1. Home
  2. Beosin

Beosin

Hackers behind $41M Stake heist shifts BNB, MATIC in latest move: CertiK

A total of $4.8 million in funds have now been moved by the hacker to Bitcoin and now Avalanche.

The hackers behind cryptocurrency casino Stake’s $41 million hack have shifted another $328,000 million worth of Polygon (MATIC) and Binance Coin (BNB) tokens — its latest moves following the Sept. 4 exploit, according to blockchain security firm CertiK.

The most recent transfer involved 300 BNB tokens worth about $61,500 to an externally owned address “0x695…” which were then bridged to the Avalanche blockchain on Sept. 11 at 4:09 pm UTC.

Another 520,000 MATIC tokens worth over $266,000 were also moved to Avalanche seven hours earlier at 7:18 am UTC.

The 520,000 MATIC and 300 BNB — totaling $328,000 — add to the $4.5 million in stolen funds that were bridged to the Bitcoin blockchain (in the form of BTC) on Sept. 7, according to blockchain security firm Arkham.

The total $4.8 million transferred however only represents 1.2% of the total $41 million stolen from the hackers.

It is understood the hacker gained access to the private key of Stake’s Binance Smart Chain and Ethereum hot wallets to perpetrate the hack on Sept. 4.

The United States Federal Bureau of Investigation believes North Korea’s Lazarus Group was behind the exploit.

Estimated funds lost from hacks, scams passes $1 billion

With $41 million stripped from Stake, the industry’s malicious actors have now taken the cryptocurrency hacks and scams toll to well over $1 billion in 2023.

CertiK previously reported the figure to be $997 million at the end of August, though several attacks in the last two weeks will push the figure over the $1 billion mark. 

Related: CertiK drops findings on alleged scammer who stole $1M in crypto

In September, a cryptocurrency whale lost $24 million in staked Ether (ETH) in a phishing attack on Sept. 6, and Vitalik Buterin’s X (formerly Twitter) account was then compromised on Sept. 9, where the hacker then lured several victims into a nonfungible token scam which totaled $691,000.

The three incidents would take CertiK’s August figure to at least $1.04 billion.

Other recent incidents include Pepe (PEPE) coin’s withdrawal incident which set back investors $13.2 million, Exactly Protocol’s $7.3 million exploit and an exposed security vulnerability on Balancer which did $2.1 million in damage.

Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story

Tether pours $775M into video-sharing platform Rumble

Crypto casino Stake reopens withdrawals just 5 hours after $41M hack

The online crypto casino reported unauthorized transactions from its hot wallets on Sept. 4 with blockchain security firms estimating at least $41 million pilfered from hackers.

Crypto betting platform Stake has reopened deposits and withdrawals and resumed services for users only five hours after the platform was hacked to the tune of $41.3 million, blockchain security firms estimate.

Stake confirmed that all services resumed at 9:28pm UTC time on Sept. 4 — a few hours after the platform confirmed that several unauthorized transactions were made on Stake’s ETH/ BTC hot wallets:

The betting site said its Bitcoin (BTC), Litecoin (LTC), and XRP wallets were not impacted but hasn’t yet shared the cause of the exploit or how much was stolen. Stake however confirmed that user funds remain safe.

Recent analysis by blockchain security firm Beosin calculated the total loss to be $41.35 million, which included $15.7 million on Ethereum (ETH), $7.8 million on Polygon (MATIC) and another $17.8 million from the Binance Smart Chain.

An earlier estimate of $15.7 million by fellow blockchain security firm PeckShield didn’t account for the $25.6 million allegedly lost on BSC and Polygon, according to on-chain analyst ZachXBT.

Related: Atomic Wallet faces lawsuit over $100M crypto hack losses: Report

The first transaction occurred at 12:48 pm UTC, transferring approximately $3.9 million worth of stablecoin Tether (USDT) from Stake to the attacker’s account. The next two transactions removed over 6,000 Ether, worth approximately $9.8 million at the current prices.

