![Hacker Siphons Close to 0K in OHM Tokens From the Olympus DAO Hacker Siphons Close to 0K in OHM Tokens From the Olympus DAO](https://static.news.bitcoin.com/wp-content/uploads/2022/10/shhdjdkskkdd-768x432.jpg)
A crypto lawyer believes the Mango Markets exploiter Avraham Eisenberg could still face consequences despite users supposedly agreeing not to pursue legal action.
The $117 million Mango Markets exploiter has defended that their actions were ‘legal,’ but a lawyer suggests that they could still face consequences.
Self-described digital art dealer Avraham Eisenberg, outed himself as the exploiter in a series of tweets on Oct. 15 claiming he and a team undertook a “highly profitable trading strategy” and that it was “legal open market actions, using the protocol as designed.”
I believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are.
— Avraham Eisenberg (@avi_eisen) October 15, 2022
The Oct. 11 exploit worked through Eisenberg and his team manipulating the value of their posted collateral — the platforms’ native token MNGO — to higher prices, then taking out significant loans against their inflated collateral which drained Mango’s treasury.
Michael Bacina, partner at Australian law firm PiperAlderman told Cointelegraph “if this had occurred in a regulated financial market it would be likely seen as market manipulation.”
“Price manipulation is a cousin of misrepresentation, and in many jurisdictions engaging in misleading and deceptive conduct is unlawful and grounds for legal claims.”
Eisenberg has committed to “making all users whole” and negotiations between him and the Mango Decentralized Autonomous Organization (DAO) have resulted in the DAO voting that Eisenberg be allowed to keep $47 million as a “bug bounty," while the rest will be sent back to the treasury.
A stipulation as part of the proposal states MNGO token holders “will not pursue any criminal investigations or freezing of funds” as Eisenburg has sent back the agreed portion of the exploited cryptocurrency.
However, Bacina said it’s “unlikely” that Eisenburg would be released from all liability, even from those that voted for the proposal, given the wording of the proposal are “weak," commenting:
“The wording of the proposal is weak and the circumstances are such that the offer of a release are questionable.”
That being said, Bacina said there might be a “limited commercial incentive” to sue Eisenburg as any legal claims would be reduced by the amount a member received due to the proposal.
“Assuming claims survive the proposal, any claims would still need to be reduced by any amounts which had been received by a member as a result of the proposal, which may mean many members have limited commercial incentive to sue Mr Eisenberg,” he explained.
Related Wintermute repays $92M TrueFi loan on time despite suffering $160M hack
Part of the $67 million worth of crypto returned to the platform will now be used to reimburse affected users under the reimbursement plan approved by the DAO.
Eisenberg maintains the exploited crypto he returned is similar to automatic deleveraging on cryptocurrency exchanges where a portion of profits from profitable traders is recovered to cover losses by the exchange.
Cointelegraph contacted Eisenberg for comment but did not immediately receive a response.
The ethical exploiter thanked Arbitrium for the 400 ETH payday, but said such a find should be eligible for the max bounty of nearly 1,500 ETH, or $2 million.
A self-described white hat hacker has uncovered a “multi-million dollar vulnerability” in the bridge linking Ethereum and Arbitrum Nitro and received a 400 Ether (ETH) bounty for their find.
Known as riptide on Twitter, the hacker described the exploit as the use of an initializing function to set their own bridge address, which would hijack all incoming ETH deposits from those trying to bridge funds from Ethereum to Arbitrum Nitro.
Riptide explained the exploit in a Medium post on Sept. 20:
“We could either selectively target large ETH deposits to remain undetected for a longer period of time, siphon up every single deposit that comes through the bridge, or wait and just front-run the next massive ETH deposit.”
The hack could have potentially netted tens or even hundreds of millions worth of ETH, as the largest deposit riptide recorded in the inbox was 168,000 ETH worth over $225 million, and typical deposits ranged from 1000 to 5000 ETH in a 24-hour period, worth between $1.34 to $6.7 million.
Despite the earning potential from the ill-gotten gains, riptide was thankful that the “extremely based Arbitrum team” provided a 400 ETH bounty, worth over $536,500, however they added later on Twitter that such a find “should be eligible for a max bounty,” which is worth $2 million.
No big deal just bridging a cool $470mm through the same Inbox contract
— riptide (@0xriptide) September 20, 2022
Definitely should be eligible for a max bounty
https://t.co/w7S58QNQZu
Neither Arbitrum nor its creator company OffChain Labs have publicly commented on the exploit, Cointelegraph contacted OffChain Labs for comment but did not immediately hear back.
