Tag Archives: Hacking

The cross-chain DeFi protocol THORChain suffered another major hack for $8 million. Last week the protocol was drained with a further $8.3 million in a separate attack. THORChain Got Hit Again The decentralized cross-chain exchange THORChain experienced a “sophisticated attack” on its ETH Router. The protocol announced on Twitter that this time the perpetrators drained around $8 million worth of Ether: “THORChain has suffered a sophisticated attack on the ETH Router, around...

As Ethereum gas fees soared to record highs during the 2021 bull market, rendering many decentralized finance (DeFi) protocols unusable for casual users, several projects were forced to deploy on other chains. This created a huge surge in demand for cross-chain mechanisms – called bridges – able to securely transfer user assets from one chain to another. Cross-chain bridges can generally be divided into centralized custodial bridges (CCB) and Decentralized non-custodial...

THORChain is the latest DeFi project to be exploited, with estimations showing that the hackers might have swooped up to $7.6 million in digital assets. The team behind the decentralized exchange promised to make whole all affected users and requested the perpetrators to contact them to discuss the return of funds. THORChain highlighted the hack on Twitter earlier on July 16th. The amount stolen remains unconfirmed as the initial estimations showed that it was more than...

ChainSwap, a cross-chain asset bridge and application smart chain, has become the latest victim of the increasingly worrying exploits happening in the DeFi ecosystem that has caused the sector to lose hundreds of millions of dollars since the start of the year. What is ChainSwap? As a hub for smart chains, the ChainSwap protocol acts as a defi bridge for projects and users to seamlessly move assets between different blockchains like Ethereum (ERC20), Binance Smart Chain...

The United States Department of Justice said that it recovered over $2 million worth of bitcoin, which was the majority of the ransom paid by the U.S. oil pipeline giant Colonial Pipeline to cybercriminal group DarkSide. DoJ Recovers 63.7 BTC The DoJ made the announcement in a press release on Monday (June 7, 2021). According to it, the department retrieved 63.7 bitcoins, worth $2.1 million, at the time. The operation was undertaken by the Ransomware and Digital Extortion...

The Biden administration plans to enhance cryptocurrency tracking as part of macro endeavors to reduce the pain from ransomware attacks, said the Deputy Press Secretary. The government’s actions come amid several consecutive hacks on US soil. What is Ransomware and US Attacks? Ransomware attacks mean that the perpetrators infiltrate individuals or organizations to encrypt sensible information. By doing so, they cripple the victims’ operations and request some sort of a ransom...

The hacker managed to steal $6.2 million worth of BUSD, the Binance native USD-pegged stablecoin converted to ETH via 1inch DEX and partially withdrawn from Binance Smart Chain onto Ethereum. This hack was comparatively benign: only $6.2 million was stolen from Belt Finance’s massive $2.6 billion total value locked (TVL). The beltBUSD vault uses four strategies. A bug in the Elipsis strategy was used to leak out funds via the Venus strategy. The vault sends new deposits to...

Elliptic (a British blockchain security & analytics company) successfully traced DarkSide’s primary Bitcoin address, which contained over $90M in payments from 47 different victims. Ransomware As a Service – a Twisted Model DarkSide designs, creates and markets ransomware software to be sold to other cybercriminals who are able to locate the best targets. This type of software has the ability to lock down an entire system, making files and features on it inaccessible...

Pancake Bunny, Binance Smart Chain’s largest yield aggregator service, has suffered a flash loan attack in which over $44M was stolen by an outside exploiter. Pancake Bunny’s underlying native token, BUNNY, crashed from $150 to $1 within seconds. Bunny Fam Today at 10:34 UTC, PancakeBunny was attacked with an economic exploit that crashed the price of BUNNY. None of the vaults have been compromised. Team Bunny is currently working on solutions and will provide a report as...

The Binance Smart Chain continues to see some of the projects being built on it exploited. The latest was done by someone who had access to the PancakeSwap admin address. The Exploit It’s an age-old problem with smart contracts: randomness. Solidity has no native random function, and all sources of randomness have to be on-chain. Projects use things like block headers, transaction hashes, and more to create legitimate sources of randomness, but none are truly random – they...