Blockchain security firm Certik says financial losses related to security incidents in the web3 industry topped over $1.84 billion in 2023. In its annual web3 security report, Certik says there were 751 security incidents last year costing a total of $1,840,879,064, representing a decline of 51% from the $3.7 billion lost in 2022. A larger […]
The post Over $1,840,000,000 Lost in Hundreds of Crypto Security Incidents Last Year: Blockchain Security Firm appeared first on The Daily Hodl.
A phishing link was posted on the X account of blockchain-focused cybersecurity firm Certik after a bad actor hacked into the protocol’s social media profile. In a new announcement, the cybersecurity company says that a “verified account associated with well-known media” was able to hack into one of their employee’s X accounts, using it to […]
The post Phishing Link Posted to Certik’s X Account After Hacker Compromises Blockchain Security Firm’s Social Media appeared first on The Daily Hodl.
Users of OKX Wallet are being warned by blockchain security firm Certik to update their iOS app. Via a post on the social media platform X, Certik says that it has found a Remote Code Execution (RCE) vulnerability within the OKX Wallet app. An RCE is when a hacker can target a computing device and […]
The post OKX Wallet Users Urged To Update iOS After Security Firm Issues Alert of Critical Vulnerability appeared first on The Daily Hodl.
The Poloniex and HTX/Heco Bridge exploits as well as the KyberSwap flash loan attack were the three largest incidents in November, according to blockchain security firm CertiK.
The cryptocurrency industry has now seen its most “damaging” month for crypto thievery, scams and exploits, with crypto criminals walking away with $363 million in November, according to a blockchain security firm.
Around $316.4 million came from exploits alone, flash loans inflicted $45.5 million in damage, and $1.1 million was lost to various exit scams, CertiK stated in a Nov.
#CertiKStatsAlert
— CertiK Alert (@CertiKAlert) November 30, 2023
Combining all the incidents in November we’ve confirmed ~$363M lost to exploits, hacks and scams
This makes November the most damaging month this year
Exit scams were ~$1.1M
Flash loans were ~$45.5M
Exploits were ~$316.4M
See more details below pic.twitter.com/QoDy6d8IJH
The largest exploits in November occurred on Poloniex and HTX/Heco Bridge, with losses of $131.4 million and $113.3 million, respectively.
The third largest exploit was inflicted on a single victim who lost $27 million from a phishing attack.
Meanwhile, the $45 million KyberSwap attack accounted for nearly all damage done for flash loan attacks in the month.
The latest monthly figure has surpassed an earlier record of $329 million, set in September, caused mainly by the $200 million Mixin Network attack.
As of the end of November, about $1.7 billion has now been lost to exploits, exit scams and flash loan attacks in 2023.
Blockchain security firm CertiK believes the $2.4 million draining of a CoinSpot hot wallet is likely the result of a “private key compromise.”
Australian crypto exchange CoinSpot has reportedly been hacked for $2.4 million in a “probable private key compromise” over at least one of its hot wallets.
According to a Nov. 8 post to his Telegram channel, blockchain sleuth ZachXBT highlighted two transactions entering the alleged hackers wallet. Afterwards, the wallet’s owner bridged the funds to the Bitcoin (BTC) network via ThorChain and Wan Bridge.
In emailed comments to Cointelegraph, blockchain security firm CertiK said the alleged exploit was the result of a “probable private key compromise” on at least one CoinSpot hot wallet.
According to data from Etherscan, a transaction totalling 1,262 Ether (ETH) — worth $2.4 million at current prices — came from a known CoinSpot wallet and entered the alleged hackers wallet.
The owner of the wallet address that received the 1,262 ETH then began making a series of transfers. In two separate transactions, the wallet’s owner swapped 450 ETH for 24 Wrapped Bitcoin (WBTC) via Uniswap.
