Binance Square
hack
240,590 views
44 Discussing
Hot
Latest
Thomas Anderson
--
#scam #Hack WARNING !!! Nearly $1,700,000,000 in Crypto Lost Through Private Keys New data from cybersecurity firm Hacken reveals that $1.7 billion worth of crypto assets were lost through the theft of private keys in 2024.According to Hacken, the number of smart contract exploits pale in comparison to how often private crypto keys are stolen. “In 2024, access control exploits – closely tied to private key compromises – accounted for nearly of total crypto hack losses, up from 50% in 2023. This translates to nearly lost across Web3, a sharp increase from less than $1 billion the previous year. 75% $1.7 billion In comparison, smart contract vulnerability exploits contributed just 14% of the total losses in 2024, underscoring the dominant threat posed by unauthorized access and private key theft.” Private keys are strings of letters, words, and numbers generated by crypto wallets used to authorize transactions and prove ownership. They help encrypt data and assets to protect them from being stolen. The cybersecurity firm goes on to note four reasons why people tend to get their private keys stolen – using an insecure management platform, being tricked by social engineering campaigns, insecure backups of data, and vulnerabilities within single-signature schemes of crypto wallets. According to Hacken, the largest exploit of 2024 was the hack of centralized Indian crypto exchange WazirX, which saw over $230 million worth of digital assets stolen. “Despite employing a robust multiparty security system, the exchange suffered a breach due to unauthorized fund movements from their wallets. WazirX utilized a Gnosis Safe multisig wallet requiring 4 out of 6 signatures for transactions. Five of the keys were managed by WazirX, while the sixth was held by Liminal, a digital asset custody provider. The attacker managed to manipulate the system, obtaining signatures from three WazirX signers and one from Liminal, allowing them to upgrade the wallet to a malicious contract and siphon off the funds.” More interesting news – subscribe $USDC
#scam #Hack

WARNING !!! Nearly $1,700,000,000 in Crypto Lost Through Private Keys

New data from cybersecurity firm Hacken reveals that $1.7 billion worth of crypto assets were lost through the theft of private keys in 2024.According to Hacken, the number of smart contract exploits pale in comparison to how often private crypto keys are stolen.
“In 2024, access control exploits – closely tied to private key compromises – accounted for nearly of total crypto hack losses, up from 50% in 2023.
This translates to nearly lost across Web3, a sharp increase from less than $1 billion the previous year. 75% $1.7 billion In comparison, smart contract vulnerability exploits contributed just 14% of the total losses in 2024, underscoring the dominant threat posed by unauthorized access and private key theft.”
Private keys are strings of letters, words, and numbers generated by crypto wallets used to authorize transactions and prove ownership. They help encrypt data and assets to protect them from being stolen.
The cybersecurity firm goes on to note four reasons why people tend to get their private keys stolen – using an insecure management platform, being tricked by social engineering campaigns, insecure backups of data, and vulnerabilities within single-signature schemes of crypto wallets.
According to Hacken, the largest exploit of 2024 was the hack of centralized Indian crypto exchange WazirX, which saw over $230 million worth of digital assets stolen.
“Despite employing a robust multiparty security system, the exchange suffered a breach due to unauthorized fund movements from their wallets. WazirX utilized a Gnosis Safe multisig wallet requiring 4 out of 6 signatures for transactions.
Five of the keys were managed by WazirX, while the sixth was held by Liminal, a digital asset custody provider. The attacker managed to manipulate the system, obtaining signatures from three WazirX signers and one from Liminal, allowing them to upgrade the wallet to a malicious contract and siphon off the funds.”

More interesting news – subscribe

$USDC
Animoca Brands Co-Founder Yat Siu’s Account Hacked to Promote Fake MOCA TokenAnimoca Brands has confirmed that the X (formerly Twitter) account of its co-founder, Yat Siu, was hacked, leading to the promotion of a fake cryptocurrency called the MOCA token. The incident highlights ongoing cybersecurity challenges in the cryptocurrency sector, as well as the vulnerability of prominent figures to such attacks. The hacker exploited Siu’s account to announce a fraudulent MOCA token launch on the Solana blockchain. This false promotion caused a dramatic spike in the token's value—rising by 500% in a short period. However, this artificial increase quickly reversed, with the market capitalization of the token plunging from $36,700 to just $7,700. In response, Animoca Brands clarified that neither an official MOCA token nor any associated NFT project had been launched. The company strongly urged users to avoid engaging with the compromised account and warned the community to remain vigilant against similar scams. Yat Siu addressed the issue through his secondary X account, revealing that the hacker had bypassed two-factor authentication (2FA) security measures to gain access. Siu has since reported the breach to X’s support team and committed to sharing insights about the vulnerabilities exposed by the attack. This follows a string of similar high-profile hacks, including a December incident in which a compromised account linked to Anthropic resulted in the theft of $100,000 through a fake token scheme. The attack underscores the importance of robust cybersecurity practices, particularly for influential figures in the blockchain and crypto industries. As fraudulent schemes become increasingly sophisticated, even measures like 2FA-widely regarded as a reliable security standard, are proving insufficient to prevent breaches. This incident also sheds light on the market's susceptibility to manipulation. The fake MOCA token’s dramatic price fluctuation demonstrates how easily a false announcement can generate hype and disrupt token valuations, particularly in the context of decentralized and relatively unregulated markets. Animoca Brands, a leading player in blockchain and gaming innovation, has built its reputation on fostering trust and transparency in the industry. This hacking incident, however, serves as a stark reminder that no organization or individual is immune to cyber threats. Moving forward, both individuals and organizations must adopt stronger security protocols and encourage users to verify the legitimacy of announcements and accounts before engaging in any activity. While Yat Siu has vowed to provide insights into the vulnerabilities exploited during the hack, the larger takeaway is clear: the cryptocurrency space needs enhanced awareness and protection against scams and malicious activities. Users are advised to remain cautious, verify claims through multiple channels, and prioritize security to mitigate risks in an environment where trust is often the primary currency. #MOKA #HACK $BTC

Animoca Brands Co-Founder Yat Siu’s Account Hacked to Promote Fake MOCA Token

Animoca Brands has confirmed that the X (formerly Twitter) account of its co-founder, Yat Siu, was hacked, leading to the promotion of a fake cryptocurrency called the MOCA token. The incident highlights ongoing cybersecurity challenges in the cryptocurrency sector, as well as the vulnerability of prominent figures to such attacks.