The attacker continued to remove tokens over the next few minutes, including about $1 million in USD Coin (USDC), $900,000 worth of Dai (DAI) and 333 Stake Classic (STAKE) ($75) which is understood to have made up the first $15.7 million on Ethereum.

Magazine: How smart people invest in dumb memecoins — 3-point plan for success

Tether pours $775M into video-sharing platform Rumble

On-chain tool to seize crypto is a purist’s nightmare, but a must: CEO

A U.S. federal court recently used on-chain tech to lock criminals out of their crypto on the Jurat Network. Its founder, Mike Kanovitz, admits it could see hate from crypto purists.

The founder of layer-1 blockchain Jurat has defended his protocol against potential haters, arguing that on-chain legal enforcement is a necessary trade-off for crypto mass adoption. 

On Aug. 8, a U.S. District Court used Jurat’s on-chain enforcement tool to lock several sanctioned individuals out of their crypto accounts. These individuals were sanctioned for money laundering and using ransomware to extort cryptocurrency payments to benefit North Korea’s weapons program.

Speaking to Cointelegraph, Mike Kanovitz, the founder and CEO of Jurat said the judicial order was the first of its kind.

The Jurat blockchain was launched in late 2022, formed via a fork of the Bitcoin blockchain. The technology connects blockchain nodes with court dockets to enforce court orders.

Kanovitz admits that such technology will likely garner criticism from die-hard supporters of decentralization.

“Some people are going to claim to be philosophical purists and hate on it. I get that.

However, the Illinois-based lawyer said such technology could bring the necessary due process protections for digital assets, which will be key to mainstream adoption.

"Some of the people who currently think that there should not be effective law enforcement on-chain would feel differently if they got hacked, defrauded, or lost their private keys. Then they would be relieved that they can recover their property," he expla

In the first half of 2023, $656 million in cryptocurrencies were lost to scams, hacks and rug pulls, according to a June 30 report by blockchain security firm Beosin.

“It will not only tame the lawlessness that scares away would be adopters and draws the ire of government officials, it can unlock incredible utility for commerce,” he added.

Related: MetaCourt’s IDO launch: A paradigm shift in Web3 legal services

Until now, courts have had limited means to effectively freeze and seize crypto funds. A common tactic has been to order centralized crypto exchanges to freeze funds or turn over identifying information of the suspect. 

However, the on-chain enforcement tool works by connecting JTC’s blockchain and software nodes with the user's chosen court. 

During a lawsuit, each party provides the court with a competing hash for what that side wants the court to do. When a ruling is made, the court simply pastes the hash of the winning side, and the software nodes will execute the order autonomously once it accesses the online court docket.

The court attached the Jurat ID’s which JCT’s blockchain nodes then read to block the private keys of the defendants on the JCT Blockchain. Source: Jurat. io.

Kanovitz said the tool currently only works in the United States, and only for the JCT blockchain. However, he hopes to bring JCT’s technology into other Ethereum Virtual Machine-compatible blockchains in the future.

Magazine: ‘Moral responsibility’ — Can blockchain really improve trust in AI?

Tether pours $775M into video-sharing platform Rumble

Hacker Exploits Optimism-Based Decentralized Credit Market for $7,200,000 Worth of Ethereum (ETH)

Hacker Exploits Optimism-Based Decentralized Credit Market for ,200,000 Worth of Ethereum (ETH)

An Optimism-based (OP) decentralized credit market protocol has been hacked to the tune of millions of dollars worth of Ethereum (ETH). According to the security department of web3 protocol De.Fi, bad actors have stolen about $7.2 million worth of the leading smart contract platform by exploiting Exactly (EXA), an open-source credit market project. “After a […]

The post Hacker Exploits Optimism-Based Decentralized Credit Market for $7,200,000 Worth of Ethereum (ETH) appeared first on The Daily Hodl.

