1. Home
  2. Exploits

Exploits

Virtuals Protocol Discord server hacked, fake Google links posted

Coin Telegraph
Virtuals Protocol Discord server hacked, fake Google links posted
Coin Telegraph

The security incidents occurred days after a researcher discovered a critical bug in a Virtuals Protocol audited contract, which was fixed.

AI agent platform Virtuals Protocol suffered a hack to its Discord server on Jan. 8, and several fraudulent links purporting to be the Virtuals Protocol website were posted on Google Search.

According to the Virtuals team, one of the Discord group’s moderators was the victim of a private key breach that compromised the messaging server. The breach has since been resolved.

Cybersecurity firm Scam Sniffer also detected three malicious links advertised on the Google Search page impersonating the Virtuals Protocol website in a separate incident.

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

North Korean hacker BlueNoroff targets crypto firms with new malware

Coin Telegraph
North Korean hacker BlueNoroff targets crypto firms with new malware
BlueNoroff

According to cybersecurity firm Recorded Future, North Korean hacker groups have stolen approximately $3 billion in funds since 2017.

BlueNoroff, the infamous North Korean hacker group responsible for a string of phishing and cybersecurity attacks since 2019, is targeting crypto firms with a new malware that attacks MacOS computers.

According to a report from SentinelLabs, the malware operation nicknamed “Hidden Risk” is spread through PDF files in multiple stages. The threat actors use fake news headlines and legitimate crypto market research to lure in unsuspecting individuals and companies.

Once the user downloads the PDF file, a seemingly legitimate decoy PDF is downloaded and opened, while the malware downloads as a separate file on the MacOS desktop in the background.

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

User loses $32 million spWETH in a sophisticated phishing attack

Coin Telegraph
User loses million spWETH in a sophisticated phishing attack
Coin Telegraph

According to crypto security firm Scam Sniffer, 9,145 users were victims of phishing attacks during August 2024, losing funds as a result.

A wallet ending in "e57" fell prey to a sophisticated phishing attack on Sept. 27 that left the wallet drained of 12,083 Spark Wrapped Ethereum tokens (spWETH), valued at $32 million.

According to security firm CertiK, 10,000 spWETH, valued at approximately $26 million, was initially sent to a wallet beginning with "0x471c." A portion of these funds was subsequently transferred to 4 additional wallets.

1,750 Ether (ETH) was transferred to a wallet beginning with the characters "0x105c", 2,613 ETH was sent to a wallet starting with "0x278d", an additional 3,730 ETH to an address beginning with "0x408d", and, finally, approximately 1,865 ETH was transferred to an address beginning in "0xfaf2."

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

BingX confirms the resumption of withdrawal services following hack

Coin Telegraph
BingX confirms the resumption of withdrawal services following hack
BingX

Monetary losses from the BingX hack were initially reported as totaling $26 million, but the figure has since swelled to $52 million.

BingX — a popular cryptocurrency exchange — has announced that withdrawal services on the platform will resume on Sept. 21, 2024, for certain digital assets.

According to the exchange's announcement, withdrawals for Tether's US dollar stablecoin (USDT), Circle's US dollar stablecoin (USDC), Bitcoin (BTC), Ethereum (ETH), Tron (TRX), and Solana (SOL) will resume first followed by withdrawal services for other tokens and digital assets over the next two weeks.

The exchange notified customers that deposit services would likewise resume in the next several weeks and told clients that withdrawal requests submitted before the disruption of withdrawal services have been canceled and must be resubmitted.

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

Ethena domain registrar hacked, Ethena Labs warns users to stay away

Coin Telegraph
Ethena domain registrar hacked, Ethena Labs warns users to stay away
Coin Telegraph

The Ethena website appears to have suffered a front-end attack, and users are encouraged not to interact with the platform. 

The Ethena website suffered what appears to be a front-end exploit on Sept. 18, and Ethena Labs has cautioned users not to interact with any site or application claiming to be Ethena.

According to a social media post from Ethena Labs, the website's domain registrar account was compromised, and the site is currently deactivated until the issue is resolved.

Ethena Labs also reassured clients that the Ethena protocol was not affected by the exploit and that all customer funds were safe.

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

New Android malware steals private keys from screenshots and images

Coin Telegraph
New Android malware steals private keys from screenshots and images
Coin Telegraph

According to a recent FBI warning, North Korean hackers are "aggressively targeting" the crypto industry with “well-disguised” attacks.

A new Android malware called SpyAgent, discovered by software security firm McAfee, can steal private keys stored in screenshots and images on a smartphone’s internal storage.

More specifically, the malware uses a mechanism known as optical character recognition (OCR) to scan images stored on a smartphone and extract words from them. OCR is present in many technologies, including desktop computers, which can recognize, copy, and paste text from images.

McAfee Labs explained that the malware is distributed through malicious links sent through text messages. The cybersecurity company broke down the process, beginning with an unsuspecting user clicking on a link they received.

