Decentralized finance (DeFi) protocol Platypus disclosed details of a recent $9.1 million exploit, alongside efforts to recover the funds, and a compensation plan for victims. In a Medium post on Feb. 23, the company revealed that a logic error in the USP solvency check mechanism within the collateral-holding contract was responsible for the three separate attacks carried out by the same exploiter. Stableswap's operations have not been affected, said Platypus. Since the attack, we've been working with security experts & stakeholders to recover lost funds, trace the hacker, and explore potential solutions to retrieve trapped funds. Here's an update on …
A fake website of the popular Ethereum Denver conference is the latest phishing target of a red-flagged smart contract that has stolen over $300,000 worth of Ether (ETH). The popular conference saw its website duplicated by hackers this week in order to trick users into connecting their MetaMask wallets. According to Blockfence, which identified the fraudulent website, the smart contract has accessed more than 2800 wallets and has stolen over $300,000 over the past six months. Another day, another scam. This time the scammer targeted the @EthereumDenver website. Blockfence is here to protect you and fight scammers together: The scam …
Cyber criminals used a variety of novel ways to carry out hacks and exploits in 2022, with over $2.8 billion of cryptocurrency stolen last year. According to a report from CoinGecko using data sourced from DeFiYield’s REKT Database, nearly half of the total crypto stolen in 2022 was fleeced using diverse methods. This includes bypassing verification processes, market manipulation, ‘crowd looting’ as well as smart contract and bridge exploits. The biggest hack of 2022 was carried out through an access control hack. Sky Mavis, the developer behind popular game Axie Infinity, saw its Ronin bridge hacked in March 2022, leading …
The International Criminal Police Organization (ICPO), a.k.a, Interpol, is investigating how it could police crimes in the metaverse. However, a top Interpol executive believes there are issues with defining a metaverse crime. Interpol’s intent to oversee criminal activities on the metaverse was revealed by secretary general Jurgen Stock, according to BBC. Stock highlighted the ability of “sophisticated and professional” criminals to adapt to new technological tools for committing crimes. The move for policing metaverse comes nearly four months after the international organization launched its own metaverse in October 2022, at the 90th Interpol General Assembly in New Delhi, India. During …
The research arm of cybersecurity software firm Check Point has flagged the Dingo Token (DINGO) as a “potential scam” after reportedly discovering a smart contract function that has been used to manipulate transaction fees. In a Feb. 3 blog post, Check Point Research (CPR) said it looked into the code behind the Dingo Smart Contract, discovering a backdoor function "setTaxFeePercent," which can change the contract's buy and sell fee up to 99%. This is despite the project’s whitepaper stating that there is only a 10% fee per transaction. According to CPR, this essentially allows the project’s owner to withdraw up …
In February 2022, OpenSea fell prey to a major phishing attack that resulted in over $1.7 million in nonfungible tokens (NFTs) being stolen from users. It wasn’t the only incident: Blockchain users reportedly lost $3.9 billion to fraudulent activity in 2022 alone. As we entered 2023, there was a chorus of promises to increase security within the crypto space. But, so far, things haven’t significantly changed. Companies that utilize blockchain still aren’t doing enough to prevent scams. If blockchain technology is going to see mass adoption, companies will have to change their approach from the bottom up. By focusing on …
A hacker dubbed the “Blockchain Bandit” has finally woken from a six-year slumber and has started to move their ill-gotten gains. According to Chainalysis, around $90 million in crypto pilfered from the attacker’s long-running string of “programmatic theft” since 2016 has started moving over the past week. This included 51,000 Ether (ETH) and 470 Bitcoin (BTC), worth around $90 million leaving the Bandit’s address for a new one, with Chainalysis noting: “We suspect that the bandit is moving their funds given the recent jump in prices." The hacker was dubbed the “Blockchain Bandit” due to being able to empty Ethereum …
Setting aside the criminal investigations of failed crypto businesses like FTX, Celsius, 3AC, Terra and others, 2022 set the record in illicit on-chain transactions. According to a yearly report published by Chainalysis on Jan. 12, the total cryptocurrency value received by illicit addresses reached $20.1 billion in the last year. The numbers aren’t final, as the measure of illicit transaction volume grows over time as the analysts identify new addresses associated with criminal activity. Moreover, it doesn’t include proceeds from non-crypto native crimes like drug trafficking and the funds on the balance of those failed companies, which are now under …
The United Kingdom’s National Crime Agency (NCA) is taking measures to increase its focus on cryptocurrency crimes and combat criminals. NCA’s cyber-focused command, the National Cyber Crime Unit (NCCU), is launching a dedicated cryptocurrency unit to investigate U.K. cyber incidents involving the use of cryptocurrencies like Bitcoin (BTC). Called “NCCU Crypto Cell,” the crypto-focused unit will initially contain five officers dedicated to "proactive cryptocurrency remit." “This is a really exciting opportunity which involves working in a team at the forefront of protecting the U.K. from cyber crime,” NCA infrastructure investigations director Chris Lewis-Evans told Cointelegraph. He added: “Cryptocurrency and virtual …
One of the original core developers behind Bitcoin (BTC), Luke Dashjr, claims to have lost “basically” all his BTC as a result of a hack that occurred just before the new year. In a Jan. 1 post on Twitter, the developer said the alleged hackers had somehow gained access to his PGP (Pretty Good Privacy) key, a common security method that uses two keys to gain access to encrypted information. In the thread, he shared a wallet address where some of the stolen BTC had been sent but did not reveal how much of his BTC was stolen in total. …
It’s hardly an exaggeration to say that our industry is facing tough times. We’ve been in the midst of a “crypto winter” for some time now, with the prices of mainstays, including Bitcoin (BTC) and Ether (ETH), tumbling. Likewise, monthly nonfungible token (NFT) trading volumes have fallen more than 90% since their multibillion dollar peak back in January of this year. Of course, these declines have only been exacerbated by the numerous black swan events rocking the crypto world, such as the FTX and Three Arrows Capital meltdowns. Taken together, it shouldn’t be a surprise that crypto is facing a …
Cryptocurrency mixing services are a divisive subject in the industry. Some advocate for the privacy-enabling features of these protocols while others maintain that they are mainly used for illicit means. For platforms like Tornado Cash, the mainstream verdict is “guilty as charged.” The infamous decentralized mixing protocol was sanctioned by the United States Office of Foreign Assets Control (OFAC) in August 2022, essentially making it illegal for anyone to make use of the service. Tornado Cash continues to be a contentious topic and one of its developers, Alexey Pertsev, controversially remains in detention in the Netherlands while investigators look to …