The hacker exploited Siu’s account to announce a fraudulent MOCA token launch on the Solana blockchain. This false promotion caused a dramatic spike in the token's value—rising by 500% in a short period. However, this artificial increase quickly reversed, with the market capitalization of the token plunging from $36,700 to just $7,700.
In response, Animoca Brands clarified that neither an official MOCA token nor any associated NFT project had been launched. The company strongly urged users to avoid engaging with the compromised account and warned the community to remain vigilant against similar scams.
Yat Siu addressed the issue through his secondary X account, revealing that the hacker had bypassed two-factor authentication (2FA) security measures to gain access. Siu has since reported the breach to X’s support team and committed to sharing insights about the vulnerabilities exposed by the attack. This follows a string of similar high-profile hacks, including a December incident in which a compromised account linked to Anthropic resulted in the theft of $100,000 through a fake token scheme.
The attack underscores the importance of robust cybersecurity practices, particularly for influential figures in the blockchain and crypto industries. As fraudulent schemes become increasingly sophisticated, even measures like 2FA-widely regarded as a reliable security standard, are proving insufficient to prevent breaches.
This incident also sheds light on the market's susceptibility to manipulation. The fake MOCA token’s dramatic price fluctuation demonstrates how easily a false announcement can generate hype and disrupt token valuations, particularly in the context of decentralized and relatively unregulated markets.
Animoca Brands, a leading player in blockchain and gaming innovation, has built its reputation on fostering trust and transparency in the industry. This hacking incident, however, serves as a stark reminder that no organization or individual is immune to cyber threats. Moving forward, both individuals and organizations must adopt stronger security protocols and encourage users to verify the legitimacy of announcements and accounts before engaging in any activity.
While Yat Siu has vowed to provide insights into the vulnerabilities exploited during the hack, the larger takeaway is clear: the cryptocurrency space needs enhanced awareness and protection against scams and malicious activities. Users are advised to remain cautious, verify claims through multiple channels, and prioritize security to mitigate risks in an environment where trust is often the primary currency.
#MOKA #HACK $BTC
🔥 Scammers on the Rise: How the Meme Coin Boom on Solana Unlocked New Ways to Steal Millions 💸🌐 The Crypto Market in Shock! In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks. 💎 DeFi: Fewer losses, but major hacks persist Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million. 🏦 CeFi in Trouble: Losses Double! CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million). 🎮 Games and Metaverses Lose Hundreds of Millions The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲 🚩 Rug Pulls Shift to Solana Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈 🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month! In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors. 👨‍💻 Phishing and North Korean Hackers Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion. ⚠️ Stay Alert! Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting! #Hack #scamriskwarning #solana

🔥 Scammers on the Rise: How the Meme Coin Boom on Solana Unlocked New Ways to Steal Millions 💸

🌐 The Crypto Market in Shock!
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.

💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.

🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).

🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲

🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈

🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.

👨‍💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.

⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
See original
Hacker Compromises 15 X Accounts, Earns $500,000 from Fake MemecoinsZachXBT, a renowned blockchain investigator, has just revealed that a hacker compromised 15 X accounts (formerly Twitter) related to cryptocurrency to spread fake memecoins. The attacker sent fake copyright infringement notices to create a sense of urgency, tricking users into accessing scam websites. On these websites, victims will be asked to change their two-factor authentication (2FA) and password.

Hacker Compromises 15 X Accounts, Earns $500,000 from Fake Memecoins

ZachXBT, a renowned blockchain investigator, has just revealed that a hacker compromised 15 X accounts (formerly Twitter) related to cryptocurrency to spread fake memecoins.
The attacker sent fake copyright infringement notices to create a sense of urgency, tricking users into accessing scam websites. On these websites, victims will be asked to change their two-factor authentication (2FA) and password.
DeFi security improves, CeFi becomes the hotspot for hacks in 2024The security technology of DeFi projects has significantly improved in 2024, as reflected in the sharp decrease in the number of hacks and the amount of money stolen. DeFi Security Advances, CeFi Faces Rising Challenges in 2024 The annual Web3 Security Report by blockchain security firm Hacken reveals a significant reduction in financial losses within the DeFi sector, decreasing from $787 million in 2023 to $474 million in 2024. This marks a 40% decline in losses year-over-year, showcasing notable improvements in DeFi security. Key Highlights in DeFi Security This progress can be attributed to safer protocols, enhanced bridge designs, and the adoption of advanced security measures such as multiparty computation and zero-knowledge proofs. Particularly, attacks on DeFi bridges—a previously critical vulnerability—saw a dramatic reduction, with losses dropping from $338 million in 2023 to $114 million in 2024. However, challenges persist. Access control vulnerabilities remain a major issue, accounting for nearly half of all losses. One notable example is the Radiant Capital hack, which resulted in $55 million in losses due to mismanagement of access controls. CeFi: A Rising Target for Hackers While DeFi is becoming more secure, centralized finance (CeFi) experienced a challenging year. Financial losses in CeFi more than doubled, rising from $310 million in 2023 to $694 million in 2024. High-profile incidents, such as the Q2 hack of DMM and the Q3 breach of WazirX, exposed critical flaws in CeFi systems. These attacks targeted private key theft and exploited weaknesses in multisignature (multisig) configurations, causing damages of $305 million and $230 million, respectively. According to Dyma Budorin, CEO of Hacken, the primary vulnerabilities in CeFi stem from poor private key management, weak multisig configurations, and centralized systems. These "critical gaps" make CeFi an easy target for cyberattacks. North Korean Hackers and Broader Implications Cybersecurity risks extend across the broader Web3 ecosystem. North Korean hackers were linked to 47 attacks in 2024, resulting in over $1.3 billion in damages, as reported by Chainalysis on December 19. Future Outlook The stark contrast in financial losses between DeFi and CeFi in 2024 highlights opportunities for both sectors to enhance security. Budorin recommends implementing stricter key management practices and integrating automated monitoring systems to mitigate risks. Ultimately, whether in DeFi or CeFi, robust cybersecurity measures remain crucial to safeguarding digital assets in the rapidly evolving blockchain landscape. #MarketRebound #CorePCESignalsShift #USUALAnalysis #defi #Hack $BTC {spot}(BTCUSDT) $DYDX {spot}(DYDXUSDT)

DeFi security improves, CeFi becomes the hotspot for hacks in 2024

The security technology of DeFi projects has significantly improved in 2024, as reflected in the sharp decrease in the number of hacks and the amount of money stolen.

DeFi Security Advances, CeFi Faces Rising Challenges in 2024
The annual Web3 Security Report by blockchain security firm Hacken reveals a significant reduction in financial losses within the DeFi sector, decreasing from $787 million in 2023 to $474 million in 2024. This marks a 40% decline in losses year-over-year, showcasing notable improvements in DeFi security.

Key Highlights in DeFi Security
This progress can be attributed to safer protocols, enhanced bridge designs, and the adoption of advanced security measures such as multiparty computation and zero-knowledge proofs. Particularly, attacks on DeFi bridges—a previously critical vulnerability—saw a dramatic reduction, with losses dropping from $338 million in 2023 to $114 million in 2024.
However, challenges persist. Access control vulnerabilities remain a major issue, accounting for nearly half of all losses. One notable example is the Radiant Capital hack, which resulted in $55 million in losses due to mismanagement of access controls.

