Category: Security

“Jesse Powell, co-founder of crypto exchange Kraken, is under FBI investigation over allegations of cyber attacks and obstruction of computer accounts. This situation casts a somber shadow over the crypto space, raising questions about moral conduct in a largely unregulated yet influential sphere.”

Multiple bridge contracts run by Multichain encountered significant outflows involving widely held tokens. The Fantom bridge was nearly emptied, surpassing $120 million in total value. The unexpected withdrawals created concern across social media, with some suspecting a potential digital intrusion or ‘hack’. Cryptocurrency projects are reassuring communities about this potential exploit.

The recent Crypto Losses in Q2 2023 Report by Immunefi indicates a 65% YoY increase in crypto-related incidents, exposing the underlying risks linked to cryptocurrency investments. Despite an upsurge in attacks, total losses interestingly reduced by 60.4% to $265.5 million.

“A duo of seventeen-year-olds allegedly perpetrated a spear phishing attack on a US investor, posing as Coinbase support and compromised the investor’s account and crypto portfolio. The eventual disclosure of around $4.2 million Bitcoin and Ethereum traced back to them has highlighted the growing threat of crypto crimes.”

“The Poly Network was exploited, losing almost $10 million in ETH, confirmed via tweet on July 2nd. The hacker minted $34 billion worth of cryptocurrency, yet full cashout was hindered by liquidity constraints and security measures. Reports suggest an overpowered key governing Poly Network’s smart contract escalated the breach. Despite the setback, Binance reassured customers of their unaffected status.”

Huobi, a major crypto exchange, recently danced dangerously close to a potential disaster due to a massive vulnerability that exposed user assets for nearly two years. The breach was discovered by researcher Aaron Phillips and could have resulted in the largest crypto theft in history if exploited.

“In Q2 2023, the DeFi industry witnessed substantial losses over $204 million due to various scams and hacks, according to De.Fi’s Rekt Report. Comparison to the previous year shows a drastic surge in incidents and total losses. The report’s findings underscore the urgent need for robust systems to trace and recover stolen funds in this drastically emerging industry.”

“Blockchain technology’s decentralization characteristic offers a promising future for data security and transaction efficiency but also poses risks. Its lack of central control can lead to unregulated illicit activities. Despite potential data breaches, the pros of security, transparency, and efficiency outweigh risks as we strive for a balance in using this technology.”

Attackers reportedly exploited the cross-chain protocol of PolyNetwork’s bridge tool, minting billions of tokens on different blockchain platforms to create an illusion of a ballooned wallet. However, lack of liquidity ultimately prevented them from capitalizing on this ill-gotten wealth. This incident highlights the need for vigilant security in the blockchain ecosystem.

“In the aftermath of the controversial CryptoZoo NFT project, backed by influencer Logan Paul, many dissatisfied buyers are yet to see promised refunds. Coffeezilla reveals that despite the influencer’s pledges, no clear plans or timelines for repayments have been communicated.”

“Binance partnered with Israel’s Ministry of Defense to counter terrorism financing and seized millions in cryptocurrency linked to Iran’s Quds Force. Despite highlighting blockchain’s potential in enhancing global security, this mission reveals the significant illicit activity within the cryptocurrency landscape.”

“BitGo’s acquisition of Prime Trust is halted after Nevada’s Financial Institutions Division puts restrictions on Prime Trust due to a deteriorating financial state. Prime Trust is currently under scrutiny over potentially owing $85 million in fiat and $69.5 million in cryptocurrency to clients. This situation raises questions about the reliability of custodial services in the cryptocurrency sector.”

Bitcoin’s involvement in crypto crimes has dropped to just 19% in 2022 from 97% in 2016, according to a report by blockchain intelligence firm TRM Labs. This decline highlights the rise in the misuse of other blockchain platforms like Ethereum, Tron, and BNB Chain by cybercriminals, indicating an emergent multi-chain era. The study also revealed inventive tactics employed by criminals, such as “chain-hopping” to avoid detection.

The Arbitrum-based project Chibi Finance conducted a rug pull scam, stealing over $1 million worth of tokens using a malicious contract. This highlights the challenges and pitfalls in decentralized finance (DeFi) and the need for investors to exercise caution and conduct due diligence.

A fan-made Super Mario game, Mario Forever, reportedly carries malware that can hijack users’ crypto wallets and secretly install crypto mining software. Cyble Research & Intelligence Labs discovered the game’s installer includes malicious software and XMR Miner, which covertly runs a Monero cryptocurrency miner on users’ computers. Additionally, the installer contains files for installing Umbral Stealer, an information stealer targeting Ethereum, Zcash, and Bytecoin wallets. The case underscores the importance of caution when downloading software, especially from unofficial sources.

US retailers like Kroger, Target, Walmart, and Amazon’s Whole Foods Market have faced a wave of bomb threats from scammers demanding ransoms in Bitcoin, gift cards or money. The extortion attempts, which reportedly target each store only once, raise concerns about the reputation of cryptocurrencies and the potential skepticism around the technology’s safety and legitimacy, despite its widespread legitimate use.

