IMPORTANT: Security Update — Must Read
Intergalactic Gaming (IG) takes security very seriously. To this end, we have recently taken on a major figure in IT security to make sure we are always at the forefront of cyber security. He has developed security systems and technology for the UK Armed and Special Forces, blue-chip companies and banks. He is also a renowned keynote speaker at many large scale security events and has also been a consultant and security expert for the BBC and Satellite TV shows.
As part of the support we offer to our community, we will shortly start providing regular security bulletins to ensure our users are well informed of any potential risks, along with tips on how to be proactive with protecting their systems.
We recently conducted an in-depth investigation into a security issue that was brought to our attention by a member of our community. After thoroughly investigating our logs and security infrastructure, which is an ongoing process, we are pleased to inform you that there is no evidence that a breach has occurred within IGGalaxy.
Nevertheless, to ensure we support our community, we have decided to broaden our investigation to analyse transactions on the TRON blockchain in real-time (and retrospectively over the past week) to identify any suspicious activity in wallets outside of the platform that are linked to our own — this is of course available publicly on the blockchain. We will keep our community informed as appropriate.
Security is everyone’s responsibility. With today’s distributed systems it’s even more important that users protect their computers as well as companies protecting theirs.
Please make sure you read this security update fully and share with your online world! It is important — we will always be striving to be at the cutting edge, but don’t forget you have to do your bit too.
“Hot off the Press!”: Staying Safe using Google Chrome
On 15 July 2019, Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates:
When a company like Google release a security fix for their software, their flaw becomes public knowledge. This means that hackers know instantly what the vulnerability was and can therefore start writing software to gain access to un-updated systems.
Applying updates as soon as they are released is crucial to staying secure online. We understand that this can sometimes feel like a daunting task as there are many software products to consider. We recommend that you often check the following two key parts of your system:
- OPERATING SYSTEM FIXES
- BROWSER FIXES
Most software provide automatic updates and will regularly prompt you when an update is yet to be installed. Auto-updates should always be enabled as the advantages of doing so will always outweigh the disadvantages.
Below, we have included two screenshots of how to ensure you are up-to-date with Google Chrome’s latest security fix:
If you have not installed the latest Google Chrome update, then you will be prompted to do so on the screen below:
We encourage all users, whether within the community or not, to ensure they have the latest update installed and to be diligent with future updates. Make sure to pass this message on!
FYI: IG Security
Part of our security strategy is to monitor unauthorised failed login attempts to our user accounts. There are many automated hacking systems that periodically probe user accounts on websites around the internet in an attempt to gain access.
Many sites on the internet have weak security practices and user/password lists that are often stolen and sold on the Dark Web. Again, we must stress how important it is that you never use the same password on multiple sites for this very reason; it’s even more important that you never do this for systems that use altcoins (alternative coins: coins other than Bitcoin).
If you only use your password for IGG then you are optimising your online safety; however, if you use the same login and password for IG as other internet accounts you are leaving yourself exposed to online attacks, so we highly recommend that you reset your password to a unique password used only for your IG account.
Not only can your wallet password be used to authorise transactions, it can also be used to export your wallet via Private Key; further reinforcing the importance of why your IG account password and wallet password should also be unique.
IG cannot access your Private Keys as they are encrypted with users’ wallet passwords and only ever decrypted on your computer, by your browser in order to sign transactions.
Update: Two-Factor Authentication Enabled
Over the next couple of weeks, we will roll out several enhanced security features, the first of which was “two-factor authentication” (2FA) going live on the platform earlier this week.
2FA is an added security process that requires users to provide two separate authentication factors to verify themselves. Understandably, it provides a much higher level of assurance than single-factor authentication (SFA) methods, in which users only provide a password or passcode, meaning 2FA will prevent your accounts from being compromised even if your password has been compromised.
How to Enable Two-Factor Authentication: Step-by-Step Walkthrough
As you can see from the screenshot below, 2FA can be enabled on your account by bringing up your ‘user menu’.
- Log in;
- Go to user menu and select “Two Factor Authentication”;
- Click “Generate Secret” button;
- Scan QR code or copy ‘Secret’ into Google Authenticator/Authy;
- Enter code provided by 2FA device;
- Verify Token (before the code expires);
- 2FA is now enabled.
We want to stress to all community members of the importance of being safe online, particularly when it comes to cryptocurrency where there are vast numbers of opportunists.
As previously mentioned, we will be rolling out further enhanced security features that will benefit users both internal and external to our ecosystem. One of these is an ‘alert function’ that will alert users to any transactions that occur from their wallet, as hackers like to steal small amounts over a period of time so as not alarm the user that their wallet has been compromised. This will allow users to receive a notification whenever their registered wallet on the IG platform has made a transaction.
Lastly, we have a dedicated team of admins, strong community presence and now a new company email address, which will be monitored by our IT security personnel. Please never share your Private Keys or passwords with anybody, especially those claiming to be working for Intergalactic Gaming; we will never request for this information from you.
If you have any concerns about security please contact us on firstname.lastname@example.org.
To keep up to date with developments, please follow us on our various social media channels: