Backpack Wallet, Blockaid prevent $26.6M loss from DeFi attacks on Solana

November 15, 2024 Coin Telegraph

Backpack Wallet, Blockaid prevent .6M loss from DeFi attacks on Solana

Blockaid scanned over 180 million transactions of Backpack's users between June and September, detecting more than 71,000 malicious activities on the Solana network.

Backpack Wallet has identified malicious actors targeting more than 5% of its users engaging with the Solana network. Over 71,000 malicious transactions were detected between June and September 2024, avoiding $26.6 million in potential losses for users.

The transactions were identified through a partnership with security firm Blockaid, which scanned over 180 million transactions from Backpack’s users on Solana during the period.

“Our stats reflect the threats to end-users, meaning that these refer to malicious dApps, scam transactions, and harmful contracts,” Blockaid CEO Ido Ben-Natan told Cointelegraph.

According to Ben-Natan, users on the Solana ecosystem are being disproportionately targeted by scammers and attackers — mostly due to the growing activity of memecoin traders. “A lot of these attacks are usually coming from the same actors that populate the EVM threat landscape,” he said. The CEO added:

<div>Bitcoin 'diamond hand' sell-off risks outpacing ETF inflows at K</div>

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

North Korean hacker BlueNoroff targets crypto firms with new malware

November 8, 2024 Coin Telegraph

BlueNoroff

According to cybersecurity firm Recorded Future, North Korean hacker groups have stolen approximately $3 billion in funds since 2017.

BlueNoroff, the infamous North Korean hacker group responsible for a string of phishing and cybersecurity attacks since 2019, is targeting crypto firms with a new malware that attacks MacOS computers.

According to a report from SentinelLabs, the malware operation nicknamed “Hidden Risk” is spread through PDF files in multiple stages. The threat actors use fake news headlines and legitimate crypto market research to lure in unsuspecting individuals and companies.

Once the user downloads the PDF file, a seemingly legitimate decoy PDF is downloaded and opened, while the malware downloads as a separate file on the MacOS desktop in the background.

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

WazirX plans on launching a decentralized exchange

November 6, 2024 Coin Telegraph

Centralized Exchange

WazirX founder Nischal Shetty also announced the upcoming introduction of staking services to the centralized cryptocurrency exchange.

Nischal Shetty, the founder of the popular Indian crypto exchange WazirX, announced the company is expanding operations and exploring building a separate decentralized exchange (DEX) that will operate alongside the company's current centralized service.

According to Shetty, the decision to launch a DEX is a response to the July 2024 WazirX hack — which drained the exchange of approximately $235 million in user funds — and should help eliminate the counter-party risk inherent in centralized platforms. The WazirX founder asserted:

The WazirX founder also revealed plans to launch a corresponding DEX token to pay for fees on the platform and provide an instrument for governance.

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

FINRA Warns Member Firms of Metaverse Adoption Challenges

October 27, 2024 Bitcoin.com

bitcoin.com

The Financial Industry Regulatory Authority has released a report highlighting the potential benefits and risks of the metaverse for the securities industry. The report emphasizes the importance of addressing challenges identified to ensure the responsible and ethical development of metaverse applications. Firms Must Weigh Challenges in Metaverse Adoption While the metaverse is said to provide […]

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

Radiant Capital hacker compromised developers’ devices — post-mortem

October 18, 2024 Coin Telegraph

Coin Telegraph

Attackers of Radiant Capital compromised the devices of at least three core developers through a malware injection, the company confirmed.

Radiant Capital has disclosed a post-mortem for the Oct. 16 attack that resulted in the theft of over $50 million in digital assets from the BNB Chain and Arbitrum networks. According to Radiant, the attacker compromised the devices of three of its long-standing developers.

Hackers were able to compromise the devices through a “sophisticated malware injection” used to sign malicious transactions.

“The devices were compromised in such a way that the front-end of Safe{Wallet} (f.k.a. Gnosis Safe) displayed legitimate transaction data while malicious transactions were signed and executed in the background,” the Radiant team explained in a blog post.

