The Seneca Protocol hacker has given back $5.3 million worth of Ether tokens after draining $6.4 million on Ethereum and Arbitrum networks. Initial investigations suggested that an approval mechanism bug in the protocol’s smart contract was exploited. The stablecoin protocol had recently confirmed roping in with law enforcement but offered leniency, stating the team wouldn’t...Read More
Rabby Wallet is a somewhat popular crypto wallet made by Debank that has been around for a while now and boasts support for 141 chains and multiple signing modes. On the 16th of February, the company behind Rabby Wallet announced the launch of the beta version of its mobile app. Unfortunately for fans of the...Read More
On Feb. 18, the FixedFloat team confirmed that the platform was hacked after blockchain sleuths reported the spurious crypto movements. “We confirm that there was indeed a hack and theft of funds,” it stated in response to a post on X revealing the exploiter’s address. However, no further details were provided, with the team stating,...Read More
The cryptocurrency market experienced losses of $1.9 billion in 2023 due to hacks, marking a substantial 93.6% decrease from the previous year. While this appears to be a positive trend, further examination reveals a bleaker outlook, with the frequency and sophistication of attacks on the rise, according to blockchain security auditor Hacken. 2023 Sees Onslaught...Read More
In a court case that happened recently – and whose transcripts were made available today – the identities of those behind the $400 million FTX exploit that took place shortly after the bankruptcy was declared were uncovered. However, FTX was not the sole victim of the hacks. According to the court documents, a total of...Read More
Hackers briefly took over the official X accounts of major crypto data aggregator Coingecko to promote a fake token launch and airdrop. The Coingecko incident became the second X hack within 24 hours after the U.S. Securities and Exchange Commission’s account was also compromised. Coingecko announced the news of the hack in an X post...Read More
CoinsPaid, a payment processor offering solutions to bridge the gap between companies that generally operate within the traditional finance system and customers who wish to pay in crypto, has suffered its second major security breach within the past half year. According to its website, over a million transactions with a total value of approximately 7...Read More
As phishing scammers continue to evolve and employ more sophisticated tactics to evade security measures, a relatively new form of malware associated with crypto has experienced considerable “success” in the past year. Dubbed, “Wallet Drainers,” Scam Sniffer’s discoveries regarding this new malware demand the complete attention of the industry. Crypto Malware Wars: 2023 According to a...Read More
Prominent blockchain security firm CertiK’s X account (previously Twitter) was hacked on January 5th. The compromised account, with a follower count of 342,900, stole crypto from users’ wallets through carefully disguised phishing links. One of the links posted falsely asserted that a vulnerability had been identified in Uniswap’s router contract. The misleading tweet urged users...Read More
Gamma Strategies – a DeFi protocol built on the Ethereum blockchain – fell victim to an exploit, resulting in a loss of approximately $3.4 million. In response to the attack, the protocol swiftly implemented measures to prevent further losses, temporarily disabling deposits to all public DeFi vaults while keeping withdrawals active for users in need...Read More
Catalyx, a crypto trading platform based in Canada, suffered a security breach that resulted in the loss of customer funds in its custody. While the exact value of the loss is not mentioned, the platform has halted crypto and fiat withdrawals amid ongoing investigations. Catalyx Suspends Trading and Withdrawals CatalX CTS, the operator of Catalyx,...Read More
As the holiday season arrives, exploiters seem to be unusually active, and this time, Thunder Terminal fell victim to their efforts, losing $240,000. While the team behind the on-chain trading platform said no private keys or wallets were compromised, the hacker disputes this assertion, insisting on an additional ransom for user data. Holiday Havoc In...Read More
On the 30th of July, four Curve Finance pools were exploited due to a re-entrancy bug made possible by the Vyper programming language. The hackers attacked four mining pools and made off with a total of $73.5 million. Almost immediately, the community sprang into action – Curve itself extended the standard olive branch, offering to...Read More
Wallet drainers are a type of scam that generally operates by cloning a legitimate website, fooling the target into providing their crypto wallet credentials, and then executing a smart contract that sends the users’ funds to bad actors. 🚨1/ Alert: A ‘Wallet Drainer’ has been linked to phishing campaigns on Google search and X ads,...Read More
Ledger, a hardware wallet manufacturer, has announced plans to disable blind signing for Ethereum Virtual Machine (EVM) decentralized applications (DApps) by June 2024. The decision comes in response to an exploit where a wallet drainer was added to a library utilized by numerous DApps to connect to Ledger devices. Ledger Announces Plan to Compensate Victims...Read More
