cybersecurity

📅 December 17 | Cybersecurity
After more than a decade of massive data breaches, hacked vaults, and compromised servers, Tether decided to attack one of the weakest points of the digital age: the absolute dependence on the cloud to protect critical secrets.

📖Tether officially announced the launch of PearPass on Wednesday, a new password manager designed to store credentials directly on users' devices, without relying on cloud infrastructure or centralized servers. According to the company, this approach eliminates the vulnerabilities that have plagued traditional password managers for over a decade.
The product, first previewed in June 2025, is based on device-level encryption and peer-to-peer synchronization. Tether stated that passwords never leave the user's hardware, except when shared between their own devices via end-to-end encrypted P2P channels.
The company presented PearPass as a direct response to the rise in security breaches on centralized platforms. Earlier this year, more than 16 billion passwords linked to Apple, Facebook, Google, government services, and social media were exposed in what Forbes described as the largest data breach ever recorded.
Tether CEO Paolo Ardoino was emphatic in explaining the project's motivation: every major data breach demonstrates that if secrets reside in the cloud, they don't truly belong to the user. According to the company, PearPass eliminates the "single point of failure" represented by server-hosted vaults and returns full control to users over passwords, recovery keys, and synchronization flows.
Instead of relying on cloud services, the application uses end-to-end encryption, open-source cryptographic libraries, and has already passed an independent security audit conducted by Secfault Security.
The application includes exclusively local storage, a password generator, peer-to-peer synchronization, and key-based recovery. Tether indicated that PearPass will be available for free on major platforms.

Topic Opinion:
Tether is bringing to the mass market the same logic that made Bitcoin and the crypto ecosystem strong—eliminating intermediaries and single points of failure—in a landscape where centralization has proven to be a systemic risk.
💬 Would you trust a cloud-less manager more?

Leave your comment...
#Tether #CyberSecurity #decentralization #BTC #CryptoNews $BTC

The U.S. Federal Trade Commission (FTC) is moving to finalize a landmark settlement with Illusory Systems Inc., the company behind the now-infamous Nomad crypto bridge that was drained of nearly all user funds in a massive 2022 hack. The proposed agreement follows a lengthy investigation and includes strong new obligations for the firm.
If approved, Illusory will be permanently banned from misleading users about its security protocols. The company would be forced to implement a formal cybersecurity program, undergo third-party audits every two years, and return any unrecovered funds if found.

A $186 Million Wake-Up Call for the Industry
According to the FTC, the hack resulted in an estimated $186 million in stolen digital assets, with over $100 million in losses absorbed directly by retail users. The attack was made possible by what the agency describes as “severe negligence” in Nomad’s internal response systems.
One of the most startling failures involved a delayed reaction due to the absence of any structured emergency protocol. “At the time of the breach, the platform relied on an engineer sending code via airplane Wi-Fi,” the FTC stated. “That delay proved fatal.”
The incident exposed a critical flaw introduced in a smart contract during a June 2022 update. On August 1st, hackers exploited the vulnerability, draining assets across multiple tokens – including Ethereum (ETH), USDC, DAI, and WBTC – within hours.

FTC: False Security Claims and Ignored Best Practices
The FTC accuses Illusory of marketing Nomad as a “security-first” solution while failing to follow even basic software development standards. Despite publicly claiming that all smart contracts underwent extensive testing, engineers admitted post-hack that proper testing protocols had often been skipped.
Worse yet, the platform lacked any dedicated reporting or escalation procedures for potential exploits. The agency argues this directly violated the Federal Trade Commission Act and left users dangerously exposed.

Settlement Under Review – Public Comments Invited
The FTC’s signed consent agreement is currently open to a 30-day public comment period. If no objections arise, the settlement could soon be finalized. It includes mandatory security reforms, financial restitution, and oversight of Illusory Systems’ future operations.
Nomad, launched in 2021, was a cross-chain bridge enabling token transfers between blockchains like Ethereum and Avalanche. After the breach, the team managed to recover just $22 million of the stolen funds.

Arrest in Israel Adds Another Twist
In a dramatic postscript, Israeli authorities earlier this year arrested Alexander Gurevich, the alleged mastermind behind the Nomad exploit. According to investigators, Gurevich attempted to flee to Moscow shortly after changing his legal name. He was apprehended at the airport before boarding his flight.
The Nomad case underscores a critical need for tighter cybersecurity standards across Web3 infrastructure – and offers a stark reminder that regulators are no longer sitting on the sidelines.

#CryptoHack , #BlockchainSecurity , #CyberSecurity , #Web3 , #DigitalAssets

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“