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

Crypto-stealing malware discovered in Python Package Index — Checkmarx

October 11, 2024 Coin Telegraph

Coin Telegraph

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024.

Researchers at the Checkmarx cybersecurity firm sounded the alarm on a dangerous form of malware uploaded to the Python Package Index (PyPI) — a platform for Python developers to download and share code — that steals private keys, mnemonic phrases, and other sensitive user data.

According to the firm, the malware was automatically uploaded by a suspicious user in several different software packages meant to mimic decoding applications for popular wallets like MetaMask, Atomic, TronLink, Ronin, and other industry staples.

The malware was cleverly embedded within parts of the software packages. This allowed the malicious software to go largely undetected due to what appeared to be harmless code.

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

US gov files complaints to seize assets from North Korean hackers

October 7, 2024 Coin Telegraph

Coin Telegraph

According to PeckShieldAlert, losses from crypto hacks and exploits accounted for over $120 million in losses during September 2024.

The United States government filed two legal complaints on October 4, 2024, to begin seizing more than $2.67 million in digital assets stolen by the North Korean Lazarus hacking group.

According to the legal filings, the US government seeks to recover approximately $1.7 million in Tether (USDT) stolen by the organization in the 2022 Deribit hack — which left the options exchange drained of $28 million.

Once the hackers successfully breached a Deribit hot wallet, they passed the funds through the Tornado Cash mixer and several Ethereum (ETH) addresses in an attempt to avoid detection.

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

User loses $32 million spWETH in a sophisticated phishing attack

September 28, 2024 Coin Telegraph

User loses million spWETH in a sophisticated phishing attack

Coin Telegraph

According to crypto security firm Scam Sniffer, 9,145 users were victims of phishing attacks during August 2024, losing funds as a result.

A wallet ending in "e57" fell prey to a sophisticated phishing attack on Sept. 27 that left the wallet drained of 12,083 Spark Wrapped Ethereum tokens (spWETH), valued at $32 million.

According to security firm CertiK, 10,000 spWETH, valued at approximately $26 million, was initially sent to a wallet beginning with "0x471c." A portion of these funds was subsequently transferred to 4 additional wallets.

1,750 Ether (ETH) was transferred to a wallet beginning with the characters "0x105c", 2,613 ETH was sent to a wallet starting with "0x278d", an additional 3,730 ETH to an address beginning with "0x408d", and, finally, approximately 1,865 ETH was transferred to an address beginning in "0xfaf2."

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

MoneyGram admits ‘cybersecurity issue’ behind several-day outage

September 25, 2024 Coin Telegraph

Coin Telegraph

MoneyGram’s services have been offline since Sept. 20, with the firm confirming the outage is due to a cybersecurity incident three days later.

Financial services firm MoneyGram has admitted its multiday outage is due to a “cybersecurity issue,” and it is working to restore its services with some success.

“MoneyGram recently identified a cybersecurity issue affecting certain of our systems,” the company said in a Sept. 23 X post.

It comes days after users reported that its services were down on Sept. 20, and hundreds have reported MoneyGram’s outage in the past 24 hours, according to service status information aggregator DownDetector.

Bitcoin ‘diamond hand’ sell-off risks outpacing ETF inflows at $98K

Indian Supreme Court recovers YouTube account from XRP scammers

September 21, 2024 Coin Telegraph

Brad Garlinghouse

XRP scammers hacked the Supreme Court of India’s YouTube account, and although it was recovered, it lost its subscriber base.

The Supreme Court of India regained control of its official YouTube account shortly after it was hijacked by cryptocurrency scammers selling fake XRP investments.

On Sept. 20, the Supreme Court of India’s YouTube account was used to broadcast a livestream video about fake XRP (XRP) investments featuring Ripple Labs CEO Brad Garlinghouse.

The hackers rebranded the channel to resemble Ripple and deleted all previously uploaded content, as shown in the screenshot below.

Cybersecurity