Tag: Crypto Hack

A critical vulnerability in the Dogecoin network known as “DogeReaper,” which allowed a hacker to crash 69% of nodes, has been exposed. If exploited further, it could have potentially taken down the entire network. Surprisingly, the incident occurred after the Dogecoin Network developers claimed to have already released a security patch to fix the issue.

The DogeReaper Vulnerability Exposed

The DogeReaper vulnerability is a critical issue that could have allowed an attacker to crash any Dogecoin node remotely. The vulnerability was caused by a malformed AuxPow Coinbase, which could cause a Segmentation Fault in Dogecoin. This vulnerability is particularly concerning, as an attacker could have exploited it to disrupt the entire network.

AuxPow Coinbase refers to the first transaction in a block containing additional data proving the block was mined using the shared PoW algorithm to reward miners for their work. It is said to be malformed when the data is corrupted or incorrectly formatted, resulting in technical problems.

Two whitehat hackers, Tobias Ruck and Roqqit, discovered the network vulnerability and promptly notified the Dogecoin blockchain developers, detailing the vulnerability. Node operators were advised to update their software immediately. Notably, the latest incident affected nodes that did not upgrade to the newest patch, making them vulnerable to the attack.

After the vulnerability was publicly disclosed, a Bitcoiner claimed to be behind the latest hack. In response, the Dogecoin community called for increased awareness and education on security best practices to prevent similar incidents in the future.

Coinbase Response to DogeReaper Vulnerability

Coinbase, an American crypto exchange, is affected by the DogeReaper vulnerability due to its Dogecoin (DOGE) listing. As a validator in the Dogecoin network, the exchange operates nodes to support DOGE transactions and trading, which means vulnerabilities like DogeReaper can impact it.

The hackers reported their findings to Coinbase. However, the exchange’s response to the vulnerability has been criticized. Despite the potential severity of the vulnerability, Coinbase labeled it as “low” severity and “informative.” Furthermore, the exchange rewarded the hackers with a $200 bounty, which some consider inadequate given the vulnerability’s potential impact.

The incident reminds crypto users of the importance of ongoing security research and responsible disclosure in maintaining the integrity of blockchain networks. It also shows the need for node operators to stay up-to-date with the latest security patches and updates.

Japanese cryptocurrency exchange DMM Bitcoin has announced its plan to shut down operations some months after it suffered a devastating hack that resulted in the theft of approximately $321 million worth of digital assets.

SBI VC Trade to Take Over

Following the shutdown of the Japanese crypto exchange, SBI VC Trade, a cryptocurrency-focused division under the SBI Group, has issued a formal statement confirming its plans to procure the exchange’s assets.

An English translation of the Monday statement read:

“SBI VC Trade Co., Ltd., a consolidated subsidiary of SBI Holdings, Inc., which operates a cryptocurrency exchange business, is pleased to announce that the two companies have reached a basic agreement to accept the transfer of all accounts and assets held by DMM Bitcoin Co., Ltd., for the cryptocurrency trading service provided by DMM Bitcoin.”

As part of the agreement between the two companies, DMM Bitcoin customers’ assets, including their Japanese yen and cryptocurrencies, will be transferred to SBI VC Trade by March 2025.

The announcement further noted that SBI will be expanding its cryptocurrency trading options by adding 14 new spot trading items and that both companies will maintain open communication with their customers regarding the transfer details and timeline.

DMM Bitcoin Suffers $305M Hack

 DMM Bitcoin’s decision to shut down is hardly unexpected, as the company struggled to recover from a major cyber attack that occurred some months back. The severity of the attack was notable, ranking it among the largest and most impactful crypto exchange hacks of the year.

In May, DMM Bitcoin suffered a massive hack that resulted in the theft of approximately 4,502.9 BTC, worth around $305 million at the time. The hack happened when a private key linked to a wallet containing the bitcoins was compromised.

A month after the attack, the exchange obtained a 5 billion yen loan to support its recovery, with plans to raise an additional 50 billion yen through its corporate network and subordinated loans, ultimately aiming to raise $320 million to reimburse affected customers. However, all attempts to recover the lost funds failed.

Investigators suggested that the Lazarus Group, a notorious North Korean-backed cybercrime organization, was behind the DMM hack, with evidence indicating that the group laundered some of the stolen funds via the Huione Guarantee marketplace.

Leading crypto exchange Binance has warned its users about the latest approach scammers apply to rid users of their funds.

Binance Sounds Scam Alarm

According to the exchange’s recent blog post, the new scam approach involves impersonating staff and representatives from renowned organizations like Binance. In other words, the scammer may choose to steal the identity profile of a staff member of any organization of choice and use the profile to create a fake community on a social messaging platform like Telegram or WhatsApp.

