Show Notes
Memecoin Exchange DEXX Breached; Exposed Private Keys?
#Crypto #Cryptocurrency #podcast #BasicCryptonomics
Website: https://www.CryptoTalkRadio.net
Facebook: @ThisIsCTR
Discord: @CryptoTalkRadio
View Full Transcript
Episode Transcript
[00:00:00] Out of cycle update the jack move. It's more than just a band. CryptoTalk FM My name is Leister, I am your host providing an update simply for public service awareness. This mostly affects Chinese China. However because of the tokens that are in play it's possible something in your wallet may have been affected and I thought it may be relevant so you can go do some research and dig in case it affects your portfolio or potentially might you might have noticed if you're buying into garbage of old coins like that peanut crap or you know some of these other memes that are out there. I think Bonk, I think Pepe but I'm not sure you know some of these garbage ones that's out there. You might have noticed that despite the run up of bitcoin Getting over the 90,000 mark Ethereum still kind of wavering. Salana going on a little bit of a run. Some of these garbage Vol coins seem to crap and it seems not directly correlated. But there may be a bit of correlation, not direct but a bit of correlation to a breach that occurred with an exchange I was not familiar with. And the reason I wasn't familiar with it is because it primarily serves China customers. It's called Dex as in D E double X. Not just single X decentralized exchange but double X. D E double X purports to be a meme coin trading platform again primarily favoring China traders. What happened? Well there was a lot of traffic on this exchange for altcoin traffic and we did see a lot of these altcoins start to run up especially I know Paypay in particular but it's not on this exchange. But other ones as well started to run up and then all of a sudden there's a crap an announcement comes out that says that this exchange got breached to the tune of just over and I got differing numbers on this one but I got a. I got differing numbers but just over $50 million to start with and then I'll give the second number and why I'm kind of skeptical of that one but allegedly is just shy of $17 million of illicit token transfers. Illicit in the sense that people who had connected their wallets to this exchange so apparently it's got some mechanism where you can directly connect your wallet to this exchange in order to make trades. That's was basically people were able to breach the wallet and make transfers out of their wallet. So it wasn't the exchange in that regard. That's why I say the number is kind of a moving target. This 16 million is taking out of their wallets, getting their token took. Then certain Tokens had about 5 million in transactions where those were actually breached from the exchange. A different number came out that was high side of just shy of $500 million worth of breach and tokens being drained. Again, I'm skeptical of that number, but it is floating out there. The people were pissed off. They reached out to CIC because this exchange allegedly had been Cerdic audited. So they reached out to CK for assistance. CIC chimed in and said, guess what, folks, we don't do audits of Salana blockchain anything. So if your token was a Salana blockchain something, or this exchange was a Salana blockchain primarily something. We ain't got nothing to do with that, bro. You sorry, we'd love to help you, but we can't. But we'll share what we think might have happened here. But bottom line, there's nothing we could do to help. Cerdic then does a little bit of digging on their own, just trying to help people out. They identified a theory and it was only a theory, there was no evidence of it. But they identified a theory that there was some improper private key management that led to the breach where the DEXX official private key, as in their own key, was improperly stored and then improperly exposed and then breached, which led to this transaction.
[00:03:44] Here's the problem with this.
[00:03:49] Another organization does some digging. Now, this is an organization that was in charge of hardware wallets. And this was used by some of the customers that got breached. This hardware wallet had said, here's what we know. They keep asking for copy. You know, access to the clipboard. If you don't know what the clipboard is. Clipboard is a common term in technology. Your mobile device has a clipboard. Both Apple and Android devices. It's obviously more intuitive on Android. I digress. It's on windows, it's on MacBooks, it doesn't matter. The clipboard is a common term. It simply means the ability to copy and paste something from A to B. That's a clipboard. It's a piece of memory set aside on your computer that can store something temporarily until it pastes in the new destination that's supposed to delete it. However, Windows does not immediately delete it. Android does not immediately delete it. Apple does, unless you tell it not to.