Tether pours $775M into video-sharing platform Rumble

Telegram trading bots are hot, but don’t trust them for custody — Security firms

There are still too many unknowns over how various Telegram trading bots store private keys, blockchain security firms told Cointelegraph.

Telegram trading bots, which have been turning the messaging platform into a quasi-crypto marketplace, pose significant security risks for users and require further scrutiny, according to blockchain security firms.

While such trading bots have existed for years, they've recently gained attention as crypto markets gain and associated bot tokens have gained in price, blockchain security firm CertiK told Cointelegraph.

As of the time of writing, the combined market capitalization of Telegram bot tokens is nearing $250 million, according to CoinGecko. The largest of the pack is Unibot; other popular bots include Wagie Bot and Mizar.

The bots are automated programs that run through Telegram, allowing users to make trades on decentralized exchanges (DEXs) by sending messages to it through the app.

CertiK, however, warned that many Telegram bots create crypto wallets for users, with only some actually providing the private key.

It’s unclear if they’re stored with accessibility by project employees, on the user device, or backed up through Telegram.

“While these platforms offer high-volume DEX trading options, they should be considered extremely high-risk and unsuitable for medium to long-term storage of assets,” CertiK said.

The Unibot token market capitalization is over $185 million — the largest Telegram bot token by market cap.

Related: Curve-Vyper exploit: The whole story so far

Latest data shows Unibot users have traded a volume of $155 million across over 230,000 trades using the bot, according to Dune Analytics.

The daily trading volume of Unibot users since late May shows a spike around late July. Source: Dune

In an Aug. 5 post, blockchain security firm Beosin also highlighted the security risks of using the bots, claiming their centralization posed a risk to a user’s private wallet keys.

It added further security risks come from many of the bots not open-sourcing their code or undertaking security audits and a user could also lose control of their funds if their Telegram account is hacked.

Beosin recommended projects open-source their code to make security reviews easier and ensure better storage of user private keys.

Hall of Flame: Wolf Of All Streets worries about a world where Bitcoin hits $1M

Tether pours $775M into video-sharing platform Rumble

$656M lost from crypto hacks, scams, and rug pulls in H12023: Report

Approximately $215 million of stolen assets have since been recovered.

According to a June 30 report by Web3 security firm Beosin, the total value of cryptocurrencies lost in scams, hacks, and rug pulls amounted to $656 million during the first quarter of 2023. This includes the loss of $471.43 million in 108 protocol attacks, $108 million in various phishing scams, and $75.87 million over 110 rug pulls. For hacks, the amount represented a significant decrease over H1 2022 and H2 2022, where $1.91 billion and $1.69 billion were lost, respectively. In addition, Beosin analysts wrote:

"Approximately $215 million of stolen assets were recovered, accounting for 45.5% of all stolen assets. In contrast, in 2022, only 8% were recovered. $113 million of stolen assets were transferred to mixers: $45.38M into Tornado Cash and $68.14M into other mixers."

In a dashboard compiled by Beosin and Footprint Analytics, only one project was hacked for more than $100 million, that being Euler Finance's $195 million flash loan hack on March 13. The firm opened redemptions on April 12 after hackers returned most of the stolen assets. 

The vast majority of crypto lost in H1 2023 were coins and tokens minted on the Ethereum (ETH) blockchain, at 75.6%. Meanwhile, the second largest stolen asset class, BNB tokens, came at just 2.6%.

Furthermore, most of the stolen crypto was lost due to smart contract vulnerabilities (56%), while 21.4% had no clear identifiable reasons for their loss. Nevertheless, the numbers represent a significant decrease over H2 2021, where a record $2.1 billion in crypto was lost due to hacks, phishing scams, and rug pulls.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Tether pours $775M into video-sharing platform Rumble

Losses from crypto rug pulls outpaced DeFi exploits in May: Beosin

Over $45 million was lost to exit scams in May while exploits on DeFi protocols racked up less than half that amount over the same period.

