This Week in Web3—Indian e-governance's big move to web3, the growing threat of cryptojacking and more!

GM people of web3!

Kabl3 is back to deliver your weekly news update of the web3 land. We have a lot to uncover today, so let's dive right into what we have for you today:

• The Maharashtra government ties up with Polygon

• Weekly Web3 Wrap

• Learn with Kable Recap

• The growing threat of cryptojacking

• Interesting reads from this week

This week in crypto 📈

Weekly web3 wrap 🗞

The Maharashtra government ties up with Polygon

The Maharashtra government wants to roll out 65,000 caste certificates to aid the process of delivering governmental schemes and benefits. The government has partnered with LegitDoc (built on Polygon), a blockchain-based application that claims to be the most secure record-keeping technology that exists today.

The Maharashtra government has previously implemented an Ethereum-based credentialing system to provide tamper-proof diploma certificates to avert document forgery.

Indian Administrative Service (IAS) officer Shubham Gupta revealed that the Indian government is always on the lookout to implement disruptive technologies that can help democratize citizen services. He opened up more about his take on Twitter, read here👇

In an article co-authored by LegitDoc CEO Neil Martis, Gupta highlighted:

• Caste certificate issuance via neutral Web3 platforms aims to target 1.1 million economically challenged residents of the Gadchiroli district, with over 70% tribal population.

• It aims to deter forgery efforts to claim government-provided benefits for the underprivileged falsely. They also emphasize the importance of Web3 protocols in protecting the general public against financial and non-financial deplatformation.

• Jurisdictions, including Singapore and Malta, have implemented similar e-governance initiatives. "It can aid us to achieve our mandate of true democratization of citizen services."

How will it work?

• The LegitDoc platform fetches selective data from the government-run MahaOnline portal and uploads it to the Polygon proof-of-stake (PoS) blockchain.

• The system then generates a QR code and verifiable certificates; even the printed form of the certificate can be verified.

• Various departments within the Maharashtra government, including MahaIT, the social justice department, school education departments, the minorities department and NMMC-Mumbai, are in the process of upgrading traditional systems to blockchain-based documents/data storage.

Like every decision, this step has garnered mixed reviews from the masses. While one side applauds the government embracing, the other side feels it is "one step forward and two steps backwards."

More web3 news you should know about:

Axie Infinity's Ronin Network hacked for $625M in USDC & ETH

Ronin, the Ethereum sidechain for NFT game Axie Infinity, was discovered to be hit with a sizable exploit of about $622 million worth of Ethereum and USDC this Tuesday. The exploit took place on March 23 when the attacker "used hacked private keys to forge fake withdrawals" from the Ronin bridge across two transactions.

A total of five validator private keys were hacked; 4 Sky Mavis validators and 1 Axie DAO. Ronin cites that the root cause of the attack was the small validator set which made it much easier to compromise the network—more updates on Ronin's newsletter.

Binance To Be The Official Cryptocurrency Exchange Partner of the 64th Annual GRAMMY Awards®

Binance will become the first-ever official cryptocurrency exchange partner for the 64th Annual GRAMMY Awards® and GRAMMY® Week events, including the inaugural Recording Academy Honors celebration.

The exchange will work with the Recording Academy throughout the year to bring various Web3 technology solutions and experiences to the organization's members, events and initiatives.

OpenSea to add support for NFTs minted on the Solana blockchain from April 2022

OpenSea announced this Tuesday that it would start listing NFTs minted on the Solana blockchain from April 2022. OpenSea posted a video to Twitter that shows enthusiastic users who believe Solana's integration will be "huge." Time for lower gas fees and being a little more environmentally friendly!

BAYC Discord Briefly Compromised, Users to Avoid Discord for Minting APE NFTs

The Bored Ape Yacht Club (BAYC) Discord was hit by a malicious tool that intended to trick users into minting fake NFTs from the Bored Ape collection. BAYC has advised members not to mint anything from Discord right now.