[00:04:44] But what it's supposed to do is be a temporary transition between A and B. And when you do a wallet on the mobile phone. So this is you People with you mobile phones and your automobile, what's it that are most affected by this that I'm about to describe. But on the mobile phone side, when you go and say you want to copy paste that address to buy some tokens, right, you go to the decentralized exchange, you copy your, your, what should be your public key into the different exchange, you paste it in there to say is I want to receive the tokens here and then it sends the tokens there. That's a copy paste, that's the clipboard doing this. What one key which is the hardware provider says is what might have happened in our case is not that the DEXX private key was breached, but rather their incessant request for private key access from regular users. As in when you have a regular user who's trying to get their wallet set up, the first thing you need to do is give it your what private key or your mnemonic. You should be giving your mnemonic, but your private key is also viable if you're trying to do a single wallet. Allegedly this DEXX was constantly requesting access to clipboard. And the theory of this hardware wallet provider is that some users, not knowing any better, were copy pasting their private key, which you absolutely should not be doing, but copy pasting their private key to something else for why ever they were doing. And then when this DEXX itself gets breached, they get access to the keys deeper dive was done and it turns out that the private keys, all of them, not just the DEXX private key, but also private keys coming from customers of the exchange, were stored in plain text accessible via a server transaction. So what happened is if you made certain calls and I called this out on site of Chain and CITA Pro, which is why I wanted to talk about this because here I am vindicated again. But what happens is when you do a request through the wallet, you turn on what's called Developer Tools. Developer Tools is in the browser and it shows you readout of all the information that's being exchanged between you and the server. There are certain things you should not be seeing. One of those is the private key. Turns out that in this deep dive the private key was blatantly exposed in the traffic on this developer tools which proved that the only way that that could happen, number one, is they were not properly encrypting the traffic in motion. But also they were not encrypting the traffic at rest as meaning they were not storing it encrypted and they were just storing it blank plain text so that it was easy to breach it if you knew what you were doing. The same thing I said happened to Cider Pro way back. Go back to that episode where I reviewed the Cider Pro application when it was first released and the first thing I said, well, or cider mask at the time. And I said there's stuff I'm seeing. The key is right there in the frickin developer tools and you guys are numb nuts. Same thing. So I already knew the moment I heard this breach and private keys being talked about that it was a simple matter of just incompetent developers that don't know how to protect the information that's in transit. I'm using this to, number one, announce it in case somebody happened to be in it from China or something to if you're dealing with some of these garbage Vol coins that might have been affected by this breach and the drain, there's nothing Cerdic or anybody can really do. Dex swears that they're going to try to get the funds back. I consider it extremely unlikely because they're a mean coin exchange. So that's. Is it possible? Sure. I say it's unlikely and I don't want you to get your hopes up. Consider it a learning lesson and kind of move on. Don't go to sketchy exchanges. I've been saying that for months. And if you're new, by the way, welcome. But number three, most important, and take this as a learning lesson about this situation.
[00:08:25] Your private key should never be shared or exposed or put out there. If you're getting a new wallet, say you're transferring a different wallet from Coinbase Wallet to Trust Wallet or whatever made a master Trust Wallet. Whatever you're doing, type it in. Don't copy paste anything from A to B, especially if you're on a mobile, you know, automobile, WhatsApp, mobile phone. Because as I repeatedly said, mobile phones are how people get breached. As you learn from Bleeves, who got breached multiple times because he's using a mobile phone.
[00:08:54] Don't do that, okay? This is how people get their stuff cooked. It's. It's less about devs now, it's more about. They're making it easy. They being the devs, making it easy for you to set yourself up for failure. And if you're listening to me, I'm hoping that you're taking these lessons to heart and protecting yourself because it's a very shady business out there. So that's what's happened. Nobody knows 100%. All we know for sure is that information was not protected on their side, number one. Number two, people were copy pasting in private key because only way they'd be able to get access to your private key is if you copy paste it. Now we do know there are certain exchanges that can get access to your private key by way they way by the way they work. DXX was not one of those. In other words, the only way this could have happened is that somebody copy pasted the private key to something. The DX X private key being out there is a symptom of poor piss poor design in the development. And the rush to mean garbage is why there's such a large scale amount of money that got breached. Because there's so many people rushing to the garbage off fomo. It just increases the salt vector, right? So stay safe, be smart about it. I'm going to encourage you. Do whatever you want. Cash. I'm saying I would recommend you do not copy paste. If you're using a mobile phone, do not copy paste your stuff from A to B. Just type it in. I know it's a pain. Your public key is fine. I'm talking the private or your mnemonics. Please don't do that. And all of the wallets warn you. It'll say here's your key, keep it safe, don't copy it, don't photograph it. It warns you like three or four times. So you have no excuse for saying why I didn't know. You have to know because all of the watch, I've tested them so you can't tell me I'm lying. Every last one of them even made a mask. As crap as it is. Warned you do not take photos of it. Do not copy paste it. Do not store it on the device. It warns you this. Don't disregard those warnings. It's critical that you understand doing this is the same thing as laying your wallet down right in the middle of the airport. You wouldn't do such a thing. Please stay safe, be smart, don't do that. And most importantly, it's again, it's up to you. I'm going to recommend you stay away from sketchy freaking exchanges just because you want to trade meme coins. Because guess what you can safely trade mean coins on Uniswap or radium or Jupiter or Pancake swap, Trader Joe, whatever. Pick a known mainstream quote exchange, not these shady businesses that are out there, please. Also, if you're not China, and so this did not affect you directly, but it affects you indirectly because you hold some of these garbage tokens. Understand this is why the disruption happens on frequent occasion. This is why we see run ups get disrupted. This is why I criticize when all the YouTubers told you that we were going to hit October and we were going to hit a hundred thousand in October, which didn't happen despite Leister CryptoTalk FM telling you was unlikely going to happen. It didn't happen because there's all these disruptive factors that you cannot predict. No matter how long you stare at a graph, they're always going to continue to happen. What we need to do though, is be smart. That's all. Realize it's all gambling at the end of the day because there's things that are outside of your control that you cannot predict. Making it a gamble by definition, that's all. And you recognize that's what you're doing and then you're smart about it and only put money you can afford to lose and money you don't really care about, realizing that that means the risk is lower. If you're a gambler want to roll the dice. I celebrate if you strike it. But these types of disruptive actions will continue to happen even when it's not even in the United States, even when it has nothing to do with a known exchange, even when it's not logical why it would happen. It happens because newer investors get in it. They don't understand security and safety and protecting your assets. You still have people like Blee that's been in it for years. He's getting breached multiple times. So if somebody's been in it for years gets breached multiple times, what do you think is going to happen with somebody who's brand new to it? Be smart folks, please.