The latest scam strategy involves manipulating unsuspecting victims into revealing personal data or transferring funds while pretending to be a Binance staff member executing a project.

It is worth noting that messaging apps such as WhatsApp, Discord, and Telegram have gradually become breeding grounds for scammers as they gain popularity among newbies who want to gain safe access to the crypto space. These communities claim to provide new users with helpful information on navigating the complexity of the crypto space.

Red Flags to Watch Out For

In a bid to provide users with useful information on how to tread cautiously within crypto communities, Binance has provided a detailed list of helpful tools for scrutinizing such communities and platforms.

Some included low-quality logo projections and distorted images. The leading exchange also encourages users to pay attention to incorrect grammar construction, wrong spellings, and misplaced punctuation marks. Users should also beware of clicking on unrecognized links. They are also encouraged to stay up to speed with the latest information on possible threats and security measures using verified platforms.

Scammers targeting crypto investors have become prevalent amid the bullish crypto market. Recently, a crypto user lost nearly $3 million to scammers via an address poisoning attack, one of the many exploit schemes hackers use to siphon funds.

Polter Finance, a decentralized non-custodial crypto borrowing and lending platform, was hit with a massive hack, resulting in a $12 million loss of its native token $Polter. The platform has paused transactions and involved local authorities in the hack investigation.

$12 Million Down the Drain

According to Polter Finance, the exploiter breached the system on Sunday, stealing about $12 million, the total value locked (TVL) on its lending platform.

When it noticed the exploit, the hacked platform notified users and investors on X of the latest development. It then shut down its platform to begin investigations and secure the system from further compromise.

After tracking the incident, Polter’s security team revealed that one of the exploiters’ wallets was linked to the crypto exchange Binance.

While the affected platform has not identified the primary cause or the nature of the hack, online security firm TenArmorAlert has revealed that it is a case of price oracle exploitation.

🚨TenArmor Security Alert🚨

A lending project, PolterFinance (@polterfinance), on #Fantom (#FTM) has been compromised, leading to an estimated loss of $12M!

Another case of price oracle exploitation!

The price of SpookySwap BOO token in the lending pool relied on the spot… pic.twitter.com/7fF9ToeaJF

— TenArmorAlert (@TenArmorAlert) November 17, 2024

Polter Wants Negotiation

After identifying the wallet, Polter Finance sent an on-chain message to the hacker, asking that they negotiate a price for refunding the stolen crypto to its address.

“To the exploiter: We are willing to negotiate and will not pursue legal action if the funds are returned promptly. Please send the funds to ftm: 0x6cA04114752e70645093f815c9C5713ebB7b67Da. For further communication, please reply to this message,” the hacked platform stated.

While the hacker has not replied to Polter’s message, it has contacted Security Alliance, a non-profit blockchain security firm, to assist with investigating the exploit. 

Polter Involves Police

Continuing its investigation, Polter Finance’s founder, identified as Whichghost, has filed a report with the Singapore Police Force concerning the incident.

The report noted that the platform founder owns only about $223k of the stolen funds, while the rest belongs to lenders who deposited on the platform and that the hack must have been from its newly deployed smart contract and not due to disclosure of private information.

Like Polter, other DeFi protocols have suffered security breaches. One is DeltaPrime, which lost about $4.5 million to an exploit last week.

On Monday, a scam victim identified as Still in the Game posted on X that his wallet was drained of over 95 million GIGA tokens worth about $6 million from clicking a phishing link. The scammer sold the stolen cryptos, leading the GIGA token to dump by more than 80% in less than five minutes.

Just want to be transparent – the massive sell on $GIGA today was due to one of my wallets being drained by a fake zoom link

This hurts bad but I will be back. I will always stay in the game

Please be careful out there and never click any links from those you don’t know…

— Still in the Game (@stigstigstig_) November 11, 2024

How It Happened

According to the victim, he clicked a fake Zoom meeting link, which redirected him to a scammer site. The phony website installed malware on his laptop, giving the scammer access to sensitive information.

Providing further insight into the incident, on-chain security and investigation firm Scam Sniffer noted that the Zoom phishing link is a new trap. 

Comparing the links, us02web.zoom[.]us is the legitimate link for Zoom meetings, while us04-zoom[.]us is the scammer’s link. Therefore, every internet user should carefully note the difference in the URLs to avoid falling victim to such a trap.

The Sniffer team also revealed that clicking the link automatically installs malware on the user’s device. This malware immediately scans the device for wallet data, collects private keys and passwords, steals sensitive information, and transfers the accumulated data to the hacker.

Hacker Moves Funds

According to a crypto analytic firm, Onchain Lens, the scammer didn’t delay moving the stolen funds. First, he sold his realized 95.27 million $GIGA for 11,759 Sol valued at $2.1 million. 

