Crypto Hack Weekly Report: Threat Analysis and Major Escalation of Hacks
1. First-Ever AI Poisoning Attack Targets Solana Wallet
This was the first reported AI poisoning attack in the cryptocurrency space and the victim lost $2500 from the Solana wallet where he stored his digital currency. The user used ChatGPT to build a meme token sniping bot for the Solana-based platform called Pump.fun.
However, the attacker locked the user’s profile and put the API link containing the backdoor in the conversation. the attackers were able to access the user’s private wallet keys. SOL, USDC, and several meme coins, which were stolen were transferred to a wallet that had over 281 other similar trades connected to it.
2. Phishing Scheme Nets $6.3 Million; DOJ Takes Action
Five people associated with hacking groups 0ktapus and Scattered Spider have been indicted by the U.S. Department of Justice (DOJ). These groups coordinated different phishing scams aimed at gaining access to employees’ credentials of tech companies and cryptocurrency companies. The hackers took advantage and got around the organisation’s two-factor authentication, or 2FA, and made away with $ 6·3 m worth of cryptographic currency besides other information.
3. Polter Finance Loses $7 Million in DeFi ExploitThe decentralized finance DeFi platform based on the Fantom blockchain was targeted within a smart deal compromise and finished up losing $7 mln. The attacker used Tornado Cash, a privacy-based platform built on Ethereum to wash coins and switch them to the Fantom network and exploited Polter Finance vulnerabilities. To that end, Polter Finance suspended trading operations, sent out reports to cross-chain bridges regarding the unauthorized transfer of stolen assets and worked with authorities to track the involved addresses.
This week’s events show the growing complexity of cyber threats aimed at cryptocurrencies and using AI, phishing, and DeFi weak spots. Though innovations such as AI and cross-chains are very accessible they come with lots of risks as well.