Crypto exchange CoinEx, which suffered a hack earlier this month, announced that it is resuming deposits and withdrawals for its users on September 21st. The platform has outlined its intention to finalize the reconstruction and deployment of its wallet system during this timeframe. According to the official update, the exchange will resume operations involving wallets...Read More
Retool, a prominent software development company, has recently revealed that 27 of its cloud customers fell prey to a targeted SMS-based phishing attack. The breach has raised concerns about the security of cloud synchronization features, particularly Google Authenticator’s cloud sync. Retool Falls Prey to Targeted SMS Phishing Attack The Aug. 27 attack began with a...Read More
Cryptocurrency exchange CoinEx, which recently suffered a breach, has called on the hacker to negotiate with the company while also promising a generous bounty reward if they decided to return the stolen assets. The notorious North Korean-sponsored Lazarus Group was identified as the hackers behind the attack on CoinEx. Let’s Dialogue, Says CoinEx to its...Read More
The celebrated US investor, TV personality, and owner of the Dallas Mavericks had one of his MetaMask wallets drained through what appears to be another successful phishing attack. The total value of the siphoned funds is close to $900,000, according to on-chain data. Popular crypto sleuth WazzCrypto took it to X on Friday evening to...Read More
According to a Sept. 14 report from on-chain analytics provider Chainalysis, the total amount of cryptocurrency stolen is estimated at $3.54 billion. North Korea “continues to be an incubator for hacking activities and remains one of the largest active threats in the cybercrime landscape,” it stated. Moreover, the Democratic People’s Republic of Korea (DPRK)-linked hacking...Read More
In a well-coordinated attack, Remitano Crypto Exchange allegedly suffered a major security breach, resulting in a loss of about $2.7 million across various cryptocurrencies. This attack was picked up on the radar on Sept. 14, when major withdrawals and suspicious activities began to ripple across the exchange, raising the eyebrows of several blockchain analytics networks....Read More
CertiK has revealed transactions connecting the breaches at Atomic Wallet, Alphapo, CoinsPaid, Stake.com, and CoinEx that show Lazarus Group’s involvement in these exploits. This comes while the digital community is reeling from various cyber attacks that have affected several major Web3 entities. On-Chain Connections The infamous Lazarus Group, supported by North Korea, is still causing...Read More
North Korea’s notorious state-backed Lazarus Group is speculated to be behind the $55 million hack of crypto exchange CoinEx. According to prominent on-chain sleuth ZachXBT’s latest update, the attackers “accidentally” connected their address to the $41 million hack of the betting platform Stake.com. Just a day after the exploit, the investigator flagged an Ethereum wallet...Read More
Global cryptocurrency exchange CoinEx has been hacked for at least $29 million, with blockchain sleuths identifying a series of suspicious transactions leaving the firm’s hot wallets. Crypto security platform Cyvers reported the breach on Tuesday, calling on CoinEx to halt all deposits and withdrawals immediately. The hack occurred across three different blockchains, involving a wide...Read More
Vitalik Buterin, the co-founder of the second-largest blockchain, Ethereum, had his X account hacked to portray a phishing site that reportedly drained over $800,000. The fraudulent post has been deleted since, and the account has been restored. The blockchain security resource PeckShield was among the first to alert about the ongoing hack later last night,...Read More
The US Federal Bureau of Investigations (FBI) claimed that the notorious North Korea-sponsored hacking syndicate Lazarus Group is responsible for the recent attack on the cryptocurrency sports betting and casino platform Stake. The hack resulted in the loss of over $41 million worth of crypto assets from the gambling firm. Lazarus Group Behind Stake Hack...Read More
Millions of digital assets have been stolen by cyber adversaries via DNS hijacking attacks for phishing purposes, targeting users’ wallet seed phrases, or creating deceptive webpages that closely resemble legitimate sites. Attacks on Domain Name Systems (DNSs) play a crucial role in the internet’s infrastructure, providing insights into security incidents in Web 2 that have...Read More
On the 22nd of August, Balancer Labs – a non-custodial portfolio manager, liquidity provider, and price sensor – received reports of a massive vulnerability affecting several of its lending pools. At the time, no attacks had been carried out – but that changed recently. Community Alerted As soon as the exploit was discovered, Balancer devs...Read More
The security services platform that offers protection against Web3 bugs – Immunefi – estimated that hackers and fraudsters have drained approximately $23.4 million worth of digital assets from crypto projects in August. While the figure might sound significant, it is 92% less than the recorded losses in July when wrongdoers siphoned over $320 million. Last...Read More
A collective of 50 Russian customers of the non-custodial decentralized wallet – Atomic Wallet – have reportedly launched a class action lawsuit against it after becoming victims of a recent $100 million exploit. Some believe the North Korean hackers – the Lazarus Group – were responsible for the heist. However, Boris Feldman (who coordinates the...Read More