The FTX team’s recent report reveals the failed exchange owes customers $8.7 billion, with $6.4 billion in misappropriated fiat currency and stablecoins. Highlighting the need for transparency and accountability in the blockchain industry, this case emphasizes the importance of caution and due diligence in the volatile crypto market.

Joseph O’Conner, a 24-year-old involved in the 2020 Twitter hack, has been sentenced to five years in prison and implicated in a separate SIM swapping scheme. The hack targeted high-profile accounts, soliciting Bitcoin from followers. O’Conner’s sentencing highlights authorities’ increasing efficiency in tackling cryptocurrency-related crimes and raises concerns over high-profile account safety on social media platforms.

Tres Finance has warned the community about scams involving fake tokens designed to mimic legitimate transactions, targeting wallets containing large amounts of stablecoins. Scammers create similar-looking wallet addresses and tokens, putting users at risk of sending transactions to scammers.

British hacker Joseph O’Connor, known as PlugwalkJoe, was sentenced to five years in prison for stealing $794,000 worth of cryptocurrency in a 2019 SIM swap attack. The case highlights the ongoing threat of SIM swapping and emphasizes the importance of cybersecurity measures in the crypto industry.

A British man, PlugWalkJoe, was sentenced to five years in prison for his involvement in high-profile hacks, raising concerns about digital asset safety and the need for robust cybersecurity in the blockchain and cryptocurrency space. With increasing technological advancements and widespread adoption, it’s crucial to balance protection of users, ensure secure storage, and promote transparency, innovation, and safety for a sustainable blockchain future.

Blockchain technology may offer a solution to crypto scammers on social media by enabling a decentralized social identity verification system. Matthias Mende’s project Bonuz uses blockchain technology to authenticate social media accounts, aiming to eliminate digital identity fraud and restore trust in the online community.

Recent news reveals over 100,000 ChatGPT login credentials have been leaked and traded on the dark web, raising concerns about user and company security on AI platforms. As confidential information is increasingly entrusted to AI, stronger security measures, such as updated passwords and two-factor authentication, become paramount for both companies and users.

Over 100,000 login credentials for OpenAI’s ChatGPT were found on the dark web, stolen by the Raccoon Infostealer malware via phishing emails. Cybersecurity firm Group-IB warns of the simplicity and effectiveness of such info stealers, while emphasizing the importance of employing security measures and staying informed about potential threats.

The number of scams involving blockchain wallets has increased significantly, with 7,905 fraudulent wallets created in May alone. Scammers are using techniques like ice phishing, address poisoning, and exploiting NFT infrastructure to steal funds. To avoid falling victim, users should verify wallet addresses and utilize security features provided by wallet providers.

Atomic Wallet recently disclosed new details about its June 3 hack, affecting less than 0.1% of its users. The company is working to recover lost funds and collaborating with exchanges and blockchain analysis firms Chainalysis and Crystal. While the total amount stolen remains undisclosed, Elliptic reported a figure of over $100 million, with possible links to the North Korean hacking group Lazarus.

The Web3 ecosystem’s growth shows developers increasingly focusing on blockchain and smart contract security. CertiK, a security expert, has joined the Cointelegraph Accelerator program to offer assessment and mentorship, aiming to enhance security and transparency in Web3 startups through smart contract audits and educational workshops.

The Argentine Securities and Exchange Commission (CNV) faced a cyberattack by MedusaBlog, demanding a $0.5 million Bitcoin ransom. CNV’s refusal led to 1.5 terabytes of sensitive data leaked on the dark web. This incident highlights the complexities of managing sensitive information and raises questions about ransom payments and cybersecurity.

Hackers exploited Atomic Wallet for over $100 million, using THORChain to conceal their tracks by converting stolen ETH to BTC. Connected to the North Korean group Lazarus, these hackers have a history of attacking crypto exchanges and using chain-hopping techniques to launder funds.

Apple’s App Store removed a malicious Trezor wallet app after concerns were raised about its potential to steal cryptocurrency. However, other harmful copycat apps still exist, questioning Apple’s vetting process and urging users to remain cautious and rely on official sources for downloading crypto wallet apps.

Hackers targeted Atomic Wallet, stealing $35 million and using THORChain to launder their gains. Blockchain analysis firm MistTrack tracked the stolen funds, exposing the transparency of blockchain technology. Yet, concerns about digital asset security and decentralization misuse persist.

Phishing attacks in the NFT world are surging, with school children allegedly stealing millions of dollars’ worth of NFTs to spend on Roblox skins. At least 900 Discord servers have fallen victim to such attacks since December 2021, impacting over 32,000 wallets and resulting in a combined loss of approximately $73 million in NFTs and tokens. Increased vigilance and online safety education are needed to curb this alarming trend.