The amount of cryptocurrency lost to "rug pull" or "exit scams" — where founders suddenly up and leave with investors’ money — had outpaced the amount stolen from decentralized finance (DeFi) projects in May, a blockchain security firm has revealed.

A June 1 report from Beosin said in May total losses from rug pulls and scams reached over $45 million across six incidents.

Meanwhile, there were 10 attacks on decentralized finance (DeFi) protocols that netted only $19.7 million. The amount is a nearly 80% decrease from April and losses from these types of exploits had been on the decline for two months, it added.

The largest of such rug pulls was the $32 million that crypto project Fintoch is alleged to have made off with on May 24. The $7.5 million attack on the DeFi platform Jimbos protocol was the largest attack last month according to Beosin.

Related: Could Ben.eth’s PSYOP tokens face legal scrutiny? It depends, say lawyers

“Hackers and scammers are gradually shifting the target of their attacks from various project parties to ordinary users,” Beosin wrote.

It recommended crypto users “raise their anti-fraud awareness,” undertake due diligence on a project before investing and learn how to better safeguard their crypto.

Beosin also warned against using shared or public charging devices for mobile phones as these could potentially be modified to inject malicious programs that could compromise private keys.

In April, the United States Federal Bureau of Investigation (FBI) issued a similar warning the use of free charging stations such as those found at airports should be avoided.

“Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices,” the FBI’s Denver office tweeted on April 6. It instead advised carrying a charger and USB cord for use in an electrical outlet.

Hall of Flame: Crypto Wendy on trashing the SEC, sexism, and how underdogs can win

Tether pours $775M into video-sharing platform Rumble

Lendhub protocol exploiters spotted shifting $3.85M into Tornado Cash

Despite the sanctions on the crypto mixing service, the bad actors behind January's biggest exploit have deposited millions worth of funds into Tornado Cash.

The suspected actors behind the $6 million exploit of decentralized finance (DeFi) lending protocol Lendhub have just sent more than half of their ill-gotten gains from January into sanctioned crypto mixer Tornado Cash.

Blockchain security firms PeckShield and Beosin alerted their respective followers to the movement of funds on Feb. 27, noting that around 2,415 Ether (ETH) worth around $3.85 million was sent to Tornado Cash from a wallet connected to the Jan. 12 exploit.

PeckShield previously reported the LendHub exploit was the largest in January with $6 million pilfered from the protocol.

On-chain intelligence firm Beosin tweeted that the latest movement means a total of 3,515.4 ETH, currently worth over $5.7 million, has been sent to Tornado Cash by the exploiter since Jan. 13.

The recent moves by the exploiter wallet sent funds to Tornado Cash in batches of 100 ETH, then moved on to smaller deposits. Source: Etherscan

Tornado Cash is a crypto mixing service that attempts to anonymize Ethereum transactions by combining vast amounts of Ether prior to depositing sums to other addresses.

The service was sanctioned on Aug. 8, 2022, by the United States Office of Foreign Assets Control (OFAC) for its alleged role in the laundering of crime proceeds.

Despite the sanctions and the website for the service being taken down, Tornado Cash is still able to run and be used as it's a smart contract housed on a decentralized blockchain.

A January report by blockchain analytics firm Chainalysis said that hacks and scams once contributed to around 34% of all inflows to the mixer and were at times inflows reached around $25 million per day, but that dropped by 68% in the 30 days following the sanctions.

Related: ​​Crypto-related enforcement actions by US states rose sharply in 2022: Report

Bad actors in the space continue to frequent the service, recently the exploiter behind an Arbitrum-based DeFi project transferred over $1.86 million in ill-gotten cryptoto Tornado Cash on Feb. 20.

The notorious North Korean hacker outfit, Lazarus Group, often sends significant sums to mixers such as Tornado Cash and Sinbad.

