Hack
781,405 views
294 Discussing
Hot
Latest
⚰️ A single weak password ended up killing a 158-year-old company. When a ransomware gang was able to compromise the systems of KNP, a UK transport company, they demanded a ransom that the business couldn’t afford.
The company went under, taking 700 jobs with it. One badly-chosen password is all it took to let the hackers force their way in.
Think it couldn’t happen to you? So did one unlucky employee. Make sure your passwords are strong.
#Hack #CryptoNews
The company went under, taking 700 jobs with it. One badly-chosen password is all it took to let the hackers force their way in.
Think it couldn’t happen to you? So did one unlucky employee. Make sure your passwords are strong.
#Hack #CryptoNews
🚨 BREAKING: Rahul Agarwal Arrested in $44 Million Crypto Hack! 💸🕵️♂️
A CoinDCX software engineer has been caught in a massive insider job, draining $44M from the exchange’s internal wallet.
User funds remain safe, but the breach has shaken the Indian crypto scene.
👉 Stay sharp out there — not every threat comes from the outside.
#CryptoNews #CoinDCX #Hack #RahulAgarwal
A CoinDCX software engineer has been caught in a massive insider job, draining $44M from the exchange’s internal wallet.
User funds remain safe, but the breach has shaken the Indian crypto scene.
👉 Stay sharp out there — not every threat comes from the outside.
#CryptoNews #CoinDCX #Hack #RahulAgarwal
🚨 Scam Hack Alert! Fake Crypto Apps Target Millions 🚨
Cyber firm Check Point uncovered **Operation JSCEAL**—since March 2024, fake ads impersonating Binance, MetaMask, and Kraken have spread malware to unsuspecting users.
⚠️ How It Works:
- Ads lead to fake websites with infected software.
- Once installed, the malware steals:
- Passwords & seed phrases.
- Telegram data.
- Access to crypto wallets.
- Even modifies browser extensions (like MetaMask) to drain funds.
🌍 Victims: Over **10,000,000** users worldwide.
🔐 Stay Safe: Only download apps from **official stores!**
#Scam
#Hack
#Binance
#MetaMask
#Kraken
Cyber firm Check Point uncovered **Operation JSCEAL**—since March 2024, fake ads impersonating Binance, MetaMask, and Kraken have spread malware to unsuspecting users.
⚠️ How It Works:
- Ads lead to fake websites with infected software.
- Once installed, the malware steals:
- Passwords & seed phrases.
- Telegram data.
- Access to crypto wallets.
- Even modifies browser extensions (like MetaMask) to drain funds.
🌍 Victims: Over **10,000,000** users worldwide.
🔐 Stay Safe: Only download apps from **official stores!**
#Scam
#Hack
#Binance
#MetaMask
#Kraken
See original
In the last week, the WOO X platform suspended withdrawals after hackers stole around $14 million from nine user accounts. This incident adds to a series of attacks in July: CoinDCX lost $44 million and BigONE another $27 million. In all cases, the criminals exploited custody and access flaws, reinforcing an old lesson: leaving your sats on an exchange is like handing over the key to the vault to others.
Only Bitcoin is truly decentralized; but to enjoy that sovereignty you need to control your keys. Don't trust, verify. Use hardware wallets, multi-signatures, write down your seed offline, and practice 'not your keys, not your coins.' Do your own research (DYOR) and steer clear of promises of miraculous returns. Scams and hacks are real.
Have you thought about your custody strategy? Share in the comments the practices you use to protect your satoshis and help others take control of their own money. Together, we build the cypherpunk revolution
#bitcoin #custodia #cypherpunk #DYOR #hack
Only Bitcoin is truly decentralized; but to enjoy that sovereignty you need to control your keys. Don't trust, verify. Use hardware wallets, multi-signatures, write down your seed offline, and practice 'not your keys, not your coins.' Do your own research (DYOR) and steer clear of promises of miraculous returns. Scams and hacks are real.