Thereafter, he converted the Sol to USDT and USDC and moved them to another address. As of the time of writing, the scammer’s last transaction was a 700 Sol transfer to the KuCoin exchange.

Notably, Onchain Lens identified the scammer’s addresses in its tweet.

Crypto Scams Skyrocket

While crypto and blockchain technology promote transaction transparency, scammers have devised various means to steal funds from investors, firms, and traders. 

In a recent incident, DeFi protocol, DeltaPrime suffered a system exploit, which affected its Arbitrium and Avalanche tokens, leading to a loss of about $4.5 million.

Meanwhile, in September, the crypto market lost about $120 million in over 20 hacks, ranking as the second-best month with the fewest hacks.

DeltaPrime, a decentralized finance (DeFi) protocol, was hacked on November 11. The attack affected its Avalanche (AVAX) and Arbitrum (ARB) platforms, leading to a loss of nearly $4.8 million. The protocol has lost about $10.8 million to hackers within the last two months.

As the crypto market goes bullish, many exploiters are actively looking for opportunities to steal funds from many crypto protocols, firms, and investors. This underscores the importance of maintaining proper funds security when navigating the ecosystem amid the jump in crypto prices.

$4.8 Million Swept Off

Starting Monday, DeltaPrime announced that its system has been exploited via a post on X, warning users to halt using the affected blockchains while the team fixes the issues that led to the hack.

Providing further information on the hack, on-chain transactions reporter Peckshield revealed that the unknown exploiter has already begun moving and carrying out transactions with the stolen funds using different protocols.

The hacker used about $1.4 million in supply liquidity to the decentralized crypto exchange LFJ (formerly known as Trader Joe) and farmed USD Coin (USDC) on the cross-chain liquidity platform Stargate.

Not the First Hack

Notably, this is not the first time DeltaPrime has been exploited this year. In September, hackers breached the project’s admin wallet, tampered with the contracts, and sent about $6 million worth of cryptos to unknown malicious addresses.

Since then, the protocol has not successfully recovered the stolen funds, and it has been hit with another second hack of $4.5 million. With the frequent hacks leading to fund loss, the not-up-to-two-year-old DeFi protocol has lost the trust of its users.

Crypto Hacks on the Rise

Sadly, the crypto industry has recorded massive hacks since this year leading to great losses from individual and institutional crypto investors across the globe as many new investors are in fear of stepping into the industry.

One of the most popular hacks of the year is the massive $234 million that hit WazirX, the largest Indian crypto exchange, in July. After investigating and taking security actions for months, the affected exchange is set to resume trading and will launch a new decentralized exchange (DEX), which will help ensure the safety of its user’s funds.

Blockchain security firm PeckShield highlighted via a recent tweet that the crypto market experienced some challenges in September, which included over 20 hack incidents resulting in losses exceeding $120 million.

September Top Hacks

BingX, a Singapore-based crypto exchange, suffered the largest hack of September, losing over $44 million in a hot wallet breach. The hackers targeted multiple blockchains, including Ethereum, Binance Smart Chain, and Base. The platform vowed to cover all losses from its capital and will work with security firms to recover the stolen funds.

The second-largest hack of September targeted the Penpie protocol, a decentralized finance platform hosted on Pendle Finance. The exploit, which occurred on September 3, resulted in a loss of $27 million in client funds. The project’s officials reassured users that their funds were unaffected by the attack.

Indonesia’s largest crypto exchange, Indodax, was ranked the victim of the third-largest hack of September. Similar to the BingX attack, the hackers exploited a vulnerability in the platform’s withdrawal system. According to data from PeckShield, the cyber attacker stole $21 million worth of assets from Indodax’s hot wallet.

In addition to the top three exploits, other hacks in September included Deltaprime, Onyx, and BananaGun. All three resulted in over $12.5 million in lost funds.

Notably, the September hack record showed hackers’ interest in the Asian crypto market. Two of the month’s major hack victims, BingX and Indodax, are Asian crypto exchanges. This follows the biggest hack of the year, targeted at WazirX, another Asian-based platform.

September Ranks 2nd Best Month

PeckShield reports that September is not the worst month of the year. It is the second-best month so far, with fewer hacks, following April, which lost only $60 million to hacks.

While there were exploits in September, May remains the worst month for crypto hacks this year, with $574.6 million stolen. The most significant incident was the $308 million breach at DMM Bitcoin, while Coinbase suffered an $18 million account drain.

Data from PeckShied reveals that February 2024 is the second-worst month for crypto hacks, with over $360 million in losses. The month’s most notable incident was the $290 million PlayDapp breach.