Related: Apple MacOS malware targets crypto community and engineers
Within the next 10 minutes, the address swapped 831 ETH for Bitcoin via Thorchain, sending the Bitcoin to four different wallet addresses, according to CertiK investigative data viewed by Cointelegraph.
A search of Bitcoin explorer BTCScan data, showed the owner of the four Bitcoin wallets distributing the allegedly ill-gained BTC to multiple new wallets, transferring smaller divisions of the funds to additional new wallets each time.
This is a tactic commonly leveraged by attackers to prolong the investigation process — making it more difficult to track the entirety of the stolen funds.
CoinSpot was established in 2013 and currently stands as Australia’s largest crypto exchange by reported user numbers, serving around 2.5 million customers. The exchange is regulated by Australian financial watchdog AUSTRAC and was granted an Australian Digital Currency Exchange License by the regulator.
CoinSpot did immediately respond to a request for comment from Cointelegraph.
Magazine: Beyond crypto — Zero-knowledge proofs show potential from voting to finance
The Mixin Network cross-chain protocol accounted for almost two-thirds of the crypto exploit losses in September.
September has officially become the worst month in 2023 (so far) for crypto-related exploits — with a whopping $329.8 million in crypto stolen.
On Oct. 2, blockchain security firm CertiK said the most significant contributor to the month’s totals came from the Mixin Network attack on Sept. 23 when the Hong Kong-based decentralized cross-chain transfer protocol lost $200 million due to a breach of its cloud service provider.
#CertiKStatsAlert
— CertiK Alert (@CertiKAlert) September 30, 2023
Combining all the incidents in September we’ve confirmed ~$332M lost to exploits, hacks and scams.
Exit scams were ~$1.9M
Flash loans were ~$0.4M
Exploits were ~$329.8M
See more details below pic.twitter.com/DMFN9LWU8V
Other major incidents for the month included the attacks on the CoinEx exchange and Stake.com resulting in losses of $53 million and $41 million respectively.
As reported by Cointelegraph, North Korean hacking collective the Lazarus Group has been fingered for both attacks. The latest figures from Dune Analytics claim that the group currently holds $45.6 million in crypto assets.
The attack has taken the yearly total of crypto lost to exploits to $925.4 million. July was the second-highest month for exploit losses with $285.8 million pilfered.
Meanwhile, the month also saw $1.9 million lost to exit scams, $400,000 to flash loan attacks, and another $25 million to phishing attacks, according to CertiK.
The total lost in 2023 to exploits, scams, and hacks has now totaled $1.34 billion.
Related: North Korean Lazarus Group amasses over $40M in Bitcoin, data reveals
According to blockchain security firm Beosin, total losses from hacks, phishing scams, and exit scams were just under $890 million for the third quarter of 2023.
Losses in Q3 even exceeded the combined sum of the first two quarters which was $330 million in Q1 and $333 million in Q2, it reported late last week.
Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story
The sanction of cryptocurrency mixer Tornado Cash in August caused the first major shift, but that is now accelerating even faster than projected.
Cybercriminals have accelerated their shift away from crypto mixers for cross-chain bridges over the past year, according to blockchain forensics firm Elliptic.
In June and July, nearly all of the crypto stolen was laundered through cross-chain bridges, Elliptic’s data shows a complete reversal from the first half of 2022.
In a Sept. 18 blog post, Elliptic explained the cross-chain crime trend is due to the “crime displacement” effect — where criminals move to a new method to carry out the illicit activity when the existing method gets over-policed. However, the shift to cross-chain bridges is rising ahead of their projections.
Between July and September 2022, the ratio of laundered funds passing through mixers vs. cross-chain bridges flipped, corresponding to the U.S. Office of Foreign Asset Control’s sanctioning of Tornado Cash in August 2022, said the firm.
Elliptic said many cybercriminals, like the North Korean-backed Lazarus Group, flocked to the Avalanche bridge after the sanctions.
