Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Crypto Hacks. Show all posts
Cybersecurity
Crypto Hacks cryptocurrency Cryptocurrency Breach Cyber Fraud CyberCrime Cyberhackers Cybersecurity

Global Crypto Hacks Escalate to $2.2 Billion in 2024

 


Chainalysis, a blockchain analytics company that provides data analysis on the blockchain ecosystem, has reported that the volume of compromised crypto funds and the number of hacking incidents are set to rise in 2024. The report states that the total amount of stolen crypto funds rose by approximately 21.07% year-over-year (YoY), reaching $2.2 billion over the period. It also reports that the number of individual cyber-attacks increased from 282 in 2023 to 303 incidents in 2024, an increase of 34 per cent. 

During its report this year, Chainalysis noted that hackers also increasingly target centralized services such as cryptocurrency exchanges. In addition to Bitcoin's 140% increase in value this year surpassing $100,000, the rise in crypto heists also coincides with the institutional support of U.S. President-elect Donald Trump. There have been 303 hacking incidents so far in 2023, compared to 282 in 2023 and 1.8 billion dollars, but that’s only about Rs. 15,302 crores, which means hackers stole 1.8 billion dollars (roughly Rs. 15,302 crores) in 2023, according to the report. 

There has been an increase in crypto heists as the value of Bitcoin reached $100,000 (roughly Rs. 85 lakh) this year, and it has drawn institutional support and backing from US President-elect Donald Trump, who has become one of the biggest supporters of the digital currency. It is noted that DeFi still accounted for the largest share of stolen assets in the first quarter of 2024, but centralized services were more likely to be hacked during the second and third quarters. 

According to Chainalysis' report, several notable hacks of centralized services occurred, such as the hack of DMM Bitcoin in May 2024, which cost $305 million, and WazirX in July 2024, which cost $234.9 million. The WazirX hack in July of this year resulted in huge losses for the Indian cryptocurrency exchange, which has responded by stopping users from withdrawing their remaining cryptocurrency and is currently requesting a reorganization in Singapore. 

In addition, the Chainalysis report noted that North Korean hackers continue to try to steal cryptocurrency, particularly to avoid sanctions, as well as that the North Korean hackers are continuing to conduct cyber-attacks. As the industry faces an increasingly challenging environment in the new year, the industry has a lot of work to do to fight the proliferation of such crimes, especially fraud, that will undoubtedly pose a key challenge. 

Several reports concluded that the majority of the stolen crypto this year resulted from compromised private keys that control access to users' assets. A majority of the attacks targeted centralized platforms. There were several notable hacks during the past year. The most significant ones were the theft of $305 million from Japan's DMM Bitcoin in May, and the loss of $235 million from India's WazirX in July. According to Chainalysis, North Korea-related crypto hacking increased by more than double from a year ago to 1.3 billion dollars in 2024, which is a record.
Read more »
WazirX
Crypto Hacks Cyber Attacks CyberCrime Cyberhacekrs Cybersecurity Tornado Cash WazirX

WazirX Hacker Starts Moving Stolen Ether Anonymously Using Tornado Cash

 


As a result of an attack by an unknown entity, some of the $234 million allegedly stolen from the WazirX exchange in one of India's worst crypto hacks has already been laundered. This action occurred on the same day the platform released its recapture plan. It was discovered that the perpetrator on Monday moved 2,500 Ether tokens worth about $6.3 million to Tornado Cash - a service that even blurs the origin of crypto assets - after attending the briefing session led by WazirX cofounder Nischal Shetty, who is based in Dubai.

In August, WazirX was hacked by an unknown group of hackers, who have remained unidentified since the heist took place in July and are reportedly moving the funds that have been stolen around. A recent piece of data collected by Arkham Research suggests that the hacker is using a controversial platform called Tornado Cash to commit his crimes. 

A hacker who stole more than $230 million (roughly Rs. 1,900 crore) appears to have moved some $54.5 crore of Ether tokens worth of the stolen cryptocurrency $230 million into Tornado Cash, a cryptocurrency platform that is now sanctioned by the United States government. Using Tornado Cash, users can deposit their crypto tokens into a pool that contains various crypto tokens and then have their funds transferred to the destination wallet in the form of other cryptocurrencies after depositing their funds. 

Over the past few years, Tornado Cash has become one of the most popular tools used by cybercriminals who want to let no evidence of their illicit activities trail them when transferring funds they have gained through illicit means. As the data by Arkham shows, the hacker was able to facilitate 26 transactions through the use of his credentials to transfer the aforementioned amount to a Tornado Cash address. 

Furthermore, Etherscan data showed that the hacker moved the funds through various Bitcoin transactions, each carried out with 100 Ethereum units. It has been reported that social media users have been able to capture pictures of these details. Data tracked by Arkham shows that the attacker moved nearly $4 million worth of ether [ETH] in 16 transactions through a Tornado Cash router, some of which were obtained through the Ethereum network. 

This address is currently holding over $155 million worth of various tokens, with a majority of the funds being ether, which at $150 million has accumulated over the past few months. On the other hand, WazirX recently revealed that, almost one week before the withdrawal window was supposed to open, users had begun to be able to withdraw up to 66% of their Indian rupee token balances from the exchange.  

As a result of the theft of funds, over 45% of the total reserves cited by the exchange in a June 2024 report have gone missing - and the exchange has since filed for a restructuring process to move forward on clearing its liabilities to recover the money. In a statement on Monday, WazirX's legal advisers stated that it is unlikely that the company will be able to make good on its obligations in crypto terms going forward, with the best-case scenario being a refund of anywhere between 55% and 57%. 

This attack is believed to have been conducted by Lazarus, a North Korean hacking unit, as previously reported by Reuters. It has been estimated that the group laundered over $1 billion in stolen funds through this service before OFAC sanctions were imposed in 2022, according to estimates put forward by the group. Nischal Shetty, father of WazirX and co-founder of the company, confirmed that the hacker hasn't been identified yet. 

The Lazarus Group, a notorious hacking group that has been associated with North Korea for quite a while, has previously been alleged to have been involved in this hack. Last week, WazirX initiated its first steps toward financial restructuring in the aftermath of the recent hacking incident. As part of this effort, the cryptocurrency exchange has filed for a moratorium in a Singapore court. 

This legal action grants WazirX a reprieve, allowing it additional time to thoroughly assess its financial liabilities and reorganize its capital structure. The entire restructuring process is expected to take up to six months before it is fully completed. In the interim, WazirX has reopened withdrawals for Indian Rupees (INR) on its platform. 

The exchange is actively encouraging its users to withdraw 66 percent of their unfrozen INR balances, which have been made available for withdrawal at this stage. This measure is aimed at ensuring greater user security and providing liquidity during the ongoing restructuring phase.
Read more »
Subscribe to: Posts (Atom)