CertiK
331,108 views
95 Posts
Hot
Latest
**Today's Top Crypto News: š**
1. **Tether $USDT** is set to invest $150 million in the mining company Bitdeer.
2. **EOS Network $EOS ** has announced a major overhaul of its tokenomics.
3. **DMM Bitcoin**, a Japanese exchange, was hacked, losing $350 million.
4. **Uniswap $UNI ** has postponed the vote on its scheduled upgrade.
5. **Shibarium $SHIB ** update significantly boosts the networkās token burn.
6. **US Core PCE Price Index** for April stands at 2.8% year-on-year.
7. **Bitcoin Spot ETF** saw a total net inflow of $48.70 million on May 30.
8. **Certik** launched āCertik Venturesā to foster ecosystem development.
#CryptoNewsšš„ #EthereumSignal #Uniswapās #EOS/RAM #CertiK
1. **Tether $USDT** is set to invest $150 million in the mining company Bitdeer.
2. **EOS Network $EOS ** has announced a major overhaul of its tokenomics.
3. **DMM Bitcoin**, a Japanese exchange, was hacked, losing $350 million.
4. **Uniswap $UNI ** has postponed the vote on its scheduled upgrade.
5. **Shibarium $SHIB ** update significantly boosts the networkās token burn.
6. **US Core PCE Price Index** for April stands at 2.8% year-on-year.
7. **Bitcoin Spot ETF** saw a total net inflow of $48.70 million on May 30.
8. **Certik** launched āCertik Venturesā to foster ecosystem development.
#CryptoNewsšš„ #EthereumSignal #Uniswapās #EOS/RAM #CertiK
CertiK Uncovers High-Risk Vulnerability in Telegram Desktop App
CertiK, a blockchain security company, recently revealed a significant security flaw within the #Telegram messaging app that puts users at risk of cyber-attacks. The announcement was made on April 9 via the social media site X, where CertiK Alert highlighted a dangerous vulnerability that could enable attackers to carry out remote code execution (RCE) attacks by exploiting Telegramās media processing capabilities.
The vulnerability, identified in the media processing functions of the Telegram Desktop application, can be triggered by attackers using maliciously crafted media files, including images and videos. CertiK's investigation pinpointed a specific RCE attack vector within these processes, signaling a direct threat to users.
A #CertiK spokesperson, in conversation with Cointelegraph, clarified that this vulnerability is unique to the desktop version of Telegram. The mobile version is safer in this regard since it doesn't execute executable files directly, a process that typically requires digital signatures for additional security. This information was shared in response to concerns raised within the security community.
For those using Telegram on desktop devices, CertiK advises reviewing and adjusting the applicationās settings to mitigate the risk. Specifically, users should disable the auto-download feature to prevent the automatic processing of potentially dangerous files. This precaution can be taken by accessing the āSettingsā menu, followed by the āAdvancedā options, where the auto-download functionality can be turned off.
CertiK, a blockchain security company, recently revealed a significant security flaw within the #Telegram messaging app that puts users at risk of cyber-attacks. The announcement was made on April 9 via the social media site X, where CertiK Alert highlighted a dangerous vulnerability that could enable attackers to carry out remote code execution (RCE) attacks by exploiting Telegramās media processing capabilities.
The vulnerability, identified in the media processing functions of the Telegram Desktop application, can be triggered by attackers using maliciously crafted media files, including images and videos. CertiK's investigation pinpointed a specific RCE attack vector within these processes, signaling a direct threat to users.
A #CertiK spokesperson, in conversation with Cointelegraph, clarified that this vulnerability is unique to the desktop version of Telegram. The mobile version is safer in this regard since it doesn't execute executable files directly, a process that typically requires digital signatures for additional security. This information was shared in response to concerns raised within the security community.
For those using Telegram on desktop devices, CertiK advises reviewing and adjusting the applicationās settings to mitigate the risk. Specifically, users should disable the auto-download feature to prevent the automatic processing of potentially dangerous files. This precaution can be taken by accessing the āSettingsā menu, followed by the āAdvancedā options, where the auto-download functionality can be turned off.
