黑客攻击

Bybit's stolen funds tracking is difficult, more than a quarter are untraceable

According to the latest news, the North Korean Lazarus hacker group stole $1.4 billion worth of cryptocurrency from the Bybit exchange, and the whereabouts of most of the funds are now difficult to trace.

Bybit CEO Ben Zhou revealed in a tweet on X that about 27.59% of the funds are untraceable, mainly due to the hackers using cryptocurrency mixers and decentralized services to obscure the flow of funds.

Although 68.57% of the funds are still traceable, only 3.84% of the funds have been successfully frozen. The hackers primarily used Wasabi Mixer for money laundering and further dispersed funds through CryptoMixer, Tornado Cash, and Railgun.

Additionally, the attackers utilized multiple decentralized cross-chain trading platforms to transfer assets and exchanged them for fiat currency through peer-to-peer (P2P) and over-the-counter (OTC) transactions to prevent tracking.

Data shows that currently about 84.45% of the stolen assets have been converted to Bitcoin through Thorchain, with a value of approximately $960 million spread across nearly 36,000 wallets, including 342,975 ETH converted into 10,003 BTC. Despite extensive monitoring by the exchange, only a small portion of the stolen assets remains on the Ethereum blockchain.

To address these vulnerabilities, Bybit's Lazarus Bounty program has received a total of 5,443 bounty reports in the past 60 days, but only 70 of them could be verified. Zhou emphasized that more bounty hunters capable of cracking mixer transactions are needed, while the future of tracking dark coin transaction flows will depend on large-scale collaborative efforts.

Conclusion:

In the current situation, mixers have become a key link in the money laundering chain for hackers, and their anonymization features are being systematically abused by criminals.

Faced with increasingly complex cryptocurrency crime techniques, exchanges must improve cross-chain fund tracking systems to achieve real-time alerts for suspicious transactions; they must also promote the establishment of anti-money laundering standards in the industry and create a threat intelligence sharing mechanism.

However, this collaborative defense system has already become a key barrier to curbing cryptocurrency crime. Finally, do you think such cross-border hacker attacks can be effectively curtailed in the future?

#加密货币 #Bybit #黑客攻击 #资金追踪

🚨DMM Bitcoin: "Paying" for hackers, the market actually "calmly" accepted a large order of 4,500 BTC? ! 🤣
Japanese DMM Bitcoin has a big move!
After being "visited" by hackers, it actually decided to spend $320 million to buy 4,500 BTC in one go. This hand speed is even better than Bitcoin miners! 🤑
Bitcoin market: Huh? This deal is interesting, wait and see... 🤔
Hackers: WTF? You made the money back just like that? Continue next time! 😜
FSA: You have the ability to "pay"! Bring the report and review it carefully! 🔍
Netizens: This operation is 666, has DMM Bitcoin become a "Bitcoin philanthropist"? 😂
Cryptocurrency circle: This wave of operations has added a new joke to the industry! 😄
#DMM比特币 #黑客攻击 #比特币市场 #加密货币 #BTC走势分析

#黑客攻击
Big news today! WazirX was hacked, losing more than $235 million!
According to Arkham Intelligence, the cryptocurrency exchange fell prey to hackers today. The addresses involved have been published, and Arkham has even issued a bounty for help tracking down the attacker.
Bounty content: Identify the attacker's deposit records on centralized exchanges, reveal the attacker's identity, or help recover funds. Reward: 1000 ARKM (about $1640), all information will be shared with the WazirX team.
What do you think of this attack?
Do you think the bounty can effectively help recover funds? Are hacker attacks becoming more and more frequent in the cryptocurrency field?

Everyone pay more attention, making money is important, but safety is more important, #黑客攻击 #黑客入侵

The most incredible hacking incident I have seen since I entered the circle for so many years

Just saw a friend expose a theft incident. The hacker directly used the social engineering data he bought to make a fake ID card, and then used AI to generate a fake head portrait video, deceived Okx's manual review, reset all the verification information, and stole more than 3 million dollars!