This same bridge was reportedly used recently by the Lazarus Group to facilitate some of the stolen funds in Stake’s $41 million exploit on Sept. 4, according to blockchain security firm CertiK.
Crypto mixers saw a small comeback between November 2022 and January 2023, due to the shutdown of RenBridge — which closed in December after its financer, Alameda Research collapsed from FTX’s bankruptcy.
Elliptic estimates that RenBridge facilitated $500 million in laundered funds throughout its operation.
However, shortly after, criminals have moved back to cross-chain bridges again, even more than before.
Chain-hopping via bridges has become one of the most popular money laundering methods for illicit actors. That's been a problem for crypto investigators — until now. Meet TRM Phoenix — automated cross-chain tracing through 12+ bridges & services: https://t.co/OziATjlO4P pic.twitter.com/7QsLthn180
— TRM Labs (@trmlabs) August 25, 2022
Related: 3 steps crypto investors can take to avoid hacks by the Lazarus Group
Elliptic said that criminals may be preferring cross-chain bridges as it is difficult for blockchain forensic firms to track illicit activity across chains in a scalable manner.
“Criminals are aware that legacy blockchain analytics solutions do not have the means to trace illicit blockchain activity across blockchains or tokens in a programmatic or scalable manner.”
In addition, many of these stolen tokens are only exchangeable through cross-chain bridges, while most of these DeFi services do not require identity verification to use, Elliptic explained.
The firm estimates that $4 billion in illicit or high-risk cryptocurrencies have been laundered through cross-chain bridges since 2020.
Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story
A total of $4.8 million in funds have now been moved by the hacker to Bitcoin and now Avalanche.
The hackers behind cryptocurrency casino Stake’s $41 million hack have shifted another $328,000 million worth of Polygon (MATIC) and Binance Coin (BNB) tokens — its latest moves following the Sept. 4 exploit, according to blockchain security firm CertiK.
The most recent transfer involved 300 BNB tokens worth about $61,500 to an externally owned address “0x695…” which were then bridged to the Avalanche blockchain on Sept. 11 at 4:09 pm UTC.
Another 520,000 MATIC tokens worth over $266,000 were also moved to Avalanche seven hours earlier at 7:18 am UTC.
#CertiKSkynetAlert
— CertiK Alert (@CertiKAlert) September 11, 2023
We are seeing a further movement of funds from the Stake exploiter.
520k MATIC was swapped and bridged to Avalanche before being bridged to BTC as per other fund movements from the exploiter.
See more on Skynet https://t.co/Sdsfh29AoF
The 520,000 MATIC and 300 BNB — totaling $328,000 — add to the $4.5 million in stolen funds that were bridged to the Bitcoin blockchain (in the form of BTC) on Sept. 7, according to blockchain security firm Arkham.
The total $4.8 million transferred however only represents 1.2% of the total $41 million stolen from the hackers.
Over the past 24 hours, the Hacker has been gradually bridging funds to the BTC Blockchain using a series of new wallets on Polygon and Avalanche.
— Arkham (@ArkhamIntel) September 7, 2023
They have so far bridged $4.5M to BTC addresses, with the remaining $36M still held on ETH/BNB/Polygon. pic.twitter.com/fiMy62ABwL
It is understood the hacker gained access to the private key of Stake’s Binance Smart Chain and Ethereum hot wallets to perpetrate the hack on Sept. 4.
The United States Federal Bureau of Investigation believes North Korea’s Lazarus Group was behind the exploit.
With $41 million stripped from Stake, the industry’s malicious actors have now taken the cryptocurrency hacks and scams toll to well over $1 billion in 2023.
CertiK previously reported the figure to be $997 million at the end of August, though several attacks in the last two weeks will push the figure over the $1 billion mark.
Related: CertiK drops findings on alleged scammer who stole $1M in crypto
In September, a cryptocurrency whale lost $24 million in staked Ether (ETH) in a phishing attack on Sept. 6, and Vitalik Buterin’s X (formerly Twitter) account was then compromised on Sept. 9, where the hacker then lured several victims into a nonfungible token scam which totaled $691,000.