Breaking: CertiKās $3m Kraken spat: Hacker used the same bug to exploit other exchanges week before
There's a new twist in the CertiK white-hat hacking saga.Onchain records show that at an earlier date someone tried to exploit the same bug the auditor discovered in Kraken.
The bug that #Kraken said it patched had been used to exploit other centralised exchanges as early as last month, according to multiple crypto security experts.
Thatās the latest development in the saga of two major crypto players, US-based exchange Kraken and auditor #CertiK .
On Wednesday, Kraken said it patched a ācriticalā bug that allowed millions of dollars in crypto to be erroneously withdrawn from the US-based exchange.
CertiK came under fire after it admitted to being behind the exploit of that bug. The firm withdrew $3 million from Kraken over several days in early June.
After a public back-and-forth, CertiK returned all the funds it took and called its actions a white-hat operation, meaning they ostensibly acted as ethical hackers with the intention of identifying and fixing security vulnerabilities rather than exploiting them for malicious purposes.
Onchain records firstĀ identifiedĀ by security platform Hexagate, and confirmed toĀ DL NewsĀ by multiple other security researchers, show a hacker attempted to exploit other crypto exchanges Ā ā using the same bug as early as May 17.
Those attempts came three weeks before CertiK said it found the bug on Kraken on June 5.
āWe have no evidence these exchanges have been impacted,ā Hexagate posted on X. āWe only traced onchain evidence for similar activity.ā
Centralised crypto exchanges hold a gargantuan amount of crypto on their customersā behalf. The top five crypto exchanges that have publicly disclosed their wallet addresses hold a combined $172 billion worth of crypto, per DefiLlamaĀ data.
CertiK didnāt immediately respond toĀ DL Newsā request for comment.
Attempted exploits
The records highlighted by Hexagate show a hacker attempted to use a so-called ārevertā attack to trick centralised exchanges into letting them withdraw funds.
To do that, the hacker created a smart contract that contains a transaction to deposit funds to a centralised exchange. The contract is engineered so that the main transaction succeeds but the deposit reverts.
This tricks the exchange into thinking a user has deposited funds when they havenāt. The hacker then requests a withdrawal from the exchange, debiting the fake deposit amount.
nchain records show multipleĀ attemptsĀ to use such a contract when depositing funds to Binance took place on BNB Chain on May 17.
Between May 29 and June 5, the same address, as well as another that was funded by it, made similar attempts on OKX, BingX andĀ Gate.ioĀ on BNB Chain, Arbitrum, and Optimism.
Is CertiK involved?
Although CertiK first disclosed the revert attack publicly, thereās no proof it was involved in those earlier attacks.
Smart contracts functions each have a so-called signature hash they can be identified by.
In the case of the revert attack contract, the signature hash isnāt available, meaning the name of the function isnāt publicly known, a security researcher who wished to remain anonymous toldĀ DL News.
This means the function name for the revert attack is known onto CertiK or someone else has used exactly the same name as well, the researcher said.
The bug that #Kraken said it patched had been used to exploit other centralised exchanges as early as last month, according to multiple crypto security experts.
Thatās the latest development in the saga of two major crypto players, US-based exchange Kraken and auditor #CertiK .
On Wednesday, Kraken said it patched a ācriticalā bug that allowed millions of dollars in crypto to be erroneously withdrawn from the US-based exchange.
CertiK came under fire after it admitted to being behind the exploit of that bug. The firm withdrew $3 million from Kraken over several days in early June.
After a public back-and-forth, CertiK returned all the funds it took and called its actions a white-hat operation, meaning they ostensibly acted as ethical hackers with the intention of identifying and fixing security vulnerabilities rather than exploiting them for malicious purposes.
Onchain records firstĀ identifiedĀ by security platform Hexagate, and confirmed toĀ DL NewsĀ by multiple other security researchers, show a hacker attempted to exploit other crypto exchanges Ā ā using the same bug as early as May 17.
