exploit
Analyst Honored for Exposing South Korean Dark Web Crypto Child Pornography and Blackmail Site
Criminal analyst, Kim Reece, has been named as a finalist for the Samuel J. Heyman Service to America Medal for her role in the takedown of the South Korean ‘Nth Room’ child pornography chat rooms hosting the content of Welcome to Video blackmail sex and exploitation site.
EARN IT Act Introduced in US House of Representatives, Critics View It as Threat—What This Means for Crypto
Despite being perceived as an “anti-security bill” by many, the EARN IT Act has made its way to the US House of Representatives and currently awaits approval.
US Senate Introduces DEFIANCE Act to Combat AI-Generated Nonconsensual Deepfakes
The US Senate has proposed the DEFIANCE Act in response to the increasing spread of AI-created, nonconsensual explicit imagery, exemplified by recent deepfake incidents involving Taylor Swift. This bill aims to provide legal recourse for victims and criminalize the production and distribution of such content.
Significant Crypto Hacks in December 2023, with Orbit Bridge Exploit Leading the Surge
In December 2023, a significant increase in crypto thefts was triggered by an $81.5 million attack on Orbit Bridge, marking one of the largest attacks on cross-chain bridges in recent years.
Hedera Mainnet Exploited, Leading to Theft of Liquidity Pool Tokens
Hedera Hashgraph has confirmed a smart contract exploit on its mainnet, resulting in the theft of liquidity pool tokens from decentralized exchanges (DEXs) that use code derived from Uniswap v2 on Ethereum. The suspicious activity was detected when the attacker attempted to move the stolen tokens across the Hashport bridge, leading operators to temporarily pause the bridge. The exact amount of tokens stolen is unknown, and the Hedera team is working on a solution to remove the vulnerability.
DeFi Suffers $21M in Losses from Exploits
Decentralized finance (DeFi) platforms lost at least $21 million in February due to a series of exploits including flash loan reentrancy attacks, price oracle attacks, and other hacks across seven protocols. Noteworthy incidents included the reentrancy attacks on Platypus Finance and dForce network, the price oracle attack on BonqDAO, and the smart contract exploit on Hope Finance. These incidents follow a report by Chainalysis revealing that DeFi platforms lost $3.1 billion to hacks in 2022.
Platypus Finance Suffers Exploit Resulting in Over $2M Loss
Platypus Finance, a DeFi protocol on the Avalanche blockchain, suffered an exploit on 12th October 2023, leading to a loss of over $2 million. The protocol had temporarily suspended all pools due to suspicious activities and is working towards resolving the issue. Blockchain security firm PeckShield Inc identified and disclosed the exploit, underscoring the need for enhanced security measures in the DeFi space.
MetaMask Denies Involvement in Massive Wallet-Draining Exploit
MetaMask has denied claims that its wallet was exploited in a recent massive wallet-draining operation that resulted in the loss of over 5,000 ETH. The company has confirmed that the funds were stolen from various addresses across 11 blockchains, and that the exploit was not specific to MetaMask.
Fantom's Evolution: From Technical Innovations to Ecosystem Expansion
Fantom continues to innovate despite facing challenges in its DeFi ecosystem. With planned technical upgrades and a focus on growing its developer community, the network aims for a robust and diversified blockchain ecosystem.
MyAlgo warns users of ongoing wallet exploit
MyAlgo, a wallet provider for the Algorand network, has warned users to withdraw funds from wallets created with a seed phrase due to an ongoing exploit. The company is uncertain about the cause of recent wallet hacks and advises everyone to take precautionary measures. The exploit is suspected to have stolen over $9.2 million worth of funds, with around 25 accounts affected.