This is simply incredible, just like the plot in the movie, too f*cking scary😱

The victim should have a lot of information leaked, KYC information, account ID, email, etc., have all been leaked.

The only way to deal with it now is to protect your privacy and try not to show off your wealth in a high-profile manner. After all, it is not easy to make money in all walks of life this year, and the hostility is very strong. As long as I look like a poor guy, the hacker will be too lazy to make a fake ID for me, right?

BTW, I also have to remind all exchanges that in the future, sensitive operations such as password retrieval and 2FA reset must be added with KYC-like facial recognition, and manual review is not allowed.

#黑客攻击 #AI板块强势进击 #黑客入侵

【Shocked! Scroll Ecological Lending Platform Rho Markets is suspected to have been hacked! 💥】
🛑 Just now, Scroll Ecological Lending Platform Rho Markets issued an emergency announcement on the X platform: "We have detected abnormal activities on the platform and are currently investigating. During this period, we will suspend the platform and keep the community informed of the progress of the investigation. After everything returns to normal, the platform function will be enabled again."
🔍 Everyone, if you have recently operated on Rho Markets, please pay attention to the security of your assets! Hacker attacks are really hard to prevent, so everyone should be more careful and stay alert.
🔒 I hope Rho Markets can find out the cause as soon as possible and resume normal operations. At the same time, it also reminds other platforms to improve security measures to protect the safety of user assets. We will also continue to pay attention to the progress of the incident and update the latest news in a timely manner.
#WazirX黑客事件 #scroll #黑客攻击 #以太坊ETF批准预期 #资产安全 $BTC $ETH $BNB

$BNX #黑客攻击 #庄家操控市场 b nx caused btc to break 80k, 🐶 the whale manipulated, hacker attack, delisted on the 18th, everyone go long

🚨Emergency Alert: Indodax, Indonesia's largest exchange, suffered a hacker attack

Indodax, Indonesia's largest centralized exchange, was hacked, with losses of up to $18.2 million. The news shocked the entire industry!

The incident occurred on September 11, when security company Cyvers Alerts discovered suspicious transactions in the Indodax wallet and immediately issued an alert. The report showed that hackers had exchanged $14.4 million in tokens for Ethereum and were rapidly transferring assets.

Cyvers Alerts also found that more than 150 suspicious transactions caused Indodax to lose $18.2 million, and called on Indodax to respond quickly to reduce losses.

At the same time, PeckShield also monitored a large outflow of funds from Indodax, with an estimated $15.7 million in cryptocurrency stolen. These funds include tokens on Ethereum, Polygon, and Optimism.

Subsequently, the Indodax team quickly acknowledged the security breach and announced a suspension of services for maintenance to ensure the integrity of the platform. "We are undergoing full maintenance, during which our network and application will be temporarily inaccessible," they posted on social media X.

Despite the ongoing attack, Indodax assured users that their funds are safe. They thanked users for their patience and trust, and stressed that this maintenance is essential to ensure the security of transactions.

Indodax, formerly known as Bitcoin Indonesia, was founded by Oscar Darmawan and William Sutanto in 2014 and has become a major player in the Southeast Asian market, supporting the trading of more than 160 cryptocurrencies.

This attack is a reminder that cryptocurrency exchanges need to continuously strengthen security measures to protect user assets from threats. We also hope that Indodax can resolve this issue as soon as possible and recover from it.

💬 What do you think about this cryptocurrency exchange being funded? In cryptocurrency investment, how do you protect your crypto assets and improve wallet security? Share your views in the comments section!

#Indodax #加密货币交易所 #黑客攻击 #安全警报 #加密货币安全

The cryptocurrency industry is deeply entrenched in security dilemmas, ZachXBT addresses the challenges of hacking and money laundering

Blockchain investigator ZachXBT bluntly states that the cryptocurrency industry is overwhelmed in dealing with hacking and money laundering issues.