CeFi: A Rising Target for Hackers
While DeFi is becoming more secure, centralized finance (CeFi) experienced a challenging year. Financial losses in CeFi more than doubled, rising from $310 million in 2023 to $694 million in 2024.
High-profile incidents, such as the Q2 hack of DMM and the Q3 breach of WazirX, exposed critical flaws in CeFi systems. These attacks targeted private key theft and exploited weaknesses in multisignature (multisig) configurations, causing damages of $305 million and $230 million, respectively.

According to Dyma Budorin, CEO of Hacken, the primary vulnerabilities in CeFi stem from poor private key management, weak multisig configurations, and centralized systems. These "critical gaps" make CeFi an easy target for cyberattacks.
North Korean Hackers and Broader Implications
Cybersecurity risks extend across the broader Web3 ecosystem. North Korean hackers were linked to 47 attacks in 2024, resulting in over $1.3 billion in damages, as reported by Chainalysis on December 19.
Future Outlook
The stark contrast in financial losses between DeFi and CeFi in 2024 highlights opportunities for both sectors to enhance security. Budorin recommends implementing stricter key management practices and integrating automated monitoring systems to mitigate risks.
Ultimately, whether in DeFi or CeFi, robust cybersecurity measures remain crucial to safeguarding digital assets in the rapidly evolving blockchain landscape.
#MarketRebound #CorePCESignalsShift #USUALAnalysis #defi #Hack

$BTC

$DYDX
🕵️‍♂️ FBI has linked the 🇰🇵 North Korean hacker group 'TraderTraitor' to a 💲308 million cryptocurrency heist from the 🇯🇵 Japanese exchange DMM Bitcoin in May 2024. The attack began in March 2024 when a hacker posed as a recruiter on LinkedIn and targeted an employee of Ginco, a cryptocurrency wallet software company. The hacker used malicious code to infiltrate Ginco and then DMM Bitcoin, ultimately manipulating a transaction to steal 4,502.9 $BTC . The FBI has been monitoring TraderTraitor since 2022 for targeting the blockchain sector with fake apps❗ #TraderTraitor #FBI #Hack #NorthKorea $ETH $XRP
🕵️‍♂️ FBI has linked the 🇰🇵 North Korean hacker group 'TraderTraitor' to a 💲308 million cryptocurrency heist from the 🇯🇵 Japanese exchange DMM Bitcoin in May 2024. The attack began in March 2024 when a hacker posed as a recruiter on LinkedIn and targeted an employee of Ginco, a cryptocurrency wallet software company. The hacker used malicious code to infiltrate Ginco and then DMM Bitcoin, ultimately manipulating a transaction to steal 4,502.9 $BTC . The FBI has been monitoring TraderTraitor since 2022 for targeting the blockchain sector with fake apps❗

#TraderTraitor #FBI #Hack #NorthKorea
$ETH $XRP
See original
Dear Friend, as you all know very well that #WRX Coin is the coin of #WazirX Exchange, and this exchange has cheated many crypto holders of India in the name of #Hack and is continuously cheating them, there is neither any transparency nor any correct answer is coming from the exchange holders, in such a situation if it is true that their coin has been deleted, then please do not mislead investors by giving false positive calls about #WRX Coin. And make good and true posts on news and information related to the hack of @Square-Creator-133581454 so that unhappy people get guidance and can fight for their rights.
Dear Friend, as you all know very well that #WRX Coin is the coin of #WazirX Exchange, and this exchange has cheated many crypto holders of India in the name of #Hack and is continuously cheating them, there is neither any transparency nor any correct answer is coming from the exchange holders, in such a situation if it is true that their coin has been deleted, then please do not mislead investors by giving false positive calls about #WRX Coin. And make good and true posts on news and information related to the hack of @Wazirx so that unhappy people get guidance and can fight for their rights.
Feed-Creator-9a4a2c870:
Thank you for the important information. The news is just terrible. How bad that I learned about this news only now. I have to fix the loss of 50%. This is very sad😭
Over 40 wallet addresses lost funds due to using LastPass.After the major data breach in 2022, LastPass remains a target for hackers. Is it time for users to reconsider how they protect their digital assets? Security expert ZachXBT has issued a warning about a major cryptocurrency attack, which has stolen approximately $5.36 million from over 40 wallet addresses. Notably, this attack is linked to the severe data breach of LastPass that occurred in 2022. LastPass, the popular password management service, was hacked in 2022 when attackers breached its system and stole a large amount of user data, including sensitive information such as private keys, API tokens, and MFA seeds. These pieces of information are critical, as they allow hackers to access and take control of victims' cryptocurrency wallets. In the latest attack, hackers used the stolen data from LastPass to target over 40 victims, stealing cryptocurrency assets. After the theft, they quickly converted the stolen funds into Ethereum and then Bitcoin via instant cryptocurrency exchanges. This tactic was employed to erase traces and make tracking the stolen assets more difficult. This incident highlights the ongoing severe consequences of the 2022 LastPass data breach. Previously, security analyst ZachXBT documented two other major cryptocurrency attacks linked to stolen LastPass data, resulting in millions of dollars in losses: October 2023: Hackers stole $4.4 million in cryptocurrency.February 2024: Over $6.2 million was stolen. Combined, these three incidents connected to LastPass have resulted in losses of over $15 million for users. In light of these developments, ZachXBT has issued a warning for LastPass users to exercise caution. Users are strongly advised to move their cryptocurrency assets to other wallets immediately if they have stored their seed phrases or private keys with LastPass. This attack serves as a crucial lesson for users regarding the security risks associated with using online password management services. While convenient, users must be fully aware of the potential dangers and proactively adopt additional security measures to safeguard their digital assets. The incident also raises questions about LastPass's responsibility to protect user data and assist victims following breaches. Have they done enough to prevent such attacks and support affected users? Advice for Users: Never store seed phrases or private keys on online password management services.Use cold wallets (hardware wallets) to store cryptocurrencies for added security.Always enable two-factor authentication (2FA) for all important accounts.Regularly update software and applications to patch any security vulnerabilities.Stay vigilant against phishing attempts, including emails and messages designed to deceive users. #Hack #CryptocurrencyTravel #Market_Update

Over 40 wallet addresses lost funds due to using LastPass.

After the major data breach in 2022, LastPass remains a target for hackers. Is it time for users to reconsider how they protect their digital assets?

Security expert ZachXBT has issued a warning about a major cryptocurrency attack, which has stolen approximately $5.36 million from over 40 wallet addresses. Notably, this attack is linked to the severe data breach of LastPass that occurred in 2022.