Have you thought about your custody strategy? Share in the comments the practices you use to protect your satoshis and help others take control of their own money. Together, we build the cypherpunk revolution
#bitcoin #custodia #cypherpunk #DYOR #hack
See original
$WLD
I love this, I even compared it with other pairs and the impact of #hack which was not hacked according to updates turned out to have minimal impact.
Although the large entries were present
What do you think? #FOMO ? Strategy?
.
.
.
#beststrategy
$BTC
I love this, I even compared it with other pairs and the impact of #hack which was not hacked according to updates turned out to have minimal impact.
Although the large entries were present
What do you think? #FOMO ? Strategy?
.
.
.
#beststrategy
$BTC
See original
🔐 Is your crypto really safe? Or are you just "hoping"?
#Warning #Hack #CryptoSecurity #BlockchainNews #StaySafe
🚨 1 second of carelessness – lose your entire wallet!
The crypto market is not only volatile due to prices – but also because of organized, sophisticated hacks that spare no one.
👉 In just the first 6 months of 2025, over $2.1 billion has “evaporated” from exchanges, cold wallets, and blockchain bridges.
From giants like Bybit, CoinEx, Poloniex to the personal wallets of thousands of users – no one is immune.
💣 Why do you need to care RIGHT NOW?
- Hackers don’t need guns – they just need 1 API key error, 1 click on a spoofed link.
- Has your smart contract been audited? It can still be attacked by social engineering.
- Cold wallet? Safe... until you connect it the wrong way.
📉 After each major hack, it’s not just money that is lost. There’s also:
• Community trust
• The reputation of the entire ecosystem
• And... shattered dreams of financial freedom
💡 What should you do?
✅ Carefully check links, use a secondary wallet for transactions
✅ Don’t keep large assets on exchanges
✅ Enable 2FA, verify email
✅ Follow @binance, @cyvers_ai for updates
🛑 Don’t wait until you’ve lost everything to realize:
"Crypto doesn’t just disappear – you lose it yourself."
📢 Have you ever almost been hacked? Comment to share and raise awareness together! #BinanceSquare
#Warning #Hack #CryptoSecurity #BlockchainNews #StaySafe
🚨 1 second of carelessness – lose your entire wallet!
The crypto market is not only volatile due to prices – but also because of organized, sophisticated hacks that spare no one.
👉 In just the first 6 months of 2025, over $2.1 billion has “evaporated” from exchanges, cold wallets, and blockchain bridges.
From giants like Bybit, CoinEx, Poloniex to the personal wallets of thousands of users – no one is immune.
💣 Why do you need to care RIGHT NOW?
- Hackers don’t need guns – they just need 1 API key error, 1 click on a spoofed link.
- Has your smart contract been audited? It can still be attacked by social engineering.
- Cold wallet? Safe... until you connect it the wrong way.
📉 After each major hack, it’s not just money that is lost. There’s also:
• Community trust
• The reputation of the entire ecosystem
• And... shattered dreams of financial freedom
💡 What should you do?
✅ Carefully check links, use a secondary wallet for transactions
✅ Don’t keep large assets on exchanges
✅ Enable 2FA, verify email
✅ Follow @binance, @cyvers_ai for updates
🛑 Don’t wait until you’ve lost everything to realize:
"Crypto doesn’t just disappear – you lose it yourself."
📢 Have you ever almost been hacked? Comment to share and raise awareness together! #BinanceSquare
See original
In the first half of 2025, over $3 billion was stolen as a result of 119 hacks — more than in all of 2024, reported Global Ledger.
#HackerAlert #Hack #CryptoNewss #BTCvsETH #TrendingTopic
$XRP
$BNB
$INIT
#HackerAlert #Hack #CryptoNewss #BTCvsETH #TrendingTopic
$XRP
$BNB
$INIT
#NewsAboutCrypto
#Follow_Like_Comment
🔴Arizona woman sentenced to 8.5 years in prison for helping North Korean hackers get remote cryptocurrency jobs in the US.
