NEM (XEM) Official Thread - 100% New Code - Easy To Use APIs

[suky321]

Translation of press conference by Coincheck.

The hack was due to poor security controls in place at the exchange.

The NEM technology is not at fault.  Coincheck has asked for a hard fork, and this was refused.

Full text:

https://twitter.com/bitpinas

[1714017515]

1714017515

[1714017515]

1714017515

[1714017515]

1714017515

[suky321]

This Hack has nothing to do with Nem being hacked.  Only the exchange was hacked.  Coincheck had their private keys stolen.  CoinCheck did not use the multi-signature features that the Nem Blockchain offers them.  CoinCheck Claims they were short-staffed engineers.  They had all of their nem stored in a hot wallet.  They claim they were in a process of moving it to a cold wallet.  They were unable to confirm the hacking of any other currencies at this time.  They are considering compensating all the customers that had nem on the exchange.

http://cryptonewsflash.com/coincheck-hacked-for-523-million-nem/

[BrBoy]

sorry dudes this is fucked up, hope none of you are affected by this.

Reports suggest that 526 million NEM (XEM) ($400 million) was stolen in the alleged Coincheck hack. Wong told media outlets that it was a single account that siphoned the funds, adding that NEM is not forking and that its technology is “intact.” He called it: “The biggest theft in the history of the world.”

[tomkat]

Hacker accounts will be blacklisted by exchanges, his XEM will be useless.

I do not believe any human will or would be able to contact all places trading XEM before said coins are moving? (if true what I'm reading here - that there are stolen funds)

edit
Wow

Lon Wong has appeared to confirm Coincheck was hacked, calling the stolen funds "the biggest theft in the history of the world."

CMC https://coinmarketcap.com/currencies/nem/#markets shows 32 markets, and the number of exchanges is less than 32, so it's not that many.
The hack is in the news everywhere, and the exchanges could easily track and blacklist the addresses. Question is if they're really going to do this

[vindermarch]

According to my observations, Nem is one of the flagship projects. I see one of the early features that NEM is built 100% from scratch (not a fork of any existing project) and that's great. Because something is built from the beginning, it will be hard to waver. Because experience has taught many things. Therefore, feel free to choose Nem. Good luck

[abaumgar]

According to my observations, Nem is one of the flagship projects. I see one of the early features that NEM is built 100% from scratch (not a fork of any existing project) and that's great. Because something is built from the beginning, it will be hard to waver. Because experience has taught many things. Therefore, feel free to choose Nem. Good luck

That's the spirit! It's a good time to buy some more XEM now

[LiteMag]

I am a little bit confused and I don't have the time to read back right now. So our XEM in the Nano Wallet are safe?

[ebliever]

I am a little bit confused and I don't have the time to read back right now. So our XEM in the Nano Wallet are safe?

Yes, except from market volatility at this point.

[nemwanderer]

700k coins will do that to you. I really believe/believed in this one and all this is rather depressing. I’m of the belief that reputation/marketing are of huge importance and this just doesn’t help.

Pah. It's a rite of passage.

And note that Lon Wong's statements took the time to emphasize the on chain security features that Coincheck pointedly failed to use.

Question is whether those features would deter any hack.

Also I didn’t realize a fork was happening for catapult...speaking of which is catapult ever happening?

Thanks

[gentlemand]

Question is whether those features would deter any hack.

Also I didn’t realize a fork was happening for catapult...speaking of which is catapult ever happening?

Thanks

Of course. A hack would've been 100% impossible if they'd implemented it.

Catapult will be on the public chain sometime this year. And there will need to be a hard fork for it to happen. It doesn't appear completely certain how they're going to do it yet.

[ruletheworld]

700k coins will do that to you. I really believe/believed in this one and all this is rather depressing. I’m of the belief that reputation/marketing are of huge importance and this just doesn’t help.

Pah. It's a rite of passage.

And note that Lon Wong's statements took the time to emphasize the on chain security features that Coincheck pointedly failed to use.

Question is whether those features would deter any hack.

Also I didn’t realize a fork was happening for catapult...speaking of which is catapult ever happening?

Thanks

Of course those features would have reduced the probability of a hack. There is nothing called perfect security. However, what Coincheck was using was quite bad indeed.

Two of the very basic security practices that every single exchange should use for every single crypto that they handle are -

• Multi-sig wallets: If one key is compromised, the attacker cannot steal all the funds
• Cold Storage: Majority of the funds need to be stored on a device that has never been connected to the internet

Then, the exchange needs to create processes around these basic security requirements. For example, how many key holders exist in the multi-sig wallet? Where do they store their keys? How do they communicate if they believe they are compromised, and what steps do every one else take if this happens? Where are the cold storage keys located? Who authorizes transfer of funds from cold storage to hot wallet? How often can this happen?
You get the point.

If you're running an exchange without Multi-sig and Cold Storage, then you're at fault.

This hack isn't a problem with NEM. It is a problem with the exchange practices. The NEM foundation has offered to help, but there is only so much they can do in this situation.

[NorrisK]

700k coins will do that to you. I really believe/believed in this one and all this is rather depressing. I’m of the belief that reputation/marketing are of huge importance and this just doesn’t help.

Pah. It's a rite of passage.

And note that Lon Wong's statements took the time to emphasize the on chain security features that Coincheck pointedly failed to use.

Question is whether those features would deter any hack.