LastPass, the popular password management service, was hacked in 2022 when attackers breached its system and stole a large amount of user data, including sensitive information such as private keys, API tokens, and MFA seeds. These pieces of information are critical, as they allow hackers to access and take control of victims' cryptocurrency wallets.
In the latest attack, hackers used the stolen data from LastPass to target over 40 victims, stealing cryptocurrency assets. After the theft, they quickly converted the stolen funds into Ethereum and then Bitcoin via instant cryptocurrency exchanges. This tactic was employed to erase traces and make tracking the stolen assets more difficult.
This incident highlights the ongoing severe consequences of the 2022 LastPass data breach. Previously, security analyst ZachXBT documented two other major cryptocurrency attacks linked to stolen LastPass data, resulting in millions of dollars in losses:
October 2023: Hackers stole $4.4 million in cryptocurrency.February 2024: Over $6.2 million was stolen.
Combined, these three incidents connected to LastPass have resulted in losses of over $15 million for users.
In light of these developments, ZachXBT has issued a warning for LastPass users to exercise caution. Users are strongly advised to move their cryptocurrency assets to other wallets immediately if they have stored their seed phrases or private keys with LastPass.

This attack serves as a crucial lesson for users regarding the security risks associated with using online password management services. While convenient, users must be fully aware of the potential dangers and proactively adopt additional security measures to safeguard their digital assets.
The incident also raises questions about LastPass's responsibility to protect user data and assist victims following breaches. Have they done enough to prevent such attacks and support affected users?
Advice for Users:
Never store seed phrases or private keys on online password management services.Use cold wallets (hardware wallets) to store cryptocurrencies for added security.Always enable two-factor authentication (2FA) for all important accounts.Regularly update software and applications to patch any security vulnerabilities.Stay vigilant against phishing attempts, including emails and messages designed to deceive users.
#Hack
#CryptocurrencyTravel
#Market_Update
Ronin Wallets of 'Axie Infinity' Founders Hacked, $9.5 Million Loss in EthereumOn Thursday, Ronin gaming platform wallets were compromised, resulting in the theft of approximately $9.5 million worth of Ethereum. The perpetrators utilized Tornado Cash service to launder the stolen funds, mixing transactions from multiple users to obscure the cryptocurrency's origin. Among the affected individuals is one of the founders of Ronin and Axie Infinity, who disclosed the incident on Twitter. Theft Details: 3,250 ETH Moved by Unknown Perpetrators A precise sum of 3,250 ETH was siphoned from gaming wallets on the Ronin network, amounting to $9.5 million. The attackers subsequently transferred these funds to three distinct Ethereum wallets via a network bridge. The ETH was then laundered through the Tornado Cash service, complicating its traceability. Personal Accounts of Jeff 'Jiho' Zirlin Compromised Jeff "Jiho" Zirlin, co-founder of Ronin and Axie Infinity, announced on Thursday evening that his personal wallets had been compromised in the attack. He stated that the attack solely targeted his personal accounts and did not impact the security or operations of the Ronin network or the activities of Sky Mavis, the company behind it. Security of Ronin and Sky Mavis Unaffected In response to the incident, Aleksander "Psycheout" Larsen, another founder of Sky Mavis, emphasized that the attack has no bearing on the security measures of the Ronin network bridge or the company's financial assets. Larsen highlighted that the bridge itself has undergone several security audits and is equipped with mechanisms to prevent excessive fund withdrawals. Impact on Ronin's Market Value As a consequence of the attack and fund depletion, the value of Ronin cryptocurrency (RON) experienced a decline, with its price plummeting from approximately $3.17 to $2.74, marking a decrease of over 13% within minutes. At the time of writing, the price partially recovered to $2.97. Historical Context: Ronin Bridge Attack The incident occurs two years after the attack on the Ethereum Ronin bridge, during which cryptocurrency worth $622 million was stolen. The attack was attributed to the Lazarus hacking group from North Korea, exploiting the insufficient decentralization at that time. Subsequently, a portion of the stolen funds was recovered, and Sky Mavis reimbursed users for all losses from the February 2022 attack. $ETH #Ronin #hack Notice: ,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Ronin Wallets of 'Axie Infinity' Founders Hacked, $9.5 Million Loss in Ethereum

On Thursday, Ronin gaming platform wallets were compromised, resulting in the theft of approximately $9.5 million worth of Ethereum. The perpetrators utilized Tornado Cash service to launder the stolen funds, mixing transactions from multiple users to obscure the cryptocurrency's origin. Among the affected individuals is one of the founders of Ronin and Axie Infinity, who disclosed the incident on Twitter.
Theft Details: 3,250 ETH Moved by Unknown Perpetrators
A precise sum of 3,250 ETH was siphoned from gaming wallets on the Ronin network, amounting to $9.5 million. The attackers subsequently transferred these funds to three distinct Ethereum wallets via a network bridge. The ETH was then laundered through the Tornado Cash service, complicating its traceability.
Personal Accounts of Jeff 'Jiho' Zirlin Compromised
Jeff "Jiho" Zirlin, co-founder of Ronin and Axie Infinity, announced on Thursday evening that his personal wallets had been compromised in the attack. He stated that the attack solely targeted his personal accounts and did not impact the security or operations of the Ronin network or the activities of Sky Mavis, the company behind it.

Security of Ronin and Sky Mavis Unaffected
In response to the incident, Aleksander "Psycheout" Larsen, another founder of Sky Mavis, emphasized that the attack has no bearing on the security measures of the Ronin network bridge or the company's financial assets. Larsen highlighted that the bridge itself has undergone several security audits and is equipped with mechanisms to prevent excessive fund withdrawals.
Impact on Ronin's Market Value
As a consequence of the attack and fund depletion, the value of Ronin cryptocurrency (RON) experienced a decline, with its price plummeting from approximately $3.17 to $2.74, marking a decrease of over 13% within minutes. At the time of writing, the price partially recovered to $2.97.
Historical Context: Ronin Bridge Attack
The incident occurs two years after the attack on the Ethereum Ronin bridge, during which cryptocurrency worth $622 million was stolen. The attack was attributed to the Lazarus hacking group from North Korea, exploiting the insufficient decentralization at that time. Subsequently, a portion of the stolen funds was recovered, and Sky Mavis reimbursed users for all losses from the February 2022 attack.

