Decentralized exchanges that allow trading in so-called “real world assets” – such as government bonds, stocks or other securities – require proof of full verification. These exchanges can use Fractal ID to verify whether a wallet that logs in is verified.

Not perfect, but a huge step forward

In both cases, the Dapp does not access any private data. It only learns that Fractal ID has verified the user and, if necessary and depending on the level of verification, also has this data.

Why should a decentralized exchange know who a user is – if the police or the tax office can find out the identity if necessary? And why should a Dapp check the complete identity to rule out dealing with a bot – if a simple “proof of personhood” is enough?

Fractal ID is certainly not perfect. But it is a huge step forward compared to classic identity processes, where private data, photos, ID scans, names, addresses and so on are stored not just on one server, but on numerous servers, because each exchange and service provider has to collect them themselves.

Above all, Fractal ID seems to be one of the first Web3 identity service providers to have achieved a fairly significant market penetration. The startup works with blockchain ecosystems such as Polygon, Avalanche, Ripple, Near or Manta, as well as with Dapps such as Polytrade, a decentralized exchange for real world assets, or Common Ground, a token-based chat app like Discord or Slack. It would be a shame if the hack were to destroy these achievements.

Comments

Post a Comment

Popular posts from this blog

Zdoc joined us! Check out our news about gambling, cryptocurrencies and casino games

Image
  The Zdoc site has joined us so that our content creation team delivers even more quality to our users. This is great news for GarminExpress, on another stage of growth! Zdoc was a PDF free download professional platform. On our site, you will find a variety of articles and news about casino games, betting, and cryptocurrencies! Our articles are written by industry experts, who provide up-to-date and relevant information on the topics. You will find game reviews, betting strategies, tips for investing in cryptocurrencies, and more. In addition, our site also has a news section, where you will stay up-to-date on the latest news in the world of gambling, betting, and cryptocurrencies. Check out our site and stay up-to-date on everything that happens in the world of gambling, betting, and cryptocurrencies! Here are some examples of articles you might find on our site: How to play blackjack and win money? The best strategies for sports betting How to invest in cryptocurrencies and not los
Read more

XRP Prediction 2028: Will the Cryptocurrency Price Hit $250?

Image
  An XRP price prediction for 2028 has been revealed recently. Will XRP price hit a staggering $250? Despite the price drops and fluctuations, an analyst has shared an epic price prediction for Ripple’s native cryptocurrency, XRP. In a post shared on July 11 on the X app, cryptocurrency expert known as The Great Mattsby highlighted in his analysis that the XRP token is poised for a potential rally that will drive the cryptocurrency’s price to reach $250 in the coming years. The expert based his analysis on technical indicators and XRP’s historical performance. “$XRP at $250 by 2028?? So $XRP at ±60000% aligns with the math of this green angle, which has also been a very important support and resistance angle in the past (highlighted). Proof that it’s not impossible,” the analyst wrote. The crypto expert also noted that “XRP has one of the tightest monthly Bollinger Band squeezes in its history and in all crypto right now. The last time it squeezed like this, it shot up 60,000%.” At the
Read more

Where to watch and predictions for the Copa América 2024 – 06/07

Image
  With a draw against Colombia in the last round of the Copa América group stage, Brazil will face Uruguay in the quarterfinals. The match will be on Saturday (6), at 10 pm, and promises to be one of the most disputed games. Historically, Brazil has the advantage over Uruguay. However, in the Copa América, the balance is clear. In 26 games, both teams have nine wins each, in addition to eight draws. Uruguay arrives at the quarterfinals with a perfect campaign in the group stage, leading Group C with nine points. The team has shown an efficient attack, with nine goals scored and one conceded. On the other hand, Brazil had an uneven group stage, finishing second with five points. The team scored five goals and conceded two. Want to know more about the best bets for this match? Keep reading. Uruguay vs Brazil Predictions for the 2024 Copa America Check out the best odds to bet on so far: Instant Casino is offering 1.95 for Uruguay to qualify for the next round TG Casino is paying 1.95 if
Read more