About two weeks ago, Cypher Protocol was attacked by an as-of-yet unknown bad actor, who stole over $1 million worth of crypto through a smart contract exploit. Since then, both the project’s devs and the community have attempted to reach out to the attacker via social media and impromptu NFTs. However, the perpetrator did not...Read More
Hacker groups affiliated with North Korea have become highly active in the digital asset space, relentlessly pilfering funds. Despite a decrease from the record-breaking numbers of 2022, the “hermit kingdom” has continued to concentrate on the cryptocurrency landscape this year. In fact, the stolen funds are being funneled in billions into the country’s nuclear program....Read More
A crypto wallet connected to the October 2022 BNB Chain $600 million exploit has lost roughly $63 million on the decentralized lending platform Venus Protocol due to liquidation that resulted from the massive bloodbath in the market yesterday. According to a series of tweets by blockchain security firm PeckShield, the exploiter’s wallet was first liquidated...Read More
Optimism network-based decentralized credit market Exactly Protocol became the target of exploitation on August 18th. The breach resulted in a significant drop in the platform’s total value locked (TVL). Meanwhile, Exactly’s recently-announced native token – EXA – slumped by more than 27% over the past day. The protocol was halted temporarily. Another DeFi Project Hacked Blockchain...Read More
The second-largest decentralized exchange on the newly released Base blockchain – RocketSwap – announced eliminating any existing high risks and vulnerabilities a day after sustaining a “brute force hack of the server” where the platform stored its private keys. The RocketSwap team confirmed relinquishing minting rights, which is part of its recovery plan. In a...Read More
On the 13th of August, DeFi project Zunami Protocol was attacked by bad actors, resulting in an estimated loss of $2.1 million. A decentralized revenue aggregator project allowing users to stake stablecoins for yield, the exploit of Zunami focused on its Curve pools, adding one more victim to the list of protocols affected by the...Read More
Crypto infrastructure giant Fireblocks has publicly revealed security vulnerabilities in the technology used by over a dozen major digital asset wallet providers. If unaddressed, the company warned that attackers could exploit the bugs to steal from millions of customers. The Bitforge Exploits The set of vulnerabilities – collectively referred to as “Bitforge” – apply to...Read More
Cypher Protocol, a Solana-based futures DEX, has been forced to pause its smart contract in the wake of an exploit that resulted in a loss of more than $1 million. The Why Late last night, Cypher’s devs announced that they had suffered a “security incident”, resulting in the need to pause their smart contract until...Read More
The hackers behind the recent exploit of several pools on the decentralized exchange Curve Finance have returned approximately 73% of the stolen crypto assets, accounting for about $52.3 million. Blockchain security firm PeckShield revealed Monday that Curve Finance lost $73.5 million in the hack. With the amount recovered so far, the exchange is looking to...Read More
Decentralized exchange Curve Finance has teamed up with Metronome and Alchemix to offer a 10% bug bounty to the attackers behind the recent exploit that saw more than $50 million siphoned off the platforms’ pools. According to an on-chain message on one hacker’s Ethereum address, the protocols are willing to cease the pursuit of the...Read More
On July 30, Curve Finance suffered exploits on a number of its stable pools that were using Vyper, which is a smart contract programming language for the Ethereum Virtual Machine (EVM). Curve alerted its users that alETH, msETH, and pETH stable pools using Vyper 0.2.15 have been exploited “as a result of a malfunctioning reentrancy...Read More
Cybercriminals are increasingly moving away from ransomware attacks and opting for a more covert strategy of utilizing stolen computing power to mine digital currency. To increase their likelihood of success, these malicious entities constantly vary their tools, tactics, and procedures, remaining adaptive and evasive in their approach. According to SonicWall, the publisher of cyberattack intelligence...Read More
North Korean state-sponsored Lazarus Group continues to wreak havoc in the crypto space. CoinsPaid has accused the threat actor of orchestrating the cyber attack on its internal systems. The platform lost $37.3 million in the process but did not shed light on the details of the theft. In response to the attack on July 22,...Read More
On the 25th of July, EraLend was hit by a reentrancy attack that allowed an unknown bad actor to make off with about $3.4 million worth of crypto. A reentrancy attack, a type of cyberattack affecting smart contracts, is one of the most common exploits against DeFi protocols. In it, a bad actor identifies a...Read More
The losses incurred by crypto payments processor Alphapo during its security breach are now estimated to be $60 million, roughly two days after hackers exploited the platform’s hot wallets. According to an update provided by on-chain sleuth ZachXBT, an additional $37 million compromised during the hack on Tron and Bitcoin has been located, increasing the...Read More