$ETH
#Ronin #hack

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Breaking News: Orbit Chain Hackers Unveil $81.4 Million Exploit to Ring in the New YearThe cross-chain bridge of Orbit Chain was compromised by an exploit, which led to the loss of Tether, DAI, USDC, wBTC, and ETH with a combined value of around $81.4 million. The vulnerability was exploited by the exploiter, who then transferred funds to a new wallet. A weakness in the bridge or a hack in the centralized server was discovered as the primary reason by the blockchain security company SlowMist which was responsible for the investigation. It has been revealed that a hack occurred on Orbit Bridge, which is a protocol for interchain communication that is utilized for asset conversion. A total of around $81.4 million worth of cryptocurrency were stolen from the system. The Orbit Bridge was struck by a number of significant discharges. An vulnerability that was worth $81.4 million was apparently used by hackers to ring in the New Year with Orbit Bridge. A number of significant outflows were discovered by the blockchain security company SlowMist and the on-chain intelligence service LookOnChain. These outflows were encountered via the cross-chain protocol. According to the latter, the Orbit Bridge was responsible for the transfer of 30 million Tether (USDT), 10 million DAI, 10 million USDCoin (USDC), 231 wBTC (worth over $10 million), and 9,500 ETH (worth around $21.5 million) in five distinct transactions. After doing a preliminary examination from the outside, SlowMist came to the conclusion that either the centralized server has been compromised or there is a potential vulnerability in the Orbit Chain bridge. A further in-depth investigation is currently being carried out by the company in order to obtain additional information on the attack. The hacking of Orbit Chain has been confirmed. Orbit Chain reported the hack on its protocol in a tweet that was published not too long ago on X. The tweet described the breach as a "unidentified access" to the bridge. A comprehensive investigation into the underlying cause of the assault is currently being carried out by the company, which has said that it is actively collaborating with law enforcement authorities in order to identify the perpetrator of the incident. #hack #OrbitChain

Breaking News: Orbit Chain Hackers Unveil $81.4 Million Exploit to Ring in the New Year

The cross-chain bridge of Orbit Chain was compromised by an exploit, which led to the loss of Tether, DAI, USDC, wBTC, and ETH with a combined value of around $81.4 million.
The vulnerability was exploited by the exploiter, who then transferred funds to a new wallet.
A weakness in the bridge or a hack in the centralized server was discovered as the primary reason by the blockchain security company SlowMist which was responsible for the investigation.
It has been revealed that a hack occurred on Orbit Bridge, which is a protocol for interchain communication that is utilized for asset conversion. A total of around $81.4 million worth of cryptocurrency were stolen from the system.
The Orbit Bridge was struck by a number of significant discharges.
An vulnerability that was worth $81.4 million was apparently used by hackers to ring in the New Year with Orbit Bridge. A number of significant outflows were discovered by the blockchain security company SlowMist and the on-chain intelligence service LookOnChain. These outflows were encountered via the cross-chain protocol.
According to the latter, the Orbit Bridge was responsible for the transfer of 30 million Tether (USDT), 10 million DAI, 10 million USDCoin (USDC), 231 wBTC (worth over $10 million), and 9,500 ETH (worth around $21.5 million) in five distinct transactions.

After doing a preliminary examination from the outside, SlowMist came to the conclusion that either the centralized server has been compromised or there is a potential vulnerability in the Orbit Chain bridge. A further in-depth investigation is currently being carried out by the company in order to obtain additional information on the attack.
The hacking of Orbit Chain has been confirmed.
Orbit Chain reported the hack on its protocol in a tweet that was published not too long ago on X. The tweet described the breach as a "unidentified access" to the bridge. A comprehensive investigation into the underlying cause of the assault is currently being carried out by the company, which has said that it is actively collaborating with law enforcement authorities in order to identify the perpetrator of the incident.
#hack #OrbitChain
--
Bullish
See original
🍔 McDonald's Memecoin Hack: Cyber ​​Thieves Steal Around $700,000 in Solana In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered. 💀 The Grimace Memecoin Scam 👾 Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes. 📊 Pump & Dump The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes. 💸 The Payout In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana." ⚠️ Aftermath The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams. #scam #hack #Solana⁩ $SOL #RiskManagement {spot}(SOLUSDT)
🍔 McDonald's Memecoin Hack: Cyber ​​Thieves Steal Around $700,000 in Solana

In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.

💀 The Grimace Memecoin Scam 👾

Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.

📊 Pump & Dump

The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.

💸 The Payout

In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."

⚠️ Aftermath

The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.

#scam #hack #Solana⁩ $SOL #RiskManagement
--
Bearish
🚨💸 $7M LOSS AND 80% DIVE FOR HACKED HLG TOKEN 💸🚨 Holograph, a leading omnichain tokenization platform which recently was part of the BINANCE AIRDROPS, recently experienced a major smart contract exploit, resulting in the loss of 1 billion HLG tokens valued at approximately $7 million. This incident has caused a significant drop in the value of the HLG token. 📉 Token Impact: Following the exploit, the project’s native HLG token plunged by about 80% within 24 hours after the attack, dropping to as low as $0.0029 before slightly recovering to $0.0068. The tokens had been airdropped to the community in May. 🔍 The Hack: The platform confirmed on X (formerly Twitter) that its Holograph Operator Contract had been compromised by a malicious actor who minted 1 billion HLG tokens. Initial Response: The exploit has been patched, and Holograph’s team is working with exchanges to lock compromised accounts. The team has also launched an investigation and is in the process of contacting law enforcement. Value at Theft: On-chain data indicates the stolen tokens were valued at around $7 million at the time of the incident. 🕵️‍♂️ Hacker Strategy: Blockchain security platform Cyvers reported that some of the stolen tokens were swapped for the USDT stablecoin, which the attacker used to acquire 300 ETH. The hacker then distributed the funds to various addresses, including those linked to privacy protocols like Tornado Cash and Railgun. Current Holdings: On-chain data shows the exploiter’s address still holds about 47.59 ETH, valued at around $167,000 at press time. 📊 Analysis: Matt Casto, a DeFi researcher at CMT Digital, suggested that the attacker was likely “a rogue dev who funded the address 26 days ago,” noting that the address used to receive the minted supply. 👇 What are your thoughts on the recent Holograph hack? I guess it shows us that no project is totally save! #HLG #Binanceairdrops #airdrop #hack #alert $SHIB $PEPE $DOGE
🚨💸 $7M LOSS AND 80% DIVE FOR HACKED HLG TOKEN 💸🚨

Holograph, a leading omnichain tokenization platform which recently was part of the BINANCE AIRDROPS, recently experienced a major smart contract exploit, resulting in the loss of 1 billion HLG tokens valued at approximately $7 million. This incident has caused a significant drop in the value of the HLG token.

📉 Token Impact:
Following the exploit, the project’s native HLG token plunged by about 80% within 24 hours after the attack, dropping to as low as $0.0029 before slightly recovering to $0.0068. The tokens had been airdropped to the community in May.

🔍 The Hack:
The platform confirmed on X (formerly Twitter) that its Holograph Operator Contract had been compromised by a malicious actor who minted 1 billion HLG tokens.

Initial Response: The exploit has been patched, and Holograph’s team is working with exchanges to lock compromised accounts. The team has also launched an investigation and is in the process of contacting law enforcement.

Value at Theft: On-chain data indicates the stolen tokens were valued at around $7 million at the time of the incident.

🕵️‍♂️ Hacker Strategy:
Blockchain security platform Cyvers reported that some of the stolen tokens were swapped for the USDT stablecoin, which the attacker used to acquire 300 ETH. The hacker then distributed the funds to various addresses, including those linked to privacy protocols like Tornado Cash and Railgun.

