One of the world's most prominent distributed ledger projects has been pushed back by a year

US government sponsored research is casting new light on the security of blockchain technology, including the assertion that a subset of a distributed ledger's participants can gain control over the entire system.

The finding is part of a study [PDF] conducted by IT security researchers at Trail of Bits and commissioned by the Defense Advanced Research Projects Agency that points to several ways in which the immutability of blockchain – the distributed ledger on which Bitcoin and other cryptocurrencies rely – can be called into question.

Investigators at a blockchain analysis outfit have linked the theft of $100 million in crypto assets last week to the notorious North Korean-based cybercrime group Lazarus. The company said it had tracked the movement of some of the stolen cryptocurrency to a so-called mixer used to launder such ill-gotten funds.

Blockchain startup Harmony announced June 23 that its Horizon Bridge – a cross-chain bridge service used to transfer assets between Harmony's blockchain and other blockchains – had been attacked and crypto assets like Ethereum, Wrapped Bitcoin, Binance Coin, and Tether stolen.

According to blockchain analytics company Elliptic, the attacker immediately turned to Uniswap, a decentralized exchange, to convert most of the assets into 85,837 Ethereum, which researchers said is a common method used by hackers to avoid the stolen assets from being seized.

Executives at China's Blockchain-based Service Network (BSN) – a state-backed initiative aimed at driving the commercial adoption of blockchain technology – labelled cryptocurrency "the biggest Ponzi scheme in human history" in state-sponsored media on Sunday.

"The author of this article believes that virtual currency is becoming the largest Ponzi scheme in human history, and in order to maintain this scam, the currency circle has tried to put on various cloaks for it," wrote Shan Zhiguang and He Yifan in the People's Daily.

He Yifan is the CEO of startup Red Date Technology – a founding member and architect behind BSN – where he serves as executive director. Co-author Zhiguang Shan is chair of the BSN Development Alliance.

Comment Microsoft co-founder Bill Gates has declared that "expensive digital images of monkeys are going to improve the world immensely."

He was joking, obviously, though considering Gates's supposed connection to microchips in vaccines, one can never be too careful. What he's talking about are non-fungible tokens (NFTs), which came up at a TechCrunch event in Berkeley, California, on Tuesday. Specifically the Bored Ape Yacht Club variety.

You know those kids' books where the picture is divided into three (head, body, legs) so you can turn different sets of pages to get a different image? That's what the Bored Ape Yacht Club is for those willingly parted from large amounts of money for the right to stand next to a picture of a cartoon chimp.

China’s Supreme People’s Court has issued an opinion calling for massive adoption of blockchain across China’s judiciary, financial sector, and government, and for the technology to underpin intellectual property in the nation.

Published last week, the opinion* reveals that the Court has already recorded 2.2 billion items on a judicial blockchain. The Court now suggests 32 more initiatives, most of which concern using blockchain to enhance efficiency of, and trust in, the nation’s judiciary.

But the recommendations also go far wider, calling for the creation of “an interoperation collaborative mechanism with blockchain platforms”. That effort will allow “market regulation, property registration … and enable inquiry about and verification of information related to the ownership registration and status of transactions, such as basic business profile, variation of corporate equities, correlation between businesses, ownership of immovables and movables, financial leasing, precious metal trading, to facilitate the identification of ownership and transactions of property rights, so as to intensify the development of the classified and categorized supervision system based on data and credit, and to further improve the national business environment.”

A flaw detected in the browser version of the Ever Surf cryptocurrency wallet could have given hackers who exploited it full control over a targeted user's wallet, say threat hunters at Check Point Research.

The security vulnerability made it possible for threat actors to decrypt the private keys and seed phrases found in the browser's local storage, opening the door to cracking the victim's wallet and accessing the cryptocurrency stored there, the researchers wrote in a blog post Monday.

"As the browser's local storage is unprotected, the data stored there must be securely encrypted," they wrote. "Despite the fact that Surf uses reliable cryptographic libraries for the key derivation and the encryption, the sensitive data in the web version of Surf doesn't appear to have adequate protection."

HPE has lifted the lid on two new AI products, one aimed at enterprises wanting to build and train machine learning (ML) models at scale, and a second that introduces a decentralized ML system to enable distributed or edge deployments to share updates to their models.

The HPE Machine Learning Development System is a combined hardware and software platform based on technology gained from the buy of Determined AI last year.

Now rebadged as the HPE Machine Learning Development Environment, this is integrated with HPE compute infrastructure to deliver a system that HPE claims can speed up the typical time-to-value from building and training machine models from weeks or months to days.

Miscreants exploited a now-fixed design flaw in the Rarible NFT marketplace to steal a non-fungible token from Taiwanese singer and actor Jay Chou and sell it for about $500,000.

That's according to folks at Check Point, who on Thursday said the vulnerability could have been abused by crooks to gain full control of victims' marketplace accounts and the funds in them. Earlier this month, Chou said his NFT was stolen in what looked like a phishing attack.

When researchers Roman Zaikin, Dikla Barda and Oded Vanunu investigated the security shortcoming they found that fraudsters could lure users to click on a link to malicious NFT, enabling them to take control of their marks' Rarible accounts using a standard called EIP-721.

The Australian Securities Exchange (ASX) is attempting to replace its core trading systems with a blockchain-powered alternative – an effort often touted as one of the world's most significant blockchain implementations. Unfortunately, the project has struck trouble, again.

The application in question is called "CHESS" – the Clearing House Electronic Subregister System. ASX trading data suggests it handles 39.7 million trades in an average month. The Register understands the platform was built in COBOL and runs on servers running the discontinued Itanium processors cooked up by HPE and Intel in the 1990s – a combination that saw the ASX announce a blockchain-based rebuild in 2017, with a planned go-live in 2021. That was subsequently revised to April 2022, then April 2023.

The ASX liked the idea of a blockchain-powered bourse because it would mean market participants could store their own copy of the distributed ledger that recorded the state of the market. Orders placed on participants' own systems would be mirrored across the network of participants, with all entries immutably recorded – just the way traders and regulators like it.

Analyst firm Forrester Research has had a look at Web3 – the buzzword describing blockchain-powered decentralized metaverse-y stuff – and decided there's not a lot to like.

The firm this week issued a pair of documents assessing Web3.

The first, titled "Web3 And Web 3.0 Are Synonymous Today – But This Wasn't Always True", points out that the term "Web 3.0" was first used in the mid-2000s, when it was used interchangeably with Sir Tim Berners-Lee's vision of a "semantic web". The term re-emerged in 2014 when Ethereum cofounder Gavin Wood suggested the Ethereum blockchain become the foundation for a decentralized web.