This Shockingly Invasive Malware Stole Data from 3.25 Million Windows Computers

A woman rushes by Microsoft headquarters.

Photo: Robert Giroux (Getty Images)

Between 2018 and 2020, a mysterious strain of malware infected and stole sensitive data from approximately 3.25 million Windows-based computers—taking with it a horrifying amount of intimate information about the users of those devices.

Advertisement

The data includes login credentials—both usernames and passwords—for dozens of online platforms, as well as billions of browser cookies, millions of user files stolen right off of infected desktops and, in some cases, pictures of the device’s user taken with the computer’s own webcam.

The malicious epidemic was uncovered recently when a large database of the stolen information was spotted on the dark web, reports NordLocker in a new analysis of the incident.

The firm characterizes the virus as Trojan-style malware that was deployed onto computers via email and by illegal software, such as pirated versions of games and Adobe Photoshop, as well as “Windows cracking” tools. The malware was unnamed and likely a cheap, customizable variant that could be purchased easily on the dark web.

“Nameless, or custom, trojans such as this are widely available online for as little as $100. Their low profile often helps these viruses stay undetected and their creators unpunished,” analysts write.

According to Nord, the malware took careful steps to catalog people it had compromised, even assigning “unique device IDs to the stolen data, so it can be sorted by the source device” and also frequently photographing the computer’s user if their device had a webcam.

As to the stolen data, it’s pretty overwhelming. The compromised login information includes 1,471,416 Facebook credentials; 261,773 Twitter credentials; 145,436 PayPal credentials; 87,282 Dropbox credentials; 1,540,650 Google account credentials, and so on. Other compromised accounts include Coinbase, Blockchain, Outlook, Skype, Netflix…you get the picture.

Advertisement

On top of this, the malware also apparently took screenshots of the desktops it had infected, which retroactively helped researchers piece together just how much information had been compromised. To get a better idea of how extensive the damage is, here is a little breakdown:

  • 2 billion cookies
  • 26 million login credentials
  • 6.6. million files (apparently stolen off of desktops)
  • Upwards of 1 million images (696,000 .png and 224,000 .jpg files)
  • More than 650,000 Word documents and .pdf files

So, yeah, it’s all pretty disturbing. The market for personal information on the dark web—particularly login credentials—has always been big, but it’s seen a real uptick in recent years. Hundreds of millions of passwords are compromised every year through cyberattacks and breaches, leaving victims at the mercy of money-grubbing goons. While it’s up to you to decide how to protect yourself, there’s no shortage of resources out there and, it goes without saying, they’re worth checking out.

Advertisement

You can check out a more detailed breakdown of all of the stolen files here.

8 Money Toilets

Illustration for article titled 8 Money Toilets

Photo: Heritage Auctions

Let’s imagine a world before March 11th, 2021, before Beeple shook the earth and sold an NFT for $69 million, summoning a monsoon of NFT press releases. What did we consider an unreasonable purchase? What did we talk about? If you are not a tech blogger, artist, art critic, gallerist, crypto trader, or CNBC consumer, please let me know. About anything.

Back in January 2021, a collector paid $396,000 at Heritage Auctions for a $20 bill with a Del Monte banana sticker underneath part of the bill’s Treasury Seal and serial number. The provenance dates back to 2004 from an ATM in Ohio, which dispensed the note to a student and has now been auctioned three times.

“Collectors immediately fell in love with it,” Dustin Johnston, Vice President of Currency Auctions at Heritage Auctions, was quoted in a press release. Sorta not really explaining why this $20 bill is worth 19,800 pristine $20 bills, he added that “the placement of the ‘Del Monte Ecuador’ banana sticker is ideal.”

But why $396,000? Why not throw in an extra 4k for a smoother “four hundred thousand dollars” which rolls off the tongue at a cocktail party and is far more aesthetically appealing in a press release headline?

Crypto Investors Scheme to Gain Control of Tesla as Bitcoin Markets Tank

Illustration for article titled Crypto Investors Scheme to Gain Control of Tesla as Bitcoin Markets Tank

Screenshot: StopElon

The cryptocurrency market has taken a major dive, as it does. Now a band of traders has decided to form the people’s coin, appropriately named StopElon, to Stop Elon Musk from wielding intractable control over the market with his tweets. Much like China. And Mark Cuban. And volatile economies. And major financial institutions. And hedge funds. And the march of time.

Advertisement

Bitcoin crashed this morning by roughly 50% from its April high of over $60,000. (Ethereum, Litecoin, and Dogecoin are also in the toilet.) This came six days after Elon Musk tweeted that Tesla will suspend its Bitcoin payments for its cars due to the fact that mining expends massive amounts of fossil fuel, after which Bitcoin vacillated a bit. A more recent potential catalyst for the crash might be China’s reminder announcement that banks and payment processors are forbidden from accepting Bitcoin, perhaps to drum up demand for the digital yuan. Anyway, the big news is that “Elon’s rally” has been wiped out.

But his announcements have historically correlated with price movements for Bitcoin (and with almost no uncertainty catapulted Doge). There was the time he added #bitcoin to his Twitter bio, announced that Tesla would accept Bitcoin as payment, and Tesla bought a ton of Bitcoin (making the company look more profitable than it is).

Incidentally, the Dogemaster General tweeted today that Tesla has 💎🙌, presumably meaning that they’re holding [something].

As crypto-enthusiasts seethe over Elon’s perceived betrayal, a band of fed-up traders has created a memecoin scheme to circumvent Elon Musk’s meddling, with a “Road to Fucking Pluto” plan. One of StopElon’s three co-founders (an admin for the StopElon Telegram channel, who identified themselves as a European named “Daniel”) told Gizmodo via Telegram that the idea was inspired by Elon Musk’s tweet last week about pausing Bitcoin purchases for Tesla. They claimed that they’d never ridden the Doge wave, and that the majority of their portfolio “is crypto with real use case.”

Advertisement

The site displays a complex flight plan, but one of StopElon’s three co-founders summarized the rough outline to Gizmodo via Telegram.

