Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Digital WAllets. Show all posts

DeFi Clients Lost $228 Million to Hackers in Past 3 Months


In the recent past, there has been a dramatic rise in the number of cyber incidents, where cyber threat actors have tried to exploit many cryptocurrency projects. It is interesting to note that hackers have significantly targeted DeFi, according to the latest report by the leading bug bounty program – Immunefi.

According to this report, the total hacks across blockchains have increased up to 63%, during the second quarter of 2023 when compared to the activities recorded from the same period last year. While the overall losses went as low as 60%, ImmuneFi notes that the number of hacks has only grown by 65%, with the losses shooting up by 225%.  

According to Immunefi's analysis of the attacks that were launched against DeFi platforms, they lost an overall sum of around $228 million in the second quarter across 79 separate cyber incidents. In comparison, over the course of two instances, centralized platforms lost $37 million. 

The firm’s analysis further concluded that most of the losses in cryptocurrency were a result of two specific incidents – the Atomic Wallet Hack of June 3 and the exit scam by the Fintoch platform, which is no longer in use. 

Atomic Wallet Hack 

The self-custodial wallet – Atomic Wallet – lost a whopping $100 million in crypto allegedly to the North Korea-linked hackers, Lazarus Group. According to the Atomic Wallet team, the threat organization affected “less than 0.1” of its customers, however, they did not make it clear if Lazarus was actually behind the attacks.

Fontoch 

After promising users a 1% daily interest on their investments, FinToch disappeared, losing almost $32 million in user funds in May. The scam, better known by the name ‘rugpull,’ was first discovered by Twitter blockchain sleuth ZackXBT. 

In addition, Immunefi also found that some chains were targeted more than others. The firm found that assaults on Ethereum and BNB Chain accounted for 77% of all losses in the most recent quarter, with Arbitrum coming in second at 12%. Given that Arbitrum had absolutely no issues during the same time period last year, they claimed that attacks on it were noteworthy. However, both Arbitrum and Binance spokespeople denied to comment on the matter.  

OpenSea Phishing Scam Swindled Millions in NFTs

 

On Saturday, a phishing attack targeted 17 users of OpenSea, one of the major NFT markets, according to the company. The hack apparently resulted in the theft of over 250 NFTs worth at least $1.7 million. 

A nonfungible token, or NFT, is a way of proving ownership of a digital asset. NFTs linked to digital art have been increasingly popular in recent months, owing to the involvement of high-profile personalities. The attacker, or attackers, stole NFTs from OpenSea users over a 3-hour window on Saturday by compromising the underlying code that allows NFTs to be bought and sold. 

OpenSea tweeted late Sunday that the attack didn't appear to be active, with the most recent action 15 hours before. Nadav Hollander, the CTO of OpenSea, also provided a technical breakdown of the phishing attack. Phishing attacks are frequently carried out using emails that contain harmful links and fraudulently purport to be from a company. It's still unknown how OpenSea customers were lured into the phishing scam.

While the identity of the wallet's owner can be hidden in digital wallets used to keep NFTs, the transactions of digital assets on a blockchain are normally public. As a result, anyone with technical knowledge can track the NFTs from wallet to wallet. 

OpenSea CEO Devin Finzer in a post on Twitter on Saturday after the attack stated, "The attacker has $1.7 million of ETH in his wallet from selling some of the stolen NFTs." 

The hacker also appears to have returned some of the NFTs to the original owners. OpenSea tweeted on Sunday that the investigation into Saturday's phishing attack is still ongoing. OpenSea's CTO, Nadav Hollander, posted a Twitter thread summarising the company's current understanding of the attack, which the company believes did not originate from OpenSea. 

Hollander said, "All of the malicious orders contain valid signatures from the affected users, indicating that they did sign an order somewhere, at some point in time. However, none of these orders were broadcasted to OpenSea at the time of signing."