Those attempts came three weeks before CertiK said it found the bug on Kraken on June 5.
āWe have no evidence these exchanges have been impacted,ā Hexagate posted on X. āWe only traced onchain evidence for similar activity.ā
Centralised crypto exchanges hold a gargantuan amount of crypto on their customersā behalf. The top five crypto exchanges that have publicly disclosed their wallet addresses hold a combined $172 billion worth of crypto, per DefiLlamaĀ data.
CertiK didnāt immediately respond toĀ DL Newsā request for comment.
Attempted exploits
The records highlighted by Hexagate show a hacker attempted to use a so-called ārevertā attack to trick centralised exchanges into letting them withdraw funds.
To do that, the hacker created a smart contract that contains a transaction to deposit funds to a centralised exchange. The contract is engineered so that the main transaction succeeds but the deposit reverts.
This tricks the exchange into thinking a user has deposited funds when they havenāt. The hacker then requests a withdrawal from the exchange, debiting the fake deposit amount.
nchain records show multipleĀ attemptsĀ to use such a contract when depositing funds to Binance took place on BNB Chain on May 17.
Between May 29 and June 5, the same address, as well as another that was funded by it, made similar attempts on OKX, BingX andĀ Gate.ioĀ on BNB Chain, Arbitrum, and Optimism.
Is CertiK involved?
Although CertiK first disclosed the revert attack publicly, thereās no proof it was involved in those earlier attacks.
Smart contracts functions each have a so-called signature hash they can be identified by.
In the case of the revert attack contract, the signature hash isnāt available, meaning the name of the function isnāt publicly known, a security researcher who wished to remain anonymous toldĀ DL News.
This means the function name for the revert attack is known onto CertiK or someone else has used exactly the same name as well, the researcher said.
š¢ @cronos_chain has partnered with @CertiK
#Cronos - The first blockchain that interoperates with both Ethereum and Cosmos ecosystems.
