Two teenage boys from Hamilton, Ontario, have been busted for allegedly stealing over $4 million worth of bitcoin (BTC) and ether (ETH) from an American man through what authorities described as a “spear phishing attack.” According to local reports, Hamilton police started working with the United States Federal Bureau of Investigations (FBI) and the Secret...Read More
NFTs continue to attract not only more users but also capture the eyes of fraudulent entities. Web3 threat actors have set their sights on digital collectibles, with millions of funds being lost through different scams and attacks. A new report suggested that such thefts in the NFT space declined in June but remain rampant. NFT...Read More
The cross-chain decentralized finance (DeFi) platform – Poly Network – announced on Twitter that it had halted operations due to a “recent attack.” The team revealed that the exploit affected 57 cryptocurrencies on 10 blockchains, advising users to “promptly withdraw liquidity from decentralized exchanges.” Poly Network experienced another similar hack in 2021 when wrongdoers drained...Read More
TRM Labs, a leading blockchain analysis firm focused on preventing cybercrime, has released a comprehensive report on the illicit sums lost to bad actors in the crypto space in 2022. The figures are quite notable, especially given the declining prices and interest in the market last year. Improved Cybersecurity Measures In spite of the plummeting...Read More
In yet another case of a rug pull, Arbitrum-based Chibi Finance reportedly siphoned more than $1 million worth of various crypto assets. Notably, the protocol went live on Tuesday, but the developers managed to launder the stolen funds to other networks shortly after. On-chain analysis conducted by blockchain security platform CertiK revealed that Chibi devs...Read More
Joseph James O’Connor, a U.K. citizen and one of the perpetrators of the 2020 Twitter hack, has been sentenced to five years in prison for his role in several cybercrime offenses. According to a press release by the United States Attorney’s Office for the Southern District of New York, Judge Jed S. Rakoff sentenced O’Connor...Read More
Hackers who targeted Atomic Wallet earlier this month are laundering large sums of stolen XRP through centralized exchanges, on-chain data shows. According to xrpforensics on Twitter, the hackers began “heavily laundering funds,” on Monday, spawning new blockchain addresses to avoid blocklists established by crypto exchanges. “We’re monitoring and working closely with exchanges to try and...Read More
After making off with $35 million worth of ill-gotten crypto, the hackers who targeted Atomic Wallet earlier this month have covered their on-chain tracks using the cross-chain liquidity protocol THORChain. According to the crypto tracking platform MistTrack, the hacker’s address transferred 503 Ether (ETH) to THORChain over the past two days. Those funds were then...Read More
The crypto assets stolen during the Atomic Wallet hack have found their way to the sanctioned Russia-based cryptocurrency exchange Garantex, with the attackers trading the tokens for Bitcoin (BTC). According to a tweet from blockchain analytics provider Elliptic, the hackers, believed to be part of the North Korean notorious Lazarus Group, have turned to Garantex...Read More
Sturdy Finance – a DeFi project promising up to 10x leverage on staked assets – has been exploited by a hit-and-run attack on its pricing oracle. Although the amount stolen (worth about $800k at the time this article was written) pales in comparison to other, more high-profile attacks like the one on Atomic Wallet users...Read More
The stolen funds from the Atomic Wallet hack have been traced to a coin mixer used to launder crypto assets swiped by North Korea’s notorious Lazarus Group. Nearly $35 million worth of crypto assets were drained from users of the centralized wallet service since June 2. According to the investigation team at Elliptic, the stolen...Read More
The week started on a grim note following the large-scale theft of digital assets from Atomic Wallet users resulting in a six-figure loss across different chains. Distraught users have taken to Twitter to challenge some of the Atomic Wallet’s claims after the company assured them that it is working with “leading security companies” and has...Read More
A new report by blockchain security company Beosin revealed that the total amount of crypto assets lost to exit scams and rug pulls was higher than the amount stolen from decentralized finance (DeFi) projects through exploits and attacks last month. Beosin also discovered that losses from the exploits in May were down 79% compared to...Read More
The non-custodial decentralized crypto wallet Atomic Wallet – with a reported user base of over five million customers – said some of its users complained about having their digital assets drained. Later reports suggested that numerous users had six figures worth of crypto wiped out, while the largest victim lost nearly $3 million worth of...Read More
Arbitrum-based liquidity platform – Jimbos Protocol – revealed working with multiple security researchers and on-chain analysts after suffering an exploit of around $7.5 million over the weekend. According to the latest update, Jimbos said the team will engage with law enforcement agencies after 4 PM UTC on Monday if the exploiter failed to return the...Read More