1) Buy StopElon. 2) Encourage users to hold StopElon by charging 10% buy and sell fees (intended to “punish” panic sellers). 3) Redistribute those fees amongst the community and the liquidity pool. 4) Get listed on a small exchange with the someday goal of major exchanges like Binance or Coinbase.

Advertisement

The last step is buying up enough Tesla Stock to gain significant voting power to, according to the site’s blueprint, take “full control of Tesla.” The final destination is Pluto.

But those two outcomes kind of cancel each other out. HODL; buy stock. From what funds?

Advertisement

As Daniel explained, conquering Tesla could be done by buying Tesla stock. Alternatively, they suggested, they could offer shareholders StopElon tokens in exchange for proxy voting power. But that would require a lot of people to do a lot of paperwork, possibly proof of power of attorney, not to mention hunting down individual shareholders. (“We are Europeans, so we need to look more into this matter,” Daniel said.)

It’s more of an overall community “protest,” to steer attention away from Elon’s favorite joke currency. The number of coins will be limited. They also plan to safeguard people from bag-holding large volumes of cash with fees or maximum transaction limits. And, hopefully, create community governance with voting power, not unlike a Decentralized Autonomous Organization.

Advertisement

Illustration for article titled Crypto Investors Scheme to Gain Control of Tesla as Bitcoin Markets Tank

Screenshot: StopElon

Sure, Daniel admits that other factors independent of Elon Musk move cryptocurrency markets. There’s no doubt though that a prominent hustler is messing around with an immense following of unsophisticated traders, with little apparent concern. “StopElon is a way to protest [against] Elon Musk crypto market manipulation,” the Daniel said. “Elon is a smart guy, he knows what he is doing and he knows the influence he has on the crypto sphere, yet he is using it to manipulate the market.”

Advertisement

Daniel said they have “more actions” in mind but can’t elaborate yet.

At the moment, the multi-step process of app downloads and currency conversion from Binance looks prohibitively complicated for naive retail investors who want to just click and move on, which might be a good thing.

Advertisement

Some details need ironing out, but nobody’s here to shoot down a bold vision. May any mission to stop Elon soar.

Coinbase Says Screw It, We’ll Let You Buy Doge

Illustration for article titled Coinbase Says Screw It, We'll Let You Buy Doge

Illustration: Richard Drew (AP)

The cryptocurrency exchange platform Coinbase has caved. After a long silence to the hoards imploring the company to let them trade Dogecoin, they’ve decided to list the meme, adding a sheen of legitimacy to a cryptocurrency with limitless supply, which whales could squash with a whale-sized dump at any moment. On a call with investors on Thursday, CEO Brian Armstrong said that Coinbase aims to list it in six to eight weeks.

Advertisement

The Doge fans have been wondering why Coinbase has been leaving money on the table. Doge now commands a heart-stopping trading volume and an equally terror-inducing current market cap of $72 billion—higher than 77 percent of companies listed on the S&P 500. Fees vary with flat rates for lower purchases, but Coinbase typically charges users a 1.49% fee on transactions made through your bank account. So if, say, Coinbase users bought $1 billion of Dogecoin and all HODLed, Coinbase would pocket $14.9 million. (This is if they don’t pay with a debit card or PayPal, in which case Coinbase gets 3.99% in a conversion fee.)

Armstrong didn’t stop at announcing Doge’s arrival on the platform. He added this wild forecast:

I think it’s going to be something, kind of, like apps in the App Store or on the iPhone where there’s eventually millions of these assets created over time and so we’re putting a lot of work and thought into how do we accelerate our pace of asset addition, and one of those is Doge, as you mentioned, which has been getting a lot of attention recently.

Getting-a-lot-of-attention-recently: sort of like CDs, Smash Mouth tickets, the Gap, TRIMSPA, and people running “executive success programs.”

The idea that cryptocurrency will have long-term value mostly hinges, at least for some analysts, on the idea of scarcity, that Bitcoin will be useful outside of the currency exchange trade, and once all the Bitcoin has been mined, you want to be holding the Bitcoin when everybody who missed out needs Bitcoin. Doge is the equivalent of endlessly printing money, with a current tangible value resting on Elon Musk’s ability to keep upping the ante, which could escalate to a Doge-funded space station at the rate he’s going. WallStreetBets doesn’t even want people talking about it because the market is “small accounts and pump & dumps.”

Let’s get a second opinion. Adam Zadikoff, COO of the crypto wallet BRD, told CNBC the following:

My guess is that [the rally] won’t last, especially for something like dogecoin which was never meant to be a payment system or a store of value. Yes, you can make a quick buck if you time it right, but timing the market is a terrible thing to try to do. It does not work.

Advertisement

Consider investing in Pokemon cards.

Dogecoin Prices Spike Again Because This Man Just Will Not Stop Tweeting

Illustration for article titled Dogecoin Prices Spike Again Because This Man Just Will Not Stop Tweeting

Photo: Britta Pedersen-Pool (Getty Images)

I’m starting to get whiplash from this roller coaster ride that is Dogecoin’s value in recent days. It surged amid hype for Tesla and SpaceX CEO Elon Musk’s Saturday Night Live debut last weekend but plummeted after he called the meme-inspired cryptocurrency a “hustle,” only to ricochet again days later when SpaceX committed to accept a company’s payment in Dogecoin and Tesla suspended purchases using Bitcoin, citing environmental concerns, not long after.

Advertisement

Well, strap in folks, because the Dogefather sent its price soaring yet again Thursday evening with the following tweet:

“Working with Doge devs to improve system transaction efficiency. Potentially promising.”

Now, Musk is a known internet troll with a history of using Twitter to throw the stock market into a tailspin for the sake of a punchline, so it’s anyone’s guess whether he’s being serious. About an hour later, he posted another tweet sharing a bit of age-old wisdom from The Hitchhiker’s Guide to the Galaxy with his millions of followers: Don’t panic! This seems to suggest it might just be a prank, but honestly, who fucking knows. (We’ve reached out to Tesla for clarification, but admittedly the company’s been pretty quiet since dissolving its PR department last October).