#CertiK provides a formal verification platform for smart contracts and blockchain ecosystems.
#Crypto #CryptoNews
#Cronos - The first blockchain that interoperates with both Ethereum and Cosmos ecosystems.
#CertiK provides a formal verification platform for smart contracts and blockchain ecosystems.
#Crypto #CryptoNews
Hey #CertiK did you know you can throw that $3m into Kim and take home a fat stack of rewards with some of the highest APRs in crypto rn?
Oh, and donāt forget to stake your $xKIM to boost it up.
Oh, and donāt forget to stake your $xKIM to boost it up.
Š„Š°ŠŗŠµŃŃ Š²Š·Š»Š¾Š¼Š°Š»Šø X-Š°ŠŗŠŗŠ°ŃŠ½Ń Š°ŃŠ“ŠøŃŠ¾ŃŠ¾Š² CertiK Šø Š¾ŠæŃŠ±Š»ŠøŠŗŠ¾Š²Š°Š»Šø Š²ŃŠµŠ“Š¾Š½Š¾ŃŠ½ŃŃ ŃŃŃŠ»ŠŗŃ Ń ŃŠµŠ¹ŠŗŠ¾Š¼ Š¾ Š²Š·Š»Š¾Š¼Šµ Uniswap
ŠŠµŠøŠ·Š²ŠµŃŃŠ½ŃŠµ Š²Š·Š»Š¾Š¼Š°Š»Šø Š°ŠŗŠŗŠ°ŃŠ½Ń Š°ŃŠ“ŠøŃŠ¾ŃŃŠŗŠ¾Š¹ Š±Š»Š¾ŠŗŃŠµŠ¹Š½-ŠŗŠ¾Š¼ŠæŠ°Š½ŠøŠø CertiK Š² X (ŃŠ°Š½ŠµŠµ Twitter (NYSE:TWTR)) Šø ŃŠ°Š·Š¼ŠµŃŃŠøŠ»Šø Š² Š½ŠµŠ¼ ŃŠµŠ¹ŠŗŠ¾Š²ŃŃ Š½Š¾Š²Š¾ŃŃŃ Š¾Š± Š¾Š±Š½Š°ŃŃŠ¶ŠµŠ½ŠøŠø ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠŗŠ¾Š½ŃŃŠ°ŠŗŃŠµ Š“ŠµŃŠµŠ½ŃŃŠ°Š»ŠøŠ·Š¾Š²Š°Š½Š½Š¾Š¹ Š±ŠøŃŠ¶Šø (DEX) Uniswap. ŠŠ»Š¾ŃŠ¼ŃŃŠ»ŠµŠ½Š½ŠøŠŗŠø Š¾Ń ŠøŠ¼ŠµŠ½Šø CertiK ŠæŃŠøŠ·Š²Š°Š»Šø ŠæŠ¾Š“ŠæŠøŃŃŠøŠŗŠ¾Š² Š¾ŃŠ¾Š·Š²Š°ŃŃ Š²ŃŠµ ŃŠ°Š·ŃŠµŃŠµŠ½ŠøŃ Š½Š° ŠøŃŠæŠ¾Š»ŃŠ·Š¾Š²Š°Š½ŠøŠµ ŠŗŠ¾Š½ŃŃŠ°ŠŗŃŠ° Ń ŠæŠ¾Š¼Š¾ŃŃŃ ŠøŠ½ŃŃŃŃŠ¼ŠµŠ½ŃŠ° Revoke Cash, ŠæŃŠøŠŗŃŠµŠæŠøŠ² Šŗ ŠæŠ¾ŃŃŃ ŃŠµŠ¹ŠŗŠ¾Š²ŃŃ Š²ŃŠµŠ“Š¾Š½Š¾ŃŠ½ŃŃ ŃŃŃŠ»ŠŗŃ.
ŠŃŃŠ¾ŃŠ½ŠøŠŗ: Twitter.com
#CertiK
ŠŠµŠøŠ·Š²ŠµŃŃŠ½ŃŠµ Š²Š·Š»Š¾Š¼Š°Š»Šø Š°ŠŗŠŗŠ°ŃŠ½Ń Š°ŃŠ“ŠøŃŠ¾ŃŃŠŗŠ¾Š¹ Š±Š»Š¾ŠŗŃŠµŠ¹Š½-ŠŗŠ¾Š¼ŠæŠ°Š½ŠøŠø CertiK Š² X (ŃŠ°Š½ŠµŠµ Twitter (NYSE:TWTR)) Šø ŃŠ°Š·Š¼ŠµŃŃŠøŠ»Šø Š² Š½ŠµŠ¼ ŃŠµŠ¹ŠŗŠ¾Š²ŃŃ Š½Š¾Š²Š¾ŃŃŃ Š¾Š± Š¾Š±Š½Š°ŃŃŠ¶ŠµŠ½ŠøŠø ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŠø Š² ŠŗŠ¾Š½ŃŃŠ°ŠŗŃŠµ Š“ŠµŃŠµŠ½ŃŃŠ°Š»ŠøŠ·Š¾Š²Š°Š½Š½Š¾Š¹ Š±ŠøŃŠ¶Šø (DEX) Uniswap. ŠŠ»Š¾ŃŠ¼ŃŃŠ»ŠµŠ½Š½ŠøŠŗŠø Š¾Ń ŠøŠ¼ŠµŠ½Šø CertiK ŠæŃŠøŠ·Š²Š°Š»Šø ŠæŠ¾Š“ŠæŠøŃŃŠøŠŗŠ¾Š² Š¾ŃŠ¾Š·Š²Š°ŃŃ Š²ŃŠµ ŃŠ°Š·ŃŠµŃŠµŠ½ŠøŃ Š½Š° ŠøŃŠæŠ¾Š»ŃŠ·Š¾Š²Š°Š½ŠøŠµ ŠŗŠ¾Š½ŃŃŠ°ŠŗŃŠ° Ń ŠæŠ¾Š¼Š¾ŃŃŃ ŠøŠ½ŃŃŃŃŠ¼ŠµŠ½ŃŠ° Revoke Cash, ŠæŃŠøŠŗŃŠµŠæŠøŠ² Šŗ ŠæŠ¾ŃŃŃ ŃŠµŠ¹ŠŗŠ¾Š²ŃŃ Š²ŃŠµŠ“Š¾Š½Š¾ŃŠ½ŃŃ ŃŃŃŠ»ŠŗŃ.