The three incidents would take CertiK’s August figure to at least $1.04 billion.
Crypto Hacks And Scams Reach Nearly a Billion Dollars In 2023!
— Interlock (@interlockweb3) September 11, 2023
⚔️ThreatSlayer is your security sidekick that keeps you safe! pic.twitter.com/pZmPCdZzP2
Other recent incidents include Pepe (PEPE) coin’s withdrawal incident which set back investors $13.2 million, Exactly Protocol’s $7.3 million exploit and an exposed security vulnerability on Balancer which did $2.1 million in damage.
Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story
Uniswap developer AzFlin has admitted to creating the FRENS token but has argued what he did doesn't constitute a rug pull.
A Uniswap developer known as “AzFlin” has been sacked by the founder of Uniswap Labs, Hayden Adams, for allegedly creating a memecoin and rug pulling it a few hours later for 14 wrapped-Ether (wETH), worth $25,800.
It is understood that AzFlin developed and deployed FrensTech token (FRENS) on Coinbase’s new layer 2 blockchain Base on Aug 12 before selling the tokens raised from the liquidity shortly after.
Adams publicly confirmed the sacking of AzFlin, adding that such behaviour is neither supported nor condoned at Uniswap Labs.
Wanted to let people know this person is no longer with the company.
— hayden.eth (@haydenzadams) August 12, 2023
Not behavior we support or condone. https://t.co/sxVowwIR3Q
The developer has mocked the situation at hand with a series of light-hearted posts along with a new X (formerly Twitter) cover photo.
AzFlin, however, claims that no rug pull was committed.
“I bought that $FRENS used to provide LP with my OWN money from the dev wallet, so I am entitled to do as I please with it. This FUD is outrageous,” they said on Aug. 12.
Not everyone is buying into AzFlin’s story though, with some applauding Adams’ decision to fire AzFlin for the alleged action:
Hayden Adams' decision to terminate employee AzFlin is highly necessary and demonstrates his commitment to upholding Uniswap's reputation and ethical standards. Developing a meme token and then exploiting access to transfer and sell tokens from the liquidity pool is a morally…
— KEVIL KOLS NETWORK (@KevilCrypto) August 13, 2023
Meta CEO Mark Zuckerberg says it's “time to move on” from any talks of a potential cage fight between him and Elon Musk, accusing the Tesla CEO of making excuses and dragging his feet on any solid plans.
Zuckerberg explained in an Aug. 13 Threads post that Musk isn’t “serious” about a real fight because Musk has dragged on giving any potential dates for the bout.
“I think we can all agree Elon isn’t serious and it’s time to move on.” Zuckerberg added:
“Elon won’t confirm a date, then says he needs surgery, and now asks to do a practice round in my backyard instead.”
Zuckerberg — who has helped re-shaped Meta’s investment focus on the Metaverse and artificial intelligence — said that he will be ready for a fight whenever Musk “gets serious” about a real date and official event.
The Meta CEO said he will continue to focus on competing with those who take the sport seriously for the meantime.
Financial records have revealed that former United States President Donald Trump owns between $250,001 to $500,000 in Ethereum (ETH).
The statement, which was filed to the United States Office of Government Ethics on April 14, lists “cryptocurrency wallet (Ethereum)” as one of Trump’s investments, according to the 82-page form.
The investment may possibly be linked to Trump’s several nonfungible token (NFT) collections which have hit the market on several occasions between 2022 and 2023.
Trump’s NFT venture is expected to rake in between $100,000 and $1 million, according to the financial statement.
Despite the cryptocurrency and NFT investments, the billionaire businessman has voiced his skepticism towards the industry in the past, labeling Bitcoin (BTC) as a “scam” and cryptocurrencies more broadly as “potentially a disaster waiting to happen” in Aug. 2021.