Suspected Hackers Move Stolen Funds to Sanctioned Crypto Mixer
The suspected hackers behind the $6 million exploit of Lendhub have moved more than half of their ill-gotten gains to the sanctioned crypto mixer Tornado Cash. The on-chain intelligence firm Beosin reported that a total of 3,515.4 ETH, currently worth over $5.7 million, has been sent to Tornado Cash by the exploiter since Jan. 13. Tornado Cash attempts to anonymize Ethereum transactions, and was sanctioned by the US Office of Foreign Assets Control (OFAC) for its alleged role in the laundering of crime proceeds.
Visa Reports Record-Breaking Cryptocurrency Thefts in 2022
Visa's biannual threat report reveals that over $3 billion was stolen in cryptocurrency thefts in 2022, with token bridges being a common target. The report also details a phishing campaign targeting crypto exchanges.
U.S. Moves to Combat Deepfake Pornography with the Preventing Deepfakes of Intimate Images Act
Representative Joe Morelle introduces the Preventing Deepfakes of Intimate Images Act, a bipartisan legislation criminalizing the creation and distribution of non-consensual deepfake pornography, primarily affecting women and girls.
Ethereum Foundation Suffered from MEV Bot Attack in Eth Selling
The Ethereum Foundation suffered a Sandwich attack by an MEV Bot during a 1.7k ETH transaction on Uniswap V3, resulting in a $9,101 loss. The incident spotlights the rising menace of MEV exploits and underlines the necessity for enhanced security protocols in blockchain transactions.
Unidentified Exploit Steals Over $10.5 Million in NFTs and Coins
An unidentified exploit has drained over $10.5 million in NFTs and coins from experienced crypto community members since December 2022. The exploit targets keys created from 2014 to 2022 and those who are "crypto native," with multiple addresses and work within the space. Crypto veterans are advised to use a hardware wallet or migrate their funds to safeguard their digital assets.
Allbridge Recovers $465,000 Stolen in Crypto Exploit
Allbridge has recovered $465,000 worth of cryptocurrency stolen in a recent exploit, after the attacker apparently took the project's offer for a white hat bounty and returned the funds. The stolen funds were converted to Binance USD and used as compensation. Allbridge had previously offered the attacker a chance to escape legal repercussions and receive a bounty for finding vulnerabilities. The project has yet to publicly disclose the total amount stolen but blockchain security firms estimate it to be close to $550,000.
Exploit of KyberSwap's Concentrated Liquidity Feature Results in $46 Million Loss
KyberSwap suffered a $46 million loss due to a flaw in its smart contract, highlighting vulnerabilities in DeFi smart contracts and the need for improved security protocols.
Crypto Hacks and Scams on the Rise
Over $103 million was lost to crypto exploits, scams, and hacks in April, with the total loss for the year reaching $429.7 million. Major hacks included Bitrue exchange and South Korean GDAC exchange, and flash loan attacks took around $20 million. Exit scams saw a loss of $9.4 million.
Jump Crypto Recovers $140 Million Worth of Tokens from Wormhole Hack
Jump Crypto and Oasis recover $140m from Wormhole hack, showcasing importance of collaboration and innovation in fighting crypto hacks.
SEC Alleges Fraud Against SafeMoon Amidst System Flaw Exploit
The US SEC has accused decentralized finance project SafeMoon of fraud following a system flaw in March that resulted in a loss of 8.9 million BNB. The breach was linked to a vulnerability in SafeMoon's smart contract, allowing malicious transfers of 32 billion SFM tokens. Insider involvement is suspected.
Crypto Hacks in Q1 2023
In Q1 2023, hackers accessed over $320 million through 139 incidents on BNB Chain and losses of $221 million on Ethereum. While significantly lower than Q1 and Q4 2022, the quarter saw hundreds of millions lost, with 60% due to the Euler Finance hack. However, funds were recovered through negotiations with hackers, a trend increasingly common in the industry.
Fantom Foundation Wallets Compromised in Suspected Chrome Exploit
Fantom Foundation's wallets were reportedly compromised with a suspected Google Chrome zero-day exploit. While the breach resulted in a loss of $550K from the Foundation's funds, over 99% of their assets remain secure. The attacker demonstrated expertise in the DeFi ecosystem, with total gains estimated at $6.7 million.