Joke or not, though, the effect it’s had on the price of Dogecoin is very much real. Dogecoin’s value jumped by as much as 18% following Musk’s tweet, according to Coinbase, and TradingView reports that its market cap spiked by $10 billion. The buzz has since tapered off a bit, but Dogecoin’s value is still coasting about 11% higher compared to this time yesterday.

On Wednesday, Musk announced (also via tweet) that Tesla would no longer be accepting vehicle payments in Bitcoin, supposedly out of concern over the “rapidly increasing use of fossil fuels for Bitcoin mining and transactions.” In the meantime, he said, Tesla will continue to look for more energy-efficient cryptocurrencies. And while that’s a commendable goal, the fact that Musk is only just now acknowledging how insane crypto mining’s carbon footprint is makes Tesla’s newfound concern feel like a PR move more than anything else.

On Monday SpaceX agreed to accept a payment solely comprised of Dogecoin from the Canada-based Geometric Energy Corporation to secure its spot for an 88-pound satellite aboard a space mission scheduled for 2022. The announcement had Dogecoin prices rebounding a bit after they tanked by about a third following Musk’s SNL appearance. Prices have been extremely volatile (even for a cryptocurrency) in the days since. But whether Musk’s tweets are serious or not, their command over stock prices is undeniable, so I suppose the Dogefather is getting the last laugh either way.

Advertisement

UK Court Agrees to Hear Copyright Lawsuit Brought by Self-Proclaimed Bitcoin Inventor

Illustration for article titled UK Court Agrees to Hear Copyright Lawsuit Brought by Self-Proclaimed Bitcoin Inventor

Photo: Ina Fassbender (Getty Images)

Many people have claimed to be Satoshi Nakamoto, the anonymous creator or creators behind the digital cryptocurrency bitcoin, over the years. Now London’s High Court has agreed to hear out one of the most vocal (and disputed) claimants to the pseudonym in a lawsuit over alleged copyright infringement, according to a Reuters report.

Advertisement

Australian computer scientist Craig Wright, who claims to have developed the world’s most popular cryptocurrency, is reportedly suing the operator and publisher of the website bitcoin.org, which goes by the pseudonym Cobra. The defendant has not disclosed a name, identity, or address, according to court filings issued on Wednesday and reviewed by the outlet on Thursday.

When Wright was initially singled out as the supposed inventor of bitcoin in 2015, the news prompted widespread skepticism among security experts, several of whom went on to call it an elaborate hoax. Investigations throughout the years since have reportedly identified inconsistencies in Wright’s claims and debunked both his credentials and supporting evidence as fraudulent.

Wright, who resides in Britain, accuses Cobra of copyright infringement for controlling the bitcoin.org website and demands that the site remove bitcoin’s white paper, aka the 2008 document published by Nakamoto that originally outlined the technology behind the digital currency.

Cobra has previously dismissed Wright’s claims, calling them “without merit” in a blog published to bitcoin.org in January. In a Twitter message to Wright’s lawyers that same month, Cobra said Wright’s copyright claims “can be easily verified to be false” and pointed out that the website isn’t based in the UK, according to court filings reviewed by Reuters.

Cobra dismissed Wright’s claims once more in a statement to Reuters on Thursday:

“We’ve been threatened to take down the Bitcoin white paper by someone who obviously isn’t the inventor of Bitcoin (if he was, that would make him the 25th richest person in the world, which he obviously isn’t). Seems like he’s trying to abuse the UK courts to make them try to censor the white paper and harass small websites like us providing education content with his behaviour.”

Advertisement

Whether Cobra will be forced to reveal their identity to defend themselves during this case remains unclear. As for Wright, his legal team seems confident in their chances.

“The case will turn on whether the court is satisfied that Dr. Wright did indeed author—and owns the copyright in—the White Paper and, therefore, that he is Satoshi Nakamoto,” Simon Cohen, who is representing Wright, told Reuters.

Advertisement

Demand for bitcoin has increased dramatically in recent years, with several major financial institutions such as Mastercard, Visa, PayPal, and Square backing bitcoin and other cryptocurrencies. Last week, its value soared in the lead up to Coinbase’s direct listing, reaching a record high of nearly $65,000.

Crypto Market Plummets Following Week of Coinbase-fueled Hype

Illustration for article titled Crypto Market Plummets Following Week of Coinbase-fueled Hype

Photo: Dan Kitwood (Getty Images)

After cryptocurrency prices soared this week amid hype leading up to Coinbase’s direct listing, the market took a nosedive over the weekend. Bitcoin prices tanked by roughly 14% in 24 hours, from $61,530 to $52,829, the token’s biggest one-day drop since February, before rebounding slightly, according to the cryptoasset price-tracking site CoinMarketCap.

Advertisement

Prices of other popular cryptocurrencies plunged as well. Ether, which is second only to Bitcoin, saw its prices fall in 24 hours by about 17%, from $2,417 to $2,011. By Sunday evening, these tokens had somewhat recouped their losses, with Bitcoin and Ether down by roughly 9% and 8% respectively in the last 24 hours. During this so-called flash crash, cryptocurrency liquidations totaled roughly $10 billion, according to data from the crypto industry tracker Bybt.

Funnily enough, of the top 10 most popular cryptocurrencies, the only coin that gained value over the weekend was Dogecoin, a meme-based token that started out as a joke but has recently surged in popularity. This past week, the price of Dogecoin shot up more than 400%, topping 40 cents for the first time. And though it isn’t likely to make anyone rich anytime soon, demand for the token has exploded, leading Robinhood to crash several times this week as eager investors flooded the platform, the online stock exchange said in a blog post Friday.

This flash crash comes just days after Bitcoin prices reached a record high of nearly $65,000. The exact cause remains unclear, but analysts have posed a few theories so far. Bitcoin’s value had already weakened a bit on Friday after Turkey’s central bank banned the use of digital assets for purchases, citing “irreparable” damage and transaction risks, Reuters reported.

Meanwhile, China’s Xinjian region, home to a huge chunk of the world’s bitcoin mining operations, also reportedly went dark this weekend due to government-issued blackouts to address safety issues and flood damage, causing a nearly 50% decline in bitcoin’s hash rate, according to Forbes. Around the same time, unsubstantiated rumors spread on Twitter claiming the U.S. treasury is planning a crackdown on money laundering schemes that use digital assets.