📣She helped DPRK agents infiltrate more than 300 technology companies and launder $17 million in illicit proceeds to Pyongyang. 🇰🇵
#Hack
#Follow_Like_Comment
🔴Arizona woman sentenced to 8.5 years in prison for helping North Korean hackers get remote cryptocurrency jobs in the US.
📣She helped DPRK agents infiltrate more than 300 technology companies and launder $17 million in illicit proceeds to Pyongyang. 🇰🇵
#Hack
🚨 HIDDEN AI #HACK TARGETS 1.8B GMAIL USERS VIA GOOGLE #GEMINI
🔹Hackers are exploiting Google’s Gemini AI by embedding invisible commands—white, zero-size font—in phishing emails.
🔹When users click “summarize,” Gemini reads hidden prompts and generates fake alerts, support numbers, or malicious links.
🔹Google has issued an urgent warning. This indirect prompt injection scam bypasses detection and is still unpatched.
🔹Experts advise scanning emails for hidden content and disabling AI summarization on sensitive accounts. Stay cautious.
-The Economic Times
$SHELL
$ASRR
🔹Hackers are exploiting Google’s Gemini AI by embedding invisible commands—white, zero-size font—in phishing emails.
🔹When users click “summarize,” Gemini reads hidden prompts and generates fake alerts, support numbers, or malicious links.
🔹Google has issued an urgent warning. This indirect prompt injection scam bypasses detection and is still unpatched.
🔹Experts advise scanning emails for hidden content and disabling AI summarization on sensitive accounts. Stay cautious.
-The Economic Times
$SHELL
$ASRR
Gala Games CEO Attributes $23M Exploit to Internal Control Failures
Gala Games CEO Eric Schiermeyer has confirmed that a "security incident" led to the unauthorized sale of 600 million GALA tokens, worth approximately $23 million. The breach, which Schiermeyer attributed to "messed up" internal controls, has raised significant concerns within the blockchain gaming community.
Incident Overview
On May 20, at 7:32 pm UTC, blockchain observers reported the minting of 5 billion GALA tokens, valued at around $200 million at the time. The compromised wallet was selling the tokens in batches, leading to a sharp drop in GALA's price. The token hit a 24-hour low of $0.038, a 20% decrease from its daily high, before recovering slightly to $0.041, according to CoinGecko.
“We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens,” Schiermeyer wrote in a May 20 post on X (formerly Twitter). He admitted, “We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.”
Response and Mitigation
Gala Games quickly identified the compromise and revoked unauthorized access to the GALA contract. Schiermeyer assured users that the Ethereum contract was secure and had not been compromised. The company believes it has identified the person responsible and is collaborating with the FBI, the U.S. Justice Department, and international authorities to address the incident.
In a follow-up post on X, Gala Games announced that the security breach had been contained and the affected wallet frozen. However, details about the perpetrator and the method of access to the GALA contract remain undisclosed.
Ongoing Legal Disputes
This security incident occurs amid ongoing legal battles between Schiermeyer and Gala Games co-founder Wright Thurston. Both have filed lawsuits against each other, with Thurston accusing Schiermeyer of squandering millions in company assets, while Schiermeyer alleges that Thurston stole $130 million worth of GALA tokens.
Gala Games did not respond to requests for additional comments.
The incident underscores the critical need for robust internal controls and security measures in the cryptocurrency and blockchain industries, as companies continue to navigate complex technological and legal landscapes.
$GALA #GALA #GalaGames #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Incident Overview
On May 20, at 7:32 pm UTC, blockchain observers reported the minting of 5 billion GALA tokens, valued at around $200 million at the time. The compromised wallet was selling the tokens in batches, leading to a sharp drop in GALA's price. The token hit a 24-hour low of $0.038, a 20% decrease from its daily high, before recovering slightly to $0.041, according to CoinGecko.
“We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens,” Schiermeyer wrote in a May 20 post on X (formerly Twitter). He admitted, “We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.”
Response and Mitigation
Gala Games quickly identified the compromise and revoked unauthorized access to the GALA contract. Schiermeyer assured users that the Ethereum contract was secure and had not been compromised. The company believes it has identified the person responsible and is collaborating with the FBI, the U.S. Justice Department, and international authorities to address the incident.