A good number of high-profile attacks on the crypto ecosystem took place last year, targeting everything and everyone from Phantom wallets to smart contracts themselves. A common choice of target was cross-chain bridges, which allowed hackers to make off with serious bounties, most notably in the case of Harmony. Sharp Decrease in Attacks However, times...Read More
The United States Department of Justice (DOJ) plans to direct crackdowns against rogue crypto trading platforms and such investment scams, a top official said. Recently, an FBI report revealed that American citizens lost $2.5 billion to crypto scams in 2022. DОJ to Target Rogue Exchanges Eun Young Choi, director of the National Cryptocurrency Enforcement Team...Read More
According to an undisclosed White House official, North Korea has funded approximately half of its missile tests through crypto theft and cyberattacks. A recent Chainalysis report suggested that North Korean hackers embezzled $1.7 billion of digital assets in 2022. Arguably the most notorious local hacking collective – the Lazarus Group – stood behind numerous exploits...Read More
Joseph James O’Connor, a 23-year-old British citizen extradited from Spain to the United States on April 26, pleaded guilty to multiple charges, including hacking the social media platform Twitter in 2020. O’Connor, who also uses the online name PlugwalkJoe, has been charged with stealing cryptocurrencies worth $794,000 from a Manhattan-based company through a SIM Swap...Read More
According to the blockchain and smart contract security firm Certified Kernel Tech (better known as CertiK), crypto-related exploits, hacks, and scams in April resulted in losses worth $103 million. The figures for last month are a lot less than the $211 million worth of digital assets which wrongdoers siphoned throughout March 2023. Summarizing the Incidents...Read More
Blockchain security firm CertiK and zk-Sync decentralized exchange (DEX) Merlin are working towards a plan to reimburse users affected by a recent exploit that drained almost $2 million from the latter. Merlin revealed on Thursday that the incident, which was widely believed to be an exploit, was, in fact, a rug pull by several rogue...Read More
Ethereum-based decentralized exchange (DEX) Merlin, which uses zero-knowledge sync (zkSync), has lost more than $1.8 million in a liquidity pool exploit hours after smart contract security firm CertiK audited its code. The hack occurred on Wednesday morning during the public sale of Merlin’s native token, MAGE, with the attacker siphoning several assets, including USD Coin...Read More
The United States Department of Treasury sanctioned three individuals who helped the notorious hackers Lazarus Group to process the conversion of stolen cryptocurrency to fiat, allegedly for the funding of the Democratic People’s Republic of Korea’s (DPRK) illicit weapons of mass destruction (WMD) and ballistic missile programs. An earlier report by Chainalysis claimed that Lazarus...Read More
KuCoin’s Twitter account was briefly compromised, causing the platform’s users to lose over 22,000 USDT to hackers through fake activity. The crypto exchange was able to recover its account and promised to reimburse affected users. KuCoin revealed that hackers took over its Twitter account for 45 minutes to promote a fake activity on Monday, April...Read More
Web3 wallet provider, MetaMask took Twitter to deny claims that a “massive wallet-draining operation” originated from an exploit of its wallet. The update comes after Taylor Mohanan alleged that an attacker was “sending” transactions via MetaMask, draining crypto from long-time users and employees. Mohanan, who also happens to be a MetaMask developer, later confirmed that...Read More
Tornado Cash has, once again, found itself as the nexus of pilfered funds from a DeFi protocol. An Ethereum wallet address associated with the exploiter of the DAO Maker breach from 2021 sent $600,000 worth of DAI stablecoin through the controversial coin mixer. According to the blockchain security firm, PeckShield, the wallet had been dormant...Read More
Cryptocurrency exchange Bitrue was exploited today, with the perpetrator being able to withdraw approximately $23 million worth of cryptocurrency. The exploit was officially confirmed. In a Twitter thread posted today, Bitrue revealed that the exchange suffered a “brief exploit” in one of their hot wallets earlier. 1/4: We have identified a brief exploit in one...Read More
Ethereum-based decentralized exchange (DEX) SushiSwap released an update about its plans to return stolen funds to users affected by the $3.3 million exploit over the weekend. According to an announcement from the exchange’s official Twitter handle, users whose assets were taken by white hat security teams would be refunded quicker than those who lost theirs...Read More
As DeFi hacks continue, the latest protocols to be targeted by exploiters are Aave and Yearn Finance, according to blockchain security firm PeckShield. Aave’s version 1 was impacted, while versions 2 and 3 remained unaffected. The oldest version has been frozen since December 2022, and the team behind the lending protocol said it is monitoring...Read More
Hackers drained almost $13 million worth of digital assets from the South Korean cryptocurrency platform GDAC. This is the latest in a string of setbacks the industry went through. The Latest Victim The exchange’s team notified its users on April 9 that hackers exploited the Gdac Hot Wallet and transferred a significant amount of cryptocurrencies...Read More