Of course, this could also be the cryptocurrency market coming down from its high after a week of furious trading that pushed the value of all coins past $2.25 trillion, Bloomberg reports. With Coinbase, a cryptocurrency exchange platform, going public on Wednesday, it fueled a heightened demand for all things crypto.

“The crypto world is waking up with a bit of a sore head today,” said Antoni Trenchev, co-founder of crypto lender Nexo, in an interview with Bloomberg on Sunday. “Dogecoin’s 100% Friday rally was ‘peak party,’ after the Bitcoin record and Coinbase listing earlier in the week. Euphoria was in the air. And usually in the crypto world, there’s a price to pay when that happens.”

Advertisement

How to Fix Crypto Art NFTs’ Carbon Pollution Problem

The “crypto-” carbon crisis is evolving. And after years of low-key use, art and collectibles tied to what are known as non-fungible tokens (NFTs) have exploded into the global discourse as the Next Big Thing. Embedded with it, though, is an existential tension.

Crypto-art buying is built on the same blockchain technology currently frying the climate. As the potential bubble of crypto art inflates ever higher, so too do the risks it poses to the planet. Each transaction is another glug of carbon dioxide into the atmosphere. Without major overhauls to how tokens are created and sold, critics warn, it could ultimately help foist untold horrors on the biosphere and, by extension, humanity. Though steps are planned to mitigate the effects, if nothing is done soon enough, it could leave crypto art perpetuating the same broken system of extraction and commodity trading that it’s promising to upend.


If you’ve been even mildly online over the past month, chances are you have read about crypto art. The medium has exploded thanks to a few recent eye-popping sales. A gif of Nyan Cat sold for $587,000 in mid-February. A piece by Mike Winkelmann, an artist who goes by Beeple, sold for $6.6 million on Feb. 24, and he has another crypto art piece currently for sale at Christie’s auction house that’s expected to fetch millions as well.

Headlines have steadily devolved into mad libs as the situation gets more extreme. Kings of Leon is selling a NFT album. A clip of a Ja Morant dunk sold for $100,000 (it’s already up for resale for $240,000). Grimes made $5.8 million selling digital artworks of babies in space set to her music. Logan Paul hawked $5 million-worth of Pokemon cards. Taco Bell has an NFT drop. Talk of the spectacle is now feeding on itself and filling up notoriously insufferable Clubhouse rooms.

“[Art is being sold] for several million dollars, I get it,” said Amy Whitaker, a New York University Steinhardt faculty member and longtime blockchain researcher. “It’s very easy to focus on the big shiny objects.”

What adds to the spectacle is what collectors are buying. The Ja Morant dunk, for example, is available for free on YouTube. The Memphis Grizzlies’ video of it has been viewed 28,460 times as of this writing (and it even comes with nearly two minutes of other highlights). I can watch the $100,000 clip right there on NBA Top Shot myself just as I can look at Grimes’ piece or listen to the Kings of Leon NFT drop on Apple Music. What buyers are purchasing, then, is not the rights to a specific clip or art that can never be viewed elsewhere (for the most part). Instead, what they’re usually buying is an NFT tied to a specific media object. That can in turn be re-sold. Whitaker likened NFT-linked art to the original Mona Lisa while the clips and art posted elsewhere are like posters, coffee mugs, or other tchotchkes emblazoned with her iconic smile.

An NFT is part of a blockchain, which you can imagine as a huge digital ledger of transactions, each transaction with a unique code. After one block of information, you add another. The chain cannot be changed without adding an additional block, and the blocks are all publicly visible. In the case of cryptocurrencies like bitcoin, the block is the asset. But most crypto art runs on Ethereum, a blockchain that uses ether as a cryptocurrency. Unlike bitcoin, Ethereum is, in its own words, powering “thousands of decentralized applications” such as NFTs and smart contracts. When you buy one, the token isn’t the art. Rather, it’s the transaction on the big ol’ ledger that essentially certifies the transfer of ownership. It is “non-fungible” because it cannot be swapped with an identical or a similar token. Think of it as proof of ownership of the real thing, even if said real thing is an image sitting on a server somewhere.

But we are not debating the collectible value of non-physical, digital art objects here. We’re trying to assess the explosion of NFT interest and the potential risks and opportunities it poses, something artists have been in ongoing conversation with each other about even before NFTs exploded into the public consciousness.

“This is just a capitalist model on steroids that’s absolutely completely unregulated,” Joanie Lemercier, an artist who recently canceled a NFT drop after calculating the carbon cost of it, said, noting the market “sort of doubles every week. This is why it’s important to slow down and think and maybe take action.”

February saw more NFT transactions than all of last year at three major marketplaces. An estimated $342 million in trades were made. Many were on NBA Top Shot, which, to be clear, does not run on Ethereum. But the money aspect is secondary to the climate impacts of minting and trading crypto art.

The transactions on Ethereum are undergirded by computers around the world racing to solve a puzzle, a process known as proof of work. The computer that completes the task first wins and makes its owner a boatload of money depending on the price of Ethereum’s cryptocurrency, ether, while the rest end up doing work for nothing. This wasted energy takes a huge toll on the climate.

Miners tend to set up shops in places with cheap energy so they can run more processors at the lowest possible cost, maximizing their profit. Cheap generally translates to polluting. China’s Inner Mongolia, for example, is a mining hot spot due to abundant coal power. The province just banned cryptocurrency mining in part due to the carbon pollution issues tied to it. (Though there are some examples of clean mining operations, they’re fewer and further between.) Bitcoin has received the lion’s share of attention because of its huge carbon footprint tied to proof of work, but Ethereum runs on the same principle.

“They run on the exact same algorithm, meaning that they have the exact same wastefulness in them,” said Alex de Vries, the founder of Digiconomist, a platform dedicated to tracking bitcoin and Ethereum’s carbon emissions. “The only difference is that Ethereum allows for more activity on its network than bitcoin does. So you can have a smaller footprint per transaction than in bitcoin simply because the system scales a little bit more than bitcoin does. They’re both running on mining. No matter what, it’s the same process: You have machines wasting energy on useless computation.”