Current Holdings: On-chain data shows the exploiter’s address still holds about 47.59 ETH, valued at around $167,000 at press time.

📊 Analysis:
Matt Casto, a DeFi researcher at CMT Digital, suggested that the attacker was likely “a rogue dev who funded the address 26 days ago,” noting that the address used to receive the minted supply.

👇 What are your thoughts on the recent Holograph hack?
I guess it shows us that no project is totally save!

#HLG #Binanceairdrops #airdrop #hack #alert

$SHIB $PEPE $DOGE
Stay #SAFU on X and other socials. @JasonYanowitz on X narrates his #hack odeal. I got hacked yesterday. At the risk of looking foolish, I'll share how it happened so you can avoid this nightmare. For the past few weeks, people have been trying to get into my accounts. #Crypto accounts, email, twitter, etc... every few days I get an email that someone is trying to access one of my accounts. Thankfully I have non-text #2FA set up for everything so nothing got hacked. So when I got back from dinner last night and saw this email, I panicked. Someone in North Cyprus had finally managed to hack into my account. I guess my security wasn't strong enough and they found a loophole. I clicked the link to "secure my account". I entered my username and password, updated to a new password, and voila: I'm back in. Crisis averted. Or so I thought. Moments later, I got an email saying my email address had been changed. This was the real hack. I was now officially locked out of my account. So how did this happen? It turns out the original email, which looks incredibly real, was not so real. Most email clients hide the actual address. But when you expand it, you can see that this email was sent from "verify@x-notify.com" Fake address. I got phished. Very foolish mistake. I don't open Google Docs when they're sent to me. I don't click links. I typically check addresses. But Friday 8pm after a long week, they got me. I am aware this thread exposes a pretty dumb mistake but if I can save one person from this same mistake, it's worth it. Some takeaways: - Don't click links - If you do click a link, review the actual email address - Set up non-text 2FA on everything - If you've done that, trust your own security process - If you think you've been hacked, slow down and think about how this could have happened Big thank you to @KeithGrossman and some folks at X for helping me get my account back so quickly. If you're still reading, go read the self-audit series from @samczsun. And this best practices from @bobbyong. Lot more you can do but start there. #phishing
Stay #SAFU on X and other socials.

@JasonYanowitz on X narrates his #hack odeal.

I got hacked yesterday. At the risk of looking foolish, I'll share how it happened so you can avoid this nightmare. For the past few weeks, people have been trying to get into my accounts. #Crypto accounts, email, twitter, etc... every few days I get an email that someone is trying to access one of my accounts. Thankfully I have non-text #2FA set up for everything so nothing got hacked. So when I got back from dinner last night and saw this email, I panicked.
Someone in North Cyprus had finally managed to hack into my account. I guess my security wasn't strong enough and they found a loophole.
I clicked the link to "secure my account". I entered my username and password, updated to a new password, and voila: I'm back in. Crisis averted. Or so I thought. Moments later, I got an email saying my email address had been changed.

This was the real hack.

I was now officially locked out of my account. So how did this happen? It turns out the original email, which looks incredibly real, was not so real. Most email clients hide the actual address.
But when you expand it, you can see that this email was sent from "verify@x-notify.com" Fake address. I got phished. Very foolish mistake. I don't open Google Docs when they're sent to me. I don't click links. I typically check addresses. But Friday 8pm after a long week, they got me. I am aware this thread exposes a pretty dumb mistake but if I can save one person from this same mistake, it's worth it.

Some takeaways:
- Don't click links
- If you do click a link, review the actual email address
- Set up non-text 2FA on everything
- If you've done that, trust your own security process
- If you think you've been hacked, slow down and think about how this could have happened
Big thank you to @KeithGrossman and some folks at X for helping me get my account back so quickly.
If you're still reading, go read the self-audit series from @samczsun.
And this best practices from @bobbyong.
Lot more you can do but start there. #phishing
See original
 🎯️WazirX was hacked, losing more than 230 million USD 💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets. 🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD. 🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets. 📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.  ✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident. ⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year. #Coinbay #WazirX #hack
 🎯️WazirX was hacked, losing more than 230 million USD

💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.

🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.

🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.

📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response. 

✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.

⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.

#Coinbay #WazirX #hack
See original
🚨🚨🚨 This week, it was revealed that a hacker named Miembro gained access to the data request portal of the Binance cryptocurrency exchange and sold this access for 10 thousand dollars. This portal was created for law enforcement and government officials and contained sensitive information of Binance users. According to the hacker, the stolen information includes users' e-mail addresses, phone numbers, wallet addresses and exchange IDs. However, as of now, there is no clear information about whether this data is sold or how much of it is sold. Exact information on how access to Binance's data portal is provided is not yet available. Security researchers claim that Binance gave law enforcement access to Kodex Global, and the hacker took control of the portal by infecting computers in Taiwan, Uganda and the Philippines with malware. Cyber ​​security experts who contacted Binance have not yet received any official statement from the exchange. Although the stolen data does not allow direct manipulation of Binance accounts, users' private information is at risk and this may expose them to various cyber threats. After the incident, Hudson Rock security team warned all Binance users to activate two-factor authentication (2FA) and update their passwords. A similar situation previously occurred when customer data of hardware wallet provider Ledger was stolen, and users received threats from hackers. #binance #hack #ledger
🚨🚨🚨 This week, it was revealed that a hacker named Miembro gained access to the data request portal of the Binance cryptocurrency exchange and sold this access for 10 thousand dollars. This portal was created for law enforcement and government officials and contained sensitive information of Binance users.
According to the hacker, the stolen information includes users' e-mail addresses, phone numbers, wallet addresses and exchange IDs. However, as of now, there is no clear information about whether this data is sold or how much of it is sold.

Exact information on how access to Binance's data portal is provided is not yet available. Security researchers claim that Binance gave law enforcement access to Kodex Global, and the hacker took control of the portal by infecting computers in Taiwan, Uganda and the Philippines with malware.

Cyber ​​security experts who contacted Binance have not yet received any official statement from the exchange. Although the stolen data does not allow direct manipulation of Binance accounts, users' private information is at risk and this may expose them to various cyber threats.

After the incident, Hudson Rock security team warned all Binance users to activate two-factor authentication (2FA) and update their passwords. A similar situation previously occurred when customer data of hardware wallet provider Ledger was stolen, and users received threats from hackers.