Also I didn’t realize a fork was happening for catapult...speaking of which is catapult ever happening?

Thanks

Of course those features would have reduced the probability of a hack. There is nothing called perfect security. However, what Coincheck was using was quite bad indeed.

Two of the very basic security practices that every single exchange should use for every single crypto that they handle are -

• Multi-sig wallets: If one key is compromised, the attacker cannot steal all the funds
• Cold Storage: Majority of the funds need to be stored on a device that has never been connected to the internet

Then, the exchange needs to create processes around these basic security requirements. For example, how many key holders exist in the multi-sig wallet? Where do they store their keys? How do they communicate if they believe they are compromised, and what steps do every one else take if this happens? Where are the cold storage keys located? Who authorizes transfer of funds from cold storage to hot wallet? How often can this happen?
You get the point.

If you're running an exchange without Multi-sig and Cold Storage, then you're at fault.

This hack isn't a problem with NEM. It is a problem with the exchange practices. The NEM foundation has offered to help, but there is only so much they can do in this situation.

One would think this exchange has been around long enough to have learned from other exchange hacks to know how important these security steps are..

The more reason to use some of the exchanges that are actively communicating how much effort they put into security.

[tongokongo]

I made a full explanation video on this situation:
https://youtu.be/SCzQ-GiDd7Q

[ruletheworld]

700k coins will do that to you. I really believe/believed in this one and all this is rather depressing. I’m of the belief that reputation/marketing are of huge importance and this just doesn’t help.

Pah. It's a rite of passage.

And note that Lon Wong's statements took the time to emphasize the on chain security features that Coincheck pointedly failed to use.

Question is whether those features would deter any hack.

Also I didn’t realize a fork was happening for catapult...speaking of which is catapult ever happening?

Thanks

Of course those features would have reduced the probability of a hack. There is nothing called perfect security. However, what Coincheck was using was quite bad indeed.

Two of the very basic security practices that every single exchange should use for every single crypto that they handle are -

• Multi-sig wallets: If one key is compromised, the attacker cannot steal all the funds
• Cold Storage: Majority of the funds need to be stored on a device that has never been connected to the internet

Then, the exchange needs to create processes around these basic security requirements. For example, how many key holders exist in the multi-sig wallet? Where do they store their keys? How do they communicate if they believe they are compromised, and what steps do every one else take if this happens? Where are the cold storage keys located? Who authorizes transfer of funds from cold storage to hot wallet? How often can this happen?
You get the point.

If you're running an exchange without Multi-sig and Cold Storage, then you're at fault.

This hack isn't a problem with NEM. It is a problem with the exchange practices. The NEM foundation has offered to help, but there is only so much they can do in this situation.

One would think this exchange has been around long enough to have learned from other exchange hacks to know how important these security steps are..

The more reason to use some of the exchanges that are actively communicating how much effort they put into security.

I am shocked they've been operating since 2012 apparently. That's 5+ years of bad security. Unbelievable.

I am afraid all the newbies would think somehow this means 'NEM got hacked'. Seriously, people need to do some homework here.

[gentlemand]

[fragout]

Update::: Inside Nem twitter

1/ @coincheckjp hack update: NEM is creating an automated tagging system that will be ready in 24-48 hours. This automated system will follow the money and tag any account that receives tainted money. NEM has already shown exchanges how to check if an account has been tagged.

What happens if he sends tainted Nem to the community fund or such though?

2/ So the good news is that the money that was hacked via exchanges can't leave. So please share this info. The largest hack in history was solved for by NEM in a matter of hours. That is the power of the NEM platform and NEM team.

In other words 523 million Nem burned.. unless they catch the hacker and somehow get the funds back.
Perhaps a bounty deal will be done? who knows

[ruletheworld]

Automated tagging doesn't work. All the attacker needs to do is send some NEM to all the richlist addresses. Please be careful trying to implement something like this. There is a reason cryptos need fungibility.

The NEM/Coincheck teams need to try and get in touch with the hacker and see if they can negotiate something. The attacker will find it hard to sell out with the exchanges closing/blocking transfers.

[jnet1.co]

NEM is one of the few coins which will be adapted i real life for buying and selling.Things could go faster but I still prefer solid and stable progress.

[xeman34]

sorry dudes this is fucked up, hope none of you are affected by this.

Reports suggest that 526 million NEM (XEM) ($400 million) was stolen in the alleged Coincheck hack. Wong told media outlets that it was a single account that siphoned the funds, adding that NEM is not forking and that its technology is “intact.” He called it: “The biggest theft in the history of the world.”

It isn't the first time that one of the "Nem Team" hacked an exchange.

[iCEBREAKER]

The largest hack in history was solved for by NEM in a matter of hours. That is the power of the NEM platform and NEM team.

What a novel use of the word "solved."  I wonder if the people who lost their coins feel this is an appropriate usage of the term.

Nice spin job though.  Lots of self-congratulation and hype to distract from the fact that NEM is not fungible (can't even do coinjoin-style mixing hacks?) and centrally controlled.

This fiasco (and especially the response) demonstrates exactly why I wouldn't even touch this dog shit coin with a pooper-scooper and clothespin on my nose to keep the stench out.

Automated tagging doesn't work. All the attacker needs to do is send some NEM to all the richlist addresses. Please be careful trying to implement something like this

There is a reason cryptos need fungibility.

LMFAO.  Stupid mondkinder derps get #REKT.  Learn to crypto you greedy noobs.