hackers
DeFi should complement TradFi, not attack it: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. Following FTX’s demise, the DeFi space is up for a complete remodel as crypto users demand better security and compliance practices. SushiSwap’s roadmap for the coming year includes the development of a decentralized exchange (DEX) aggregator, a decentralized incubator and “several stealth projects.” All these projects combined can grow its market share 10x, said the CEO. The co-founder and CEO of Ava Labs spoke with Cointelegraph at the World Economic Forum in Davos, Switzerland, on the future of DeFi and traditional finance (TradFi) and said DeFi should complement TradFi, not attack it. Another DeFi report sugge...
Cross-border crypto scammers on the hit list for EU agencies
By the end of 2022, scammers shifted their focus to duping crypto investors who desperately tried to recoup their year-long losses. An international law enforcement operation led by European government agencies joined crypto entrepreneurs and businesses to curb cross-border crypto scams since July 2022, uncovering a criminal network operating through call centers. Europol and Eurojust, two EU agencies for law enforcement cooperation, joined authorities from Bulgaria, Cyprus, Germany and Serbia to investigate online investment fraud since June 2022. The investigation identified a criminal network that incurred over $2.1 million in losses — primarily for German investors. Call centres selling fake crypto taken down in Bulgaria, Serbia & Cyprus. The criminal organisations lured victims to...
Solana Foundation warns about security incident with Mailchimp
Solana Foundation, the non-profit organization of the Solana Network, disclosed on Jan. 14 a security incident involving its email service provider Mailchimp. According to an email sent to users and seen by Cointelegraph, the Foundation was informed by Mailchimp on Jan. 12 that “an unauthorized actor accessed and exported certain user data from the Solana Foundation’s Mailchimp instance.” Among the information accessed and exported in the incident were user’s names and Telegram usernames. The Solana Foundation stated: “Based on the information we have received from Mailchimp, the affected information may have included, inter alia, email addresses, names, and Telegram usernames, in each case only to the extent users provided any such information. Mailchimp advi...
Solana Foundation warns about security incident with Mailchimp
Solana Foundation, the non-profit organization of the Solana Network, disclosed on Jan. 14 a security incident involving its email service provider Mailchimp. According to an email sent to users and seen by Cointelegraph, the Foundation was informed by Mailchimp on Jan. 12 that “an unauthorized actor accessed and exported certain user data from the Solana Foundation’s Mailchimp instance.” Among the information accessed and exported in the incident were user’s names and Telegram usernames. The Solana Foundation stated: “Based on the information we have received from Mailchimp, the affected information may have included, inter alia, email addresses, names, and Telegram usernames, in each case only to the extent users provided any such information. Mailchimp advi...
Why DeFi should expect more hacks this year: Blockchain security execs
Decentralized finance (DeFi) investors should buckle themselves up for another big year of exploits and attacks as new projects enter the market and hackers become more sophisticated. Executives from blockchain security and auditing firms HashEx, Beosin and Apostro were interviewed for Drofa’s An Overview of DeFi Security In 2022 report shared exclusively with Cointelegraph. The executives were asked about the reason behind a significant increase in DeFi hacks last year, and were asked whether this will continue through 2023. Tommy Deng, managing director of blockchain security firm Beosin, said while DeFi protocols will continue to strengthen and improve security, he also admitted that “there is no absolute security,” stating: “As long as there is interest in the crypto market, the number...
December DeFi exploits were the lowest in 2022: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. The end of 2022 saw the least value of stolen funds from DeFi, with $62 million worth of exploits in December. While the figure might seem a relief given the multiple bridge hacks and hundreds of millions of dollars stolen this year, cybersecurity experts have warned that the ecosystem would see no decrease in exploits, flash loans or exit scams in 2023. Lido protocol overtook MakerDAO to have the highest total value locked (TVL) in the DeFi ecosystem. In other news, Mango Markets hacker Avraham Eisenberg was detained pending trial. The start of the new year saw a GMX whale hacked for $3.5 million worth of GMX tok...
