In yet another case of a rug pull, Arbitrum-based Chibi Finance reportedly siphoned more than $1 million worth of various crypto assets. Notably, the protocol went live on Tuesday, but the developers managed to launder the stolen funds to other networks shortly after. On-chain analysis conducted by blockchain security platform CertiK revealed that Chibi devs...Read More
Joseph James O’Connor, a U.K. citizen and one of the perpetrators of the 2020 Twitter hack, has been sentenced to five years in prison for his role in several cybercrime offenses. According to a press release by the United States Attorney’s Office for the Southern District of New York, Judge Jed S. Rakoff sentenced O’Connor...Read More
Hackers who targeted Atomic Wallet earlier this month are laundering large sums of stolen XRP through centralized exchanges, on-chain data shows. According to xrpforensics on Twitter, the hackers began “heavily laundering funds,” on Monday, spawning new blockchain addresses to avoid blocklists established by crypto exchanges. “We’re monitoring and working closely with exchanges to try and...Read More
After making off with $35 million worth of ill-gotten crypto, the hackers who targeted Atomic Wallet earlier this month have covered their on-chain tracks using the cross-chain liquidity protocol THORChain. According to the crypto tracking platform MistTrack, the hacker’s address transferred 503 Ether (ETH) to THORChain over the past two days. Those funds were then...Read More
The crypto assets stolen during the Atomic Wallet hack have found their way to the sanctioned Russia-based cryptocurrency exchange Garantex, with the attackers trading the tokens for Bitcoin (BTC). According to a tweet from blockchain analytics provider Elliptic, the hackers, believed to be part of the North Korean notorious Lazarus Group, have turned to Garantex...Read More
Sturdy Finance – a DeFi project promising up to 10x leverage on staked assets – has been exploited by a hit-and-run attack on its pricing oracle. Although the amount stolen (worth about $800k at the time this article was written) pales in comparison to other, more high-profile attacks like the one on Atomic Wallet users...Read More
The stolen funds from the Atomic Wallet hack have been traced to a coin mixer used to launder crypto assets swiped by North Korea’s notorious Lazarus Group. Nearly $35 million worth of crypto assets were drained from users of the centralized wallet service since June 2. According to the investigation team at Elliptic, the stolen...Read More
The week started on a grim note following the large-scale theft of digital assets from Atomic Wallet users resulting in a six-figure loss across different chains. Distraught users have taken to Twitter to challenge some of the Atomic Wallet’s claims after the company assured them that it is working with “leading security companies” and has...Read More
A new report by blockchain security company Beosin revealed that the total amount of crypto assets lost to exit scams and rug pulls was higher than the amount stolen from decentralized finance (DeFi) projects through exploits and attacks last month. Beosin also discovered that losses from the exploits in May were down 79% compared to...Read More
The non-custodial decentralized crypto wallet Atomic Wallet – with a reported user base of over five million customers – said some of its users complained about having their digital assets drained. Later reports suggested that numerous users had six figures worth of crypto wiped out, while the largest victim lost nearly $3 million worth of...Read More
Arbitrum-based liquidity platform – Jimbos Protocol – revealed working with multiple security researchers and on-chain analysts after suffering an exploit of around $7.5 million over the weekend. According to the latest update, Jimbos said the team will engage with law enforcement agencies after 4 PM UTC on Monday if the exploiter failed to return the...Read More
A good number of high-profile attacks on the crypto ecosystem took place last year, targeting everything and everyone from Phantom wallets to smart contracts themselves. A common choice of target was cross-chain bridges, which allowed hackers to make off with serious bounties, most notably in the case of Harmony. Sharp Decrease in Attacks However, times...Read More
The United States Department of Justice (DOJ) plans to direct crackdowns against rogue crypto trading platforms and such investment scams, a top official said. Recently, an FBI report revealed that American citizens lost $2.5 billion to crypto scams in 2022. DОJ to Target Rogue Exchanges Eun Young Choi, director of the National Cryptocurrency Enforcement Team...Read More
According to an undisclosed White House official, North Korea has funded approximately half of its missile tests through crypto theft and cyberattacks. A recent Chainalysis report suggested that North Korean hackers embezzled $1.7 billion of digital assets in 2022. Arguably the most notorious local hacking collective – the Lazarus Group – stood behind numerous exploits...Read More
Joseph James O’Connor, a 23-year-old British citizen extradited from Spain to the United States on April 26, pleaded guilty to multiple charges, including hacking the social media platform Twitter in 2020. O’Connor, who also uses the online name PlugwalkJoe, has been charged with stealing cryptocurrencies worth $794,000 from a Manhattan-based company through a SIM Swap...Read More