Trump is once again in the running to become the next U.S. President in the upcoming 2024 Presidential Election.
The exploiter of decentralized finance protocol Steadefi has transferred 100 Ether (ETH), worth about $185,000 to cryptocurrency mixing protocol Tornado Cash, according to blockchain security firm CertiK.
CertiK explained on Aug. 13 that the hacker still holds $786,000 (424 ETH) connected to the Steadefi exploit, which took place on Aug. 7.
#CertiKSkynetAlert
— CertiK Alert (@CertiKAlert) August 13, 2023
We have seen EOA 0xe10d deposit 100 ETH (~$185K) into @TornadoCash.
The EOA, which still holds 424 ETH ($786k), is connected to the exploit on @steadefi on August 7.
See more on Skynet https://t.co/4HOEg2PJ1k
A total of $334,000 was drained directly from Steadefi, with total losses amounting to over $1.1 million, according to some estimates.
Tornado Cash has served as a tool for hackers attempting to obfuscate the money trail and cash out the stolen funds.
On Aug. 8, 2022, the United States Office of Foreign Asset Control (OFAC) sanctioned Ethereum and USD Coin (USDC) addresses connected to the privacy tool.
United States Senator Cynthia Lummis has filed an amicus brief supporting Coinbase’s motion to dismiss its lawsuit against the U.S. Securities and Exchange Commission. Lummis says the SEC is unrightfully pushing to obtain “primary influence” over the cryptocurrency sector at a time where much regulatory consideration needs to be taken by Congress.
Decentralized finance platform Curve Finance has officially stated on Aug. 11 its intention to reimburse users impacted by the recent hack resulting in $62 million of losses on July 30. The firm has already managed to retrieve 79% of the funds thus far.
Magazine: Girl Gone Crypto thinks ‘BREAKING’ crypto news tweets are boring: Hall of Flame
There are still too many unknowns over how various Telegram trading bots store private keys, blockchain security firms told Cointelegraph.
Telegram trading bots, which have been turning the messaging platform into a quasi-crypto marketplace, pose significant security risks for users and require further scrutiny, according to blockchain security firms.
While such trading bots have existed for years, they've recently gained attention as crypto markets gain and associated bot tokens have gained in price, blockchain security firm CertiK told Cointelegraph.
As of the time of writing, the combined market capitalization of Telegram bot tokens is nearing $250 million, according to CoinGecko. The largest of the pack is Unibot; other popular bots include Wagie Bot and Mizar.
The bots are automated programs that run through Telegram, allowing users to make trades on decentralized exchanges (DEXs) by sending messages to it through the app.
Telegram bot tokens will be the next crypto meta in the coming 1-2 months. Agree or disagree? https://t.co/LewLnlivSm
— Bobby Ong (@bobbyong) July 19, 2023
CertiK, however, warned that many Telegram bots create crypto wallets for users, with only some actually providing the private key.
It’s unclear if they’re stored with accessibility by project employees, on the user device, or backed up through Telegram.
“While these platforms offer high-volume DEX trading options, they should be considered extremely high-risk and unsuitable for medium to long-term storage of assets,” CertiK said.
The Unibot token market capitalization is over $185 million — the largest Telegram bot token by market cap.
Related: Curve-Vyper exploit: The whole story so far
Latest data shows Unibot users have traded a volume of $155 million across over 230,000 trades using the bot, according to Dune Analytics.
In an Aug. 5 post, blockchain security firm Beosin also highlighted the security risks of using the bots, claiming their centralization posed a risk to a user’s private wallet keys.
It added further security risks come from many of the bots not open-sourcing their code or undertaking security audits and a user could also lose control of their funds if their Telegram account is hacked.
Beosin recommended projects open-source their code to make security reviews easier and ensure better storage of user private keys.
Hall of Flame: Wolf Of All Streets worries about a world where Bitcoin hits $1M