According to de Vries’ calculations, Ethereum’s annual energy use is roughly on par with all of Ireland’s annual energy use. And the curve has bent sharply upward since December, more than doubling over the past three months as more people invest in and use the currency and more miners get in the game to cash in.

Every aspect of an NFT produces carbon emissions, from minting the token to mining the coins used to buy it, to resales. A crypto art carbon calculator went online in December at cryptoart.wtf that allowed users to track the emissions tied with any piece of art. Its creator, artist and computer engineer Memo Akten, has updated it iteratively since then in addition to authoring widely read Medium posts that include the methodology. (Earther reached to Akten with questions about his methodology but hasn’t heard back by the time of this publication.) But the totals it shows for some pieces are staggeringly high. An average single-edition NFT uses as much energy as a typical European Union household does in a month, according to the calculator. Multi-edition NFTs are even more damaging.

“It is simply far too energy-intensive to be treated as a neutral act,” Ketan Joshi, an energy analyst, said in an email. “You get a lot of ‘who went and made you the energy police’ in response to this, but of course we actually do already have a discourse about perceived wastefulness, greed, and emissions intensity. For example, around celebrities catching private jets around the world while urging more climate action.”

Lemercier and a group of activists are conducting an audit of NiftyGateway, one of the main sites where NFTs are traded, using the methodology developed by Akten. That methodology uses a mix of data about the crypto art site contracts and the energy use of Ethereum as a whole to make its estimates of the carbon footprint of individual crypto art pieces. The results show that just 30 of the biggest artists’ drops in February released more than 2,100 tons of carbon dioxide. An open edition of a piece called “The Bitcoin Angel” has sold 4,157 editions on Nifty Gateway, resulting in roughly 468 tons of carbon pollution, which is equivalent to, as Akten’s widely used calculator describes it, using a laptop for 6,000 years.

Grimes’ high-profile drop resulted in 122 tons of carbon pollution. She committed to donating an unspecified portion of the proceeds of the sale to Carbon180, a nonprofit focused on carbon dioxide removal, an unproven but likely necessary technology to avert the worst of the climate crisis and a personal interest of her boyfriend, Elon Musk. It’s easy to feel like this is some kind of cop-out and get pissed at a few wealthy artists for destroying the planet for further profit. But not every artist is a celebrity. A number don’t have gallery representation, and NFTs give them a way to get paid for their work. And as with everything tied with the climate crisis, the issue of NFTs is a system one.

“This is obviously something important to everyone in the space including myself,” Beeple said in an email. He is perhaps the most famous crypto artist of today due to the scale of his recent earnings and the institution of Christie’s facilitating the sale of his work. “NFTs have an amazing potential to empower artists and creatives but they absolutely must be done in a sustainable way. I can assure you that moving forward that all of my drops will not just be carbon neutral but carbon NEGATIVE. I will also be buying carbon credits for my past drops to not only completely offset those but also make them carbon negative as well.”

Martin Wainstein, the executive director of Open Earth Foundation, said in an email that his organization is helping Beeple calculate the carbon footprint of his work using a mix of data from Clean Coins, Digiconomist, and Offsetra, and will provide offsets through Creol that are from the verified carbon standard registry, which are also somehow purchasable NFTs. Offsets are projects that reduce emissions elsewhere. The Creol NFT offsets currently listed on Open Sea, a NFT marketplace, are tied to a reforestation project in Peru that is part of the United Nations’ REDD program.

Blaming artists alone and asking them to shoulder the burden is akin to yelling at people to change their light bulbs or recycle better. These solutions put the onus on individuals to solve a problem they cannot solve on their own. Popular platforms have essentially locked in artists, similar to how major social networks capture users, and have a much bigger say in how to address the carbon pollution they’re responsible for.

Some of the platforms selling NFTs, meanwhile, blame the entire Ethereum ecosystem and are using artists as a shield. Super Rare, one of the most popular NFT sites, published a post on Medium last week under the headline, “No, CryptoArtists Aren’t Harming the Planet,” as if people are only mad at the participating artists. In the post, Super Rare said it would use carbon offsets as a commitment “to reducing the impact of Ethereum’s carbon emissions,” but didn’t make clear how much of its footprint would be offset or how the team would calculate it. The site also said it would donate money to upgrading Ethereum’s ETH 2.0 work, which would completely overhaul how the currency is mined so it’s more sustainable—though again, it didn’t specify how much money it would donate. (Super Rare did not respond to our request for comment.)

Carbon offsets may help assuage some of the concerns around NFT emissions, but they’re not a panacea by any means and have been shown to be highly problematic in many regards. Among the issues are a failure to sequester carbon in the long-term and the fact that forest projects, a common type of offset, often displace Indigenous groups who reside there. It’s also a market-based solution to the problem of climate change that’s been baked in by a free market that has prioritized rapacious growth above all else. At most, offsets can arrest some of the climate damage of crypto art and other emitting industries, but they don’t come anywhere close to addressing the problem of carbon emissions worldwide.

“It’s basically millionaires burning oil for getting millions in rewards,” Lemercier said of the recent big crypto art drops. “This is the last thing we need right now. We need other solutions. And the solutions are here, and they could be deployed at any moment if the CEOs had that in their priority list.

“Any of those platforms today could make a statement that they will implement Harmony as a bridge to those site chains,” he added, referring to a system that uses proof of stake “bridge” to Ethereum that could help lower emissions tied to NFTs. “But they’re just too busy with the money they’re making on a daily basis.”

That one of the biggest crypto art companies doing something about its emissions is choosing offsets instead shows their priorities. It also reveals one of thee conundrums of how the crypto art market is relying in part on the very systems it claims its a bulwark against. What’s supposed to be a democratized, decentralized system that can allow artists more control over their financial fate is instead reliant on continuing extractive relationships by using mining systems that offload pollution into the atmosphere and offsets to cover it. That offloads the costs of the market onto society. Whitaker said the “externalities placed on the environment” are one of the biggest costs of crypto art, but that it ties into other issues with how the market has exploded.

