Spyware that completely takes over, a browser extension to keep your transactions safe and more!

gm 👋

Thank you for being a part of the Cypherock family. Come rain, hail or storm, we are heads-down building the best possible product to keep your digital assets safe.

Over the next 8-10 minutes, we will be talking about hacks that caught our eye, DApps that we found interesting and our picks from Twitter and Reddit that we enjoyed.

If you loved the newsletter, message us! If you hated the newsletter, message us! We’re always looking for fresh perspective on things to cover and feedback to make your experience better!

Have an awesome week ahead!

Team Cypherock

What we’re covering this week

• Spyware that will make you run for the woods ☠️
  
• Protect your transactions using Radar 🔐
  
• Common trends in phishing scams in web3 🎣
  
• An introduction to the Algorand ecosystem ⛓
  
• Updates from Cypherock 🔥

Security Digest

Pegasus: Spyware that turns people into targets

Mass surveillance is not a new concept, but the NSO Group takes the cake for making Pegasus, a spyware that can be covertly installed on your mobile device and can be installed using a zero-click exploit. A zero-click attack is one of the most dangerous forms of cyber attack since it does not require the user to take any action such as a mouse click, or a button press. A malicious feel need only be dropped onto the device, and operates on the background without the knowledge of the user. Pegasus, once installed on a user’s device gains complete access over the device, say a mobile phone, and can switch on the microphone, or the camera to give to assist the attacker in spying on the surrounding area.

Pegasus can be installed by setting up a wireless transceiver near a target device, or by getting access to the device. Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, and settings, as well as gather information from apps including iMessage, Gmail, Facebook, WhatsApp, Telegram, and Skype. If the program is not able to communicate with its command-and-control server for over 60 days, or if it is installed on a wrong device, Pegasus has the capability to self-destruct - delete itself from the device. The software can cost up to $8M, but can be obtained on the dark web for as low as $1M.

As to why Pegasus had come to be is still up to debate, there are narratives that mention that this technology help protects the interests of the government, but can easily be used to target prominent individuals. Mass surveillance does not only pertain to prominent individuals, but also has implications for the everyday individual - you and me. The development of the ‘individual privacy stack’ is becoming more and more important as technology gets more complex, and cryptocurrencies are merely a first step in creating a digital presence that is governed by the self.

Dapp News

Monitor your transactions to avoid getting rekt

Radar is a chrome extension developed by Mesh Labs that allows you to monitor your address and helps you analyze whether the transaction that you are making is safe or not. There are two key features that Radar offers.

Radar makes reading transactions easier - often times transaction data is hard to read, and most individuals skip over the details of what is being transferred, if any assets are being affected and which platform is requesting this transaction. Radar allows you to view these details in the wallet extension itself.

Through Radar you also have the option to receive customized risk reports. Depending on your risk tolerance, you can tweak the reports feature to help you understand whether the transaction and the changes it is about to make to your wallet are potentially low, or high risk.

Breaking down transactions are an important aspect of web3 UX, and is key in mass adoption of crypto.

Welcome to the future.

Twitter Tales

Phishing in web3 is no surprise. With new scams on a daily basis, here are some common trends in phishing that you can look out for.

Check out the thread here.

Reddit Reads

Have you heard of Algorand? If not, here is a comprehensive guide written to Algorand. The guide covers everything from wallets, to DeFi platforms to NFTs.

Intro to Algorand from r/CryptoCurrency

Updates from Cypherock

We hosted our first BUIDL hour this past week, and talked about all the exciting updates that Cypherock is planning for users. Check out the Twitter Space here.

We discussed adding on/off-ramp support, adding token support for more blockchains, SDK development and more!

Is Your Crypto Safe? Take the Cypherock Quiz and find out!

Will your crypto get hacked? Are you going to lose your crypto? Cypherock has come up with a detailed quiz that will help you understand the pros and cons of your security model. Upon completion, you will get a detailed analysis mailed to you. Take the quiz now!

Here’s some alpha 🚀

Security is our utmost concern. We want to keep your crypto safe and give you the best possible experience interacting with the web3 ecosystem. Because we like you, we want you to make money too!

Cypherock recently launched an affiliate program. You receive a unique code by either signing up on our website, or by purchasing a Cypherock X1. Through your code, your referrals receive 10% off on their purchase and you make $25 per sale!

Sign up to become a Cypherock Affiliate!

Have questions regarding our product, or the affiliate program? Our Growth Lead loves chatting with people, hit him up here.