Twitter data breach: Hacker put 200M users’ private information up for grabs
200 million Twitter users’ private information, including their email addresses, was put for sale after a breach exposed 400M users’ private information in the last week of December 2022. The hacker behind the December breach has earlier demanded $200,000 from Twitter in a bid to return the stolen data and warned if the demand is not fulfilled, the data will be released for free. The latest set of data posted on the hacker forum has been traced back to the same breach from December 2022. IMPORTANT UPDATE ON THE TWITTER HACK: https://t.co/05z8gQm9ZW pic.twitter.com/8sGpIMuOeN — Hudson Rock (@RockHudsonRock) January 3, 2023 Researchers at Privacy Affairs confirmed that the leaked data set on the hacker forum is the same from December. The 200 million number, in this case, resulted from the r...
DeFi sees exploits and exit scam drama in the last week of 2022: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. For DeFi, the last week of 2022 saw another slew of exploits, insider job accusations and exit scam drama. It all started on Christmas, when Defrost Finance, a decentralized leveraged trading platform on the Avalanche blockchain, was exploited by a DeFi flash loan attack causing $12 million in losses. However, the hacker behind the attacks reportedly returned a portion of the funds the next day. Security analytic firm Certik looked into the chain of events and concluded that the $12 million of funds drained were a part of an exit scam. On Dec. 26, when the Defrost exploit saga was unfolding, Bitkeep, a multichain ...
The 10 largest crypto hacks and exploits in 2022 saw $2.1B stolen
It’s been a turbulent year for the cryptocurrency industry — market prices have taken a huge dip, crypto giants have collapsed and billions have been stolen in crypto exploits and hacks. It was not even halfway through October when Chainalysis declared 2022 to be the “biggest year ever for hacking activity.” As of Dec. 29, the 10 largest exploits of 2022 have seen $2.1 billion stolen from crypto protocols. Below are those exploits and hacks, ranked from smallest to largest. 10: Beanstalk Farms exploit — $76M Stablecoin protocol Beanstalk Farms suffered a $76 million exploit on April 18 from an attacker using a flash loan to buy governance tokens. This was used to pass two proposals that inserted malicious smart contracts. The exploit was initially thought to have cost around $182 mil...
BitKeep exploiter used phishing sites to lure in users: Report
The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink. The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker. 【12-26 #BitKeep Hack Event Summary】1/n According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M. — OKLink (@OKLink) December 26, 2022 The report did not say how the malicious file stole the users’ keys in an unencrypted form. Howev...
Web3 projects would rather get hacked than pay bounty: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. Uniswap, one of the leading decentralized exchange platforms, is integrating debit and credit card support for its users. It will allow Uniswap users to buy cryptocurrency directly with their cards. An ex-employee caused Ankr protocol’s recent $5 million hack. The DeFi protocol alerted relevant authorities and is seeking to prosecute the attacker while shoring up its security practices. A Web3 developer has claimed that many crypto ecosystem projects would rather get hacked than pay bounties. After reporting and helping patch a smart contract vulnerability, the developer claims that the projects he helped started ...
DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss
Defrost Finance, a decentralized leveraged trading platform on Avalanche blockchain, announced that both of its versions — Defrost V1 and Defrost V2 — are being investigated for a hack. The announcement came after investors reported losing their staked Defrost Finance (MELT) and Avalanche (AVAX) tokens from the MetaMask wallets. Moments after a few users complained about the unusual loss of funds, Defrost Finance’s core team member Doran confirmed that Defrost V2 was hit with a flash loan attack. At the time, the platform believed that Defrost V1 was not impacted by the hack and decided to close down V2 for further investigation. Core team member Doran confirming attack on Defrost Finance. Source: Telegram At the time, the platform believed Defrost V1 was not impacted by the hack...