“I think the environmental question is incredibly important and needs to be quantified and needs to be planned for going into the future,” she said. “The solutions may be more holistic than just putting a cast on a broken arm of environmental problems.”

“The goal for allowing global creative participation in crypto and reducing climate impact are one and the same from my perspective,” Ameer Carter, an artist who goes by Sirsu and is working in the space to both sell art and ensure the space is more climate-friendly and inclusive, said in an email. “If this space is largely dominated by a few groups globally, then it will only be those communities shaping our collective future within crypto. Through the inclusion of more cultural communities, their approach to creative work and sustainability will positively impact how we build digital ecosystems moving forward. We can’t expect to think that we are the only participants that have ideas for this space.”

Getting a more diverse set of people involved in addressing these issues could also ensure the marketplaces themselves are more egalitarian, putting Black or queer artists who are traditionally underrepresented in the gallery art world at the forefront of shaping the online one. In comments to TechCrunch, Carter noted how erasure is already happening in the NFT boom. Addressing that head-on now along with the climate concerns could start to heal the growing divide.


ETH 2.0 is in some ways the holy grail of Ethereum because it relies on what’s known as proof of stake mining, instead of the current proof of work. It’s been in the works since 2014 and would change the proof of work approach where every computer is racing to solve one problem to one where it’s essentially a lottery where one computer is randomly selected to solve the riddle. That cuts out an estimated 99% of the energy used and massively reduces waste. The group developing it is aiming for rolling out the proof of stake algorithm by 2022. It sounds great in theory and would alleviate much of Ethereum’s carbon problem overnight, but there’s a slight issue.

“They’ve been saying we’re going to proof of stake since 2014, and they’ve been saying since 2014 it’s going to take six months,” de Vries said. “So for me, I’ve become a bit skeptical that this is going to happen on the timeline they say it will because they haven’t been able to achieve their deadlines for the past few years.”

Proof of stake would also require miners to be invested in the system and gives miners who have more coins already a better shot at getting rewarded. So while it would alleviate some of the climate costs of mining Ethereum, it could end up making the system more unequal while a select few continue to make massive gains.

“For me, proof of stake replicates some of the forms of exclusion that are closely tied to income inequality and unstable societal structures,” Whitaker said. Referring to rules governing investing in non-public companies put together by the Securities and Exchange Commission following the Great Depression, she said, “they use the wealth as a proxy for sophistication. So to invest in private companies, you have to be an accredited investor or a qualified person. What that does is it concentrates wealth because you have to be wealthy to invest in companies that may be high risk, and you may lose money. But these are the companies that become the next Facebook, Google, Airbnb, Coinbase, or whatever it is. So to me, proof of stake has the exact same structure where it requires you to have money in order to make money, and that’s problematic.”

She suggested that proof of stake mining could become more egalitarian if there were ways to collectively own stakes in mining or if those with resources could put up the stake for proof of stake mining and then redistribute the proceeds to the community. Other experts noted that transparency could further help address the issue of emissions, drawing on best practices from cloud computing.

“If there were to be a way forward with this, surely it would be creating a system where the mining process can be somehow tracked back to a company that makes its energy consumption open e.g. I can choose to store my docs with either Google or Apple,” Joshi said. “I know they both purchase 100% renewable power purchasing agreements, but I also know Google does the extra legwork of matching server usage to renewable output, so it’s actually lower emissions.”

Whatever approach, NFTs are also in dire need of effort to ensure they benefit both artists and the planet, including the poorest among who suffer the most from the climate crisis. It’s a cruel twist that people with the least ability to either sell their art as NFTs or purchase work are those who will suffer the most from the impacts of the market the longer it runs on polluting energy.

Some artists are not waiting for platforms to address the issue or for ETH 2.0 to become a reality. A Green NFT bounty has been put up for both decarbonizing the process and raising awareness. It was started by Artnome founder Jason Bailey and has received donations totaling more than $16,000.

“There are multiple ways to approach this issue and it takes more than just the conversion of NFTs to build a better future,” said Carter, who is involved with the Green NFT effort as well as creating a crypto studio known as the Well. “In the interim, the purpose of the Green NFT bounty is to find all of the current solutions, build on top of them, and show to the broader art communities outside of the space that we are not a community that is apathetic to how we treat the world we inhabit.”

Others, including Lemercier, are organizing an eco-friendly NFT Discord server. And though Lemercier didn’t share details, he said he expected some major artists could soon be leaving the polluting NFT platforms for others that run on clean energy or proof of stake mining. Members of the Discord have also compiled a useful list of developers working on cleaner NFTs while others have created a detailed breakdown of how the most popular NFT sites work.


“While obviously these concerns are not just NFT-specific and relate to the entire blockchain, having been in the digital art space for many, many years I honestly believe we will be a leader in aggressively tackling this problem in a much more sustainable way than we’ve seen from the broader blockchain community,” Beeple said. They have their work cut out for them.

There’s an undeniable allure to how crypto art blends the relatively new and old together: the blockchain and collectibles, digital and gallery art, and the promised land of a more egalitarian art market that gives artists a stake in their work in the resale market. Though there are barriers to entry, it points to a future that could make right on past wrongs. The prospect of something potentially new and better is tantalizing.

That alone isn’t enough, though. It could leave artists who aren’t big names on the outside looking in. Much like the Green New Deal, whatever comes next for crypto art will have to address the climate issues and social issues that come hand-in-hand with art. Failing to do so could otherwise leave rich artists and their wealthy benefactors trading the same few pieces over and over from the comfort of their hermetically sealed homes while the rest of the world burns.

How to Use a Hardware Wallet to Store Your Crypto

undefined

Photo: John Biggs/Gizmodo

Keeping your cryptocurrency in the exchange where you bought it, be it Kraken, Coinbase, or Gemini, is inherently dangerous. Most of us will dip a toe into the crypto markets by visiting one of these markets and buying a few hundred dollars in currency. But then what do you do with it? Well, you can buy a wallet to store it in.