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

Ethereum Ecosystem Suffers $400,000,000 in Losses Year-to-Date, Amount of Crypto Hacks Rise by Over 50%: SlowMist

The Daily Hodl
Ethereum Ecosystem Suffers 0,000,000 in Losses Year-to-Date, Amount of Crypto Hacks Rise by Over 50%: SlowMist
Altcoins
Ethereum Ecosystem Suffers 0,000,000 in Losses Year-to-Date, Amount of Crypto Hacks Rise by Over 50%: SlowMist

New research from cybersecurity firm SlowMist reveals that the Ethereum (ETH) ecosystem has lost $400 million in exploits year-to-date as the number of crypto hacking cases sees a 50% rise. According to SlowMist’s 2024 mid-year report, the second largest digital asset by market cap saw the most funds lost due to exploits as an ecosystem, […]

The post Ethereum Ecosystem Suffers $400,000,000 in Losses Year-to-Date, Amount of Crypto Hacks Rise by Over 50%: SlowMist appeared first on The Daily Hodl.

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

New Phishing Scams on Solana (SOL) Have Stolen Over $4,000,000 in Crypto Assets: Security Firm

The Daily Hodl
New Phishing Scams on Solana (SOL) Have Stolen Over ,000,000 in Crypto Assets: Security Firm
Altcoins
New Phishing Scams on Solana (SOL) Have Stolen Over ,000,000 in Crypto Assets: Security Firm

New data from a cybersecurity firm reveals that recent phishing scams over smart contract platform Solana (SOL) have stolen over $4 million in crypto assets. In a new blog post, security firm Scam Sniffer says that in the past month alone, bad actors were able to exploit $4.17 million worth of digital assets from about […]

The post New Phishing Scams on Solana (SOL) Have Stolen Over $4,000,000 in Crypto Assets: Security Firm appeared first on The Daily Hodl.

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

November most ‘damaging’ month in 2023 as thieves pilfer $363M in crypto

Coin Telegraph
November most ‘damaging’ month in 2023 as thieves pilfer 3M in crypto
certik

The Poloniex and HTX/Heco Bridge exploits as well as the KyberSwap flash loan attack were the three largest incidents in November, according to blockchain security firm CertiK.

The cryptocurrency industry has now seen its most “damaging” month for crypto thievery, scams and exploits, with crypto criminals walking away with $363 million in November, according to a blockchain security firm.

Around $316.4 million came from exploits alone, flash loans inflicted $45.5 million in damage, and $1.1 million was lost to various exit scams, CertiK stated in a Nov.

The largest exploits in November occurred on Poloniex and HTX/Heco Bridge, with losses of $131.4 million and $113.3 million, respectively.

The third largest exploit was inflicted on a single victim who lost $27 million from a phishing attack.

Meanwhile, the $45 million KyberSwap attack accounted for nearly all damage done for flash loan attacks in the month.

The latest monthly figure has surpassed an earlier record of $329 million, set in September, caused mainly by the $200 million Mixin Network attack.

As of the end of November, about $1.7 billion has now been lost to exploits, exit scams and flash loan attacks in 2023.

Read more

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

September becomes the biggest month for crypto exploits in 2023: CertiK

Coin Telegraph
September becomes the biggest month for crypto exploits in 2023: CertiK
certik

The Mixin Network cross-chain protocol accounted for almost two-thirds of the crypto exploit losses in September.

September has officially become the worst month in 2023 (so far) for crypto-related exploits — with a whopping $329.8 million in crypto stolen.

On Oct. 2, blockchain security firm CertiK said the most significant contributor to the month’s totals came from the Mixin Network attack on Sept. 23 when the Hong Kong-based decentralized cross-chain transfer protocol lost $200 million due to a breach of its cloud service provider.

Other major incidents for the month included the attacks on the CoinEx exchange and Stake.com resulting in losses of $53 million and $41 million respectively.

As reported by Cointelegraph, North Korean hacking collective the Lazarus Group has been fingered for both attacks. The latest figures from Dune Analytics claim that the group currently holds $45.6 million in crypto assets.

The attack has taken the yearly total of crypto lost to exploits to $925.4 million. July was the second-highest month for exploit losses with $285.8 million pilfered.

Meanwhile, the month also saw $1.9 million lost to exit scams, $400,000 to flash loan attacks, and another $25 million to phishing attacks, according to CertiK.

The total lost in 2023 to exploits, scams, and hacks has now totaled $1.34 billion.

Related: North Korean Lazarus Group amasses over $40M in Bitcoin, data reveals

According to blockchain security firm Beosin, total losses from hacks, phishing scams, and exit scams were just under $890 million for the third quarter of 2023.

Losses in Q3 even exceeded the combined sum of the first two quarters which was $330 million in Q1 and $333 million in Q2, it reported late last week.

Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

Read more
TRUMP dips after president admits ‘I don’t know much about it’

TRUMP dips after president admits ‘I don’t know much about it’

WordPress Theme by cactus.com
Close

Share this video