In a follow-up post on X, Gala Games announced that the security breach had been contained and the affected wallet frozen. However, details about the perpetrator and the method of access to the GALA contract remain undisclosed.
Ongoing Legal Disputes
This security incident occurs amid ongoing legal battles between Schiermeyer and Gala Games co-founder Wright Thurston. Both have filed lawsuits against each other, with Thurston accusing Schiermeyer of squandering millions in company assets, while Schiermeyer alleges that Thurston stole $130 million worth of GALA tokens.
Gala Games did not respond to requests for additional comments.
The incident underscores the critical need for robust internal controls and security measures in the cryptocurrency and blockchain industries, as companies continue to navigate complex technological and legal landscapes.
$GALA #GALA #GalaGames #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🚨Alart🚨 $1.5B Bybit Hack Linked to North Korean Hacker Park Jin Hyok 🎭💻
The recent $1.5 billion cyberattack on Bybit has been traced back to Park Jin Hyok, a notorious North Korean hacker 🎯, and his links to the infamous Lazarus Group 💀. Investigators, including ZachXBT 🕵️♂️ and Arkham Intelligence 🏴☠️, discovered that this massive crypto heist shares connections with a $70M hack on Phemex earlier this year 💰🔗.
🎭 Who is Park Jin Hyok?
Park is a state-sponsored hacker 🇰🇵, known for orchestrating some of the most sophisticated cyberattacks in history, including the WannaCry ransomware 💾, the Sony Pictures hack 🎬, and the infamous $600M Ronin Bridge exploit 🔥. His involvement in Lazarus Group has made him a key figure in North Korea’s cyber warfare strategy 🕹️.
💥 How Did the Bybit Hack Happen?
Hackers infiltrated Bybit’s security systems 🏦, draining $1.5 billion worth of digital assets 💸. Traces of their movements were found leading to wallets associated with Lazarus Group, confirming their involvement. Blockchain sleuths 🧩 like ZachXBT and Arkham Intelligence followed the stolen funds, noticing familiar laundering patterns seen in previous Lazarus-led hacks 🚨.
🔗 Link to the $70M Phemex Hack
Earlier this year, Phemex suffered a $70 million exploit ⚠️, and now, investigators believe it was a test run for the larger Bybit attack 📊. The modus operandi—phishing scams 🎣, security breaches, and rapid fund transfers—bears striking similarities 🏴☠️.
🚀 What’s Next?
With the Lazarus Group’s continued attacks on the crypto industry, exchanges are reinforcing their security walls 🛡️. Authorities are tracking stolen assets through blockchain analytics 🔍, hoping to freeze the funds before they vanish into the dark web 🌑.
Stay vigilant, crypto traders! The world of DeFi and CeFi is still a battlefield ⚔️, and cyber threats are evolving faster than ever.
#Hack #LitecoinETF
$ETH
The recent $1.5 billion cyberattack on Bybit has been traced back to Park Jin Hyok, a notorious North Korean hacker 🎯, and his links to the infamous Lazarus Group 💀. Investigators, including ZachXBT 🕵️♂️ and Arkham Intelligence 🏴☠️, discovered that this massive crypto heist shares connections with a $70M hack on Phemex earlier this year 💰🔗.
🎭 Who is Park Jin Hyok?
Park is a state-sponsored hacker 🇰🇵, known for orchestrating some of the most sophisticated cyberattacks in history, including the WannaCry ransomware 💾, the Sony Pictures hack 🎬, and the infamous $600M Ronin Bridge exploit 🔥. His involvement in Lazarus Group has made him a key figure in North Korea’s cyber warfare strategy 🕹️.
💥 How Did the Bybit Hack Happen?
Hackers infiltrated Bybit’s security systems 🏦, draining $1.5 billion worth of digital assets 💸. Traces of their movements were found leading to wallets associated with Lazarus Group, confirming their involvement. Blockchain sleuths 🧩 like ZachXBT and Arkham Intelligence followed the stolen funds, noticing familiar laundering patterns seen in previous Lazarus-led hacks 🚨.