Related: ETHW confirms contract vulnerability exploit, dismisses replay attack claims
Arbitrum is a layer-2 Optimistic Rollup solution for Ethereum, clustering batches of transactions before submitting it to the Ethereum network in an effort to minimize network congestion and save on fees. Arbitrum Nitro launched on Aug. 31st, an upgrade aimed to simplify communication between Arbitrum and Ethereum as well as increasing its transaction throughput at lower fees.
Similar style bridge hacks have been successful for exploiters this year, notably the $100 million stolen from the Horizon Bridge in June and the recent Nomad token bridge incident in August which saw $190 million drained by the original and “copycat” hackers repeating the exploit.
Besides fake ETH 2.0 tokens and malicious token airdrops, crypto users should also be on the lookout for staking pools offering attractive staking yields.
Scammers are likely to use excitement around the Ethereum Merge to launch new scams aimed at newbie crypto users, PolySwam CEO Steve Bassi has warned.
The Ethereum Merge is expected to take place within the next 24 hours.
Speaking to Cointelegraph, Steve Bassi, founder, and CEO of PolySwarm said these scams could come in the form of fake ETH 2.0 tokens, fraudulent mining pools, and fake airdrops.
PolySwam is a decentralized cybersecurity marketplace that connects cybersecurity experts to projects and companies through the use of bounties.
The Ethereum upgrade marks the transition from the current proof-of-work (PoW) consensus mechanism to proof-of-stake (PoS).
Bassi said that for many Ether (ETH) holders, joining a staking pool will be their only way of reaping yield from staking rewards if they don’t have the 32 ETH required to become an independent validator.
“Staking is a pretty new concept for most of the crypto community and unless you’ve got 32 ETH lying around you’re going to have to join one of the staking pools to make a yield off your ETH.”
Bassi however warned that pooled staking providers “carry their own risk” as it often requires users to deposit and give up control of their ETH.
Bassi said that upstart staking providers, which “may offer very attractive terms” could perform “sudden rug pulls” that would affect those participating in the pool.
“This risk exists today with DeFi platforms/pools and tokens, but the Merge will give scammers a new character universe to work with.”
One of the more imminent threats involves scammers attempting to trick users into signing fraudulent transactions or parting with their private keys under the guise of migrating to the new Ethereum chain.
Bassi reiterated that the upgrade to proof-of-stake should be transparent, and a user should not need to do anything to migrate or preserve their ETH-based tokens, noting:
“We’ll likely see scammers try to get users to sign fraudulent transactions and/or leak private keys based on some false pretense that the user needs to do something to migrate chains.”
Another likely attack vector will come in the form of “fake airdrops,” added Bassi — convincing users to sign transaction messages or visit phishing sites in order to receive a bogus airdrop.
“The ETH Merge will be a good excuse for these scammers to masquerade as well-known, economically valuable, projects promising airdrops.”
“Those airdrops will likely redirect users to a phishing site where they may be fleeced out of their ETH, private keys, and/or crafted transaction signing attempts.”
The Ethereum Foundation has called the upcoming Merge the “most significant upgrade in the history of Ethereum” and has urged users to be on “high alert” for scams trying to take advantage of users during the transition. It has repeatedly warned there is no such thing as an ETH2 or ETH 2.0 coin.
Related: Vitalik Buterin impersonators ramp up ETH phishing ahead of The Merge
The upgrade is expected by most onlookers to be a success, given the experience in the previous testnets, however, Bassi said there could still be a chance that scammers or hackers have found a way to game the system.
“We don’t really know if a group of scammers/hackers out there has already developed an attack or DDoS technique against the chain which can be used post-Merge when ETH 2.0 has the full economic value of ETH 1.0 moved over.”
“If there were such an attack it's likely to only temporarily affect the chain and, possibly, the market as there a lot of smart eyes watching behavior post-Merge. However, an attacker will likely be looking for the opportunity to monetize any discoveries.”
Bad actors have reportedly compromised the servers of a Bitcoin (BTC) ATM manufacturer, enabling them to redirect crypto assets to their own wallets. According to a new report by BleepingComputer, crypto ATMs owned by General Bytes have been exploited by hackers who remotely created an admin user account for the company’s Crypto Application Server (CAS). […]
The post Bitcoin ATM Company Targeted by Hackers Exploiting Zero-Day Bug: Report appeared first on The Daily Hodl.
“There is no doubt that there are many more crimes to be discovered in your trail of destruction,” hacktivist group Anonymous said on its YouTube channel.
Hacktivist group Anonymous has pledged to “make sure” Terra co-founder Do Kwon is “brought to justice as soon as possible” in regards to the collapse of the Terra (LUNA) and TerraUSD (UST) ecosystems in May.