ŠŃŃŠ¾ŃŠ½ŠøŠŗ: Twitter.com
#CertiK
CertiK unveils CertiK Ventures
#CertiK has unveiled #CertiKVentures , focusing on nurturing next-gen onchain platforms. With a focus on security-first projects, CertiK Ventures aims to foster pioneering technologies and cultivate vital ecosystem collaborations. Drawing from CertiK's deep-rooted expertise in blockchain security, the initiative is committed to offering unparalleled support and resources to its selected portfolio companies.
#CertiK has unveiled #CertiKVentures , focusing on nurturing next-gen onchain platforms. With a focus on security-first projects, CertiK Ventures aims to foster pioneering technologies and cultivate vital ecosystem collaborations. Drawing from CertiK's deep-rooted expertise in blockchain security, the initiative is committed to offering unparalleled support and resources to its selected portfolio companies.
Liquidity Manager Exploited in a Cyberattack for $1.8 Million
A hacker acquired the private key for liquidity management through a sophisticated social engineering attack. This key breach allowed the hacker to create new tokens, subsequently liquidate them, and drain financial resources.
Concentric Under Attack: Protocol Misuse on Arbitrum
Through the misuse of the private key, the Concentric application, managing liquidity on the #Arbitrum network, was compromised. The attacker modified the protocol's vaults using this key, created new LP tokens, and then depleted their assets, as reported by the Concentric team.
Ā
Ā
Security Warning for Concentric Users
Users are urged to revoke all approvals for vault addresses listed in the protocol's documentation as a precautionary measure.
Ā Financial Losses and Possible Link to Another Attack
The security platform #CertiK reported losses exceeding $1.8 million. Moreover, the attacker's wallet is linked to a wallet that previously exploited the decentralized exchange OKX, suggesting a possible connection between the two incidents.
Ā
Ā
Response and Investigation by the Concentric Team
The Concentric team announced the commencement of a thorough investigation and is preparing a post-mortem report with a plan to address vulnerabilities. They emphasize their commitment to restoring the security and integrity of the Concentric protocol.
Growing Popularity of Liquidity Management Protocols
Popularity Increase Following Uniswap's 2021 Innovation
Liquidity management protocols, which allow setting price ranges and rebalancing funds on decentralized exchanges, gained popularity following the introduction ofĀ "concentrated liquidity"Ā by Uniswap. This innovation allows liquidity providers to better control the prices at which their assets can be traded.
Ā Another Case of Attack: Gamma Protocol
Another liquidity manager, Gamma Protocol, faced an attack in early January, where nearly half a million dollars were drained through vulnerabilities in smart contracts. These two attacks appear to be unrelated, as they employed different methods.
#BTC #ETF
Ā Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.ā
Ā
Concentric Under Attack: Protocol Misuse on Arbitrum
Through the misuse of the private key, the Concentric application, managing liquidity on the #Arbitrum network, was compromised. The attacker modified the protocol's vaults using this key, created new LP tokens, and then depleted their assets, as reported by the Concentric team.
Ā
Ā
Security Warning for Concentric Users
Users are urged to revoke all approvals for vault addresses listed in the protocol's documentation as a precautionary measure.
Ā Financial Losses and Possible Link to Another Attack
The security platform #CertiK reported losses exceeding $1.8 million. Moreover, the attacker's wallet is linked to a wallet that previously exploited the decentralized exchange OKX, suggesting a possible connection between the two incidents.
Ā
Ā
Response and Investigation by the Concentric Team
The Concentric team announced the commencement of a thorough investigation and is preparing a post-mortem report with a plan to address vulnerabilities. They emphasize their commitment to restoring the security and integrity of the Concentric protocol.
