Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Bitcoin hacked. Show all posts

DMM Bitcoin Hack: 500 BTC Transfer Linked to $305 Million Theft Raises New Concerns

 

A cryptocurrency address linked to the $305 million DMM Bitcoin hack in May has reportedly transferred 500 Bitcoin, valued at approximately $30.4 million. On August 22, PeckShield Alert reported that the suspect address initially split the funds into two separate addresses, each receiving around 250 BTC. This movement of funds marks a significant development in the aftermath of the DMM Bitcoin hack, which remains one of the most substantial cryptocurrency thefts of 2024. The DMM Bitcoin hack, which occurred in May, resulted in the theft of 4,502.9 BTC, valued at approximately $305 million at the time. 

The current value of the stolen Bitcoin is just over $274 million. In response to the breach, DMM Bitcoin quickly raised $320 million to reimburse affected users, demonstrating the exchange’s commitment to mitigating the impact of the hack on its customers. Blockchain investigator ZachXBT previously attributed the attack to the Lazarus Group, a notorious hacking organization allegedly linked to the Democratic People’s Republic of Korea. The Lazarus Group has been implicated in several high-profile cyberattacks, and its involvement in the DMM Bitcoin hack highlights the growing sophistication of cybercriminals targeting the cryptocurrency industry. 

According to on-chain analysts, the methods used to launder the stolen funds and various off-chain indicators strongly suggest the Lazarus Group’s involvement in the heist. Following the hack, the attackers reportedly split the stolen Bitcoin into smaller batches of 500 BTC and transferred them to new wallets. PeckShield identified that the latest funds moved since the May 31 incident originated from one of these wallets. This strategy of splitting and moving funds is a common tactic among cybercriminals to obfuscate the trail of stolen assets and avoid detection. 

In July, ZachXBT alleged that the attackers transferred approximately $35 million worth of Bitcoin to the Cambodia-based exchange Huione Guarantee. The exchange has faced accusations of facilitating the laundering of funds from various crypto hacks, pig butchering scams, and other illicit activities. The involvement of exchanges like Huione underscores the challenges in tracking and recovering stolen cryptocurrency, as these platforms can serve as intermediaries for converting stolen assets into fiat currency or other cryptocurrencies. 

The DMM Bitcoin hack is a significant addition to the growing list of cryptocurrency thefts in 2024, which had already claimed over $473 million in losses before this incident. The hack is the second largest in Japan’s history, following the 58 billion yen loss suffered by Coincheck in 2018. In the aftermath of the DMM Bitcoin hack, the exchange halted all spot trading on its platform and warned that withdrawals in Japanese yen might take longer than usual, as they implemented measures to prevent further unauthorized outflows. This incident also highlights broader trends in the cryptocurrency industry. 

According to a Chainalysis report, while illegal activity on blockchain networks has decreased by almost 20% year-to-date, malware attacks and stolen funds have surged. Stolen funds inflows doubled to $1.58 billion compared to $857 million last year, and ransomware inflows climbed around 2%, reaching $459.8 million. The DMM Bitcoin hack serves as a stark reminder of the ongoing vulnerabilities in the cryptocurrency sector and the need for enhanced security measures to protect digital assets from increasingly sophisticated cyber threats.

Bitcoin Exchange Poloniex website got hacked

Here comes another hacking news related to Bitcoin.  Multi crypto currency exchange Poloniex has announced today that their website suffered a cyber attack, leading to Bitcoins being stolen from their company.

On BitcoinTalk forum, the company explained how hackers stole the Bitcoins; Placing multiple withdrawls requests at the same time will result in negative balance but still the request is being processed.

"Another design flaw is that withdrawals should be queued at every step of the way. This could not have happened if withdrawals requests were processed sequentially instead of simultaneously" the forum post explaining another bug reads.

One of the forum's member gave a link to the attacker's bitcoin address "https://blockchain.info/address/1Ktq7TE3J5vZ3c99M5weqKfFcNkHQdqPrq".  It appears the loss is around $50,000(76BTC).