An early February Chainalysis report claimed that exploited funds from North Korean hackers “move to mixers at a much higher rate than funds stolen by other individuals or groups.”

Tether pours $775M into video-sharing platform Rumble

Why DeFi should expect more hacks this year: Blockchain security execs

One reason is that “hackers have gotten smarter, gained more experience, and learned how to look for bugs,” according to the founder of a crypto auditing firm.

Decentralized finance (DeFi) investors should buckle themselves up for another big year of exploits and attacks as new projects enter the market and hackers become more sophisticated.

Executives from blockchain security and auditing firms HashEx, Beosin and Apostro were interviewed for Drofa’s An Overview of DeFi Security In 2022 report shared exclusively with Cointelegraph.

The executives were asked about the reason behind a significant increase in DeFi hacks last year, and were asked whether this will continue through 2023.

Tommy Deng, managing director of blockchain security firm Beosin, said while DeFi protocols will continue to strengthen and improve security, he also admitted that “there is no absolute security,” stating:

“As long as there is interest in the crypto market, the number of hackers will not decrease.”

Deng added that many new DeFi projects “don’t go through complete security testing before going live."

Additionally, a significant amount of projects are now exploring the use of cross-chain bridges, which were a prime target for exploiters last year, leading to $1.4 billion stolen across six exploits in 2022.

The comments mirror those of blockchain security firm CertiK, who told Cointelegraph on Jan. 3 that it doesn’t “anticipate a respite in exploits, flash loans or exit scams” in the coming year.

In particular, CertiK noted the likelihood of “further attempts from hackers targeting bridges in 2023” citing the historically high returns from attacks in 2022.

Crypto auditing firm HashEx founder and CEO, Dmitry Mishunin, said “hackers have gotten smarter, gained more experience, and learned how to look for bugs.”

“The crypto industry is still relatively new, and everyone is growing with each other, so it’s difficult to get too far ahead of bad actors.”

He added the amount of value in some DeFi projects made the industry “very attractive” to malicious actors, and that the number of hacks “is only going to grow going forward.”

Mishuin said these attacks may even spread outside of DeFi, with attackers setting their sights on “crypto exchanges and banks” that enter the market offering “more secure solutions for storing digital assets.”

Related: Crypto’s recovery requires more aggressive solutions to fraud

Smart contract security and auditing firm Apostro co-founder, Tim Ismiliaev gave a more hopeful take, however, as he expects the space to “mature over the next five years, and new best practices for securing decentralized finance protocols will emerge.”

Too long; didn’t read

Interestingly, both Mishunin and Deng noted that many of the post-incident reports provided by blockchain security firms often fail to reach their target audience — blockchain developers.

“The people that read such analyses are average investors that are concerned about their money. Actual blockchain developers are too busy coding; they don’t have time to read stuff like that,” said Mishunin.

Meanwhile, Deng said the reports are usually about “event-based vulnerabilities and related recommendations,” so doesn’t often help other developers as they might still be vulnerable to other exploits.

He admitted, however, that reports on “general vulnerabilities” in DeFi “tend to do a good job of ramping up protection.”

“The reentrancy vulnerabilities are now not as common as they used to be.”

Tether pours $775M into video-sharing platform Rumble

Web3 Witnessed Over $718,000,000 in Losses in Q2 This Year, According to Blockchain Security Firm

Web3 Witnessed Over 8,000,000 in Losses in Q2 This Year, According to Blockchain Security Firm

New data from a blockchain security company reveals that the Web 3.0 sector suffered hundreds of millions of dollars worth of losses in the second quarter of this year. According to a new report by Beosin, Web 3.0 witnessed 48 major cyber attacks in Q2 with total losses of approximately $718.34 million. The blockchain security […]

The post Web3 Witnessed Over $718,000,000 in Losses in Q2 This Year, According to Blockchain Security Firm appeared first on The Daily Hodl.

Tether pours $775M into video-sharing platform Rumble