Growing Popularity of Liquidity Management Protocols
Popularity Increase Following Uniswap's 2021 Innovation
Liquidity management protocols, which allow setting price ranges and rebalancing funds on decentralized exchanges, gained popularity following the introduction ofĀ "concentrated liquidity"Ā by Uniswap. This innovation allows liquidity providers to better control the prices at which their assets can be traded.
Ā Another Case of Attack: Gamma Protocol
Another liquidity manager, Gamma Protocol, faced an attack in early January, where nearly half a million dollars were drained through vulnerabilities in smart contracts. These two attacks appear to be unrelated, as they employed different methods.
#BTC #ETF
Ā Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.ā
Ā
ššBreaking: Urgent Security Warning - please sharešš
#CertiK X ACCOUNT COMPROMISEDšØ
- Reports are circulating like wildfire that security firm, #CertiK , has had its X/Twitter account compromised.
- The account, which currently boasts more than 340K followers, reportedly posted a malicious and fake #RevokeCash link (see attached image).
- Some third party tools warned users that the link was connected to known scam addresses.
- The post has since been deleted and Certik is yet to release any form of official statement on the matter from the account itself.
- That said, RevokeCashās account has confirmed the reports and offered further guidance on avoiding such phishing scams.
- #Crypto users are advised to stay vigilant and refrain from connecting their wallets via any link that is not confirmed to be legitimate.
š„Stay safe, #Catchers šØ
#CertiK X ACCOUNT COMPROMISEDšØ
- Reports are circulating like wildfire that security firm, #CertiK , has had its X/Twitter account compromised.
- The account, which currently boasts more than 340K followers, reportedly posted a malicious and fake #RevokeCash link (see attached image).
- Some third party tools warned users that the link was connected to known scam addresses.
- The post has since been deleted and Certik is yet to release any form of official statement on the matter from the account itself.
- That said, RevokeCashās account has confirmed the reports and offered further guidance on avoiding such phishing scams.
- #Crypto users are advised to stay vigilant and refrain from connecting their wallets via any link that is not confirmed to be legitimate.
š„Stay safe, #Catchers šØ
CertiK: New token creation fell to lowest level since early 2021 in Q3
According to CertiK data, new token creation fell to the lowest level since early 2021 in the third quarter. Data shows that approximately 293 new tokens were added in the third quarter, down from 366 in the second quarter and 449 in the same period last year. During the peak of the cryptocurrency bull market in Q4 2021, approximately 1,261 new coins were created. #Blockchain #CertiK #BinanceBlockchainWeek
According to CertiK data, new token creation fell to the lowest level since early 2021 in the third quarter. Data shows that approximately 293 new tokens were added in the third quarter, down from 366 in the second quarter and 449 in the same period last year. During the peak of the cryptocurrency bull market in Q4 2021, approximately 1,261 new coins were created. #Blockchain #CertiK #BinanceBlockchainWeek
CertiK identified a vulnerability in the Wormhole bridge on the Aptos blockchain, and the technical team quickly fixed it, preventing potential attacks that could have created fake token transactions.
#CertiK #wormhole #Aptosļ»æ #MicroStrategy #buythedip
#CertiK #wormhole #Aptosļ»æ #MicroStrategy #buythedip
In the rapidly evolving landscape of blockchain technology, #ChainGPT emerged as a beacon of innovation, harnessing the power of AI to revolutionize the sector.
šChainGPT's security architecture, now stronger than ever, showcases a 91.23 Security Score & top 10% market rank.
Key technical strides:
āŖļøFlawless KYC Gold complianceš
āŖļøStrategic bug bounty defensesš¼
āŖļøEnhanced operational resilienceš§
Testimonial:
āCertik is the best Web3 security company we've ever worked with at ChainGPT. They take security seriously, and their audits are the best we've ever seen, leaving no room for vulnerabilities. On top of that, SkyNet is a fantastic addition to track our live security parameters from on-chain & off-chain activity, exchanges health, website security, etc. Certik gives the ChainGPT team and community peace of mind." - Ilan Rakhmanov, CEO of ChainGPT.ā
#CertiK #Launchpad
šChainGPT's security architecture, now stronger than ever, showcases a 91.23 Security Score & top 10% market rank.