#binance
#hack
#ledger
Gala Games CEO Attributes $23M Exploit to Internal Control FailuresGala Games CEO Eric Schiermeyer has confirmed that a "security incident" led to the unauthorized sale of 600 million GALA tokens, worth approximately $23 million. The breach, which Schiermeyer attributed to "messed up" internal controls, has raised significant concerns within the blockchain gaming community. Incident Overview On May 20, at 7:32 pm UTC, blockchain observers reported the minting of 5 billion GALA tokens, valued at around $200 million at the time. The compromised wallet was selling the tokens in batches, leading to a sharp drop in GALA's price. The token hit a 24-hour low of $0.038, a 20% decrease from its daily high, before recovering slightly to $0.041, according to CoinGecko. “We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens,” Schiermeyer wrote in a May 20 post on X (formerly Twitter). He admitted, “We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.” Response and Mitigation Gala Games quickly identified the compromise and revoked unauthorized access to the GALA contract. Schiermeyer assured users that the Ethereum contract was secure and had not been compromised. The company believes it has identified the person responsible and is collaborating with the FBI, the U.S. Justice Department, and international authorities to address the incident. In a follow-up post on X, Gala Games announced that the security breach had been contained and the affected wallet frozen. However, details about the perpetrator and the method of access to the GALA contract remain undisclosed. Ongoing Legal Disputes This security incident occurs amid ongoing legal battles between Schiermeyer and Gala Games co-founder Wright Thurston. Both have filed lawsuits against each other, with Thurston accusing Schiermeyer of squandering millions in company assets, while Schiermeyer alleges that Thurston stole $130 million worth of GALA tokens. Gala Games did not respond to requests for additional comments. The incident underscores the critical need for robust internal controls and security measures in the cryptocurrency and blockchain industries, as companies continue to navigate complex technological and legal landscapes. $GALA #GALA #GalaGames #hack Notice: ,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Gala Games CEO Attributes $23M Exploit to Internal Control Failures

Gala Games CEO Eric Schiermeyer has confirmed that a "security incident" led to the unauthorized sale of 600 million GALA tokens, worth approximately $23 million. The breach, which Schiermeyer attributed to "messed up" internal controls, has raised significant concerns within the blockchain gaming community.
Incident Overview
On May 20, at 7:32 pm UTC, blockchain observers reported the minting of 5 billion GALA tokens, valued at around $200 million at the time. The compromised wallet was selling the tokens in batches, leading to a sharp drop in GALA's price. The token hit a 24-hour low of $0.038, a 20% decrease from its daily high, before recovering slightly to $0.041, according to CoinGecko.
“We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens,” Schiermeyer wrote in a May 20 post on X (formerly Twitter). He admitted, “We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.”
Response and Mitigation
Gala Games quickly identified the compromise and revoked unauthorized access to the GALA contract. Schiermeyer assured users that the Ethereum contract was secure and had not been compromised. The company believes it has identified the person responsible and is collaborating with the FBI, the U.S. Justice Department, and international authorities to address the incident.
In a follow-up post on X, Gala Games announced that the security breach had been contained and the affected wallet frozen. However, details about the perpetrator and the method of access to the GALA contract remain undisclosed.
Ongoing Legal Disputes
This security incident occurs amid ongoing legal battles between Schiermeyer and Gala Games co-founder Wright Thurston. Both have filed lawsuits against each other, with Thurston accusing Schiermeyer of squandering millions in company assets, while Schiermeyer alleges that Thurston stole $130 million worth of GALA tokens.
Gala Games did not respond to requests for additional comments.
The incident underscores the critical need for robust internal controls and security measures in the cryptocurrency and blockchain industries, as companies continue to navigate complex technological and legal landscapes.
$GALA #GALA #GalaGames #hack

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Trezor X Account Targeted by Hackers: Warning Against Fake OffersThe Trezor hardware wallet account on social network X has become a target for attackers who have been posting enticing posts luring users into fraudulent token offers. This situation raises suspicions of a hack, likely through a SIM card exchange attack. Detectives on the Trail: Alerting Suspicious Activity Independent blockchain expert ZachXBT and security service Scam Sniffer have alerted to a potential security issue with Trezor, followed by several fake token presale offers of "$TRZR" and requests to send cryptocurrencies to a suspicious address. ZachXBT further stated that attackers stole approximately $8,100 from the Trezor account on the Zapper platform. Risks Associated with Unsecured Social Accounts Criticism has been directed at Trezor for the inadequate security of their X account, highlighting the lack of two-factor authentication (2FA). Ironically, a company focused on wallet security failed to protect its own social network accounts from attacks. Community Response and Recent Security Incidents The community's response has been mixed, with some comments pointing out the irony of a security-promoting company being unable to secure its own accounts. Trezor has faced security incidents in the past, including breaches that exposed the data of nearly 66,000 users. Conclusion and User Recommendations This incident serves as a reminder of the importance of securing digital accounts and using two-factor authentication. Users should remain vigilant and avoid sending cryptocurrencies to unknown addresses or engaging in suspicious offers. #trezor #hack Notice: ,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Trezor X Account Targeted by Hackers: Warning Against Fake Offers

The Trezor hardware wallet account on social network X has become a target for attackers who have been posting enticing posts luring users into fraudulent token offers. This situation raises suspicions of a hack, likely through a SIM card exchange attack.
Detectives on the Trail: Alerting Suspicious Activity
Independent blockchain expert ZachXBT and security service Scam Sniffer have alerted to a potential security issue with Trezor, followed by several fake token presale offers of "$TRZR" and requests to send cryptocurrencies to a suspicious address. ZachXBT further stated that attackers stole approximately $8,100 from the Trezor account on the Zapper platform.

Risks Associated with Unsecured Social Accounts
Criticism has been directed at Trezor for the inadequate security of their X account, highlighting the lack of two-factor authentication (2FA). Ironically, a company focused on wallet security failed to protect its own social network accounts from attacks.
Community Response and Recent Security Incidents
The community's response has been mixed, with some comments pointing out the irony of a security-promoting company being unable to secure its own accounts. Trezor has faced security incidents in the past, including breaches that exposed the data of nearly 66,000 users.
Conclusion and User Recommendations
This incident serves as a reminder of the importance of securing digital accounts and using two-factor authentication. Users should remain vigilant and avoid sending cryptocurrencies to unknown addresses or engaging in suspicious offers.
#trezor #hack

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
LEVEL ( LVL ) Finance Hacked...$1 Million ⚡LEVEL ( LVL ) Finance Hacked...$1 Million LEVEL Finance is a Decentralized and Non- Custodial perpetual market on Binance Smart Chain ( BSC ) An exploit targeted the Referral Controller Contract 💥 214k LVL tokens drained to exploiters address 💥 Attacker swapped LVL to 3,345 BNB 💥 Exploit was isolated from other contracts 💥 Fix to be deployed in 12 Hrs. 💥 LP's and DAO treasury Unaffected #Binance #DeFi #BSC #hack #LVL

LEVEL ( LVL ) Finance Hacked...$1 Million

⚡LEVEL ( LVL ) Finance Hacked...$1 Million

LEVEL Finance is a Decentralized and Non- Custodial perpetual market on Binance Smart Chain ( BSC )

An exploit targeted the Referral Controller Contract

💥 214k LVL tokens drained to exploiters address

💥 Attacker swapped LVL to 3,345 BNB

💥 Exploit was isolated from other contracts

💥 Fix to be deployed in 12 Hrs.