After participating in freezing funds involved in the recent Bybit hacker attack, he expressed deep concern about the state of the industry, feeling despair over the security measures and incident responses of both centralized and decentralized services.

When discussing 'systemic failures,' ZachXBT pointed out that the fundamental flaws of decentralized and centralized platforms lead to numerous security vulnerabilities. Some 'decentralized protocols' have nearly all their transaction volume and revenue coming from illegal actors like North Korea, yet these platforms do not take responsibility for facilitating illegal financial activities.

Centralized exchanges are slow to respond to verified threat intelligence, with stolen assets being laundered within minutes. At the same time, 'Know Your Transaction' (KYT) solutions are often easily circumvented, and 'Know Your Customer' (KYC) measures fail due to data breaches and account trading inefficiencies. This further highlights the security vulnerabilities in the crypto industry and the lack of financial regulation.

When discussing 'barriers to effective solutions,' ZachXBT acknowledged the risks of excessive government intervention but also questioned whether the industry can effectively self-regulate. He noted that large exchanges lack a quick response mechanism when facing hacking attacks, provide insufficient support to victims, and are known for trying to evade responsibility and refusing to return stolen funds.

Meanwhile, centralized stablecoin issuers do not ban addresses directly associated with major hacking events, allowing wrongdoers to continue evading justice, even though compliance tools used by large companies like Coinbase and Circle cannot regularly identify illegal activities.

Even some decentralized protocols, with most of their transaction volume coming from illegal channels, have not reassessed their own designs, and new blockchain networks and cross-chain bridges similarly neglect fundamental analysis and security safeguards.

Furthermore, over-the-counter trading clusters operating on Tron are almost entirely outside of regulatory oversight, resulting in a continuous flow of illegal funds and transactions, with wrongdoers maintaining the upper hand in this contest.

What do you think the cryptocurrency industry should do to address these security dilemmas? Is stricter regulation needed, or does the industry itself need to make more efforts?

#加密货币安全 #黑客攻击 #洗钱问题 #行业监管

Hackers reach out to exchanges, who will protect the safety of funds?

An exchange was heavily scammed by hackers, losing a significant amount of money, but their withdrawal service didn't stop!

This incident happened on Friday morning, and the head of the exchange, Ben Zhou, exploded live on air, saying that they were scammed out of a huge sum of money in just two hours. Withdrawal requests piled up like a mountain, but they still gritted their teeth and worked overtime to ensure everyone could withdraw their money; the withdrawal service absolutely cannot be interrupted!

Look at the data from Coingecko, the trading volume of this exchange has skyrocketed, almost doubling, as everyone rushed to trade after hearing the news.

Ben Zhou also said they were considering bridge loans so they wouldn't have to buy coins on the market and could directly fund accounts, minimizing the impact on other users.

But how exactly did the hackers steal the money? They are also at a loss. They speculate that the hackers might have hacked into all the signers' computers. You know, for a wallet managed by multiple people, it requires several approvals to execute a transaction. Also, the Ethereum wallet brand they used might have caught the hackers' attention.

However, this is all speculation; Ben Zhou didn't blame anyone since even the best servers can be compromised by hackers. But the exchange’s security team stated on Twitter that they found no evidence indicating that the official system was hacked.

Moreover, Ben Zhou wrote that even if the police assist, the stolen money might not be recoverable. However, this money is only a small part of the total assets they manage.
This incident is truly alarming, but it also shows that this exchange's responsiveness is impressive!

In the upcoming bull market, I will lead everyone to aim for explosive opportunities in altcoins, with an expected potential of over 10 times, no problem at all. Like + comment, and I’ll take you through the entire bull market!

#黑客攻击 #ETH🔥🔥🔥🔥🔥🔥

😓Ordinary users really shouldn’t go to the chain, other institutions can’t handle it, and it would be strange if individuals don’t get hacked.