On Sunday, a video purportedly coming from the Anonymous hacker group rehashed a laundry list of Kwon’s alleged wrongdoings, including cashing out $80 million each month from Luna and TerraUSD prior to its collapse as well as his role in the fall of stable coin Basis Cash, for which Do Kwon allegedly co-created under the pseudonym “Rick Sanchez” in late 2020.
“Do Kwon, if you are listening, sadly, there is nothing that can be done to reverse the damage that you have done. At this point, the only thing that we can do is hold you accountable and make sure that you are brought to justice as soon as possible.”
The hacker group said it would be looking into Do Kwon’s actions since he entered the crypto space to expose his alleged crimes.
“Anonymous is looking into Do Kwon’s entire history since he entered the crypto space to see what we can learn and bring to light,” the group stated.
“There is no doubt that there are many more crimes to be discovered in your trail of destruction.”
The hacker group also criticized Kwon for his “arrogant tactics” in trolling competitors and critics and “acting like he would never fail.”
Originating in 2003 on 4chan, Anonymous is a decentralized international activist collective known for orchestrating cyber attacks against government institutions, agencies, private corporations, and even the Church of Scientology.
In June 2021, the same YouTube channel took aim at Tesla CEO Elon Musk for allegedly “destroying lives” using his clout and influence on Twitter to play with the crypto markets. The video has around 3.4 million views as of today.
It is worth noting that there are multiple YouTube channels that either claim to be affiliated with the hacker group Anonymous. However, there is a general consensus that there is no official YouTube channel for the group, given its inherent decentralized and anonymous nature.
Commenters of the YouTube video and the community on Twitter appeared to be broadly supportive of the hacker group’s pledge to go after Kwon, with one commenter calling Anonymous the “Robinhood of today.”
However, the video message garnered more skepticism on the r/CryptoCurrency subreddit, with users criticizing the hacker group for issuing an empty threat against Kwon and providing no new information to the public, with one commenter saying:
“Anonymous is so teen bop now [...] This anon video is so non-threatening it's almost bizarre.”
While another said, “would expect them to have uncovered something but its nothing more than, well nothing.”
It appears that, for now, Kwon will likely have bigger, more tangible threats to worry about.
Terraform Labs, for which Do Kwon is the co-founder, is currently under multiple investigations from the South Korean authorities, including the alleged embezzlement of Bitcoin (BTC) from the company’s treasury.
Related: South Korean prosecutors ban Terraform Labs employees from exiting the country: Report
In May, a famous financial crimes investigation unit dubbed the “Grim Reapers of Yeouido” was revived by South Korea to investigate the collapse of Terra. The team consists of various regulators and will focus on prosecuting fraud and illegal trading schemes.
Later that month, Korean authorities subpoenaed all Terraform Labs employees to investigate any internal role in market manipulation.
The company has also been fined $78 million by South Korea’s national tax agency for tax evasion charges.
“We didn’t make money, but we definitely made new friends," said Lavar Sanders, who originally purchased the Bitcoin in 2016.
Joe Grand, a computer engineer and hardware hacker known by many for recovering crypto from hard-to-reach places, spent hours breaking into a phone only to find a fraction of a Bitcoin.
In a YouTube video released on Thursday, Grand traveled from Portland to Seattle in an effort to potentially recover “millions of dollars” in Bitcoin (BTC) from a Samsung Galaxy SIII phone owned by Lavar Sanders, a local bus operator. Sanders originally purchased the BTC in July 2016 in a “super sketchy” way, paying a person at a cafe and storing the crypto in a wallet on the phone before putting it in storage and losing track of the device.
After finding the phone in 2021, Sanders couldn’t recall the swipe password, but remembered setting up the option of erasing the data if too many incorrect attempts were made. He and a friend connected with Grand after discovering his YouTube videos, allowing the white hat hacker to make several attempts to get into the phone’s memory and recover the crypto.
Following some micro soldering, downloading the memory and discovering the Samsung’s swipe pattern for access — which turned out to be the letter “L” — Sanders opened his MyCelium Bitcoin wallet and discovered only 0.00300861 BTC — worth $105 USD at the time, down to roughly $63 USD at the time of publication. Grand was later able to determine the bus operator purchased $400 worth of BTC in 2016, most of which went to a crypto mixing service called BitBlender, which was shut down in 2019.
“I’m a little devastated,” said Sanders. “We didn’t make money, but we definitely made new friends.”
Related: Engineer hacks Trezor wallet, recovers $2M in 'lost' crypto
Many crypto users have been locked out of their wallets or otherwise lost access to physical devices holding BTC over the years — one of the most famous examples being a Welsh man who in 2013 threw out a hard drive containing 7,500 Bitcoins, now worth more than $150 million. However, many hackers and engineers specializing in crypto recovery services have appeared in response.