Key technical strides:
āŖļøFlawless KYC Gold complianceš
āŖļøStrategic bug bounty defensesš¼
āŖļøEnhanced operational resilienceš§
Testimonial:
āCertik is the best Web3 security company we've ever worked with at ChainGPT. They take security seriously, and their audits are the best we've ever seen, leaving no room for vulnerabilities. On top of that, SkyNet is a fantastic addition to track our live security parameters from on-chain & off-chain activity, exchanges health, website security, etc. Certik gives the ChainGPT team and community peace of mind." - Ilan Rakhmanov, CEO of ChainGPT.ā
#CertiK #Launchpad
Outstanding #Memecoins audited by @CertiK š”ļøā
$PEPE $FLOKI $SHIB
#BullorBear #SHIB #memecoinā ā ā ā #CertiK
$PEPE $FLOKI $SHIB
#BullorBear #SHIB #memecoinā ā ā ā #CertiK
Security Experts Warn of Telegram Channels Spreading Cryptocurrency Scams
The Web3 security company CertiK has unveiled a widespread scam operation across various Telegram channels, leading to significant financial losses and undermining trust in the cryptocurrency space.
Telegram has become a popular platform for communication among cryptocurrency enthusiasts, which scammers exploit by hiring actors to promote fake cryptocurrencies through Telegram channels.
How Scammers Exploit Telegram for Cryptocurrency Schemes
CertiK, a renowned blockchain security firm, is closely monitoring the activities of scammers organizing honeytrap schemes through at least three Telegram channels:
Ā·Ā Ā Ā Ā Ā Ā AltLex
Ā·Ā Ā Ā Ā Ā Ā DON CRYPTON
Ā·Ā Ā Ā Ā Ā Ā SZ Trades ā å åÆč²Øå¹£
These actors use paid actors to provide seemingly legitimate investment tips before cleverly guiding their victims to invest in bogus tokens. This malicious activity has already cost victims around $3.2 million.
Channels like AltLex and DON CRYPTON use sophisticated strategies to promote fraudulent cryptocurrencies. AltLex became known for promoting fictitious tokens such as Linea, Paxos, and Circle using a fake trading identity named Alexander. DON CRYPTON, connected to AltLex via a telegra[.]ph post, hires actors from casting websites to support their activities.
Methods and Consequences of the Scams
These channels initially publish real content to build trust among their followers, which they then exploit to promote new, fake tokens, often feigning their legitimacy and profit potential. These manipulative tactics lead to financial losses and undermine the foundational principle of trust that the cryptocurrency ecosystem relies on.
Fraudulent tokens are often paired with Wrapped Ethereum (WETH) and utilize unverified signature functions, allowing for price manipulation. Once the scammers drain the liquidity, they leave investors with worthless tokens they cannot sell.
Results of CertiK's Investigation
CertiK's investigation revealed wallets connected to these scams and provided insights into the operations and potential locations of the scammers. Although the identity and whereabouts remain hidden, evidence suggests connections to the United Kingdom, adding another layer of complexity to the operation.
CertiK reminds that in accordance with the rules of the British Financial Conduct Authority (FCA), crypto services must include warnings about investment risks, applicable only to individuals in the United Kingdom or those using a British VPN server.
The Importance of Caution When Investing in Cryptocurrencies
This revelation highlights the risks associated with investing in cryptocurrencies, especially for newcomers attracted by the promise of quick gains. It's important to perform thorough due diligence and be skeptical of offers that seem too good to be true.
#Web3 #CertiK #scam #crypto
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.ā
Telegram has become a popular platform for communication among cryptocurrency enthusiasts, which scammers exploit by hiring actors to promote fake cryptocurrencies through Telegram channels.