💥 LP's and DAO treasury Unaffected

#Binance #DeFi #BSC #hack #LVL
Hacker Moves $10 Million from Phishing Attack to Tornado CashIn 2023, financial assets were removed from a cryptocurrency "whale" due to a phishing attack, where the victim authorized transactions allowing the attacker to access their financial resources. The joint account involved in the September 2023 phishing incident transferred $10 million worth of Ether to the cryptocurrency mixing service Tornado Cash. On March 21, blockchain security firm CertiK identified an account involved in the hack for $24 million, which sent 3,700 ETH to Tornado Cash. These funds were taken from the cryptocurrency whale during the phishing incident on September 6, 2023. At that time, an investor lost $24 million in staked ETH through the Rocket Pool liquidity staking service. The attack occurred in two phases: the first removed 9,579 stETH, while the second took away 4,851 rETH from the crypto whale. The Scam Sniffer project, dedicated to fraud detection, stated that the victim authorized an "Increase Allowance" transaction, enabling the hacker to approve tokens for their own use. Using smart contracts, this functionality allows third parties to spend ERC-20 tokens owned by others with their consent. The topic of token approvals sparked much discussion in the crypto community, with some warning of the risks associated with potentially deploying malicious smart contracts for fraudulent purposes. Blockchain security firm PeckShield recorded that the attacker converted assets into 13,785 ETH and 1.64 million Dai. Some of these DAI were transferred to the FixedFload exchange, while the rest of the stolen funds were moved to other wallets. Phishing attacks remain a significant problem for the crypto sector. A report from the Scam Sniffer project showed that nearly $47 million was lost in February due to phishing-related scams.  The report emphasized that 78% of these thefts occurred on the Ethereum network, with ERC-20 tokens accounting for 86% of all stolen funds.  Recent losses caused by token approvals have also raised concerns among cryptocurrency users. On March 20, an old contract previously used by the Dolomite exchange was exploited to drain $1.8 million from users. The exploitation affected users who had given consent to the contract. As a result, Dolomite developers urged users to revoke all consents granted to the old contract address. Although some attempts to defraud cryptocurrencies result in the loss of millions, there are cases where fraudulent efforts are quickly detected and thwarted. For example, on March 20, the Layerswap team managed to prevent further damages after their website was compromised by an attack, thanks to the quick response from the domain provider. However, hackers were still able to siphon off assets worth $100,000 from approximately 50 users. Layerswap announced that they would refund the lost funds to affected users and offer additional compensation for the inconvenience caused. These incidents highlight the persistent risk of phishing attacks and the need for constant vigilance in the crypto world. The abuse of token approval functions and smart contracts underscores the need for further education and caution among cryptocurrency users to prevent unnecessary losses. With the increasing number of sophisticated attacks, it is important for cryptocurrency users to be vigilant and thoroughly verify all transactions and contract approvals. The community and security firms must collaborate to develop better tools and procedures to protect against phishing attacks and other fraudulent activities, ensuring a safer environment for all cryptocurrency users. #crypto #scam #hack   Notice: ,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Hacker Moves $10 Million from Phishing Attack to Tornado Cash

In 2023, financial assets were removed from a cryptocurrency "whale" due to a phishing attack, where the victim authorized transactions allowing the attacker to access their financial resources.
The joint account involved in the September 2023 phishing incident transferred $10 million worth of Ether to the cryptocurrency mixing service Tornado Cash.

On March 21, blockchain security firm CertiK identified an account involved in the hack for $24 million, which sent 3,700 ETH to Tornado Cash. These funds were taken from the cryptocurrency whale during the phishing incident on September 6, 2023.
At that time, an investor lost $24 million in staked ETH through the Rocket Pool liquidity staking service. The attack occurred in two phases: the first removed 9,579 stETH, while the second took away 4,851 rETH from the crypto whale.
The Scam Sniffer project, dedicated to fraud detection, stated that the victim authorized an "Increase Allowance" transaction, enabling the hacker to approve tokens for their own use. Using smart contracts, this functionality allows third parties to spend ERC-20 tokens owned by others with their consent.
The topic of token approvals sparked much discussion in the crypto community, with some warning of the risks associated with potentially deploying malicious smart contracts for fraudulent purposes.
Blockchain security firm PeckShield recorded that the attacker converted assets into 13,785 ETH and 1.64 million Dai. Some of these DAI were transferred to the FixedFload exchange, while the rest of the stolen funds were moved to other wallets.
Phishing attacks remain a significant problem for the crypto sector. A report from the Scam Sniffer project showed that nearly $47 million was lost in February due to phishing-related scams. 
The report emphasized that 78% of these thefts occurred on the Ethereum network, with ERC-20 tokens accounting for 86% of all stolen funds. 
Recent losses caused by token approvals have also raised concerns among cryptocurrency users. On March 20, an old contract previously used by the Dolomite exchange was exploited to drain $1.8 million from users.
The exploitation affected users who had given consent to the contract. As a result, Dolomite developers urged users to revoke all consents granted to the old contract address.
Although some attempts to defraud cryptocurrencies result in the loss of millions, there are cases where fraudulent efforts are quickly detected and thwarted. For example, on March 20, the Layerswap team managed to prevent further damages after their website was compromised by an attack, thanks to the quick response from the domain provider.
However, hackers were still able to siphon off assets worth $100,000 from approximately 50 users. Layerswap announced that they would refund the lost funds to affected users and offer additional compensation for the inconvenience caused.
These incidents highlight the persistent risk of phishing attacks and the need for constant vigilance in the crypto world. The abuse of token approval functions and smart contracts underscores the need for further education and caution among cryptocurrency users to prevent unnecessary losses.
With the increasing number of sophisticated attacks, it is important for cryptocurrency users to be vigilant and thoroughly verify all transactions and contract approvals. The community and security firms must collaborate to develop better tools and procedures to protect against phishing attacks and other fraudulent activities, ensuring a safer environment for all cryptocurrency users.
#crypto #scam #hack  

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
30.1K #BTC ($2.1B) of #Silk Road #hack funds controlled by US government is on the move right now. 0.001 BTC ($69) transferred to a Coinbase deposit address so it’s a test transfer possibly. txn hash 9c3af4b48e66565f1da1da8278036fa1dbb09f2beaaca99c3504475390ba4590 Coinbase deposit address 3KrZVU9Jz4UKHpKUtuvkEMX1tY8zeiTvX2
30.1K #BTC ($2.1B) of #Silk Road #hack funds controlled by US government is on the move right now.

0.001 BTC ($69) transferred to a Coinbase deposit address so it’s a test transfer possibly.

txn hash
9c3af4b48e66565f1da1da8278036fa1dbb09f2beaaca99c3504475390ba4590

Coinbase deposit address
3KrZVU9Jz4UKHpKUtuvkEMX1tY8zeiTvX2