Tag Archives: Crime

Russian-speaking threat actors who come from former Soviet Union are the primary drivers of various types of crypto-related cybercrime, including ransomware, illegal crypto exchanges, and darknet markets, according to the latest report by TRM Labs. In fact, ransomware groups that speak Russian were also found to be responsible for at least 69% of all ransomware earnings in 2023, totaling over $500 million. Russian-Speaking Threat Actors Dominate In its latest report,...

Wazir X issued a report on Thursday, with new revelations of the $235 million hack, stating all indicators point to the custody service provider it relies on, Liminal Custody. According to the report, the custodian may have suffered a security breach, causing it to approve a transaction to a fraudulent wallet address. Nothing seemed suspicious at the surface level. “In this cyber attack, the malicious transactions involved signatures from three WazirX signers and one from Liminal, confirming...

Defunct lending platform BlockFi has secured claims from FTX, allowing it to repay customers and creditors whose funds were tied because it failed in 2022. Its plan administrator, Mohsin Y. Meghji, submitted a report to the U.S. Bankruptcy Court for the District of New Jersey, stating BlockFi closed a transaction, letting it monetize about $874.5 million. According to a press release issued by the firm, “Following the settlement with FTX in March 2024 that allowed BlockFi to receive $874.5...

The entity behind a bot that extracted $7.6 million from Rho Markets last week has returned the funds to the liquidity and lending protocol deployed on the rollup chain Scroll. While first reported that a bug in an oracle contract allowed an attacker to walk away with the funds, it was a bot that conducted an MEV (maximum extractable value) attack. That occurred due to the reported issue with the oracle. The attacker also left an on-chain message on the transaction siphoning the funds,...

Fractal ID, an on-chain identity platform, suffered a hack on July 14th, 2024, causing the sensitive data of 0.5% of its users, or 6,300 accounts, to be revealed to the bad actors. Analysis of the incident revealed that the breach occurred due to an operator with admin controls setting an insecure password in 2022. The password was a reused one, breaking operational security best practices and allowing the hacker to grab sensitive user-related data, including wallet addresses, KYC details,...

As hackers tied to the North Korean Lazarus Group made away with $230 million from WazirX’s multisig cold wallet on July 18, the Indian centralized exchange (CEX) has announced a bug bounty program. It will hopefully allow the attacked platform to track the flow of assets as the hackers try to liquidate them and let WazirX seize them on other CEXs during liquidation efforts. The exchange wrote on X, “We’re reaching out to 500+ exchanges to block the identified addresses. Many exchanges are...

Crypto liquidity layer and lending protocol Rho Markets was exploited for $7.6 million. Bad actors took advantage of an Oracle contract deployed on the Scroll chain, allowing them to drain the amount in USDT and USDC stablecoins. Blockchain security firm relayed the oracle attack through an X post, “@RhoMarketsHQ has announced that they have detected unusual activity on their platform on #Scroll chain and paused the platform! Root cause of this incident seems to be an oracle access control...

The WazirX hackers, purported to be part of the North Korean Lazarus Group, have converted the altcoins from their loot into ETH. Wallet activity shows $90.2 million worth of SHIB, $10.2 million of MATIC, and about $7.5 million of PEPE exchanged for ETH. As the hack concluded, the bad actors held $52 million in ETH. Now, that amount has risen to $201 million after the conversions. Spot On Chain, an on-chain insights firm, posted on X, “The total $ETH holding of #WazirX exploiter has risen to...

LI.FI, a bridging API connecting numerous blockchains that allows users to port assets cross-chain to use on DeFi protocols and other applications, was hacked a few days ago. While the amount of funds increased as the hack progressed, about $11.6 million got stolen from the protocol. LI.FI let its community know how this incident occurred. It integrated a new smart contract facet, shortly after which it experienced the attack. In its blog, LI.FI stated, “A vulnerability in this facet allowed...

Mt. Gox creditors reported hackers trying to log into their accounts multiple times, with the defunct exchange sending them notifications through numerous failed attempts. As the exchange began paying its creditors, cybercriminals focused on breaking into their accounts to siphon large sums of bitcoin and Bitcoin Cash. Reddit users on the r/mtgoxinsolvency subreddit posted their experiences, confused about what to do now that they experienced the hacking attempts. User u/ovkovk posted, “Just...