How Scammers Exploit Telegram for Cryptocurrency Schemes
CertiK, a renowned blockchain security firm, is closely monitoring the activities of scammers organizing honeytrap schemes through at least three Telegram channels:
Ā·Ā Ā Ā Ā Ā Ā AltLex
Ā·Ā Ā Ā Ā Ā Ā DON CRYPTON
Ā·Ā Ā Ā Ā Ā Ā SZ Trades ā å åÆč²Øå¹£
These actors use paid actors to provide seemingly legitimate investment tips before cleverly guiding their victims to invest in bogus tokens. This malicious activity has already cost victims around $3.2 million.
Channels like AltLex and DON CRYPTON use sophisticated strategies to promote fraudulent cryptocurrencies. AltLex became known for promoting fictitious tokens such as Linea, Paxos, and Circle using a fake trading identity named Alexander. DON CRYPTON, connected to AltLex via a telegra[.]ph post, hires actors from casting websites to support their activities.
Methods and Consequences of the Scams
These channels initially publish real content to build trust among their followers, which they then exploit to promote new, fake tokens, often feigning their legitimacy and profit potential. These manipulative tactics lead to financial losses and undermine the foundational principle of trust that the cryptocurrency ecosystem relies on.
Fraudulent tokens are often paired with Wrapped Ethereum (WETH) and utilize unverified signature functions, allowing for price manipulation. Once the scammers drain the liquidity, they leave investors with worthless tokens they cannot sell.
Results of CertiK's Investigation
CertiK's investigation revealed wallets connected to these scams and provided insights into the operations and potential locations of the scammers. Although the identity and whereabouts remain hidden, evidence suggests connections to the United Kingdom, adding another layer of complexity to the operation.
CertiK reminds that in accordance with the rules of the British Financial Conduct Authority (FCA), crypto services must include warnings about investment risks, applicable only to individuals in the United Kingdom or those using a British VPN server.
The Importance of Caution When Investing in Cryptocurrencies
This revelation highlights the risks associated with investing in cryptocurrencies, especially for newcomers attracted by the promise of quick gains. It's important to perform thorough due diligence and be skeptical of offers that seem too good to be true.
#Web3 #CertiK #scam #crypto
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.ā
Was CoinSpot's $2.4 Million Hack the Result of a Private Key Compromise? š
Australian crypto exchange #CoinSpot recently experienced a $2.4 million hack, likely due to a "private key compromise" in one of its hot wallets.
Blockchain security firm #CertiK confirmed the exploit, revealing that 1,262 ETH, equivalent to $2.4 million, was transferred from a known CoinSpot wallet to the alleged hacker's address.
The #hacker then converted part of the funds to Wrapped Bitcoin (WBTC) using Uniswap and exchanged the rest for Bitcoin via ThorChain.
The stolen Bitcoin was further distributed among multiple wallets, a common tactic to complicate investigations. CoinSpot, established in 2013, is Australia's largest crypto exchange with around 2.5 million users.
#Binance
#crypto2023
Australian crypto exchange #CoinSpot recently experienced a $2.4 million hack, likely due to a "private key compromise" in one of its hot wallets.
Blockchain security firm #CertiK confirmed the exploit, revealing that 1,262 ETH, equivalent to $2.4 million, was transferred from a known CoinSpot wallet to the alleged hacker's address.
The #hacker then converted part of the funds to Wrapped Bitcoin (WBTC) using Uniswap and exchanged the rest for Bitcoin via ThorChain.
The stolen Bitcoin was further distributed among multiple wallets, a common tactic to complicate investigations. CoinSpot, established in 2013, is Australia's largest crypto exchange with around 2.5 million users.
#Binance
#crypto2023
šØ Certik Twitter Account got Hacked !
DON'T Click any link shared and pinned by them. It is phishing link.
While it shows correct link but when you open, it will redirect to completely different phishing url.
#CertiK #etf #BTC #XAI #CryptoPredictions2024
DON'T Click any link shared and pinned by them. It is phishing link.
While it shows correct link but when you open, it will redirect to completely different phishing url.
#CertiK #etf #BTC #XAI #CryptoPredictions2024