Cryptocurrencies To Watch

Tag: Crypto Hack

  • Banana Gun Vows to Repay $3 Million Stolen From Users; Token Sees 7% Surge.

    Banana Gun Vows to Repay $3 Million Stolen From Users; Token Sees 7% Surge.

    Telegram-based mini-app Banana Gun experienced a security breach last week, affecting 11 users who collectively lost about $3 million in ETH. The exploiter transferred the stolen crypto assets to an unknown wallet address.

    In its latest tweet, The Banana Gun team promised to repay the stolen funds to affected users as soon as possible, adding that no tokens will be sold to finance the reimbursement.

    Banana Gun to Reimburse Hack Victims

    The Banana Gun team highlighted that the recent security breach affected a few users. The crew added that $3 million will be dedicated to reimbursing these affected users.

    Via an X post, the team revealed that the hacker targeted only smart money traders and veteran crypto traders known for their trading expertise and social media presence.

    The attacker processed the transactions manually, transferring chunks of ETH from the individual wallets one by one. At the same time, the users interacted with the bot and received notifications on their devices after each successful transaction by the hacker. Immediately after the team shut down the bot, the bad actor could not process any more transactions.

    Following the full refund announcement, investors have shown rekindled confidence in Banana Gun’s token, $BANANA. Within the past 24 hours, it has gained about 7% as it strives to regain its price before the exploit. Currently, $BANANA’s market capitalization is about $135 million.

    Banana Gun Fixes Security Issues

    The Banana Gun team revealed that the attack affected the company’s Ethereum Virtual mechanic (EVM) and Solana bots, even though they have different codebases and function independently.

    Additionally, proper examination showed a potential vulnerability in the Telegram Oracle that the project implemented, which may have led to the attack.

    Noting the errors that led to the exploit, the team has partnered with the AMLBot crypto recovery team, Seal team, and Binance Security team to fix the issues and ensure the safety of users’ funds.

    Moreover, the team has implemented additional security features, including a two-hour transfer delay and two-factor authentication (2FA) for transfers. It also thoroughly reviewed the project’s entire code, redeployed the backend, and switched to a new server.

  • DeFi Lender DeltaPrime Hacked for $6M in Fresh Exploit

    DeFi Lender DeltaPrime Hacked for $6M in Fresh Exploit

    DeltaPrime, a decentralized lending and borrowing platform, has been compromised in a major cyber attack. At press time, the hack has resulted in a loss of $6 million and could lead to more losses. The blockchain security protocol Cyvers reported details regarding the nature of the exploit via X (formerly Twitter).

    DeltaPrime Gets Hacked

    DeltaPrime became a multi-chain protocol in September 2023 when it expanded its reach to the Arbitrum network. Current findings concerning the hack show that the exploit was perpetrated only in this chain. Funds in the Avalanche blockchain remain unaffected, with no reported vulnerabilities or incidents, providing relief for users who invested in that network.

    Cyvers initially reported that the decentralized protocol hack was estimated at $4.5 million. However, a subsequent wave of malicious transactions escalated the total stolen amount to nearly $6 million. Highlighting how the hack was executed, the security protocol’s tweet wrote: the “attacker had control on the private key…then he upgraded the proxy.”

    The hacker took control of DeltaPrime’s admin wallet and manipulated the contracts to steal $5.98 million from the platform’s pools on Arbitrum. They did this by redirecting the contracts to a malicious one, allowing them to drain the funds. This method of exploit is known as contract hijacking.

    DeltaPrime Confirms Hack

    The protocol’s silence after the Cyver updates left users in fear, uncertainty, and doubt. DeltaPrime took to X a few hours later to confirm the hack reports. The project’s team acknowledged the exploit, adding that investigators are trying to determine how this happened. It confirmed that the Avalanche version has more robust security and wasn’t affected.

    DeltaPrime announced that the risk from the recent hack has been contained. It noted that the team is now focused on retrieving stolen assets and utilizing the insurance pool to cover potential losses. They claim to explore other additional measures to minimize user losses and will keep users informed of future updates via Discord and X.

    Notably, recent hacks involving Asian platforms WazirX and Indodax have yet to be resolved. Over $255 million was lost in both hacks.