I’ve been testing out a new metal-encased crypto wallet called the Corazon made by Gray, a metal gadget case manufacturer. The Corazon costs a cool $599 for the blue titanium model and the limited-edition “stealth” model costs $1,499. For folks who have already made a mint in crypto, this is pocket change. But for the rest of us, I wanted to answer the question: “What do I need this thing for?”

The Corazon is definitely quite pretty. Compared to other crypto wallets, it looks like a work of art. But the case doesn’t particularly matter as much as what’s inside. The Corazon contains a working Trezor Model T, a hardware cryptocurrency wallet made by the Czech-based SatoshiLabs. The Trezor is one of the most popular hardware wallets, in close competition to Ledger Nano. Both are more than capable and there haven’t been (many) security issues (yet)—plus cheaper, less popular models are far too new and untested to be trustworthy.

Advertisement

With that, let’s walk through how to secure your crypto using a hardware wallet.

Don’t trust your exchange

The interesting thing about crypto is that you can buy fractions of a single coin. In the case of Bitcoin, you can buy fractional parts called Satoshis and they usually end up in your exchange wallet. I’m going to walk you through Coinbase’s interface since it’s one of the most popular.

We begin by buying a little cryptocurrency on Coinbase.

Advertisement

You’ll see your crypto in your list of balances. You should never keep your crypto on an exchange. Further, never store your crypto on online wallets. These wallets are notoriously insecure. While your experience may differ, saving your cryptocurrency online is akin to leaving your retirement savings in a dark plastic bag in the backyard—it might feel safe, but there are just too many problems with the scheme to trust it with your fortune.

Further, if you’ve gotten this far and you are planning on “investing” your crypto with someone you met on WhatsApp or Instagram, please stop now. You are being scammed. The typical scam involves sending an amount of crypto to another wallet and then getting multiple notifications that your crypto is rising in price. When you try to withdraw your cash, however, you’ll find it very difficult and will be asked to add more funds until the scammer has had enough of you. I’ve written about these extensively and if you have any questions email me at john@gizmodo.com.

Advertisement

Again, do not trust an exchange or online wallet with any amount of cash and do not send cryptocurrency to investors or people you do not know.

Using your wallet

Illustration for article titled How to Use a Hardware Wallet to Store Your Crypto

Photo: John Biggs/Gizmodo

Advertisement

Now that you have some crypto and have not been scammed, plug in your Corazon (or Trezor) and activate it. The Trezor website connects to your device via your Chrome browser and the entire process is done online.

A hardware crypto wallet is essentially a secure storage device. To receive and send crypto, you need a wallet address, a public key (think of it as your public signature), and a private key (which must remain secret). Your wallet address—something like 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2is a long string of letters and numbers that identifies your wallet. You can hold multiple wallets on one hardware device and there are multiple types of wallets, one for each type of cryptocurrency. The hardware wallet stores your private keys securely, allowing you to access these wallets without typing in a very long and complex string of digits. You can feasibly store this information on paper—and people used to enjoy using “paper wallets” to store their crypto—but a hardware wallet is superior.

Advertisement

To set up your wallet, plug it in and visit the maker’s website. In Trezor’s case, the system will initialize the wallet, install the secure software, and create public and private keys. The Trezor stores these keys internally and the keys are considered secure as long as they are on the device. The device will also generate a pneumonic Recovery Key, which consists of about 20 words that are easily translated to the string of digits that makes up the private key. These words are also called a Recovery Phrase because they are used to recover your wallet if you lose any of your passwords or PINs.

Some of my recovery key. Don’t worry. I’ll be wiping this thing.

Some of my recovery key. Don’t worry. I’ll be wiping this thing.
Photo: John Biggs/Gizmodo

Advertisement

The Trezor Model T usually has 24 recovery words but it also supports a new type of key that is split into multiple chunks of 20 words each. This means you could hide a chunk of your key in different places—home, work, with a friend—and recover your wallet if something terrible happens.

Whichever you choose, the system will walk you through the setup process and ask you to set a PIN for accessing the hardware wallet. Keep the recovery seed and the PIN safe. Do not keep them on your computer or your phone. To be completely safe, write it by hand on a piece of paper and store a few copies in different places. Your Recovery Phrase is the only thing standing between you and disaster.

Advertisement

Illustration for article titled How to Use a Hardware Wallet to Store Your Crypto

Screenshot: Trezor.io

Once you’re done setting up the device, your wallet is ready. The system will often ask you to confirm things on the hardware device before it allows you to perform certain actions.

Advertisement

As you see above, I’ve shared the actual wallet address for the Corazon Trezor in front of me. I’m able to do this because you can’t actively steal anything from me using only my wallet address. In fact, you can see my wallet on the Internet and even see how much I’ve deposited and withdrawn. If that sounds a little creepy, welcome to cryptocurrency.

Advertisement

I move over to Coinbase and initiate a funds transfer. Every transfer costs a small amount of money, in this case about 2 cents.

Advertisement

If your transfer doesn’t show up immediately, don’t fret. Cryptocurrency transfer systems are fairly slow when compared to the traditional banking system and most wallets require multiple confirmations before they display your balance. These confirmations are like firm nods from the rest of the network that they agree that the transfer was legitimate and they are part of the fabric of the crypto networks. Explaining the blockchain is beyond the scope of this article but you can imagine these confirmations as thumbs-ups from various users around the world who saw your transaction happen and agree that it is legitimate.

Illustration for article titled How to Use a Hardware Wallet to Store Your Crypto

Screenshot: Trezor.io

Advertisement

Once the network confirms the transfer, you can unplug your Trezor and go about your day. Any time you need to access your riches you simply connect the Trezor to your computer and send or receive based on the on-screen and on-device prompts. Store your Recovery Phrase in a safe place and absolutely do not forget your PIN. You are your own bank when you own one of these things, and you’re responsible for your security. If that sounds daunting, stick to debit cards and ATMs until crypto formally enters the financial system.

That said, the cryptocurrency landscape is rapidly changing and devices like the Corazon are indicative of a real shift in perception. Whereas cryptocurrencies were once considered only for hackers and cyberpunks, a $600 titanium crypto wallet to store your crypto millions is much more mainstream. Just don’t start wearing it like some kind of cyberpunk pocket watch and you’ll be fine.