The owner of Poloniex said he will take the full responsibility and will repay the debt of BTC.  However, due to shortage of 12.3% in funds, the company will temporarily deduct 12.3% balance from all accounts.

"If I had the money to cover the entire debt right now, I would cover it in a heartbeat. I simply don't, and I can't just pull it out of thin air." he said.

Bitcoin Bank Flexcoin website hacked, $600,000 worth Bitcoins stolen

Bitcoin Bank "FlexCoin" website has been closed after reportedly hackers attacked the site and stole 896 bitcoins worth $600,320.

The organization claims the attack happened on March 2nd, in which attackers transferred the bitcoins to two different addresses.

"As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing our doors immediately." the company posted a statement on its main page.

The bitcoins stored in cold storage were not affected by this breach, as coins were held offline.  Those users who put their coins into cold storage will be contacted by Flexcoin and asked to verify their identity.

For others, the company pointed out a link to TOS, where it says "Flexcoin Inc is not responsible for insuring any bitcoins stored in the Flexcoin system. You are entering into this agreement with Flexcoin Inc. You agree to not hold Flexcoin Inc, or Flexcoin Inc's stakeholders, or Flexcoin Inc's shareholders liable for any lost bitcoins."

The company says they are working with law enforcement and trying to find the cause of the security breach.  

Bitcoin Payment Solutions (BIPS) hacked, $1 million stolen


Danish bitcoin exchange Bitcoin Payment Solutions (BIPS) is the latest victim of Bitcoin website hacks.

The BIPS has temporarily shut down the consumer its consumer wallet initiative after hackers reportedly steal Bitcoins worth more than $1 million(1200+ BTC).

The company says it will consider reintroducing the wallet with a re-architected security model in order to prevent future cyber attacks.

"All existing users will be asked to transfer bitcoins to other wallet solutions, and users affected by the security breach will be contacted" says the company in their official press release.

This is third Bitcoin website's security breach that we are covering in this month.  Earlier this month, we reported that hackers attacked Bitcash.cz and Inputs.io and steal more than $1 in Bitcoins.

Another Bitcoin related website Bitcash.cz reportedly hacked


We recently reported that an Australian who is running Bitcoin bank site claimed hackers stole $1m from their site.  It appears another organization related to Bitcoin is claiming that their website is compromised by hackers.

Bitcash.cz website calimed that hackers attacked their website on 11th November and stole Bitcoin wallet.

"Unfortunately, the nightmare became reality." wrote in the main page of the site. "Against an unknown perpetrator was filed. Due to the ongoing investigation, we can not further comment on specific questions about the attack."

Coin Desk pointed out an online post that "purports to show an email sent from a bitcash.cz email address", it says hackers are sending fake emails to users purportedly coming from Bitcash.

The recipients are asked to send 2 BTC to a wallet address in order to get back their Bitcoins.

"Due to the anonymous structure of the bitcoin it is impossible to differentiate between a real hack and someone claiming that they got hacked ." When we asked about the recent incidents, Suriya Prakash who has been researching into Bitcoins for quiet sometime said.

"The 'stolen' money can be made to disappear and come back some other way" Always store your BTC's in multiple physical wallets that are encrypted and only opened to make transactions"

Hackers steal $1 million from Australian bitcoin bank website

 

An Australian entrepreneur who is running the Bitcoin bank website has claimed hackers stole more than $1 million of virtual currency bitcoin from his website(Inputs.io).

The security breach reportedly took place on both October 23 and October 26, hackers managed to steal 4,100 bitcoins worth more than $1 million, according to service’s operator only known as "Tradefortress".

In an email interview with Fairfax media, TradeFortress said he would try to refund some of the money using more than 1,000 bitcoins he personally owned.

He said he won't be reporting the incident to law enforcement because there were "extremely limited actions" it could undertake considering the currency can't be easily traced, According to the Sydney Morning Herald report.

A spokesperson for the Australian Federal Police told Daily Mail that a theft of bitcoins has never been investigated but if it was reported to officers then police would investigate it like any other theft.