🔗 Link to the $70M Phemex Hack
Earlier this year, Phemex suffered a $70 million exploit ⚠️, and now, investigators believe it was a test run for the larger Bybit attack 📊. The modus operandi—phishing scams 🎣, security breaches, and rapid fund transfers—bears striking similarities 🏴☠️.
🚀 What’s Next?
With the Lazarus Group’s continued attacks on the crypto industry, exchanges are reinforcing their security walls 🛡️. Authorities are tracking stolen assets through blockchain analytics 🔍, hoping to freeze the funds before they vanish into the dark web 🌑.
Stay vigilant, crypto traders! The world of DeFi and CeFi is still a battlefield ⚔️, and cyber threats are evolving faster than ever.
#Hack #LitecoinETF
$ETH
🚨 The Most Dangerous Hacker You've Never Heard Of: Park Jin Hyok 🚨
A silent mastermind lurking in the shadows, Park Jin Hyok has left a trail of destruction across the digital world. A core member of North Korea’s Lazarus Group, his cyber heists have reshaped financial security forever.
🎭 Sony Pictures Hack (2014) – A brutal breach that exposed secrets and sent shockwaves through Hollywood.
💰 Bangladesh Central Bank (2016) – $81 million vanished in an instant, stolen through a sophisticated SWIFT attack.
🦠 WannaCry Ransomware (2017) – Chaos unleashed worldwide, hospitals and businesses crippled, over $140K in ransom collected.
💸 Bybit Hack (2025) – A jaw-dropping $1.46 billion drained from the exchange, setting a new record in crypto crime.
Every move is precise. Every attack is devastating. The world’s financial systems tremble at the mere mention of his name. And yet, he remains a ghost—unseen, untouchable.
#BybitSecurityBreach #Hack #BinanceAlphaAlert #Vote-PIOnBinanceYesOrNo $BNB $ETH $BTC
A silent mastermind lurking in the shadows, Park Jin Hyok has left a trail of destruction across the digital world. A core member of North Korea’s Lazarus Group, his cyber heists have reshaped financial security forever.
🎭 Sony Pictures Hack (2014) – A brutal breach that exposed secrets and sent shockwaves through Hollywood.
💰 Bangladesh Central Bank (2016) – $81 million vanished in an instant, stolen through a sophisticated SWIFT attack.
🦠 WannaCry Ransomware (2017) – Chaos unleashed worldwide, hospitals and businesses crippled, over $140K in ransom collected.
💸 Bybit Hack (2025) – A jaw-dropping $1.46 billion drained from the exchange, setting a new record in crypto crime.
Every move is precise. Every attack is devastating. The world’s financial systems tremble at the mere mention of his name. And yet, he remains a ghost—unseen, untouchable.
#BybitSecurityBreach #Hack #BinanceAlphaAlert #Vote-PIOnBinanceYesOrNo $BNB $ETH $BTC
The details of the recent hack on Bybit are continuing to emerge. Hackers successfully stole around 135,000 Ethereum, worth approximately $335 million, from the platform's hot wallets. Investigations show that the hackers managed to launder 45,900 ETH (around $113 million) within a very short period. At this rate, it’s estimated that the remaining stolen Ethereum could be fully laundered in just 8 to 10 days.
In response, Bybit assured users that their funds are safe and that investigations into the attack are ongoing. The hackers have been using decentralized platforms to quickly launder the stolen Ethereum, highlighting the need for cryptocurrency exchanges and the broader crypto community to reassess their security measures.
#bybit #Hack
In response, Bybit assured users that their funds are safe and that investigations into the attack are ongoing. The hackers have been using decentralized platforms to quickly launder the stolen Ethereum, highlighting the need for cryptocurrency exchanges and the broader crypto community to reassess their security measures.