👉 A ticket tool that verifies users and pushes channel-wide notifications was compromised

👉 Clicking on the malicious links enticed users to mint a limited edition NFT & lead to an illicit script that could steal a user’s NFTs and other wallet information

Learn with Kable 👩‍🏫

This Tools Tuesday, we discovered a way to transfer and receive funds from all over the world with zero transaction charges, and the best part is that you can get started with it at $1 per year! Let's take a look at Wagmi.bio 👀

Earlier this week, $625M was stolen from Axie Infinity's Ronin Network, making it one of the biggest hacks in web3 history! Here's our thread on what happened and what is next for the "Ronin Bridge Exploiter."

The growing threat of cryptojacking

Every cryptojacking incident keeps breaking records every other week, and the threat to crypto investors and the web3 community keeps increasing. Cybersecurity firm SonicWall estimates that the amount of all cryptojacking attacks grew 19% year over year in 2021, with the bulk of the increase coming from Europe.

The recent cryptojacking incidents have everyone on high alert. Even big tech firms like Google and Amazon are on high alert about cryptojacking threats to their cloud servers. Cybersecurity firm Kaspersky’s general manager for Southeast Asia, Yeo Siang Tiong, pointed out that as bitcoin prices soared in September 2021, the number of users encountering crypto mining threats reached 150,000 – its highest monthly level.

The sophistication of cryptojackers

In its cybersecurity report, Google Cloud said 58% of attacked cloud instances had the malware downloaded within 22 seconds of the initial compromise, indicating the hackers used automated tools.

For example, Kubernetes is an open-source system for automating deployment, scaling, and managing containerised applications that have been increasingly popular among tech firms.

Along with their own cloud management software, Kubernetes options are available on cloud services like AWS and Google, but the container system can also be configured and deployed independently of providers. Graboid, a type of worm malware, specifically targeted so-called containers, akin to virtual machines but running on Kubernetes.

A cryptojacker’s attack methods

• The most popular method of attack is phishing. In 2021, SonicWall observed cryptojacking also spreading through pirated and cracked software.

• In 2019, Interpol found that more than 20,000 routers were affected by illegal crypto-mining malware.

• Operation Goldfish, as it was called, took five months and involved law enforcement authorities from 10 Southeast Asian countries. Through these routers, the hackers were able to infect machines, and the mining software was actually running in the background of browsers, Tee said.

Cryptojackers are hidden in plain sight

Unlike other attacks, crypto miners flourish by being stealthy over long periods of time to mine as much cryptocurrency as possible.

Cryptojackers will hijack enough devices to pool their processing power to create a large cryptojacking network that is more effective in generating income, said Kaspersky’s Yeo. This leads to a “sudden slowing of devices or a rise in cross-company complaints about computer performance,” he said.

More broadly, organizations are struggling with “multiple cloud providers, non-standard security controls, and a lack of visibility into what is occurring inside of their environment,” VMware’s principal cybersecurity strategist, Rick McElroy, told CoinDesk via email.

But cryptojacking attacks are still not as sophisticated as other types of cyberattacks. Experts say consumer awareness remains the key to cyber defence. Here’s a quick thread to help you take all the necessary security measures:

Interesting reads from this week 🤓

The Growing Digital Asset Lifeline in Ukraine — www.coindesk.com

Crypto donations have been a major source of support for Ukraine’s defense and humanitarian efforts. Meanwhile, Russian citizens may also embrace crypto more as their economy and currency craters due to international sanctions.

On The Gambler’s Mindset & Mastery of the Inner Ape | by The DΞFi Ξducator 📖 | Apr, 2022 | Medium — medium.com

Are we (traders & cryptocurrency investors) all just delusional gamblers drawing patterns on a screen? This will be an essay on the psychology of gambling & trading. Why do 95% of traders lose? And…

That’s a wrap for This Week In Web3!

Liked what you read? Share our issue with your curious peers and spread the web3 word around. For more in-depth analysis and hot drops, follow us on Twitter and Instagram—you won’t miss a thing!

Help us improve and cater to your preferences by giving us feedback by clicking on the thumbs up or down icons below!

If you’re an early-stage Web3 builder or would like to venture out to the Web3 ecosystem, our creative-capital studio Spacekayak would be more than happy to assist and come along with you on your Web3 journey! Know all about us here.

wagmi 🚀