According to the blockchain and smart contract security firm Certified Kernel Tech (better known as CertiK), crypto-related exploits, hacks, and scams in April resulted in losses worth $103 million. The figures for last month are a lot less than the $211 million worth of digital assets which wrongdoers siphoned throughout March 2023. Summarizing the Incidents...Read More
Blockchain security firm CertiK and zk-Sync decentralized exchange (DEX) Merlin are working towards a plan to reimburse users affected by a recent exploit that drained almost $2 million from the latter. Merlin revealed on Thursday that the incident, which was widely believed to be an exploit, was, in fact, a rug pull by several rogue...Read More
Ethereum-based decentralized exchange (DEX) Merlin, which uses zero-knowledge sync (zkSync), has lost more than $1.8 million in a liquidity pool exploit hours after smart contract security firm CertiK audited its code. The hack occurred on Wednesday morning during the public sale of Merlin’s native token, MAGE, with the attacker siphoning several assets, including USD Coin...Read More
The United States Department of Treasury sanctioned three individuals who helped the notorious hackers Lazarus Group to process the conversion of stolen cryptocurrency to fiat, allegedly for the funding of the Democratic People’s Republic of Korea’s (DPRK) illicit weapons of mass destruction (WMD) and ballistic missile programs. An earlier report by Chainalysis claimed that Lazarus...Read More
KuCoin’s Twitter account was briefly compromised, causing the platform’s users to lose over 22,000 USDT to hackers through fake activity. The crypto exchange was able to recover its account and promised to reimburse affected users. KuCoin revealed that hackers took over its Twitter account for 45 minutes to promote a fake activity on Monday, April...Read More
Web3 wallet provider, MetaMask took Twitter to deny claims that a “massive wallet-draining operation” originated from an exploit of its wallet. The update comes after Taylor Mohanan alleged that an attacker was “sending” transactions via MetaMask, draining crypto from long-time users and employees. Mohanan, who also happens to be a MetaMask developer, later confirmed that...Read More
Tornado Cash has, once again, found itself as the nexus of pilfered funds from a DeFi protocol. An Ethereum wallet address associated with the exploiter of the DAO Maker breach from 2021 sent $600,000 worth of DAI stablecoin through the controversial coin mixer. According to the blockchain security firm, PeckShield, the wallet had been dormant...Read More
Cryptocurrency exchange Bitrue was exploited today, with the perpetrator being able to withdraw approximately $23 million worth of cryptocurrency. The exploit was officially confirmed. In a Twitter thread posted today, Bitrue revealed that the exchange suffered a “brief exploit” in one of their hot wallets earlier. 1/4: We have identified a brief exploit in one...Read More
Ethereum-based decentralized exchange (DEX) SushiSwap released an update about its plans to return stolen funds to users affected by the $3.3 million exploit over the weekend. According to an announcement from the exchange’s official Twitter handle, users whose assets were taken by white hat security teams would be refunded quicker than those who lost theirs...Read More
As DeFi hacks continue, the latest protocols to be targeted by exploiters are Aave and Yearn Finance, according to blockchain security firm PeckShield. Aave’s version 1 was impacted, while versions 2 and 3 remained unaffected. The oldest version has been frozen since December 2022, and the team behind the lending protocol said it is monitoring...Read More
Hackers drained almost $13 million worth of digital assets from the South Korean cryptocurrency platform GDAC. This is the latest in a string of setbacks the industry went through. The Latest Victim The exchange’s team notified its users on April 9 that hackers exploited the Gdac Hot Wallet and transferred a significant amount of cryptocurrencies...Read More
Terraport Finance, a decentralized finance (DeFi) platform on the Terra Classic network, has lost over $2 million worth of digital assets through an exploit on its liquidity wallet. According to an announcement from the project’s official Twitter handle on April 10, the Terraport team is still investigating the hack and trying to secure the protocol....Read More
The blockchain security resource PeckShield was the first to inform about the exploit against SushiSwap’s approval contract. According to the firm, all 1,800 ETH (worth about $3.3 million) were drained from a single user – @0xsifu. The “RouterProcessor2” contract in question is used to execute trade routing on the popular decentralized exchange. It seems the...Read More
The multichain token bridge Allbridge, which was recently hacked, said that 1,500 BNB (worth around $465,000) was returned to its team. The rest of the funds will be considered a white hat bounty to the exploiter, according to the statement. The cross-chain bridge enables digital asset transfer from one blockchain network to another via liquidity...Read More
The exploiter behind the multi-million dollar Euler Finance attack has returned all recoverable funds, the decentralized finance (DeFi) lending protocol announced Tuesday. In a Twitter post, the project’s development team disclosed that the hacker returned all the funds after successful negotiations. Euler Finance Receives Stolen Funds Recall that Euler lost roughly $200 million on March...Read More