KyberSwap's Response to $48.8 Million Hack: Workforce Halved and Victim Reimbursement Plans
KyberSwap, after a $48.8M hack, has halved its workforce and launched a reimbursement plan for affected users, showcasing the resilience of DeFi.
DOJ Wants to Bypass End-to-End Encryption to Fight Child Sexual Exploitation – Cause for Concern for Tech?
US government officials want to bypass encryption on websites, under allegations that child sexual exploitation runs unmonitored on strongly encrypted platforms.
World Economic Forum Wants to Eradicate Abusive Sexually Violent Internet Content with Blockchain
The World Economic Forum (WEF) views blockchain technology as a turning point in addressing the internet of abusive imagery associated with social ills like sexual violence.
NFT Exploits Need A Countermeasure And Unique Certification May Be The Answer
NFT Exploits Need A Countermeasure And Unique Certification May Be The Answer
South Korean Court Apprehends Crypto Assets of “Nth Room” Ringleader
A South Korean court has frozen 15 cryptocurrency wallets belonging to Cho Ju-bin, the orchestrator of the “Nth Rooms” scandal. It came to the limelight following a national outcry following the sexual exploitation of underage girls by Cho Ju-bin and his team who was named and paraded through the Korean streets to face the public in March.
Ripple and Chainalysis to Discuss How Crypto for Crime and Child Exploitation Can Be Prevented
An illicit way in which cryptocurrencies have been used in the digital age has been to drive the distribution of child sexual abuse material (CSAM).
Transit Swap Losts $21m on Code Bug Exploit, Hacker Returns 70% of Stolen Funds
Transit Swap, a decentralized exchange, lost $21 million because of a software bug. The bug could have been avoided if more thorough testing had been conducted before release.
FTX Users Lose Millions due to API Exploit
A new method of stealing crypto funds has rendered massive losses for FTX users.
OKEx Adds Ether Options to Help Crypto Traders Exploit Market Volatility
Cryptocurrency exchange OKEx announced that it is adding two new services to its platform. The Malta-based exchange launched its ETH (Ether) options contracts on June 4. The exchange also announced that it will launch the EOS/USD options on June 18. The company also stated that they have placed 1000 Ether in the Ether options insurance funds to prevent any possible clawback. The exchange is one of the largest cryptocurrency trading and derivative platforms.
Yearn.finance (YFI) Takes a Hit After Eminence Finance (EMN) Bug—Is this the End for DeFi?
Andre Cronje, the founder of Yearn.finance has recently deployed a series of new contracts relating to a new game called Eminence Finance.
Yearn.finance Announces Partnership With Cream and New Lending Project: Stable Credit
Yearn.finance founder Andre Cronje has recently published details of an upcoming integration with Cream, a DeFi lending protocol.
DeFi's Yearn.Finance Protocol Suffers $2.8 Million Flash Loan Attack
Yearn.Finance decentralized finance protocol suffered a $2.8 million loss after a flash loan attack, a scheme frequently seen in the fast-rising DeFi sector.
Ledger and Tezor Dismiss Rumor That Hackers Have Stolen Data from Popular Crypto Wallet Providers
Cybersecurity company “Under The Breach” has reported that a hacker is allegedly attempting to sell customer data that stems from firms like Ledger, Trezor, Keepkey, and even Bnktothefuture.
Pickle Finance DeFi Protocol Loses $19.7 Million In DAI Stablecoin in “Massive” Hack
Pickle Finance becomes the latest DeFi Protocol to suffer from hacking, losing almost $20 million in DAI stablecoin.
Is China Hacking Australia? Cryptojacking Cyberattacks Hit Hard Down Under
The Australian Cyber Security Center has published a report highlighting vulnerabilities that are being exploited by hackers using cryptojacking malware.