Blockchain Bites: Google Goes Down, Nexus CEO and US Treasury Get Hacked

Yearn continues to rapidly expand through acquisitions, leading some to call it the Amazon of DeFi. A U.S. Treasury hack serves as a reminder of the amount of financial data in circulation.

AccessTimeIconDec 14, 2020 at 5:49 p.m. UTC
Updated Sep 14, 2021 at 10:42 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Happy Monday. Or maybe not so happy, if you were depending on Google for your job. Here are our top stories today.

Top shelf

The Amazon of DeFi?
That's what Yearn Finance is rapidly becoming as a result of acquisitions and partnerships, CoinDesk's Brady Dale suggests in a big-picture analysis this morning. If Bezos' behemoth has become synonymous in consumers' minds with low prices, wide delivery and ample selection, Cronje's creation could achieve similar status among the "degens" of decentralized finance by delivering low fees, high yields and a wide selection of risk profiles. Hmm, a financial supermarket. Where have we heard that one before?

Nexus Mutual CEO hacked
But not Nexus itself. The DeFi insurer's chief, Hugh Karp, is out $8M worth of its NXM tokens thanks to a wily attacker. Karp is being gracious about it, though. "If you return the NXM in full, we will drop all investigations and I will grant you a $300K bounty," he told his unknown assailant on Twitter.

Mind the gap
Crypto exchanges have been heavily advertising on the London Underground, cheaper than usual due to the economic fallout from coronavirus. London is about to go into its strictest tier of lockdown, though, which would presumably reduce ridership and hence eyeballs on the ads. 

Quick bites

  • DON'T SAY IT, DON'T SAY IT: Google's services experienced disruptions for about an hour today (CNN, The Verge, WSJ) ... but Bitcoin functioned fine (Decrypt).
  • SELL THE NEWS: Flare Networks completes Spark token airdrop. XRP's price dives 9%. (Modern Consensus)
  • BEEPLE MANIA: Digital artist Beeple sold $582,000 worth of NFTs in five minutes, attracted Sean Ono Lennon's attention. (Decrypt) If the name isn't familiar, his mom wrote "Listen, the Snow Is Falling." And his father, John, wrote a few tunes, too.

Market intel

Exuberant
Bitcoin is still on track to hit a new high of $20,000 in the coming weeks, several analysts told CoinDesk markets reporter Omkar Godbole. MicroStrategy borrowing $650 million to buy more of the digital gold is one factor that drove the price up over the weekend. But leveraged bets are a risky strategy, for pros only, and even Vitalik is warning; don't try this at home, kids. 

At stake

The U.S. government is fanatical about collecting data. Securing it? Not so much. 

Over the weekend, it emerged that several U.S. federal agencies and potentially thousands of international corporations have likely had their communications networks compromised, in what appears to be the most sophisticated act of espionage in the past decade.

Reports indicate that malicious actors, likely backed by the Russian state, have hacked their way to troves of sensitive information at the U.S. Treasury and Commerce departments. A routine code update introduced spyware onto a key piece of management software developed by SolarWinds. Not much has been publicly confirmed, though it appears these hackers have had free access to much of the Treasury and Commerce departments' email systems dating back to the spring of this year.

Yet, the damage could be far more widespread: SolarWinds also counts the Secret Service, the Defense Department, the Federal Reserve, Lockheed Martin and the National Security Agency, among its customers.

The attack serves as the latest reminder of the amount of personal, professional and publicly sensitive information that transverses the internet and is held in sometimes insecure databases. Over the past several decades, government and corporate agencies have amassed vast quantities of data – on both companies and individuals – all potentially subject to exploitation. Knowing what types of data, how it's stored, how long it's kept by government or corporate institutions is often the exception. Far more frequently, these information stores are black boxes.

Last week, CoinDesk's privacy reporter Ben Powers detailed how the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Treasury Department responsible for snooping out and eliminating crime in financial systems, maintains a database of detailed personal and business information.

In its mission to acquire and disseminate data related to crime, FinCEN has a window into the world of the global economy. This includes information related to suspicious activity reports (SARs), a form of documentation that came into the public light after publication of the FinCEN Files. SARs are filed by banks, and other financial institutions, to alert federal watchdogs of sketchy behavior, but in themselves are not confirmations of any wrongdoing.

Powers' report focused on the fact that much of this data may never be deleted and is hackable, just like any online system.

"I don't think data retention is seriously thought about at the government level," Michael Yaeger, a shareholder at the law firm of Carlton Fields, told Powers. "They specify how long they retain it at the bank level, but the government doesn't. It's not in the habit of destroying data."

On the contrary, like 1970s disco diva Andrea True, Uncle Sam wants "more, more, more."

In a memo late last week, FinCEN clarified there is no limit on "the sharing of personally identifiable information" between private financial institutions, like banks or cryptocurrency exchanges, under the 2001 Patriot Act's safe-harbor provisions. In fact, the U.S. agency is encouraging these institutions to share information, while lowering the bar to what may be deemed pertinent.

"Overall, the sheet seemingly lowers the obstacles for further sharing of personal customer information among banks, the threshold of what qualifies as "suspicious" activity and whether the entities sharing customer information even need to be financial institutions," Powers wrote in a second article, co-authored by CoinDesk's regulatory maven Nikhilesh De and Executive Editor Marc Hochstein.

To be sure, this is all in the service of catching bona fide bad guys. But the first paragraph of Powers' first piece is a salient warning, particularly in light of the subsequent SolarWinds revelations: "If a despotic government's bank transactions can be leaked, so can yours." 

Who won #CryptoTwitter?

screen-shot-2020-12-14-at-12-42-55-pm
Subscribe to receive Blockchain Bites in your inbox, every weekday.
Subscribe to receive Blockchain Bites in your inbox, every weekday.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.