Advertisement

Exiled WallStreetBets Mods Want to Make a Blockchain-Based Hedge Fund

Illustration for article titled Exiled WallStreetBets Mods Want to Make a Blockchain-Based Hedge Fund

Screenshot: WallStreetBets

As praises from celebrity investors and movie deals rained on the subreddit/memestock trading floor WallStreetBets, its two contingents of its moderators went to war, each accusing the other of profiteering off the community’s newfound fame. Now, those beaten in the squabble intend to start a competing community which will act like a “decentralized hedge fund.”

The bitter he said-he said started last month when a group of primarily-newer moderators (most visible among them, zjz, who joined last year) accused the veteran mods (who include only1parkjisung, who joined as a moderator around 2014) of coming back from dormancy to “cash in” on WallStreetBets’ sudden newsworthiness. Zjz wrote on February 5th that wsb had been “taken hostage” by the old mods who referred to themselves as the “board of directors”:

We’ve been taken hostage by the top mods. They left for years and came back when they smelled money. They’ve been busy creating private email addresses to funnel all the press correspondence away for their own gain, talking shit about all of the active mods, and scrambling to get paid from some movie deal.

Advertisement

Zjz and fellow detractors were stripped of moderator status (the reasons itself are a source of dispute). Soon the ouster was reversed by Reddit’s admins, who restored the new mods—including zjz—and sent the old guard packing.

“We had not left the group at all,” one former WallStreetBets moderator, positionsorban, told Gizmodo via Reddit chat. Positionsorban said that while the now-ousted group “did let zjz and his bots take over more and more of the day to day moderating,” they still “discussed wsb related issues daily,” posted, and awarded flair. Some, they said, “did things behind the scenes like organize AMAs with people like Benn Eifert and Mark Cuban.”

Modwars aside, the defectors’ project “WallStreetBets 2.0,” is being pitched—with memes, naturally—as a blockchain-based DAO (decentralized autonomous organization), to allow WSB 2.0 users to pool tokens and split the profits of a collective bet. They write:

It’s time to build a new version of WSB. A decentralized version powered by smart contracts, where no one – not the mods, not Reddit – owns the platform. A place where you are financially incentivized to share your ideas and your memes. A place where you don’t need to trust anyone because you can view the public, audited, and immutable code. A place where millions of individuals can pool their money together to have more power and influence in the market than the largest hedge funds […] it’s time to stop betting against the house and become the new house

Advertisement

“Smart contracts” refer to self-executing contracts that are permanently traceable, with terms written in code and distributed across a blockchain network. They don’t say what the specifics of this contract might be, but we’re imaging users would vote on stock with DAO-issued tokens and decide when to exit their position, rather than relying on, for example, rocket ship emojis to sustain investor perseverance. Only1parkjisung told Gizmodo that they’re still working out details like potential fundraising, but say that at least half a dozen people, mostly “og mods,” are involved.

The idea isn’t new; in 2016, the original DAO raised over $160 million, but just days later, a hacker stole $50 million of DAO tokens (ether). As Stephan Tual, the COO of Slock.it which created the DAO pointed out to Wired at the time, it’s almost impossible to sell purloined DAO tokens on the cryptocurrency market, since all contracts are permanently recorded. But cryptocurrency exchanges delisted the DAO token nonetheless. To this day there are only a handful of companies in the space, and it seems clear there are more than few kinks to iron out.

Advertisement

The WSB 2.0 site refers to a tweet from former Coinbase CTO Balaji Srinivasan explaining how the concept would safeguard people from “bag holding” and further point to the ramblings of Mark Cuban, embedded in a YouTube video:

Just imagine if Wall Street Bets…instead of being just a forum was a blockchain-based forum where everybody put up one Ethereum, and everybody…took a half of it, you over-collateralized, and everybody contributed, and you looked to see how many participants you had on WallStreetBets blockchain. And then everybody voted on what stock to invest in. Everybody got a token to pick which one they invest in. And then…everyone agreed how often they would review that investment. Is it by the minute? Is it by the hour? By the day? And then you can put a council together where people can assign their voting because some people don’t want to deal with it every minute of every day. Now all of the sudden, that WallStreetBets forum is organized with blockchain-based governance, decentralized governance where the users get to vote? Oof.

Advertisement

“Without knowing the details, which they clearly haven’t filled in for us yet, it’s hard to tell whether their plan is likely to turn out well or not,” Andrew Miller, an associate director of the Initiative for CryptoCurrencies and Contracts (IC3), told Gizmodo via email. “But, could it be feasible? Sure!”

The premise isn’t actually that complicated, he claims. “The basic mechanism of a smart-contract based DAO is straightforward – the smart contract will define rules for how to vote on buy/sell decisions, how to collect funding contributions from participants, how to divide up control and voting rights among the founders and early adopters.’ But Miller added that a new team would be more likely to stumble over regulatory risks and buggy software—and that there’s no direct way to link smart contracts to the stock market yet.

Advertisement

WSB 2.0 would also need to overcome the hurdle of migrating the 9 million or so subreddit users from Reddit (a massive, popular, largely functional website) to their new, untested one—something several grievance-based projects have attempted with varying levels of success.

It might not help their case that the exiled mods have devoted part of their launch page to relitigating drama with their rivals (i.e. that another mod was monetizing WSB through t-shirt sales.) That said, they do provide evidence to support their claim that zjz misrepresented their intentions for what to do with any Hollywood money: the site includes both the cropped version of a Discord chat apparently used by zjz, as well as a more complete version indicating the money was earmarked for charity from the get-go. The charity assertion is also backed by text message screenshots obtained New York Times journalist Nathaniel Popper.

Advertisement

“Unfortunately, we have no comment at this time,” current WallStreetBets mods wrote to Gizmodo via DM. “We have a duty to the readers of r/wallstreetbets to to keep the subreddit clean and stable, and that means moving past the grievances of our countless detractors.”

We’ll leave the screenwriters to figure out the protagonists, I suppose.

Advertisement