100X community news:
Ronin Lianchuang Jihoz's personal account was stolen, emphasizing that the company's operations and security have not been affected

On February 23, Jihoz, the co-founder of Ronin Chain, announced that two of his personal addresses had been subject to security attacks. Jihoz emphasized that the attack was limited to his personal account and had nothing to do with the verification or operational activities of the Ronin chain. At the same time, the leaked keys have no connection to the operations of Sky Mavis. Jihoz assured the community that strict security measures are in place for all on-chain activities. BlockBeats previously reported that in response to the security company Ancilia’s claim that Ronin was suspected of having its private key leaked and more than 2,790 ETH was mixed into Tornado Cash, Ronin co-founder Psycheout said that there is no problem with Ronin and Bridge. This was just a whale wallet stolen and passed through Tornado. Cash wanders away.

#黑客攻击 #黑客 #RONIN $BTC $SOL

LI FI officials said that 4 new security vulnerabilities have been discovered and urged all users to revoke website authorization immediately. All user funds that interact with the LI FI protocol are now at risk. The current loss has expanded to $10 million. It is best to check it if you have used web3 wallets to operate cross-chain before.

One-click check authorization address: https://revoke.cash/zh/exploits/lifi-2024?chainId=1

#黑客攻击 #跨链

🧑‍💻 Canadian hacker indicted by U.S. prosecutors, accused of stealing $65 million in cryptocurrency

Recently, a Canadian hacker named Andean Medjedovic was indicted by a U.S. federal court, accused of stealing approximately $6.5 million in cryptocurrency from two decentralized finance platforms, one called Indexed Finance and the other called KyberSwap.

This 22-year-old hacker reportedly manipulated smart contracts from 2021 to 2023, causing the protocols to miscalculate financial data, then extracted funds at a low price, resulting in significant losses for investors.

Prosecutors stated that Medjedovic attempted to hide his illegal gains through various means, including digital asset exchanges, bridge transactions, and cryptocurrency mixers for money laundering. U.S. prosecutor John J. Durham described this as a "highly sophisticated scheme" that utilized two decentralized finance protocols to steal tens of millions of dollars worth of cryptocurrency from investors.

If convicted, Medjedovic could face up to 10 years in prison for computer damage, with other four charges carrying a maximum of 20 years. This Canadian has been on the run since stealing funds from Indexed Finance in 2021. He has defended himself online with the argument of "code is law," claiming that these actions were legal.

Meanwhile, during several months in 2023, KyberSwap lost approximately $5 million in cryptocurrency. Blockchain investigators linked the incident to the wallet of this 22-year-old man, which later transferred $2 million to another wallet also associated with him. Prosecutors stated that after exploiting vulnerabilities, he attempted to transfer the stolen cryptocurrency to Ethereum but was blocked by developers. Allegedly, he felt frustrated and contacted customer service, asking them to handle the transaction.

Laurence Day, co-founder of Indexed Finance, stated that the arrest of the suspect would not bring much comfort to the victims. Most of the stolen cryptocurrency was later taken in another hacking incident, complicating recovery efforts.

In summary, this matter is quite complex, and it involves a lengthy process of recovering related assets! Do you think this hacker's "code is law" defense holds water? See you in the comments!

#加密货币 #黑客攻击 #法律辩护

Sure enough, the greatest heroes serve their country and their people! I don't believe that North Korea, where Internet access is strictly monitored, has nothing to do with the above.

100X community news:
Chainalysis: North Korean hacker group Lazarus Group turns to new mixer YoMix

On February 16, the Chainalysis report showed that the North Korean hacker group Lazarus Group is turning to new money laundering techniques and increasingly using cross-chain bridges. Previously, the organization was an active user of the Tornado Cash mixer protocol and the Sinbad mixer, but now it has turned to a new mixer called YoMix. The cross-chain protocol received $743.8 million worth of cryptocurrency from crime-related addresses in 2023, twice the $312.2 million in 2022. In addition, throughout 2023, blockchain wallets associated with illegal activities sent $22.2 billion worth of cryptocurrency to various platforms and services, significantly lower than $31.5 billion in 2022.

#黑客攻击 $BTC