CertiK says SMS is the 'most vulnerable' form of 2FA in use

CertiK says SMS is the 'most vulnerable' form of 2FA in use

The level of security provided by SMS pales in comparison to authenticators or physical security keys, CertiK's Jesse Leclere says in an interview. Using SMS as a form of two-factor authentication has always been popular among crypto enthusiasts. After all, many users are already trading their cryptos or managing social pages on their phones, so why not simply use SMS to verify when accessing sensitive financial content?Unfortunately, con artists have lately caught on to exploiting the wealth buried under this layer of security via SIM-swapping, or the process of rerouting a person's SIM....


Related News

Web3 Security Firm Certik Raises $88 Million in Series B3 Financing Round Led...

Certik, a Web3 and blockchain auditing and security firm, has raised $88 million in its recent B3 funding round. The round, which was led by Tiger Global and included Goldman Sachs as an investor in the firm, gives the company a valuation of $2 billion. This doubles the valuation that Certik reached via its last funding round in November 2021. Certik Reaches $2 Billion Valuation Certik, a blockchain auditing firm, has closed its Series B3 financing round with a significant increase in investments. The company raised $88 million, with Tiger Global, Insight Partners, and Advent....

NFT STARS Marketplace has been audited by CertiK

Recently, the CertiK company officially confirmed that the NFT STARS smart contract is functioning properly and without any risk. This makes it hacker-resistant and was awarded a 99% score for its security. The detailed analysis of the platform showed that no vulnerability issues were detected. Each and every piece of code has been checked for […]

CertiK deploys automated smart contract auditing tool

An automated tool can help pick the low-hanging fruit vulnerabilities. Security company CertiK announced on Thursday the launch of QuickScan, an automated tool for scanning smart contracts for vulnerabilities.While it will not be a stand-alone tool, the suite is set to improve the analysis performed by the security oracles of CertiK Chain (CTK). QuickScan checks deployed smart contracts against a database of known vulnerabilities, using static and dynamic analysis techniques that check the bytecode, source code and access parameters for each smart contract.Daryl Hok, chief operating....

Well-known vulnerability in private keys likely exploited in $160M Wintermute...

The vulnerability in private keys generated by the popular Profanity vanity key generator was noted in January and has already been implicated in at least one major hack. Blockchain cybersecurity company Certik has said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in private keys generated by the Profanity app was likely exploited. The vulnerability has been known since at least January.The U.K.-based algorithmic crypto market maker announced the hack on Tuesday and said over-the-counter and centralized finance operations were not affected. About $162.5....

Most Defi Hacks in 2021 Had to Do With Centralization Issues, According to Ce...

Certik, a blockchain security and auditing firm, has reported that the most common attack vector for hacks in decentralized finance (defi) protocols had to do with centralization in 2021. This data is present in Certik’s latest report, where the company also examines the growth of defi in 2021, and how other chains such as Avalanche and BSC rose as alternatives to Ethereum’s high fees. Centralization Costs Defi Protocols $1.3 Billion in 2021 A new report issued by Certik, a blockchain security and auditing firm, has revealed that centralization issues in defi....