A TRM Labs research has revealed that the cryptocurrency industry witnessed a downturn in hack volumes in 2023, with a more than 50% reduction compared to the previous year. Despite a consistent number of attacks, around 160, the total value stolen dropped dramatically to $1.7 billion, less than the nearly $4 billion lost in 2022....Read More
A former senior security engineer, Shakeeb Ahmed, pled guilty to the hacking incident on the decentralized finance yield protocol, Nirvana Finance, along with another unnamed decentralized exchange (DEX). Ahmed will also forfeit over $12.3 million in stolen assets, with the United States Attorney’s Office of the Southern District of New York (SDNY) describing the case...Read More
OKX, a popular decentralized exchange aiming to reduce cross-chain friction, was hacked earlier today by an unknown bad actor. Whereas recent attacks on exchanges have generally focused on compromising and manipulating smart contracts, this one seems to have been carried out by stealing the credentials needed to access the exchange’s wallets, where funds were held...Read More
In a not-so-safe turn of events, the supposedly secure Safe Wallet is feeling the heat. Users of Safe Wallet are facing a major threat as a crypto hacker skilled in “address poisoning attacks” successfully pilfered over $2 million from 10 users between November 26 and December 3. Safe Wallet Users Targetted in Address Poisoning Scam...Read More
Decentralized exchange protocol KyberSwap announced that it had recovered $4.67 million in funds after a recent security attack that resulted in a staggering loss of nearly $50 million from its concentrated liquidity pools last week. The hacking incident targeted KyberSwap’s Elastic pools, affecting funds across various blockchains, including Arbitrum, Optimism, Ethereum, Polygon, Binance Smart Chain,...Read More
Inferno Drainer, one of the most widely used wallet-draining services in recent memory, has announced that it will be ceasing operations effective immediately. Over $70 Million Stolen While Active Earlier this spring, the first mentions of the Inferno drainer – a service that “helped” bad actors steal funds out of other wallets in exchange for...Read More
The latest in a string of DeFi platforms to be exploited, Kyber Network was attacked earlier today, with over $46 million worth of funds stolen. 🚨Urgent🚨 Dear KyberSwap Elastic Users,We regret to inform you that KyberSwap Elastic has experienced a security incident. As a precautionary measure, we strongly advise all users to promptly withdraw their...Read More
On the 17th of November, an unknown individual who may have been working as part of a team targeted the dYdX exchange and its YFI token. Allegedly, the same actor had previously tried a similar strategy on the exchange’s SUSHI market merely 2 weeks prior. Good Trades Or Malicious Intent? These trades, which the platform’s...Read More
The latest cyberattack on Coin Cloud, the defunct Bitcoin ATM company, by an anonymous hacking group has raised alarming concerns about the physical safety of the exposed users. The hackers claim to have infiltrated 300,000 Coin Cloud customers of personal information, including critical details such as social security numbers, dates of birth, names, email addresses,...Read More
According to the latest report from Immunefi, from January to October 2023, over $1.41 billion has been lost to hacking and fraudulent activities in 292 specific incidents. In October 2023 alone, losses amounted to approximately $22.2 million, primarily attributed to hacking and fraud. The most frequently targeted blockchain networks during the period were BNB Chain...Read More
ZachXBT is back with yet another exposé. This time, a Canadian scammer known as Yahya has been exposed by the pseudonymous on-chain sleuth for their alleged involvement in 17+ SIM swaps, which resulted in the theft of more than $4.5 million. ZachXBT Unmasks Fraudster Yahya ZachXBT discovered that Yahya’s role involved conducting account searches on various...Read More
Decentralized finance (DeFi) protocol Platypus Finance has suffered yet another flash loan exploit that resulted in the loss of over $2 million. Blockchain security firm PeckShield was the first to alert the community about the hack on October 12th, shortly after which the platform announced temporarily suspending all pools. On-chain data also suggest that the...Read More
3Commas, a popular crypto trading bot, provides smart trading solutions for investors worldwide. Unfortunately, the popularity of the tool also makes it a big glowing target for bad actors, who are sometimes successful in their attempts at getting ahold of user data – or even the bot’s API data. Fortunately, the most recent attack was...Read More
In late September, HTX – Huobi’s rebranded global exchange – was hit by an attack that left it almost $8 million in the hole. The attacker made off with 4,997 ETH, worth about $7.9 million, from the exchange’s hot wallet. At the time, HTX CEO Justin Sun stated that the identity of the attacker had...Read More
Digital asset exchange Bittrex is reportedly being sued over a SIM swap-related incident that allowed hackers to steal 100 Bitcoin (BTC), which are valued at around $1 million at current market prices. The case appears to be quite similar to other recent incidents in which a bad actor gains control of a user’s cell phone...Read More