#bybit #Hack
Breaking News: Bybit Exchange Hacked
On February 21, 2025. Bybit Exchange, a prominent cryptocurrency exchange, experienced a significant security breach resulting in the unauthorized transfer of approximately $1.46 billion worth of assets. The incident involved the compromise of Bybit's Ethereum (ETH) cold wallet, leading to the loss of 401,346 ETH (approximately $1.1 billion) and various staked Ether (stETH) tokens. The perpetrator has been liquidating these assets on decentralized exchanges.
Bybit's CEO, Ben Zhou, confirmed the breach, explaining that a planned transfer was manipulated, allowing the attacker to gain control over the specific ETH cold wallet. Zhou assured users that all other cold wallets remain secure and that withdrawals are functioning normally.
This event marks one of the largest cryptocurrency hacks to date, surpassing previous incidents such as the Mt. Gox hack ($470 million), the CoinCheck hack in 2018 ($530 million), and the Ronin Bridge exploit ($650 million).
In response to the breach, major cryptocurrencies experienced price declines. Ethereum's price fell nearly 3% to approximately $2,727, while Bitcoin dipped by nearly 1% to around $98,091.
Users are advised to monitor their accounts closely and exercise caution with their assets during this period.
#BybitSecurityBreach #CryptocurrencyWealth #cryptouniverseofficial #Hack #bybit
Bybit's CEO, Ben Zhou, confirmed the breach, explaining that a planned transfer was manipulated, allowing the attacker to gain control over the specific ETH cold wallet. Zhou assured users that all other cold wallets remain secure and that withdrawals are functioning normally.
This event marks one of the largest cryptocurrency hacks to date, surpassing previous incidents such as the Mt. Gox hack ($470 million), the CoinCheck hack in 2018 ($530 million), and the Ronin Bridge exploit ($650 million).
In response to the breach, major cryptocurrencies experienced price declines. Ethereum's price fell nearly 3% to approximately $2,727, while Bitcoin dipped by nearly 1% to around $98,091.
Users are advised to monitor their accounts closely and exercise caution with their assets during this period.
#BybitSecurityBreach #CryptocurrencyWealth #cryptouniverseofficial #Hack #bybit
See original
🎯️WazirX was hacked, losing more than 230 million USD
💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.
🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.
🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.
📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.
✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.
⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.
#Coinbay #WazirX #hack
💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.
🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.
🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.
📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.
✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.
⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.
#Coinbay #WazirX #hack
Hacker Moves $10 Million from Phishing Attack to Tornado Cash
In 2023, financial assets were removed from a cryptocurrency "whale" due to a phishing attack, where the victim authorized transactions allowing the attacker to access their financial resources.
The joint account involved in the September 2023 phishing incident transferred $10 million worth of Ether to the cryptocurrency mixing service Tornado Cash.
On March 21, blockchain security firm CertiK identified an account involved in the hack for $24 million, which sent 3,700 ETH to Tornado Cash. These funds were taken from the cryptocurrency whale during the phishing incident on September 6, 2023.
At that time, an investor lost $24 million in staked ETH through the Rocket Pool liquidity staking service. The attack occurred in two phases: the first removed 9,579 stETH, while the second took away 4,851 rETH from the crypto whale.
The Scam Sniffer project, dedicated to fraud detection, stated that the victim authorized an "Increase Allowance" transaction, enabling the hacker to approve tokens for their own use. Using smart contracts, this functionality allows third parties to spend ERC-20 tokens owned by others with their consent.
The topic of token approvals sparked much discussion in the crypto community, with some warning of the risks associated with potentially deploying malicious smart contracts for fraudulent purposes.
Blockchain security firm PeckShield recorded that the attacker converted assets into 13,785 ETH and 1.64 million Dai. Some of these DAI were transferred to the FixedFload exchange, while the rest of the stolen funds were moved to other wallets.
Phishing attacks remain a significant problem for the crypto sector. A report from the Scam Sniffer project showed that nearly $47 million was lost in February due to phishing-related scams.
The report emphasized that 78% of these thefts occurred on the Ethereum network, with ERC-20 tokens accounting for 86% of all stolen funds.
Recent losses caused by token approvals have also raised concerns among cryptocurrency users. On March 20, an old contract previously used by the Dolomite exchange was exploited to drain $1.8 million from users.
The exploitation affected users who had given consent to the contract. As a result, Dolomite developers urged users to revoke all consents granted to the old contract address.
Although some attempts to defraud cryptocurrencies result in the loss of millions, there are cases where fraudulent efforts are quickly detected and thwarted. For example, on March 20, the Layerswap team managed to prevent further damages after their website was compromised by an attack, thanks to the quick response from the domain provider.
However, hackers were still able to siphon off assets worth $100,000 from approximately 50 users. Layerswap announced that they would refund the lost funds to affected users and offer additional compensation for the inconvenience caused.
These incidents highlight the persistent risk of phishing attacks and the need for constant vigilance in the crypto world. The abuse of token approval functions and smart contracts underscores the need for further education and caution among cryptocurrency users to prevent unnecessary losses.
With the increasing number of sophisticated attacks, it is important for cryptocurrency users to be vigilant and thoroughly verify all transactions and contract approvals. The community and security firms must collaborate to develop better tools and procedures to protect against phishing attacks and other fraudulent activities, ensuring a safer environment for all cryptocurrency users.
#crypto #scam #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
The joint account involved in the September 2023 phishing incident transferred $10 million worth of Ether to the cryptocurrency mixing service Tornado Cash.
On March 21, blockchain security firm CertiK identified an account involved in the hack for $24 million, which sent 3,700 ETH to Tornado Cash. These funds were taken from the cryptocurrency whale during the phishing incident on September 6, 2023.
At that time, an investor lost $24 million in staked ETH through the Rocket Pool liquidity staking service. The attack occurred in two phases: the first removed 9,579 stETH, while the second took away 4,851 rETH from the crypto whale.
The Scam Sniffer project, dedicated to fraud detection, stated that the victim authorized an "Increase Allowance" transaction, enabling the hacker to approve tokens for their own use. Using smart contracts, this functionality allows third parties to spend ERC-20 tokens owned by others with their consent.
The topic of token approvals sparked much discussion in the crypto community, with some warning of the risks associated with potentially deploying malicious smart contracts for fraudulent purposes.
Blockchain security firm PeckShield recorded that the attacker converted assets into 13,785 ETH and 1.64 million Dai. Some of these DAI were transferred to the FixedFload exchange, while the rest of the stolen funds were moved to other wallets.
Phishing attacks remain a significant problem for the crypto sector. A report from the Scam Sniffer project showed that nearly $47 million was lost in February due to phishing-related scams.
The report emphasized that 78% of these thefts occurred on the Ethereum network, with ERC-20 tokens accounting for 86% of all stolen funds.
Recent losses caused by token approvals have also raised concerns among cryptocurrency users. On March 20, an old contract previously used by the Dolomite exchange was exploited to drain $1.8 million from users.
The exploitation affected users who had given consent to the contract. As a result, Dolomite developers urged users to revoke all consents granted to the old contract address.
Although some attempts to defraud cryptocurrencies result in the loss of millions, there are cases where fraudulent efforts are quickly detected and thwarted. For example, on March 20, the Layerswap team managed to prevent further damages after their website was compromised by an attack, thanks to the quick response from the domain provider.
However, hackers were still able to siphon off assets worth $100,000 from approximately 50 users. Layerswap announced that they would refund the lost funds to affected users and offer additional compensation for the inconvenience caused.
These incidents highlight the persistent risk of phishing attacks and the need for constant vigilance in the crypto world. The abuse of token approval functions and smart contracts underscores the need for further education and caution among cryptocurrency users to prevent unnecessary losses.
With the increasing number of sophisticated attacks, it is important for cryptocurrency users to be vigilant and thoroughly verify all transactions and contract approvals. The community and security firms must collaborate to develop better tools and procedures to protect against phishing attacks and other fraudulent activities, ensuring a safer environment for all cryptocurrency users.
#crypto #scam #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Login to explore more contents